Master kubectl: Essential Commands for Efficient Kubernetes Operations

kubectl Common Command Guide

Kubectl commands are the most direct way to operate a Kubernetes cluster; operators need detailed mastery.

Kubectl Autocomplete

# setup autocomplete in bash, bash-completion package should be installed first.
source <(kubectl completion bash)
# setup autocomplete in zsh
source <(kubectl completion zsh)

Kubectl Context and Configuration

Set the cluster for kubectl interactions and modify configuration. See “Using kubeconfig for cross‑cluster authentication” for details.

# Show merged kubeconfig
kubectl config view
# Use multiple kubeconfig files and view merged config
KUBECONFIG=~/.kube/config:~/.kube/kubconfig2 kubectl config view
# Get password for user e2e
kubectl config view -o jsonpath='{.users[?(@.name == "e2e")].user.password}'
# Show current context
kubectl config current-context
# Set default context
kubectl config use-context my-cluster-name
# Add a new cluster with basic auth
kubectl config set-credentials kubeuser/foo.kubernetes.com --username=kubeuser --password=kubepassword
# Set context with specific user and namespace
kubectl config set-context gce --user=cluster-admin --namespace=foo && kubectl config use-context gce

Create Resources

Kubernetes manifests can be written in JSON or YAML (.yaml, .yml, .json).

# Create resources from a file
kubectl create -f ./my-manifest.yaml
# Create from multiple files
kubectl create -f ./my1.yaml -f ./my2.yaml
# Create from a directory
kubectl create -f ./dir
# Create from a URL
kubectl create -f https://git.io/vPieo
# Run an nginx pod
kubectl run nginx --image=nginx
# Explain resources
kubectl explain pods,svc
# Create multiple objects from stdin
cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
  name: busybox-sleep
spec:
  containers:
  - name: busybox
    image: busybox
    args:
    - sleep
    - "1000000"
---
apiVersion: v1
kind: Pod
metadata:
  name: busybox-sleep-less
spec:
  containers:
  - name: busybox
    image: busybox
    args:
    - sleep
    - "1000"
EOF
# Create a secret with several keys
cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Secret
metadata:
  name: mysecret
type: Opaque
data:
  password: $(echo "s33msi4" | base64)
  username: $(echo "jane" | base64)
EOF

Show and Find Resources

# List all services in all namespaces
kubectl get services
# List all pods in all namespaces
kubectl get pods --all-namespaces
# List pods with wide output
kubectl get pods -o wide
# Get a specific deployment
kubectl get deployment my-dep
# Include uninitialized pods
kubectl get pods --include-uninitialized
# Describe nodes and pods
kubectl describe nodes my-node
kubectl describe pods my-pod
# List services sorted by name
kubectl get services --sort-by=.metadata.name
# Sort pods by restart count
kubectl get pods --sort-by='.status.containerStatuses[0].restartCount'
# Get version label of pods with app=cassandra
kubectl get pods --selector=app=cassandra -o jsonpath='{.items[*].metadata.labels.version}'
# Get ExternalIP of all nodes
kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}'
# List pod names belonging to a specific RC using jq
sel=${$(kubectl get rc my-rc --output=json | jq -j '.spec.selector | to_entries | .[] | "\(.key)=\(.value),"')%?}
echo $(kubectl get pods --selector=$sel --output=jsonpath={.items..metadata.name})
# List ready nodes
JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}{@.type}={@.status};{end}{end}' && kubectl get nodes -o jsonpath="$JSONPATH" | grep "Ready=True"
# List secrets used by current pods
kubectl get pods -o json | jq '.items[].spec.containers[].env[]?.valueFrom.secretKeyRef.name' | grep -v null | sort | uniq

Update Resources

# Rolling update of a pod
kubectl rolling-update frontend-v1 -f frontend-v2.json
# Update resource name and image
kubectl rolling-update frontend-v1 frontend-v2 --image=image:v2
# Update image of a deployment
kubectl rolling-update frontend --image=image:v2
# Rollback a rolling update
kubectl rolling-update frontend-v1 frontend-v2 --rollback
# Replace a pod from stdin JSON
cat pod.json | kubectl replace -f -
# Force replace (delete and recreate)
kubectl replace --force -f ./pod.json
# Expose a replication controller as a service
kubectl expose rc nginx --port=80 --target-port=8000
# Update image tag of a single‑container pod
kubectl get pod mypod -o yaml | sed 's/\(image: myimage\):.*$/\1:v4/' | kubectl replace -f -
# Add a label
kubectl label pods my-pod new-label=awesome
# Add an annotation
kubectl annotate pods my-pod icon-url=http://goo.gl/XXBTWq
# Autoscale a deployment
kubectl autoscale deployment foo --min=2 --max=10

Patch Resources

Use strategic merge or JSON patches to modify resources.

# Patch a node to be unschedulable
kubectl patch node k8s-node-1 -p '{"spec":{"unschedulable":true}}'
# Patch a pod's container image (strategic merge)
kubectl patch pod valid-pod -p '{"spec":{"containers":[{"name":"kubernetes-serve-hostname","image":"new image"}]}}'
# JSON patch to change container image
kubectl patch pod valid-pod --type='json' -p='[{"op": "replace", "path": "/spec/containers/0/image", "value":"new image"}]'
# JSON patch to remove livenessProbe from a deployment
kubectl patch deployment valid-deployment --type json -p='[{"op": "remove", "path": "/spec/template/spec/containers/0/livenessProbe"}]'

Edit Resources

# Edit a service named docker-registry
kubectl edit svc/docker-registry
# Use a different editor (nano)
KUBE_EDITOR="nano" kubectl edit svc/docker-registry

Scale Resources

# Scale a replicaset to 3
kubectl scale --replicas=3 rs/foo
# Scale from a manifest file
kubectl scale --replicas=3 -f foo.yaml
# Scale a deployment based on current size
kubectl scale --current-replicas=2 --replicas=3 deployment/mysql
# Scale multiple replication controllers
kubectl scale --replicas=5 rc/foo rc/bar rc/baz

Delete Resources

# Delete resources defined in a file
kubectl delete -f ./pod.json
# Delete a pod and a service
kubectl delete pod,service baz foo
# Delete resources with a label selector
kubectl delete pods,services -l name=myLabel
# Include uninitialized resources in deletion
kubectl delete pods,services -l name=myLabel --include-uninitialized
# Delete all pods and services in a namespace
kubectl -n my-ns delete po,svc --all

Interact with Running Pods

# Show pod logs
kubectl logs my-pod
# Show logs of a specific container
kubectl logs my-pod -c my-container
# Stream pod logs
kubectl logs -f my-pod
kubectl logs -f my-pod -c my-container
# Run an interactive shell in a pod
kubectl run -i --tty busybox --image=busybox -- sh
# Attach to a running container
kubectl attach my-pod -i
# Port‑forward from pod to local machine
kubectl port-forward my-pod 5000:6000
# Execute a command in a container
kubectl exec my-pod -- ls /
kubectl exec my-pod -c my-container -- ls /
# Show metrics for a pod and its containers
kubectl top pod POD_NAME --containers

Interact with Nodes and Cluster

# Mark a node unschedulable
kubectl cordon my-node
# Drain a node for maintenance
kubectl drain my-node
# Mark a node schedulable again
kubectl uncordon my-node
# Show node metrics
kubectl top node my-node
# Show cluster information
kubectl cluster-info
# Dump cluster state to stdout or a directory
kubectl cluster-info dump
kubectl cluster-info dump --output-directory=/path/to/cluster-state
# Taint a node
kubectl taint nodes foo dedicated=special-user:NoSchedule

kubectl set Command

The kubectl set family configures specific aspects of resources.

kubectl set resources

Set resource limits and requests for containers.

# Limit nginx container CPU to 200m and memory to 512Mi
kubectl set resources deployment nginx -c=nginx --limits=cpu=200m,memory=512Mi
# Set both limits and requests
kubectl set resources deployment nginx --limits=cpu=200m,memory=512Mi --requests=cpu=100m,memory=256Mi
# Remove resource specifications
kubectl set resources deployment nginx --limits=cpu=0,memory=0 --requests=cpu=0,memory=0

kubectl set selector

Set or replace the selector of a resource (currently only Service).

# Example syntax
kubectl set selector SERVICE_NAME KEY=VALUE

kubectl set image

Update container images of existing resources.

# Update nginx container image in a deployment
kubectl set image deployment/nginx nginx=nginx:1.9.1
# Update all deployments and replication controllers
kubectl set image deployments,rc nginx=nginx:1.9.1 --all
# Update all containers in a daemonset
kubectl set image daemonset abc *=nginx:1.9.1
# Update image from a local file (local mode)
kubectl set image -f path/to/file.yaml nginx=nginx:1.9.1 --local -o yaml

Resource Types

The table below lists all supported Kubernetes resource types and their aliases.

Formatted Output

Use -o or --output flags to control output format.

Kubectl detailed output and debugging

Use -v or --v followed by an integer to set the log verbosity level.

Source: https://zhuanlan.zhihu.com/p/394967586