Command Description
k get pods --label-columns=mycustomlabel Affiche mycustomlabel
k get pods --show-labels Affiche tous les labels
k explain networkpolicy.spec.podSelector.MatchExpression Documentation
k get cs (componentstatuses) etcd,scheduler,controller-manager status (deprecated)
- -
DEBUG
k run -it dbgpod --image nixery.dev/shell/curl Execute un pod avec curl
k exec dbgpod -it -- /bin/sh Start a shell in existing pod
- -
k config set-context --current --namespace=ofa Change current namespace
--- ----
k apply -f my.yaml Update (or create) resource
k replace -f my.yaml Replace/recreate given resources
k get all -A List all resources from all namespaces
Network
kubectl expose pod redis --port=6379 --name redis-service Expose redis port 6379
Deploy/Run
k create deploy testdep --image=nginx --replicas=3 Deploy 3 nginx
k scale deploy/mydep --replicas=2 Scale up/down
- -
PERMISSIONS
k create serviceaccount alice Create alice account
k create role podgetter --verb=list --resource=pods
k create rolebinding podgetter-bindint --role podgetter --serviceaccount=alice Create rolebinding
k get sa -A Returns all serviceAccounts
k get sa -n myns Returns serviceAccounts for myns namespace
k --as=alice get pods Try to get pods with alice account
k --as=alice auth can-i list pods Check if bob can list pods
curl --insecure -H "Authorization: Bearer xxx" "https://kubernetes.k8s.home/api/v1/namespaces/unifi/pods" Query API with cUrl
- -
Volumes
k patch pv pvc-id -p '{"spec":{"persistentVolumeReclaimPolicy":"Delete"}}' Change reclaim policy to delete Release Retained PV
kubectl patch storageclass gold -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}' Change defaut storageclass
- -
Filtering
for p in $(kubectl get pods --no-headers -o custom-columns=":metadata.name" grep -i "my-pods" ); do k get pod --show-labels $p; done

References

Create Token and kubeconfig:
https://docs.oracle.com/fr-fr/iaas/Content/ContEng/Tasks/contengaddingserviceaccttoken.htm