Command | Description |
---|---|
k get pods --label-columns=mycustomlabel | Affiche mycustomlabel |
k get pods --show-labels | Affiche tous les labels |
k explain networkpolicy.spec.podSelector.MatchExpression | Documentation |
k get cs (componentstatuses) | etcd,scheduler,controller-manager status (deprecated) |
- | - |
DEBUG | |
k run -it dbgpod --image nixery.dev/shell/curl | Execute un pod avec curl |
k exec dbgpod -it -- /bin/sh | Start a shell in existing pod |
- | - |
k config set-context --current --namespace=ofa | Change current namespace |
--- | ---- |
k apply -f my.yaml | Update (or create) resource |
k replace -f my.yaml | Replace/recreate given resources |
k get all -A | List all resources from all namespaces |
Network | |
kubectl expose pod redis --port=6379 --name redis-service | Expose redis port 6379 |
Deploy/Run | |
k create deploy testdep --image=nginx --replicas=3 | Deploy 3 nginx |
k scale deploy/mydep --replicas=2 | Scale up/down |
- | - |
PERMISSIONS | |
k create serviceaccount alice | Create alice account |
k create role podgetter --verb=list --resource=pods | |
k create rolebinding podgetter-bindint --role podgetter --serviceaccount=alice | Create rolebinding |
k get sa -A | Returns all serviceAccounts |
k get sa -n myns | Returns serviceAccounts for myns namespace |
k --as=alice get pods | Try to get pods with alice account |
k --as=alice auth can-i list pods | Check if bob can list pods |
curl --insecure -H "Authorization: Bearer xxx" "https://kubernetes.k8s.home/api/v1/namespaces/unifi/pods" | Query API with cUrl |
- | - |
Secrets | |
kubectl get secret postgresql -o json | jq -r '.data | to_entries[] | "(.key) = (.value | @base64d)"' | Decode secrets |
|Volumes||
|k patch pv pvc-id -p '{"spec":{"persistentVolumeReclaimPolicy":"Delete"}}'|Change reclaim policy to delete Release Retained PV|
kubectl patch storageclass gold -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}' | Change defaut storageclass |
---|---|
Filtering | |
for p in $(kubectl get pods --no-headers -o custom-columns=":metadata.name" | grep -i "my-pods" ); do k get pod --show-labels $p; done |
References
Obtenir les service ip range:
$ k cluster-info dump | grep -m 1 service-cluster-ip-range
Some other collumn :
$ kubectl get nodes -o custom-columns="NODE_NAME:.metadata.name,INTERNAL_IP:.status.addresses[?(@.type=='InternalIP')].address,ZONE:.metadata.labels.topology\.kubernetes\.io/zone,POD_CIDR:.spec.podCIDR"