Command | Description |
---|---|
k get pods --label-columns=mycustomlabel | Affiche mycustomlabel |
k get pods --show-labels | Affiche tous les labels |
k explain networkpolicy.spec.podSelector.MatchExpression | Documentation |
k get cs (componentstatuses) | etcd,scheduler,controller-manager status (deprecated) |
- | - |
DEBUG | |
k run -it dbgpod --image nixery.dev/shell/curl | Execute un pod avec curl |
k exec dbgpod -it -- /bin/sh | Start a shell in existing pod |
- | - |
k config set-context --current --namespace=ofa | Change current namespace |
--- | ---- |
k apply -f my.yaml | Update (or create) resource |
k replace -f my.yaml | Replace/recreate given resources |
k get all -A | List all resources from all namespaces |
Network | |
kubectl expose pod redis --port=6379 --name redis-service | Expose redis port 6379 |
Deploy/Run | |
k create deploy testdep --image=nginx --replicas=3 | Deploy 3 nginx |
k scale deploy/mydep --replicas=2 | Scale up/down |
- | - |
PERMISSIONS | |
k create serviceaccount alice | Create alice account |
k create role podgetter --verb=list --resource=pods | |
k create rolebinding podgetter-bindint --role podgetter --serviceaccount=alice | Create rolebinding |
k get sa -A | Returns all serviceAccounts |
k get sa -n myns | Returns serviceAccounts for myns namespace |
k --as=alice get pods | Try to get pods with alice account |
k --as=alice auth can-i list pods | Check if bob can list pods |
curl --insecure -H "Authorization: Bearer xxx" "https://kubernetes.k8s.home/api/v1/namespaces/unifi/pods" | Query API with cUrl |
- | - |
Volumes | |
k patch pv pvc-id -p '{"spec":{"persistentVolumeReclaimPolicy":"Delete"}}' | Change reclaim policy to delete Release Retained PV |
kubectl patch storageclass gold -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}' | Change defaut storageclass |
- | - |
Filtering | |
for p in $(kubectl get pods --no-headers -o custom-columns=":metadata.name" | grep -i "my-pods" ); do k get pod --show-labels $p; done |
References
Create Token and kubeconfig:
https://docs.oracle.com/fr-fr/iaas/Content/ContEng/Tasks/contengaddingserviceaccttoken.htm