Master kubectl: Essential Commands for Kubernetes Operations

kubectl Common Commands Guide

Kubectl is the primary command‑line tool for interacting with a Kubernetes cluster; operators need to master its commands.

Kubectl Autocomplete

<code># setup autocomplete in bash, bash‑completion package should be installed first.
$ source <(kubectl completion bash)
# setup autocomplete in zsh
$ source <(kubectl completion zsh)
</code>

Kubectl Context and Configuration

Configure the Kubernetes cluster that kubectl talks to and modify kubeconfig settings. See the kubeconfig documentation for detailed information.

<code># Show merged kubeconfig
$ kubectl config view
# Use multiple kubeconfig files
$ KUBECONFIG=~/.kube/config:~/.kube/kubconfig2 kubectl config view
# Get password of user e2e
$ kubectl config view -o jsonpath='{.users[?(@.name == "e2e")].user.password}'
# Show current context
$ kubectl config current-context
# Set default context
$ kubectl config use-context my-cluster-name
# Add a new cluster with basic auth
$ kubectl config set-credentials kubeuser/foo.kubernetes.com --username=kubeuser --password=kubepassword
# Set context with specific user and namespace
$ kubectl config set-context gce --user=cluster-admin --namespace=foo && kubectl config use-context gce
</code>

Create Resources

Kubernetes manifests can be written in JSON or YAML (.yaml, .yml, .json). Use the following commands to create objects.

<code># Create a resource from a file
$ kubectl create -f ./my-manifest.yaml
# Create resources from multiple files
$ kubectl create -f ./my1.yaml -f ./my2.yaml
# Create resources from all files in a directory
$ kubectl create -f ./dir
# Create a resource from a URL
$ kubectl create -f https://git.io/vPieo
# Run an nginx pod
$ kubectl run nginx --image=nginx
# Explain API objects
$ kubectl explain pods,svc
# Create multiple YAML objects from stdin
$ cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
  name: busybox-sleep
spec:
  containers:
  - name: busybox
    image: busybox
    args:
    - sleep
    - "1000000"
---
apiVersion: v1
kind: Pod
metadata:
  name: busybox-sleep-less
spec:
  containers:
  - name: busybox
    image: busybox
    args:
    - sleep
    - "1000"
EOF
# Create a Secret with a few keys
$ cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Secret
metadata:
  name: mysecret
type: Opaque
data:
  password: $(echo "s33msi4" | base64)
  username: $(echo "jane" | base64)
EOF
</code>

Display and Find Resources

<code># List all services in all namespaces
$ kubectl get services
# List all pods in all namespaces
$ kubectl get pods --all-namespaces
# List pods with wide output
$ kubectl get pods -o wide
# Get a specific deployment
$ kubectl get deployment my-dep
# Include uninitialized pods
$ kubectl get pods --include-uninitialized
# Describe nodes or pods
$ kubectl describe nodes my-node
$ kubectl describe pods my-pod
# Sort services by name
$ kubectl get services --sort-by=.metadata.name
# Sort pods by restart count
$ kubectl get pods --sort-by='.status.containerStatuses[0].restartCount'
# Get version label of pods with app=cassandra
$ kubectl get pods --selector=app=cassandra -o jsonpath='{.items[*].metadata.labels.version}'
# Get ExternalIP of all nodes
$ kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}'
# List pod names belonging to a specific replication controller (example uses jq)
$ sel=${$(kubectl get rc my-rc -o json | jq -j '.spec.selector | to_entries | .[] | "\(.key)=\(.value),"')%?}
$ echo $(kubectl get pods --selector=$sel -o jsonpath={.items..metadata.name})
# Show ready nodes
$ JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}{@.type}={@.status};{end}{end}' && kubectl get nodes -o jsonpath="$JSONPATH" | grep "Ready=True"
# List Secrets used by current pods (requires jq)
$ kubectl get pods -o json | jq '.items[].spec.containers[].env[]?.valueFrom.secretKeyRef.name' | grep -v null | sort | uniq
</code>

Update Resources

<code># Rolling update a pod
$ kubectl rolling-update frontend-v1 -f frontend-v2.json
# Update resource name and image
$ kubectl rolling-update frontend-v1 frontend-v2 --image=image:v2
# Update image of a deployment
$ kubectl rolling-update frontend --image=image:v2
# Rollback a rolling update
$ kubectl rolling-update frontend-v1 frontend-v2 --rollback
# Replace a pod from stdin JSON
$ cat pod.json | kubectl replace -f -
# Force replace (deletes then recreates)
$ kubectl replace --force -f ./pod.json
# Expose a replication controller as a service
$ kubectl expose rc nginx --port=80 --target-port=8000
# Update image tag of a single‑container pod
$ kubectl get pod mypod -o yaml | sed 's/\(image: myimage\):.*$/\1:v4/' | kubectl replace -f -
# Add a label
$ kubectl label pods my-pod new-label=awesome
# Add an annotation
$ kubectl annotate pods my-pod icon-url=http://goo.gl/XXBTWq
# Autoscale a deployment
$ kubectl autoscale deployment foo --min=2 --max=10
</code>

Patch Resources

Use strategic merge patches or JSON patches to modify resources.

<code># Patch a node
$ kubectl patch node k8s-node-1 -p '{"spec":{"unschedulable":true}}'
# Patch a pod's container image (strategic merge)
$ kubectl patch pod valid-pod -p '{"spec":{"containers":[{"name":"kubernetes-serve-hostname","image":"new image"}]}}'
# JSON patch to replace container image
$ kubectl patch pod valid-pod --type='json' -p='[{"op": "replace", "path": "/spec/containers/0/image", "value":"new image"}]'
# JSON patch to remove livenessProbe from a deployment
$ kubectl patch deployment valid-deployment --type json -p='[{"op": "remove", "path": "/spec/template/spec/containers/0/livenessProbe"}]'
</code>

Edit Resources

Edit any API object in your preferred editor.

<code># Edit a service named docker-registry
$ kubectl edit svc/docker-registry
# Use a different editor (nano)
$ KUBE_EDITOR="nano" kubectl edit svc/docker-registry
</code>

Scale Resources

<code># Scale a replicaset to 3
$ kubectl scale --replicas=3 rs/foo
# Scale a resource defined in a file
$ kubectl scale --replicas=3 -f foo.yaml
# Scale a deployment from 2 to 3 replicas
$ kubectl scale --current-replicas=2 --replicas=3 deployment/mysql
# Scale multiple replication controllers
$ kubectl scale --replicas=5 rc/foo rc/bar rc/baz
</code>

Delete Resources

<code># Delete resources defined in a file
$ kubectl delete -f ./pod.json
# Delete a pod and a service
$ kubectl delete pod,service baz foo
# Delete by label
$ kubectl delete pods,services -l name=myLabel
# Delete including uninitialized resources
$ kubectl delete pods,services -l name=myLabel --include-uninitialized
# Delete all pods and services in a namespace
$ kubectl -n my-ns delete po,svc --all
</code>

Interact with Running Pods

<code># Show pod logs
$ kubectl logs my-pod
# Show container logs
$ kubectl logs my-pod -c my-container
# Stream logs
$ kubectl logs -f my-pod
$ kubectl logs -f my-pod -c my-container
# Run an interactive shell in a pod
$ kubectl run -i --tty busybox --image=busybox -- sh
# Attach to a running container
$ kubectl attach my-pod -i
# Port‑forward
$ kubectl port-forward my-pod 5000:6000
# Execute a command in a container
$ kubectl exec my-pod -- ls /
$ kubectl exec my-pod -c my-container -- ls /
# Show metrics for a pod
$ kubectl top pod POD_NAME --containers
</code>

Interact with Nodes and Cluster

<code># Mark a node unschedulable
$ kubectl cordon my-node
# Drain a node for maintenance
$ kubectl drain my-node
# Mark a node schedulable again
$ kubectl uncordon my-node
# Show node metrics
$ kubectl top node my-node
# Show cluster info
$ kubectl cluster-info
# Dump cluster state to stdout or a directory
$ kubectl cluster-info dump
$ kubectl cluster-info dump --output-directory=/path/to/cluster-state
# Taint a node
$ kubectl taint nodes foo dedicated=special-user:NoSchedule
</code>

kubectl set Command

The

kubectl set

family modifies specific aspects of existing resources.

kubectl set resources

Set resource limits and requests for containers. If only limits are provided, requests default to the same values.

<code># Limit nginx container CPU to 200m and memory to 512Mi
$ kubectl set resources deployment nginx -c=nginx --limits=cpu=200m,memory=512Mi
# Set both limits and requests
$ kubectl set resources deployment nginx --limits=cpu=200m,memory=512Mi --requests=cpu=100m,memory=256Mi
# Remove resource specifications
$ kubectl set resources deployment nginx --limits=cpu=0,memory=0 --requests=cpu=0,memory=0
</code>

kubectl set selector

Replace the selector of a Service. The selector must start with a letter or digit and be up to 63 characters.

Syntax: selector (-f FILENAME | TYPE NAME) EXPRESSIONS [--resource-version=version]

kubectl set image

Update the container image of existing resources. Supported resource types include pod, replicationcontroller, deployment, daemonset, job, and replicaset.

<code># Update nginx container image in a deployment
$ kubectl set image deployment/nginx nginx=nginx:1.9.1
# Update all deployments and RCs
$ kubectl set image deployments,rc nginx=nginx:1.9.1 --all
# Update all containers in a daemonset
$ kubectl set image daemonset abc *=nginx:1.9.1
# Update from a local file (dry‑run)
$ kubectl set image -f path/to/file.yaml nginx=nginx:1.9.1 --local -o yaml
</code>

Resource Types

The table below lists all supported Kubernetes resource kinds and their short aliases.

Formatted Output

Use the

-o

or

--output

flag to control the output format of kubectl commands.

Kubectl Detailed Output and Debugging

Increase verbosity with

-v

or

--v

followed by an integer to get more detailed logs.