Master kubectl: Essential Commands for Managing Kubernetes Clusters

kubectl Common Commands Guide

Kubectl is the most direct way to operate a Kubernetes cluster; operators need detailed mastery of its commands.

kubectl Autocomplete

<code># setup autocomplete in bash (bash-completion required)
source <(kubectl completion bash)
# setup autocomplete in zsh
source <(kubectl completion zsh)</code>

kubectl Context and Configuration

Set the cluster for kubectl interactions and modify configuration. See the kubeconfig file for cross‑cluster authentication details.

<code># Show merged kubeconfig
kubectl config view
# Use multiple kubeconfig files
KUBECONFIG=~/.kube/config:~/.kube/kubconfig2 kubectl config view
# Get password of user e2e
kubectl config view -o jsonpath='{.users[?(@.name == "e2e")].user.password}'
# Show current context
kubectl config current-context
# Set default context
kubectl config use-context my-cluster-name
# Add credentials for a new cluster
kubectl config set-credentials kubeuser/foo.kubernetes.com --username=kubeuser --password=kubepassword
# Set context with user and namespace
kubectl config set-context gce --user=cluster-admin --namespace=foo && kubectl config use-context gce</code>

Create Objects

Kubernetes manifests can be written in JSON or YAML (.yaml, .yml, .json).

<code># Create a resource
kubectl create -f ./my-manifest.yaml
# Create from multiple files
kubectl create -f ./my1.yaml -f ./my2.yaml
# Create from a directory
kubectl create -f ./dir
# Create from a URL
kubectl create -f https://git.io/vPieo
# Run an nginx pod
kubectl run nginx --image=nginx
# Explain resources
kubectl explain pods,svc
# Create multiple objects from stdin
cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
  name: busybox-sleep
spec:
  containers:
  - name: busybox
    image: busybox
    args:
    - sleep
    - "1000000"
---
apiVersion: v1
kind: Pod
metadata:
  name: busybox-sleep-less
spec:
  containers:
  - name: busybox
    image: busybox
    args:
    - sleep
    - "1000"
EOF
# Create a secret with keys
cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Secret
metadata:
  name: mysecret
type: Opaque
data:
  password: $(echo "s33msi4" | base64)
  username: $(echo "jane" | base64)
EOF</code>

Display and Find Resources

<code># List services
kubectl get services
# List pods in all namespaces
kubectl get pods --all-namespaces
# List pods with wide output
kubectl get pods -o wide
# Get a specific deployment
kubectl get deployment my-dep
# Include uninitialized pods
kubectl get pods --include-uninitialized
# Describe nodes or pods
kubectl describe nodes my-node
kubectl describe pods my-pod
# Sort services by name
kubectl get services --sort-by=.metadata.name
# Sort pods by restart count
kubectl get pods --sort-by='.status.containerStatuses[0].restartCount'
# Get label version from pods with selector
kubectl get pods --selector=app=cassandra -o jsonpath='{.items[*].metadata.labels.version}'
# Get ExternalIP of all nodes
kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}'
# List pods using a secret
kubectl get pods -o json | jq '.items[].spec.containers[].env[]?.valueFrom.secretKeyRef.name' | grep -v null | sort | uniq</code>

Update Resources

<code># Rolling update
kubectl rolling-update frontend-v1 -f frontend-v2.json
kubectl rolling-update frontend-v1 frontend-v2 --image=image:v2
kubectl rolling-update frontend --image=image:v2
kubectl rolling-update frontend-v1 frontend-v2 --rollback
# Replace from stdin
cat pod.json | kubectl replace -f -
# Force replace (causes downtime)
kubectl replace --force -f ./pod.json
# Expose a replication controller
kubectl expose rc nginx --port=80 --target-port=8000
# Update image tag in a pod
kubectl get pod mypod -o yaml | sed 's/\(image: myimage\):.*$/\1:v4/' | kubectl replace -f -
# Add a label
kubectl label pods my-pod new-label=awesome
# Add an annotation
kubectl annotate pods my-pod icon-url=http://goo.gl/XXBTWq
# Autoscale a deployment
kubectl autoscale deployment foo --min=2 --max=10</code>

Patch Resources

Use strategic merge patches or JSON patches to modify resources.

<code># Patch a node
kubectl patch node k8s-node-1 -p '{"spec":{"unschedulable":true}}'
# Patch a pod's container image
kubectl patch pod valid-pod -p '{"spec":{"containers":[{"name":"kubernetes-serve-hostname","image":"new image"}]}}'
# JSON patch to replace image
kubectl patch pod valid-pod --type='json' -p='[{"op":"replace","path":"/spec/containers/0/image","value":"new image"}]'
# JSON patch to remove livenessProbe
kubectl patch deployment valid-deployment --type json -p='[{"op":"remove","path":"/spec/template/spec/containers/0/livenessProbe"}]'</code>

Edit Resources

Edit any API resource in your preferred editor.

<code># Edit a service
kubectl edit svc/docker-registry
# Use a specific editor
KUBE_EDITOR="nano" kubectl edit svc/docker-registry</code>

Scale Resources

<code># Scale a replicaset
kubectl scale --replicas=3 rs/foo
# Scale from a file
kubectl scale --replicas=3 -f foo.yaml
# Scale a deployment
kubectl scale --current-replicas=2 --replicas=3 deployment/mysql
# Scale multiple replication controllers
kubectl scale --replicas=5 rc/foo rc/bar rc/baz</code>

Delete Resources

<code># Delete resources defined in a file
kubectl delete -f ./pod.json
# Delete specific pod and service
kubectl delete pod,service baz foo
# Delete by label
kubectl delete pods,services -l name=myLabel
# Delete including uninitialized
kubectl delete pods,services -l name=myLabel --include-uninitialized
# Delete all pods and services in a namespace
kubectl -n my-ns delete po,svc --all</code>

Interact with Running Pods

<code># View pod logs
kubectl logs my-pod
kubectl logs my-pod -c my-container
kubectl logs -f my-pod
kubectl logs -f my-pod -c my-container
# Run an interactive shell
kubectl run -i --tty busybox --image=busybox -- sh
# Attach to a container
kubectl attach my-pod -i
# Port‑forward
kubectl port-forward my-pod 5000:6000
# Execute a command in a container
kubectl exec my-pod -- ls /
kubectl exec my-pod -c my-container -- ls /
# Show metrics for a pod
kubectl top pod POD_NAME --containers</code>

Interact with Nodes and Cluster

<code># Mark node unschedulable
kubectl cordon my-node
# Drain node for maintenance
kubectl drain my-node
# Mark node schedulable again
kubectl uncordon my-node
# Show node metrics
kubectl top node my-node
# Cluster info
kubectl cluster-info
kubectl cluster-info dump
kubectl cluster-info dump --output-directory=/path/to/cluster-state
# Taint a node
kubectl taint nodes foo dedicated=special-user:NoSchedule</code>

kubectl set Commands

The

kubectl set

family modifies specific aspects of resources, such as resources, selectors, images, etc.

kubectl set resources

Set resource limits and requests for containers.

<code># Limit nginx container CPU and memory
kubectl set resources deployment nginx -c=nginx --limits=cpu=200m,memory=512Mi
# Set both limits and requests
kubectl set resources deployment nginx --limits=cpu=200m,memory=512Mi --requests=cpu=100m,memory=256Mi
# Remove resource specifications
kubectl set resources deployment nginx --limits=cpu=0,memory=0 --requests=cpu=0,memory=0</code>

kubectl set selector

Set or replace a selector for a Service.

<code># Example syntax
kubectl set selector SERVICE_NAME KEY=VALUE [--resource-version=VERSION]</code>

kubectl set image

Update container images for supported resources.

<code># Update nginx image in a deployment
kubectl set image deployment/nginx nginx=nginx:1.9.1
# Update all deployments and replication controllers
kubectl set image deployments,rc nginx=nginx:1.9.1 --all
# Update all containers in a daemonset
kubectl set image daemonset abc *=nginx:1.9.1
# Update from a file locally
kubectl set image -f path/to/file.yaml nginx=nginx:1.9.1 --local -o yaml</code>

Resource Types

The following table lists all supported Kubernetes resource kinds and their abbreviations.

Formatted Output

Use

-o

or

--output

flags to specify output format, and

-v

(or

--v

) to set log verbosity.