Kubernetes Cheat Sheet

Quick Setup: Kubectl Alias

# Add to ~/.bashrc, ~/.zshrc, or ~/.profile
alias k=kubectl
complete -o default -F __start_kubectl k

# PowerShell: replace grep with findstr in piped commands

Context & Cluster Configuration

# Check current context
kubectl config current-context

# List all contexts
kubectl config get-contexts

# Switch context
kubectl config use-context <context-name>

# Set default namespace for context
kubectl config set-context --current --namespace=<namespace>

# View full kubeconfig
kubectl config view

Cluster & Node Information

# Cluster endpoints and services
kubectl cluster-info

# Component statuses (scheduler, controller-manager, etcd)
kubectl get componentstatuses

# List all nodes
kubectl get nodes

# Detailed node info (capacity, allocatable, conditions)
kubectl describe node <node-name>

# Cordon node (no new pods scheduled)
kubectl cordon <node-name>

# Uncordon node (re-enable scheduling)
kubectl uncordon <node-name>

# Drain node (safe pod eviction for maintenance)
kubectl drain <node-name> --ignore-daemonsets --delete-emptydir-data

Pods: Deploy, Debug, Inspect

# List all pods across namespaces
kubectl get pods --all-namespaces

# Get pods in specific namespace with wide output (node, IP)
kubectl get pods -n <namespace> -o wide

# Apply pod/deployment from YAML
kubectl apply -f deployment.yaml

# Delete pod (forces termination after grace period)
kubectl delete pod <pod-name> -n <namespace>

# Describe pod (events, status, volumes)
kubectl describe pod <pod-name> -n <namespace>

# Get container names and images
kubectl get pod <pod-name> -n <namespace> -o jsonpath='{.spec.containers[*].name}'
kubectl get pod <pod-name> -n <namespace> -o jsonpath='{.spec.containers[*].image}'

# Execute command in running pod
kubectl exec -it <pod-name> -n <namespace> -- /bin/bash

# View pod environment variables
kubectl exec <pod-name> -n <namespace> -- env

# Copy file from pod to local
kubectl cp <namespace>/<pod-name>:/path/in/pod /local/path

# Stream logs
kubectl logs <pod-name> -n <namespace> -f

# View logs with timestamp
kubectl logs <pod-name> -n <namespace> --timestamps=true

# Attach to running process (stdin/stdout passthrough)
kubectl attach <pod-name> -i -t -n <namespace>

Deployments & Scaling

# Create deployment
kubectl create deployment <name> --image=<image> -n <namespace>

# Scale deployment
kubectl scale deployment <name> --replicas=3 -n <namespace>

# Get current replicas
kubectl get deployment <name> -n <namespace>

# Update image in deployment
kubectl set image deployment/<name> <container>=<new-image> -n <namespace>

# Check rollout status
kubectl rollout status deployment/<name> -n <namespace>

# Rollback deployment to previous version
kubectl rollout undo deployment/<name> -n <namespace>

# List ReplicaSets for deployment
kubectl get replicasets -n <namespace>

# List StatefulSets (maintain pod identity)
kubectl get statefulsets -n <namespace>

Services & Networking

# Expose deployment as service (ClusterIP by default)
kubectl expose deployment <name> --port=8080 --target-port=8080 -n <namespace>

# Expose as LoadBalancer or NodePort
kubectl expose deployment <name> --type=LoadBalancer --port=80 -n <namespace>

# Get all services
kubectl get svc --all-namespaces

# Get service details (endpoints, cluster IP, external IP)
kubectl describe svc <service-name> -n <namespace>

# Edit service
kubectl edit svc <service-name> -n <namespace>

# Port forward for local debugging
kubectl port-forward svc/<service-name> 8080:8080 -n <namespace>

ConfigMaps & Secrets

# Create secret from literal values
kubectl create secret generic <secret-name> --from-literal=key=value -n <namespace>

# Create secret from file
kubectl create secret generic <secret-name> --from-file=/path/to/file -n <namespace>

# List secrets
kubectl get secrets -n <namespace>

# View secret (base64 encoded)
kubectl get secret <secret-name> -o jsonpath='{.data}'  -n <namespace>

# Decode secret value
kubectl get secret <secret-name> -o jsonpath='{.data.password}' -n <namespace> | base64 -d

# Create ConfigMap from literal
kubectl create configmap <config-name> --from-literal=key=value -n <namespace>

# Create ConfigMap from file
kubectl create configmap <config-name> --from-file=/path/to/config.yaml -n <namespace>

# List ConfigMaps
kubectl get configmaps -n <namespace>

# View ConfigMap content
kubectl get configmap <config-name> -o jsonpath='{.data}' -n <namespace>

Resource Management & Quotas

# Describe resource quota for namespace
kubectl describe resourcequota -n <namespace>

# Create resource quota
kubectl create quota <quota-name> --hard=requests.cpu=10,limits.memory=20Gi -n <namespace>

# Create LimitRange (per-pod limits)
kubectl create limitrange <limit-name> --max-cpu=2 --max-memory=1Gi -n <namespace>

# View all limits
kubectl get limitrange -n <namespace>

Debugging & Logs

# Stream logs from pod
kubectl logs <pod-name> -n <namespace> -f

# View last 50 lines of logs
kubectl logs <pod-name> -n <namespace> --tail=50

# Logs from all containers in pod
kubectl logs <pod-name> -n <namespace> --all-containers=true

# Logs from specific container
kubectl logs <pod-name> -c <container-name> -n <namespace>

# Logs from previous pod (if crashed)
kubectl logs <pod-name> -n <namespace> --previous

# Execute shell command for debugging
kubectl exec -it <pod-name> -n <namespace> -- /bin/sh

# Run interactive busybox pod for network testing
kubectl run -it --rm debug --image=busybox --restart=Never -- sh

# Get pod events
kubectl describe pod <pod-name> -n <namespace>

# Tail specific container logs in pod
kubectl logs <pod-name> -c my-container -n <namespace> | tail -f

Deletion & Cleanup

# Delete pod immediately (no grace period)
kubectl delete pod <pod-name> --grace-period=0 --force -n <namespace>

# Delete all pods in namespace
kubectl delete pods --all -n <namespace>

# Delete resources from YAML file
kubectl delete -f deployment.yaml

# Delete deployment (cascades to pods)
kubectl delete deployment <name> -n <namespace>

# Delete service
kubectl delete svc <service-name> -n <namespace>

K9s: Terminal UI for Kubernetes

k9s is a terminal-based dashboard for real-time cluster management and live debugging.

K9s Command Quick Reference

Command	Action
`:ctx`	Switch context
`:ns`	Change namespace
`:alias`	View keyboard shortcuts
`:<resource>`	Jump to resource type (e.g., `:po` for pods, `:svc` for services)
`Ctrl+A`	Add/filter resource
`d`	Describe selected resource
`e`	Edit resource in YAML editor
`Ctrl+K`	Delete resource
`l`	View logs
`s`	Open shell in pod
`/`	Search/filter resources
`h` or `?`	Show help
`Shift+R`	Force refresh
`Ctrl+C`	Exit

K9s Advanced Features

Snapshots: Save cluster state for comparison (Shift+S)
Benchmarks: Performance testing for services (Ctrl+B)
Plugins: Extend k9s with custom commands
Start k9s: k9s (connects to current kubectl context)

Applying YAML to Running Container

For workflows where you need to apply configuration changes to a running pod:

Verify current context and list pods
Terminal window
```
kubectl config current-context
kubectl get pods
```

Get container name inside pod

kubectl get pod <pod-name> -o=jsonpath='{.spec.containers[*].name}'

Initialize YAML variable (from file or here-document)

yaml=$(cat <<EOF
apiVersion: v1
kind: ConfigMap
metadata:
  name: my-config
data:
  key: value
EOF
)

Apply YAML piped from variable
Terminal window
```
echo "$yaml" | kubectl apply -f -
```

Verify pod receives update (e.g., via curl)

kubectl exec <pod-name> -c <container> -- curl -sS http://httpbin.org/headers

Check container logs for confirmation

kubectl logs <pod-name> -c <container> | tail -20

Pro Tip: Combine with watch for continuous monitoring:

watch -n 1 'kubectl get pods -n <namespace>'