kubectl
Kubernetes clusters are generally administrated with kubectl
, which communicates with the cluster's API Server to perform operations. It can work either imperatively, acting immediately upon commands, or statefully, where the desired state of the cluster is modified to trigger controllers which act on the actual state of the cluster.
Connecting to a cluster
kubectl
allows switching between multiple Kubernetes contexts:
kubectl config get-contexts
lists all configured contexts.kubectl config use-context docker-desktop
switches to the Docker Desktop context.kubectl version
lists client and server versions.kubectl cluster-info
provides high-level cluster configuration information.
Getting documentation
kubectl api-resources
lists all resource types known to the cluster.kubectl explain pod
yields the description of the root of the pod resource, and can optionally recurse further into the schema with--recursive=1
.kubectl explain pod.spec.containers
Managing etcd
To determine the version of the running etcd cluster, first locate the pod, then exec
into it to run etcd --version
.
kubectl get po -n kube-system
kubectl exec \
-it -n kube-system \
etcd-minikube -- etcd --version
More detail on etcd in its page.
Enumerating objects
kubectl get all
lists all objects.kubectl get pod
lists all pods.kubectl get pod hello-world
gets a specific pod. Use-o wide
for more fields, or-o yaml
for a full definition.kubectl describe pod hello-world
describes a specific pod in detail.
Launching pods
Launching bare pods is a one-time event and doesn't take advantage of any of Kubernetes's useful behaviours, but it can be useful for letting us test that the cluster is functioning correctly.
kubectl run nginx --image nginx:latest
launches a pod namednginx
running thelatest
tag of thenginx
image.kubectl port-forward pod/nginx 8080:80
forwards traffic on the client's port 8080 to the pod's port 80.kubectl expose service/nginx --type LoadBalancer --name nginx
creates a LoadBalancer service for the specified deployment.
Updating resources
set
allows modifying individual fields.
edit
opens a manifest in $EDITOR
.
Creating resources
Resources can be created imperatively with create
or statefully from a manifest with apply
.
--dry-run
prints the changes that would have been applied.
--validate
(true by default) validates the request against the schema before submission.
Labelling resources
Nodes and pods are commonly labelled for scheduling and matching purposes. Labels can be added like so:
kubectl label node node0 example.com/location=ldn-2
Labels can be removed by specifying the key name with a trailing dash (-
):
kubectl label node node0 example.com/location-
Labels can be printed out with the kubectl get --show-labels
switch.
Troubleshooting
Many events in Kubernetes generate Event objects which can be watched:
kubectl get events --watch
Note that since events are namespaced and termination of a namespace makes it read-only Events stop being logged. If you're troubleshooting termination issues, don't delete the namespace.
For application-level problems, dig into logs. -p
shows logs from previous instances of the container if it was restarted, and -f
follows the log:
kubectl logs -f podName [containerName]
As a last resort, get a shell to the container:
kubectl exec -it podname [-c container] -- sh
Children
Backlinks