Kubernetes CLI Tips

Posted on Edited on In

Some useful CLI tips in daily uses, references:

Explain resources with specific fields.

This can help you explore the complete resource definition to find all available fields.

1
2
3
4
k explain ep
k explain pod.spec
k explain deploy.metadata.labels
k explain BackendConfig.spec # For GKE ingress

Create manual job from cronjob, you can also output as json template, edit

and use it.

1
k create job --from=cronjob/<name of cronjob> <manual job name>

Check service account/regular user permission.

1
2
3
4
5
6
# get sa name
k get sa

k -n <namespace> auth can-i \
--list \
--as system:serviceaccount:<namespace>:<service account name>

To check what you can do:

1
k auth can-i --list

Force delete pods with no grace period

This only works on pod resource:

1
k delete pod xxx --grace-period=0 --force

List endpoints(pod IP:port).

1
k get ep -n <namespace>

List events sorted by lastTimestamp.

1
2
# lastTimestamp is added by k8s in resource definition yaml
k get events --sort-by=".lastTimestamp"

Watching from events.

1
2
3
4
5
6
7
8
k get events -w --field-selector=type=Warning -A

# watch events for specific container
# The "involvedObject.fieldPath" is JSON return of events, see
# https://stackoverflow.com/questions/51931113/kubectl-get-events-only-for-a-pod
k get events \
--field-selector involvedObject.fieldPath="spec.containers{<container name>}" \
--sort-by=".lastTimestamp"

Get raw json for APIs.

1
2
3
k get --raw /apis/apps/v1
# Get metrics
k get --raw /metrics

Wait for pods to be ready.

1
k wait --for=condition=ready pod -l foo=bar

List customer env vars from a resource.

1
k set env <resource>/<resource-name> --list

List node and its pods mapping.

1
2
3
# column:value mapping:
# NODE:.spec.nodeName
k get po -o=custom-columns=NODE:.spec.nodeName,NAME:.metadata.name

Create starter YAML for resources.

1
kubectl create deploy anyname --image=nginx --dry-run=client -o yaml

Pods sorted by memory usage.

1
kubectl top pods -A --sort-by='memory'

To examine logs of previous restarted pod/container:

1
2
3
4
5
6
7
8
9
# Other useful options:
# -f: streaming logs
# --tail: number of line to display
# --since: return logs newer then a relative duration 5s, 2m, 3h
kubectl logs <pod name> -c <container name> --previous
# if no -c specified, return first container log by default

# --tail 5: only show last 5 lines
kubectl logs <pod name> -c <container name> -f --tail=5

Aggregate(tail/follow) logs from multiple pods into one stream.

kubetail is written by bash so can be used without installing other dependencies, git clone and put the executable to $PATH.

1
2
3
4
5
6
# Tail all pods from a deployment/sts.
kubetail <deployment name>
# Tail specific container from deploy/sts.
kubetail <deploy name> -c container1 -c container2
# Tail with regex matching.
kubetail "^app1|.*my-demo.*" --regex

Rolling out/back resources

Better than editing resource manually with kubectl edit cmd. The cheat sheet

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
# rolling update with new image
# foo1 is the container name
k set image deploy/foo foo1=image:v2  

# Check the history of deployments including the revision
k rollout history deploy/foo

# Rollback to the previous deployment or specific version
# Undo twice turns it back to the original: 1->2->1 
k rollout undo deploy/foo

# Watch rolling update status until completion
k rollout status -w deploy/foo
# Rolling restart of the "foo" deployment
k rollout restart deploy/foo

How to roll out back to a specific version:

1
2
3
4
5
6
7
8
9
# first check current version number
k get deploy/foo -o yaml | grep revision

# check rollout history and the revision detail
k rollout history deploy/foo
k rollout history deploy/foo --revision=13

# rollout to the target version
k rollout undo deploy/foo --to-revision=13