Summary: Kubernetes hints, tips, oneliners and best practices.
Date: 15 December 2024

Get cluster information

kubectl cluster-info

List all k8s objects from Cluster Control plane

kubectl get all --all-namespaces

Deploy and delete a manifest file

kubectl apply -f manifest.yaml
kubectl delete -f manifest.yaml

Deploy and delete a manifest folder

kubectl apply -f kube-manifests/
kubectl delete -f kube-manifests/
# Recursive
kubectl apply -R -f kube-manifests/
kubectl delete -R -f kube-manifests/

Deploy to a namespace

kubectl apply -f manifest.yaml -n dev1

Get the kubectl version

kubectl version

List all nodes

kubectl get nodes
kubectl get nodes -o wide

Get detailed information about a node

kubectl describe node aks-agentpool-20417106-vmss000001

Remove taint from a node

kubectl taint nodes aks-agentpool-20417106-vmss000001 CriticalAddonsOnly=true:NoSchedule-

Get node resource performance

kubectl top nodes
kubectl top nodes --sort-by=cpu
kubectl top nodes --sort-by=memory
# Sort from low to high
kubectl top nodes --sort-by=cpu --no-headers | sort -k3 -n
kubectl top nodes --sort-by=memory --no-headers | sort -k3 -n

Get & Describe Limits

kubectl get limits -n dev3
kubectl describe limits default-cpu-mem-limit-range -n dev3

Get Resource Quota

kubectl get quota -n dev3
kubectl describe quota ns-resource-quota -n dev3

Check cpu and memory in pods, notice that this is actually the resources of the host

# cpu
cat /proc/cpuinfo | grep proc
# memory
free -h

List all namespaces and work with namespaces for other objects

kubectl get namespaces
kubectl get ns
kubectl get pods --all-namespaces

Create a namespace

kubectl create namespace dev1
kubectl create namespace dev2

Delete a namespace

kubectl delete ns dev1
kubectl delete ns dev2

List all pods

kubectl get pods
kubectl get po

List all pods from a specific namespace

kubectl get pods -n dev1

Get logging from a pod

kubectl logs -f podname
# pods can have changing names, so you can use this command if you don't know the podname:
kubectl logs -f $(kubectl get po | egrep -o 'external-dns[A-Za-z0-9-]+')

Get detailed information about a pod

kubectl describe pod podname
kubectl describe pod myapp1-deployment-5bc58f6848-7vm2v

Get pod specifications like cpu and memory

kubectl get pod <pod-name> -o yaml

Get pod resource performance

kubectl top pods
kubectl top pods --sort-by=cpu
kubectl top pods --sort-by=memory

List all deployments

kubectl get deployments
kubectl get deploy

Restart a deployment

kubectl rollout restart deployment/kube-prometheus-stack-grafana

Apply a manifest

kubectl apply -f kube-prometheus-stack.yaml --server-side -n shared
kubectl apply -f kube-prometheus-stack.yaml --server-side --force-conflicts -n shared

List all services

kubectl get services
kubectl get svc

List all services from all namespaces

kubectl get services --all-namespaces
# Sorted on name
kubectl get services --all-namespaces --sort-by=.metadata.name
# Sorted on type
kubectl get services --all-namespaces --sort-by=.spec.type
# Get all services of type LoadBalancer
kubectl get services --all-namespaces | grep LoadBalancer

List services with a specific label

kubectl get service -l app.kubernetes.io/name=ingress-nginx --namespace ingress-basic

Describe a service

kubectl describe svc proxy-public --namespace dev1

List all StatefulSets

kubectl get statefulsets
kubectl get sts

Kill all the pods in a statefulSet by setting the number of replicas to 0

kubectl scale statefulset myapp1 --replicas=0

List all storage classes

kubectl get storageclasses
kubectl get sc

List all persistent volumes claims

kubectl get pvc

List all persistent volumes (the actual storage)

kubectl get pv

Delete a persistent volume

kubectl delete pv my-pv

List all storage information at once

kubectl get sc,pvc,pv

Get all ingress

kubectl get ingress

List all secrets

kubectl get secrets

Create a secret

kubectl create secret generic azure-config-file --from-file=azure.json

Decode a secret

echo "cGxhY2Vob2xkZXJwYXNzd29yZA==" | base64 --decode

Decode a secret with powershell

kubectl get secret argocd-initial-admin-secret --namespace ops -o json | ConvertFrom-Json | select -ExpandProperty data | % { $_.PSObject.Properties | % { $_.Name + [System.Environment]::NewLine + [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($_.Value)) + [System.Environment]::NewLine + [System.Environment]::NewLine } }

Connect to MySQL using Kubectl by installing a sql client pod

kubectl run -it --rm --image=mysql:8.0 --restart=Never mysql-client -- mysql -h akswebappdb201.mysql.database.azure.com -u dbadmin -p<password>

Reset Grafana admin password from within the pod

# Start k8s vscode extension -> vtxops -> configuration -> secrets -> kube-prometheus-stack-grafana -> Note down the admin-password
# opsnamespace -> workloads -> pods -> kube-prometheus-stack-grafana-xxxx
# Open the terminal (click terminal icon next to the name)
grafana cli admin reset-admin-password <admin-password>

Connect to AKS

az aks get-credentials --resource-group myResourceGroup --name myAKSCluster
# overwrite the existing context
az aks get-credentials --resource-group myResourceGroup --name myAKSCluster --overwrite-existing

Connect to AKS

az login
az aks install-cli
# Add C:\Users\sjoer\.azure-kubectl to path
# Advanced System Settings -> Environment Variables -> User Variables -> Path -> New
# Configure Cluster Creds (kube config)
az aks get-credentials --resource-group aks-rg1 --name aksdemo1

az aks nodepool show --resource-group aks-rg1 --cluster-name aksdemo1 --name agentpool
# Remove all taints (must be done from cloud shell as it does not work locally)
az aks nodepool update --resource-group aks-rg1 --cluster-name aksdemo1 --name agentpool --node-taints ""
# Get the resource group name of the AKS cluster
az aks show --resource-group aks-rg1 --name aksdemo1 --query nodeResourceGroup -o tsv
# Create a public IP address with a static allocation
az network public-ip create --resource-group <REPLACE-OUTPUT-RG-FROM-PREVIOUS-COMMAND> --name myAKSPublicIPForIngress --sku Standard --allocation-method static --query publicIp.ipAddress -o tsv

# Install Helm3 (if not installed)
choco install kubernetes-helm
# Add a repository
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update

Use Helm to deploy an NGINX ingress controller

helm install ingress-nginx ingress-nginx/ingress-nginx `
    --namespace ingress-basic `
    --set controller.replicaCount=2 `
    --set controller.nodeSelector."kubernetes\.io/os"=linux `
    --set defaultBackend.nodeSelector."kubernetes\.io/os"=linux `
    --set controller.service.externalTrafficPolicy=Local `
    --set controller.service.loadBalancerIP="172.205.120.177"