wiki.getshifting.com

Differences

This shows you the differences between two versions of the page.

--- cheatsheet-kubernetes [2025/07/20 05:47] – [MISC] sjoerd
+++ cheatsheet-kubernetes [2026/02/08 14:49] (current) – external edit 127.0.0.1
@@ Line 4: / Line 4: @@
 **Date**: 15 December 2024 \\
 {{tag>cheatsheet kubernetes}}
+== Terminology ==
+**Pods**\\
+Basic scheduling unit that holds one or more containers.
+**Nodes**\\
+Machines (physical or virtual) in the cluster where pods are scheduled.
+**Cluster**\\
+Collection of nodes and associated resources.
+**Kubelet**\\
+An agent running on each node, responsible for managing the node and its containers.
+**Kubernetes Controller Manager**\\
+Manages controllers to regulate the state of the system.
+**Kube Proxy**\\
+Maintains network rules to allow communication between pods and external traffic.
+**etcd**\\
+Consistent and highly-available key-value store used for all cluster data.
+**API Server**\\
+Serves the Kubernetes API and is the primary entry point for administrative tasks.
+**Scheduler**\\
+Assigns pods to nodes based on resource requirements and other constraints.
+**Controller**\\
+Maintains the desired state of the system, such as ensuring the correct number of replicas for a particular application.
+**Service**\\
+Provides a consistent way to access a set of pods.
+**Namespace**\\
+A way to divide cluster resources between multiple users.
+**Volumes**\\
+Kubernetes supports various types of storage volumes, providing data persistence for pods.
+**Secrets and ConfigMaps**\\
+Mechanisms to manage sensitive information and configuration data separately from application code.
+**Deployment**\\
+A higher-level resource that manages updates to applications by handling the deployment and scaling of pods.
+**StatefulSets**\\
+Manages stateful applications, ensuring stable network identities and persistent storage for pods.
+**DaemonSets**\\
+Ensures that specific pods run on all (or specific) nodes for cluster-wide tasks like logging or monitoring.
+**Jobs and CronJobs**\\
+Run short-lived or scheduled tasks within the cluster.
+**Ingress**\\
+Manages external access to services, typically HTTP.
+**Network Policies**\\
+Define how groups of pods can communicate with each other and other network endpoints.
+**Horizontal Pod Autoscaler**\\
+Automatically adjusts the number of replica pods to handle varying load.
+**Vertical Pod Autoscaler**\\
+Adjusts the resources allocated to individual pods based on their usage.
+**Operators**\\
+A way to package, deploy, and manage applications using Kubernetes APIs and controllers.
+**Kubectl**\\
+The command-line interface to interact with Kubernetes clusters.
 == Kubectl ==
@@ Line 70: / Line 144: @@
 kubectl top nodes --sort-by=cpu --no-headers | sort -k3 -n
 kubectl top nodes --sort-by=memory --no-headers | sort -k3 -n
+</code>
+\\
+> Connect to nodes in a private aks cluster
+<code bash>
+# Based on https://learn.microsoft.com/en-us/azure/aks/node-access where is explained on how to connect to aks nodes. However, this does not work for a private cluster as the container is not available. You can, assuming that you've added the container to your private container registry, use that one:
+# Get all the nodes
+kubectl get nodes -o wide
+# Start the debug command to connect to the node using an image from a private container registry
+kubectl debug node/aks-npuser001-34232393-vmss000001 -it --image=acreuwprd.azurecr.io/docker/docker/library/busybox:1.37
 </code>
@@ Line 113: / Line 196: @@
 kubectl delete ns dev1
 kubectl delete ns dev2
+</code>
+> Set a default namespace
+<code bash>
+# Set the default namespace and expected output
+kubectl config set-context --current --namespace=ops
+Context "aks-cluster" modified.
 </code>
@@ Line 165: / Line 255: @@
 </code>
 \\
+> Restart all deployments in a namespace
+<code bash>
+kubectl rollout restart deployment -n shared
+</code>
 > Apply a manifest
 <code bash>
@@ Line 211: / Line 305: @@
 <code bash>
 kubectl scale statefulset myapp1 --replicas=0
+</code>
+\\
+> Restart a statefulset
+<code bash>
+kubectl rollout restart statefulset/myapp1
+</code>
+\\
+> Restart all statefulsets in a namespace
+<code bash>
+kubectl rollout restart statefulset -n shared
 </code>
@@ Line 284: / Line 388: @@
 grafana cli admin reset-admin-password <admin-password>
 </code>
-\\ Check for kafka topics
+\\
+> Check for kafka topics
 <code bash>
 # open a terminal on one of the kafka brokers (eg kafka-kafka-0)
 ./bin/kafka-topics.sh --list --bootstrap-server localhost:9092
 </code>
-\\ Get all resource kinds with their name from a manifest:
+\\
+> Get all resource kinds with their name from a manifest:
 <code bash>
 cat opentelemetry-operator.yaml | grep -i '^kind\|^  name:'
+</code>
+== Loop commands with kubectl ==
+Here are some examples I use to perform actions on multiple resources at once.
+> Remove all finalizers for kafka topics
+<code bash>
+kubectl get kafkatopic.kafka.strimzi.io -n shared -o name |
+while read topic; do
+    echo "Removing finalizer from $topic"
+    kubectl patch $topic -n shared -p '{"metadata":{"finalizers":[]}}' --type=merge
+done
+</code>
+\\
+> Delete all jobs that start with "backup"
+<code bash>
+export NAMESPACE=shared
+kubectl get jobs -n $NAMESPACE -o name | grep backup- |
+while read job; do
+    echo "Deleting $job"
+    kubectl delete $job -n $NAMESPACE
+done
 </code>
@@ Line 353: / Line 482: @@
     --set controller.service.loadBalancerIP="172.205.120.177"
 </code>
+//This wiki has been made possible by://
+<HTML>
+<script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8613096447910897"
+     crossorigin="anonymous"></script>
+<!-- Wiki End of Page -->
+<ins class="adsbygoogle"
+     style="display:block"
+     data-ad-client="ca-pub-8613096447910897"
+     data-ad-slot="6221699236"
+     data-ad-format="auto"
+     data-full-width-responsive="true"></ins>
+<script>
+     (adsbygoogle = window.adsbygoogle || []).push({});
+</script>
+</HTML>