kubectl

Install

sudo snap install kubectl --classic

Completion

Prevent kubectl from trying to connect to cluster for completion:

kubectl completion bash --kubeconfig=/dev/null

Useful Tools

• For Plugins see ./kubectl-plugins.md
• fubekctl Reduces repetitive interactions with kubectl
• kubecolor colorizes kubectl output
• watch changes in ConfigMap and Secrets and then restart pods

Usage

Use jsonpath to parse output

• JSONPath Support

Show volumeName from pvc:

kubectl -n oas get pvc prometheus-0 -o=jsonpath='{.spec.volumeName}'

Show .status.reason from challenge:

kubectl -n oas-apps get challenge oas-rocketchat -o jsonpath='{.status.reason}'

List All Container Images Running in a Cluster

kubectl get pods --all-namespaces \
  -o jsonpath="{.items[*].spec.containers[*].image}" | uniq

List PVC name and selectedNode:

kubectl get pvc -A \
  -o jsonpath='{range .items[*]}{@.metadata.annotations.volume\.kubernetes\.io\/selected-node}{" "}{@.metadata.name}{"\n"}{end}' # <!-- markdownlint-disable-line -->

List all images used by pods/containers:

kubectl get pods --all-namespaces -o jsonpath="{range .items[*]}{@.metadata.namespace}{','}{@.metadata.name}{','}{@.spec['initContainers', 'containers'][*].image}{'\n'}{end}"

Use field-selector to filter resource by certain keys

• Field Selectors
• Kubernetes Label Selector And Field Selector
• Doesn't work with complex keys

Examples:

Show all PVCs not setup by flux:

kubectl get pvc -l kustomize.toolkit.fluxcd.io/namespace!=flux-system -A

Show all resources with single-sign-on velero backup label:

kubectl get all -A -l stackspin.net/backupSet=single-sign-on

Etc:

kubectl get -n kube-system pods -lname=tiller --field-selector=status.phase=Running
kc -n oas get pod kube-prometheus-stack-prometheus-node-exporter-72qz8 -o=jsonpath='{.spec.containers[].resources}'

Show events filtering for multiple fields:

kubectl -n stackspin-apps get events \
  --field-selector 'involvedObject.name=nextcloud,type!=Normal' -o yaml

Rolling updates of an app/pod

• Rolling Updates with Kubernetes Deployments

  kubectl -n varac rollout restart deployment website kubectl -n varac rollout status deployment website

Show all available APIs

sting all resources in a namespace:

kubectl api-resources --verbs=list --namespaced -o name

Get all resources with their namespace

kubectl get -A hr --template '{{range .items}}{{.metadata.namespace}}/{{.metadata.name}}{{"\n"}}{{end}}'

Show event timestamps instead of relative time

kubectl -n stackspin get events -o --no-headers=true \
  --field-selector type!=Normal \
  custom-columns=FirstSeen:.firstTimestamp,LastSeen:.lastTimestamp,Count:.count,\
  Component:.source.component,Object:.involvedObject.name,Type:.type,Reason:.reason,Message:.message

Trigger rollout of new container

kubectl -n presentation patch deployment presentation -p \
  "{\"spec\":{\"template\":{\"metadata\":{\"annotations\":{\"date\":\"`date +'%s'`\"}}}}}"

Set current namespace

alias kcd='kubectl config set-context $(kubectl config current-context) --namespace'
kcd nextcloud

Get all resources

kubectl get all ...

kubectl api-resources --verbs=list --namespaced -o name | \
  xargs -n 1 kubectl get --show-kind --ignore-not-found -n gitlab-nextcloud

See also ./kubectl-plugins.md for the ketall plugin

Scale deployment

kubectl -n gitlab-nextcloud scale --replicas=0 deployment/nextcloud-test

Failed resources

List all failed jobs:

kubectl -n NAMESPACE get job --field-selector status.successful=0 -o name

Delete all failed jobs:

kubectl -n NAMESPACE delete job --field-selector status.successful=0

Context switching apps

see ./contexts.md