Recently I made a start with Kubernetes and I found out there’s a lot of commands available through the kubectl CLI. It took me some time to search through the available commands and flags to find the ones that helped me. I combined them in a cheatsheet, so this saves me (and maybe you) also some time in searching through the manual.

Pointing kubectl to a cluster and namespace

At first it was a bit magic how kubectl knows how to connect to a cluster and to which cluster it was connected, since I didn’t configure these. For example when using Kind you run kind create cluster and afterwards your kubectl commands magicaly point to the cluster. What is happening under the hood, is that Kind writes the connection details to ~/.kube/config and selects it to be used by kubectl. Switching between namespaces within a cluster happens in a similar way:

# View configuration of all clusters known to kubectlcat ~/.kube/config
apiVersion: v1
clusters:
- cluster:
    ...
contexts:
- context:
    ...
current-context: ...
kind: Config
preferences: {}
users:
- name: ...
  user: {}
# or
➜  kubectl config view
... same output as previous command ...

# Switching kubectl to point to a different cluster
➜  kubectl config set-context name_of_cluster

# View selected namespace
➜  kubectl config view | grep namespace

# Switching namespace
➜  kubectl config set-context --current --namespace=default

Current state of the cluster

To get to know more about the current state of the cluster I often cycle between these three commands: get, describe and logs:

# Get all resources in all namespaces using -A
➜  kubectl get all,cm,secret,ing -A

# Watch current state of pods using -w, which allows you to see realtime what is happening
➜  kubectl get pods -w

# Get information about the state of a pod
# When the pod doesn't start, this is the place where you can find the reason
➜  kubectl describe my_pod

# Follow the logs of the my_container in the my_pod using -f
➜  kubectl logs my_pod my_container -f

# Secrets are base64 encoded, and thus are NOT actually secret
# You can view them as follows:
➜  kubectl get secret my_secret -o jsonpath="{.data.my_field_with_secret_value}" | base64 --decode

I prefer to use the CLI over a GUI, since it allows you to better understand how things work and you can easily write scripts to automate things. Still using a GUI makes things easier, especially if you work daily with Kubernetes. For this Lens is a nice tool.

Managing the state of the cluster

Some more tricks to make changes to the cluster or dive further into it:

# Pods exist of containers, so you can do something similar to 'docker exec'
➜  kubectl exec my_pod --stdin --tty -c my_container -- /bin/bash

# If a deployment failed or some resource it used has changed, you can roll it out again
➜  kubectl rollout restart deployment my_deployment

When I use Kind I’m often debugging and figuring out things. To make this easier, a VS Code extension can be used to attach a VS Code instance to containers of a pod. This makes it a lot easier when you have to change files while only Vim is installed.