DevOps Shack

Kubernetes Cheat Sheet ​

🔹 Cluster & Node Management

1.​
kubectl cluster-info – Get cluster info.​

2.​
kubectl get nodes – List all nodes.​

3.​
kubectl describe node <node-name> – Get node
details.
4.​
kubectl cordon <node-name> – Mark a node as
unschedulable.​

5.​
kubectl uncordon <node-name> – Mark a node as
schedulable.​

6.​
kubectl drain <node-name> --ignore-daemonsets –
Evict all pods from a node.​

7.​
kubectl taint nodes <node-name> ​
key=value:NoSchedule – Taint a node.​

8.​
kubectl label nodes <node-name> key=value – Add a
label to a node.​

9.​
kubectl get nodes --show-labels – Display node
labels.​
​
​
 ​
​

10.​ kubectl delete node <node-name> – Delete a node

from the cluster.

🔹 Pod Management
11.​ kubectl get pods – List all pods in the current
namespace.​

12.​ kubectl get pods -A – List all pods in all

namespaces.​

13.​ kubectl get pods -o wide – List pods with node

details.​

14.​ kubectl describe pod <pod-name> – Get pod

details.​

15.​ kubectl logs <pod-name> – View logs of a pod.​

16.​ kubectl logs <pod-name> -c <container-name> –

View logs of a specific container.​

17.​ kubectl exec -it <pod-name> -- /bin/sh – Access a

running pod’s shell.​

18.​ kubectl delete pod <pod-name> – Delete a pod.​

19.​ kubectl delete pod --force --grace-period=0

<pod-name> – Force delete a pod.​
​
​
​
 ​
​

20.​ kubectl get pod <pod-name> -o yaml – Get pod YAML

configuration.

🔹 Deployment Management
21.​ kubectl get deployments – List all deployments.​

22.​ kubectl describe deployment <deployment-name> –

Get deployment details.​

23.​ kubectl apply -f <deployment.yaml> – Deploy

resources from a YAML file.​

24.​ kubectl create deployment <name> --image=<image>

– Create a simple deployment.​

25.​ kubectl delete deployment <deployment-name> –

Delete a deployment.​

26.​ kubectl rollout status deployment

<deployment-name> – Check deployment rollout
status.​

27.​ kubectl rollout history deployment

<deployment-name> – View deployment history.​

28.​ kubectl rollout undo deployment <deployment-name>

– Rollback to a previous version.​

29.​ kubectl get rs – Get all ReplicaSets.​

​
​
 ​
​

30.​ kubectl scale deployment <deployment-name>

--replicas=3 – Scale a deployment.

🔹 Services & Networking

31.​ kubectl get svc – List all services.​

32.​ kubectl get svc -A – List all services in all

namespaces.​

33.​ kubectl describe svc <service-name> – Get service

details.​

34.​ kubectl delete svc <service-name> – Delete a

service.​

35.​ kubectl expose deployment <deployment-name>

--type=NodePort --port=80 – Expose a deployment as
a service.​

36.​ kubectl get endpoints – List all service

endpoints.​

37.​ kubectl port-forward pod/<pod-name> 8080:80 –

Forward local port to a pod.​

38.​ kubectl proxy – Start a proxy to access the API

server.​
​
​
​
​
 ​

🔹 Ingress & Load Balancer

39.​ kubectl get ingress – List all ingress resources.​

40.​ kubectl describe ingress <ingress-name> – Get

ingress details.​

41.​ kubectl delete ingress <ingress-name> – Delete an

ingress resource.​

42.​ kubectl apply -f ingress.yaml – Deploy an ingress

rule.​

43.​ kubectl get ingress -o

jsonpath='{.items[*].status.loadBalancer.ingress[*]
.ip}' – Get Ingress external IP.

🔹 ConfigMaps & Secrets

44.​ kubectl get configmaps – List all ConfigMaps.​

45.​ kubectl describe configmap <configmap-name> – Get

ConfigMap details.​

46.​ kubectl create configmap <config-name>

--from-literal=key=value – Create a ConfigMap.​

47.​ kubectl delete configmap <configmap-name> –

Delete a ConfigMap.​
​
​
​
 ​
​

48.​ kubectl get secrets – List all secrets.​

49.​ kubectl describe secret <secret-name> – Get

secret details.​

50.​ kubectl create secret generic <secret-name>

--from-literal=key=value – Create a secret.

🔹 Namespace Management
51.​ kubectl get namespaces – List all namespaces.​

52.​ kubectl create namespace <namespace> – Create a

new namespace.​

53.​ kubectl delete namespace <namespace> – Delete a

namespace.​

54.​ kubectl get pods -n <namespace> – List pods in a

specific namespace.

🔹 Persistent Storage
55.​ kubectl get pv – List all Persistent Volumes.​

56.​ kubectl get pvc – List all Persistent Volume

Claims.​

57.​ kubectl describe pv <pv-name> – Get PV details.​

​
​
​
 ​
​

58.​ kubectl describe pvc <pvc-name> – Get PVC

details.

🔹 StatefulSets & DaemonSets

59.​ kubectl get statefulsets – List all StatefulSets.​

60.​ kubectl describe statefulset <statefulset-name> –

Get StatefulSet details.​

61.​ kubectl get daemonsets – List all DaemonSets.​

62.​ kubectl describe daemonset <daemonset-name> – Get

DaemonSet details.

🔹 Events & Debugging

63.​ kubectl get events – List all events.​

64.​ kubectl get events

--sort-by=.metadata.creationTimestamp – Sort events
by time.​

65.​ kubectl debug pod/<pod-name> --image=busybox –

Debug a running pod.

🔹 RBAC & Security

66.​ kubectl get roles – List all roles.​
​
​
​
​
 ​

67.​ kubectl get rolebindings – List all role

bindings.​

68.​ kubectl describe role <role-name> – Get role

details.​

69.​ kubectl get clusterroles – List all cluster

roles.​

70.​ kubectl get clusterrolebindings – List all

cluster role bindings.

🔹 Resource Management
71.​ kubectl top nodes – View CPU & memory usage of
nodes.​

72.​ kubectl top pods – View CPU & memory usage of

pods.​

73.​ kubectl edit deployment <deployment-name> – Edit

a live deployment.​

74.​ kubectl config view – View Kubeconfig settings.​

75.​ kubectl config get-contexts – List available

Kubernetes contexts.​

76.​ kubectl config use-context <context-name> –

Switch to a different context.​
​
​
​
 ​

🔹 Helm
77.​ helm list – List all Helm releases.​

78.​ helm install <name> <chart> – Install a Helm

chart.​

79.​ helm upgrade <name> <chart> – Upgrade a Helm

release.​

80.​ helm rollback <name> <revision> – Rollback a Helm

release.

🔹 Jobs & CronJobs

81.​ kubectl get jobs – List all jobs.​

82.​ kubectl describe job <job-name> – Get job

details.​

83.​ kubectl delete job <job-name> – Delete a job.​

84.​ kubectl get cronjobs – List all cron jobs.​

85.​ kubectl delete cronjob <cronjob-name> – Delete a

cron job.

🔹 Miscellaneous
86.​ kubectl explain pod – Get documentation for pod
resources.​
​
​
 ​
​

87.​ kubectl run --rm -it busybox -- /bin/sh – Run a

temporary pod.​

88.​ kubectl apply --dry-run=client -f <file>.yaml –

Test YAML before applying.​

89.​ kubectl delete all --all – Delete all resources

in the namespace.​

90.​ kubectl delete pod,svc --all – Delete all pods

and services.​

91.​ kubectl delete jobs --all – Delete all jobs.​

92.​ kubectl get componentstatus – Check component

health.​

93.​ kubectl get csr – View certificate signing

requests.​

94.​ kubectl drain <node> --delete-emptydir-data –

Drain a node with emptyDir cleanup.​

95.​ kubectl label pod <pod-name> env=prod – Add a

label to a pod.​

96.​ kubectl get pod --selector=env=prod – Get pods by

label.​
​
​
​
​
 ​
​

97.​ kubectl annotate pod <pod-name> description="Test

pod" – Add an annotation.​

98.​ kubectl patch deployment <deployment-name> -p

'{"spec":{"replicas":5}}' – Patch a resource.​

99.​ kubectl delete pod

--field-selector=status.phase=Failed – Delete
failed pods.​

100.​kubectl api-resources – List all API resources.​

101.​kubectl get nodes --selector=env=prod – Get nodes

with a specific label.​

102.​kubectl label node <node-name>

node-role.kubernetes.io/worker= – Assign a node
role.​

103.​kubectl drain <node-name> --delete-local-data

--force --ignore-daemonsets – Forcefully drain a
node.​

104.​kubectl get nodes -o

custom-columns=NAME:.metadata.name,STATUS:.status.c
onditions[3].type – Custom format output.​

105.​kubectl top nodes --use-protocol-buffers –

Display node resource usage efficiently.​
​
​
​
 ​
​

106.​kubectl config set-context --current

--namespace=<namespace> – Set default namespace for
the current context.​

107.​kubectl get pods

--field-selector=status.phase=Running – Get only
running pods.​

108.​kubectl get pods -l app=myapp – List pods with a

specific label.​

109.​kubectl delete pods -l app=myapp – Delete pods

using a label selector.​

110.​kubectl logs --previous <pod-name> – View logs

from a previous container instance.​

111.​kubectl exec <pod-name> -c <container-name> -- ls

/app – Execute a command in a specific container.​

112.​kubectl run debug --image=busybox --restart=Never

--rm -it -- /bin/sh – Run a debug container.​

113.​kubectl cp <pod-name>:<file-path> <destination> –

Copy a file from a pod.​

114.​kubectl cp <source-file>
<pod-name>:<destination-path> – Copy a file to a
pod.​
​
​
​
 ​
​

115.​kubectl get pods

--sort-by=.metadata.creationTimestamp – Sort pods
by creation time.​

116.​kubectl delete pod <pod-name> --grace-period=0

--force – Force delete a pod immediately.​

117.​kubectl get pod <pod-name> -o

jsonpath='{.status.podIP}' – Get the IP address of
a pod.​

118.​kubectl get pods -o jsonpath='{range

.items[*]}{.metadata.name}{"\n"}{end}' – List only
pod names.​

119.​kubectl set image deployment/<deployment-name>

<container-name>=nginx:latest – Update deployment
image.​

120.​kubectl rollout restart deployment

<deployment-name> – Restart all pods in a
deployment.​

121.​kubectl get deployments --show-labels – Show

labels of deployments.​

122.​kubectl delete deployment --all – Delete all

deployments.​
​
​
​
​
 ​
​

123.​kubectl patch deployment <deployment-name> -p

'{"spec":{"template":{"spec":{"containers":[{"name"
:"<container-name>","image":"nginx:latest"}]}}}}' –
Update container image in a deployment.​

124.​kubectl scale --replicas=0

deployment/<deployment-name> – Scale a deployment
to zero.​

125.​kubectl get deployment

-o=jsonpath='{.items[*].metadata.name}' – Get
deployment names only.​

126.​kubectl get services -o=jsonpath='{range

.items[*]}{.metadata.name}{"\n"}{end}' – List
service names.​

127.​kubectl delete service --all – Delete all

services.​

128.​kubectl patch svc <service-name> -p '{"spec":

{"type": "LoadBalancer"}}' – Change a service type.​

129.​kubectl get svc <service-name> -o

jsonpath='{.status.loadBalancer.ingress[0].ip}' –
Get LoadBalancer IP.​

130.​kubectl get svc <service-name> -o yaml | grep

nodePort – Get the NodePort of a service.
​
​

131.​kubectl get configmap <configmap-name> -o yaml –

View ConfigMap in YAML format.​

132.​kubectl get secret <secret-name> -o

jsonpath='{.data.<key>}' | base64 --decode – Decode
secret value.​

133.​kubectl edit configmap <configmap-name> – Edit an

existing ConfigMap.​

134.​kubectl delete namespace <namespace>

--grace-period=0 --force – Force delete a
namespace.​

135.​kubectl get namespace

-o=jsonpath='{.items[*].metadata.name}' – Get
namespace names only.​

136.​kubectl get pv -o wide – View PV details.​

137.​kubectl get pvc -o

jsonpath='{.items[*].metadata.name}' – List PVC
names only.​

138.​kubectl create job <job-name> --image=busybox --

/bin/sh -c "echo Hello" – Create a simple job.​

139.​kubectl delete job --all – Delete all jobs.​

​
​
​
 ​
​
​

140.​kubectl create cronjob <cronjob-name>

--schedule="*/5 * * * *" --image=busybox -- /bin/sh
-c "date" – Create a CronJob.​

141.​kubectl get ingress

-o=jsonpath='{.items[*].metadata.name}' – Get
ingress names only.​

142.​kubectl get events --sort-by='.lastTimestamp' –

Get events sorted by timestamp.​

143.​kubectl debug node/<node-name> --image=busybox –

Debug a node with a new pod.​

144.​kubectl debug pod/<pod-name> --image=busybox –

Debug a pod interactively.​

145.​kubectl auth can-i create deployments – Check if

you can create deployments.​

146.​kubectl auth can-i delete pods --as=<user> –

Check permission for a specific user.​

147.​kubectl create rolebinding <binding-name>

--role=<role-name> --user=<username> – Bind a user
to a role.​

148.​helm uninstall <release-name> – Uninstall a Helm

release.​
​
​
 ​
​
​

149.​helm repo update – Update Helm repositories.​

150.​kubectl explain pod.spec – Explain pod spec

structure.​

151.​kubectl run nginx --image=nginx --restart=Never

--dry-run=client -o yaml – Generate pod YAML.​

152.​kubectl get apiservices – List all API services.​

153.​kubectl describe apiservices – Get details of API

services.​

154.​kubectl delete csr <csr-name> – Delete a

CertificateSigningRequest.​

155.​kubectl get nodes -o jsonpath='{range

.items[*]}{.metadata.name}{"\n"}{end}' – List only
node names.​

156.​kubectl rollout restart daemonset

<daemonset-name> – Restart a DaemonSet.​

157.​kubectl get cronjobs --no-headers | awk '{print

$1}' | xargs kubectl delete cronjob – Delete all
CronJobs.​

158.​kubectl get nodes -o

jsonpath='{.items[*].status.nodeInfo.kubeletVersion​
​
​
 ​
​
​
​
}' – Get Kubelet version of nodes.​

159.​kubectl get nodes -o yaml | grep capacity – Check

node capacity.​

160.​kubectl describe node <node-name> | grep Taint –

Get node taints.​

161.​kubectl label node <node-name> disktype=ssd –

Label a node.​

162.​kubectl get nodes -l disktype=ssd – Get nodes

with a specific label.​

163.​kubectl drain <node-name> --ignore-daemonsets

--delete-emptydir-data – Drain a node and delete
emptyDir volumes.​

164.​kubectl get nodes --no-headers | awk '{print $1}'

| xargs kubectl delete node – Delete all nodes.​

165.​kubectl get pods --no-headers | awk '{print $1}'

| xargs kubectl delete pod – Delete all pods.​

166.​kubectl delete pod -n <namespace>

--field-selector=status.phase=Failed – Delete all
failed pods.​

167.​kubectl get pod <pod-name> -o ​

​
​
 ​
​
​
jsonpath='{.status.conditions}' – Get pod
conditions.​

168.​kubectl get pod <pod-name> -o

jsonpath='{.spec.containers[*].image}' – Get
container images inside a pod.​

169.​kubectl patch pod <pod-name> -p

'{"spec":{"containers":[{"name":"<container-name>",
"image":"nginx:latest"}]}}' – Patch container
image.​

170.​kubectl set resources deployment

<deployment-name> --limits=cpu=200m,memory=512Mi
--requests=cpu=100m,memory=256Mi – Set resource
requests/limits for a deployment.​

171.​kubectl patch deployment <deployment-name> -p

'{"spec":{"template":{"metadata":{"labels":{"versio
n":"v2"}}}}}' – Patch deployment label.​

172.​kubectl rollout pause deployment

<deployment-name> – Pause a deployment rollout.​

173.​kubectl rollout resume deployment

<deployment-name> – Resume a paused deployment
rollout.​

174.​kubectl annotate deployment <deployment-name>

kubernetes.io/change-cause="Updated image to v2" –
Annotate a deployment.
175.​kubectl patch service <service-name> -p
'{"spec":{"ports":[{"port":8080,"targetPort":80}]}}
' – Change service port mapping.​

176.​kubectl port-forward deployment/<deployment-name>

8080:80 – Forward a port to a deployment.​

177.​kubectl get svc

--sort-by=.metadata.creationTimestamp – Get
services sorted by creation date.​

178.​kubectl get ingress -o jsonpath='{range

.items[*]}{.spec.rules[*].host}' – List all ingress
hosts.​

179.​kubectl edit ingress <ingress-name> – Edit an

existing ingress rule.​

180.​kubectl delete ingress --all – Delete all ingress

rules.​

181.​kubectl get secret <secret-name> -o

go-template='{{index .data "password"}}' | base64
--decode – Decode a secret value.​

182.​kubectl set env deployment/<deployment-name>

CONFIG_VAR=value – Update an environment variable
in a deployment.​
​
​
​
 ​
​
​

183.​kubectl create configmap my-config

--from-env-file=config.env – Create a ConfigMap
from a file.​

184.​kubectl get configmaps

-o=jsonpath='{.items[*].metadata.name}' – Get
ConfigMap names only.​

185.​kubectl patch namespace <namespace> -p

'{"metadata":{"finalizers":null}}' – Force delete a
stuck namespace.​

186.​kubectl get namespace -o

jsonpath='{.items[*].status.phase}' – Get the
status of namespaces.​

187.​kubectl patch pvc <pvc-name> -p

'{"spec":{"resources":{"requests":{"storage":"10Gi"
}}}}' – Resize a PVC.​

188.​kubectl get pvc -o

jsonpath='{.items[*].spec.resources.requests.storag
e}' – Get PVC storage size.​

189.​kubectl delete cronjob --all – Delete all

CronJobs.​

190.​kubectl get jobs

--field-selector=status.successful=1 – List ​
​
​
 ​
​
​
​
successful jobs.​

191.​kubectl create serviceaccount my-sa – Create a

service account.​

192.​kubectl get serviceaccount my-sa -o yaml – Get

service account details.​

193.​kubectl create rolebinding my-rolebinding

--role=my-role --serviceaccount=default:my-sa
--namespace=default – Bind a service account to a
role.​

194.​kubectl get rolebindings -o

jsonpath='{.items[*].subjects}' – Get subjects of
all role bindings.​

195.​helm search repo nginx – Search for an nginx Helm

chart.​

196.​helm show values stable/nginx-ingress – Show

values of an nginx Helm chart.​

197.​helm template <name> <chart> – Render a Helm

template without installing.​

198.​helm get manifest <release-name> – Get Helm

release manifest.
​
​

199.​kubectl debug node/<node-name> -it

--image=busybox -- sh – Debug a node interactively.​

200.​kubectl debug pod/<pod-name> -it --image=busybox

-- sh – Attach a debug container to a running pod.