Difference between revisions of "Kubectl"

From NovaOrdis Knowledge Base
Jump to: navigation, search
(Rescue Access=)
(One intermediate revision by the same user not shown)
Line 29: Line 29:
{{Internal|.kube config|.kube config}}
{{Internal|.kube config|.kube config}}
=Rescue Access=
On a master, as root:
/usr/local/bin/kubectl  --kubeconfig=/etc/kubernetes/admin.conf get pods

Revision as of 03:31, 4 December 2019



kubectl is the main Kubernetes command line tool, used to send REST API requests with JSON-formatted payloads into the API server.



Download the latest version:

curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl

Make the binary executable:

chmod +x ./kubectl

Move the binary into the PATH

sudo mv ./kubectl /usr/local/bin/kubectl


.kube config

Rescue Access

On a master, as root:

/usr/local/bin/kubectl  --kubeconfig=/etc/kubernetes/admin.conf get pods



Obtaining Information about API Objects


kubectl get

kubectl get and kubectl describe mask sensitive information such as a secret's content to protect it from being exposed accidentally to an onlooker or from being stored in a terminal log.

Output in YAML Format

The "-o yaml" option instructs get to return the full copy of the object's manifest from the cluster store. The output is divided into a .spec section, which represents the desired state and the .status section, which represents the current observed state.

kubectl get -o yaml ...

Get the Manifest for an Existing Object

The manifest can be used to recreate the object:

kubectl get pod pod-name --export -o yaml

Note that --export is deprecated and will be removed in the future so find an equivalent.

JSONPath Support


Removing Leading and Trailing Single Quotes

... | sed -e 's/^'\//' > ...

Get an Individual Attribute Only

TODO: https://gist.github.com/so0k/42313dbb3b547a0f51a547bb968696ba

kubectl ... -o jsonpath="{.status.phase}"
kubectl ... -o jsonpath="{.items[?(@.spec.unschedulable)].metadata.name}"

Alternative, to explore and document:

kubectl get pods  --no-headers -o custom-columns=\":metadata.name\" ...

Filter Elements of an Array based on a Key Value

We assume that the elements of the array are maps, which contain the specified key:

kubectl ... -o jsonpath="{.users[?(@.name=="blue")].user.password}"
kubectl get pod ... -o jsonpath='{.items[0].spec.volumes[?(@.name=="vault")].hostPath.path}' 2>/dev/null


The 'describe' command provides a multi-line overview of an object. It includes important object lifecycle events.

kubectl describe

POSTing a Manifest

kubectl apply -f filename.yaml

Port Fowarding

 while ! kubectl -n my-namespace port-forward service/my-service 8787:8787; do sleep 1; done