Key Takeaways
- ✓4 key commands: kubectl logs, describe, exec, debug - 90% of incidents resolved
- ✓Reference table with exact syntax and concrete examples for each command
Looking for a quick reference to diagnose your Kubernetes problems? This cheatsheet gathers the essential kubectl commands that every Kubernetes system administrator uses daily. According to the CNCF 2024 report, 84% of organizations use Kubernetes in production (source), making debugging mastery critical for your career.
TL;DR: Masterkubectl logs,kubectl describe,kubectl exec, andkubectl debugto resolve 90% of Kubernetes incidents. Bookmark this page as a daily reference.
These skills are at the core of the LFS458 Kubernetes Administration training.
Quick reference table
| Command | Usage | Example |
|---|---|---|
kubectl logs | View container logs | kubectl logs pod/nginx -c nginx |
kubectl describe | Resource details and events | kubectl describe pod/nginx |
kubectl exec | Execute a command in a container | kubectl exec -it pod/nginx -- sh |
kubectl debug | Ephemeral debugging container | kubectl debug pod/nginx -it --image=busybox |
kubectl get events | Cluster events | kubectl get events --sort-by='.lastTimestamp' |
kubectl top | CPU/memory metrics | kubectl top pods --sort-by=memory |
kubectl port-forward | Local network tunnel | kubectl port-forward svc/nginx 8080:80 |
Key takeaway: Always start with kubectl describe to get the complete context before diving into logs.
kubectl logs commands: analyzing container output
The kubectl logs command is your first reflex for debugging. Kubectl logs describe exec Kubernetes form the fundamental trio you'll use daily.
Basic syntax
# Main container logs
kubectl logs pod/my-app
# Specific container logs (multi-container pods)
kubectl logs pod/my-app -c sidecar
# Real-time logs (streaming)
kubectl logs -f pod/my-app
# Last 100 lines
kubectl logs --tail=100 pod/my-app
# Last hour's logs
kubectl logs --since=1h pod/my-app
Debugging crashed pods
# Previous container logs (after crash)
kubectl logs pod/my-app --previous
# All containers' logs in a pod
kubectl logs pod/my-app --all-containers=true
Use --previous immediately after a CrashLoopBackOff to capture logs before the restart.
Key takeaway: In 2026, kubectl v1.32 introduces kubectl logs --stream=all to aggregate logs from multiple pods simultaneously.
kubectl describe commands: inspecting resources
The describe command displays the complete state of a resource, including recent events.
Essential patterns
# Complete pod details
kubectl describe pod/my-app
# Inspect a deployment
kubectl describe deployment/my-app
# Check a service
kubectl describe service/my-app
# Analyze a node
kubectl describe node/worker-01
Critical information to check
| Section | What to look for |
|---|---|
| Events | Scheduling errors, image pulls, failed probes |
| Conditions | Ready, ContainersReady, Initialized |
| Containers.State | Waiting, Running, Terminated + reason |
| Requests/Limits | Allocated resources vs available |
Systematically examine the Events section at the bottom of the output. It reveals the problem timeline.
# Filter events for a namespace
kubectl get events -n production --sort-by='.lastTimestamp' | head -20
For deeper analysis, consult our guide on production Kubernetes monitoring architecture.
kubectl exec commands: interactive container access
The exec command lets you execute commands directly in a running container.
Syntax and options
# Interactive shell
kubectl exec -it pod/my-app -- /bin/sh
# Single command
kubectl exec pod/my-app -- cat /etc/config/app.yaml
# Specific container
kubectl exec -it pod/my-app -c sidecar -- /bin/bash
# With namespace
kubectl exec -it pod/my-app -n production -- sh
Common diagnostic commands
# Check DNS resolution
kubectl exec pod/my-app -- nslookup kubernetes.default
# Test network connectivity
kubectl exec pod/my-app -- wget -qO- http://service-backend:8080/health
# List environment variables
kubectl exec pod/my-app -- env | grep -i database
# Check mounted files
kubectl exec pod/my-app -- ls -la /etc/secrets/
Create an alias to speed up your workflow:
alias kex='kubectl exec -it'
# Usage: kex pod/my-app -- sh
Key takeaway: Prefer kubectl debug for distroless or minimalist containers that don't include a shell.
kubectl debug commands: ephemeral containers
Introduced as stable in Kubernetes 1.25, kubectl debug creates ephemeral containers for advanced debugging. This command is essential for any Backend developer preparing for CKAD certification.
Debugging with ephemeral container
# Attach a debug container to an existing pod
kubectl debug pod/my-app -it --image=busybox --target=my-container
# Debug with full image (network tools included)
kubectl debug pod/my-app -it --image=nicolaka/netshoot
# Copy a pod for debugging (without affecting the original)
kubectl debug pod/my-app -it --copy-to=my-app-debug --container=debug
Node debugging
# Root access to a node's filesystem
kubectl debug node/worker-01 -it --image=ubuntu
# In the debug container
chroot /host
systemctl status kubelet
journalctl -u kubelet --since "10 minutes ago"
Consult our complete Prometheus installation guide to complete your monitoring stack.
Network diagnostic commands
Network is the source of 60% of Kubernetes incidents according to the Datadog 2024 report (source).
# Port-forward to a pod
kubectl port-forward pod/my-app 8080:80
# Port-forward to a service
kubectl port-forward svc/my-service 8080:80
# Check service endpoints
kubectl get endpoints my-service
# List NetworkPolicies
kubectl get networkpolicies -A
DNS debugging
# Deploy a DNS test pod
kubectl run dnsutils --image=gcr.io/kubernetes-e2e-test-images/dnsutils:1.3 --rm -it -- sh
# Internal DNS tests
nslookup kubernetes.default.svc.cluster.local
nslookup my-service.my-namespace.svc.cluster.local
Reference our Kubernetes metrics cheatsheet to correlate network problems with metrics.
Performance and resource commands
# Pod CPU/memory usage
kubectl top pods --sort-by=memory
# Node usage
kubectl top nodes
# Pods consuming the most CPU
kubectl top pods -A --sort-by=cpu | head -10
# Check resource quotas
kubectl describe resourcequota -n production
Key takeaway: Enable metrics-server in your cluster for kubectl top to work. It's a prerequisite for performance debugging.
Common errors and solutions
| Error | Probable cause | Solution |
|---|---|---|
ImagePullBackOff | Image not found or missing credentials | Check image name and secrets |
CrashLoopBackOff | Application crashes at startup | Consult kubectl logs --previous |
Pending | Insufficient resources or unbound PVC | Run kubectl describe pod |
OOMKilled | Memory limits exceeded | Increase limits or optimize app |
CreateContainerError | Missing ConfigMap/Secret | Check volume references |
For in-depth analysis, consult the Kubernetes Monitoring and Troubleshooting page and the guide on Kubernetes observability.
Recommended kubectl aliases (2026)
Add these aliases to your .bashrc or .zshrc:
alias k='kubectl'
alias kgp='kubectl get pods'
alias kgpa='kubectl get pods -A'
alias kdp='kubectl describe pod'
alias kl='kubectl logs'
alias klf='kubectl logs -f'
alias kex='kubectl exec -it'
alias kd='kubectl debug'
alias kge='kubectl get events --sort-by=.lastTimestamp'
Next steps
Want to master these commands in real conditions? SFEIR training prepares you for official certifications with intensive hands-on labs:
- LFS458 Kubernetes Administration: 4 days to master cluster administration, including advanced debugging
- LFD459 Kubernetes for Application Developers: 3 days to develop and debug cloud-native applications
- Kubernetes Fundamentals: 1 day to discover the basics if you're starting
Consult the complete Kubernetes Training guide to choose the path suited to your profile.