Key Takeaways
- ✓kubectl get, describe and apply are the three most used commands
- ✓kubectl logs -f allows real-time log streaming
- ✓kubectl exec -it opens an interactive shell in a pod
TL;DR: Complete kubectl command reference for cluster administration. Syntax tables, ready-to-use examples, common pitfalls. Bookmark this page.
kubectl administration cluster command skills are at the core of the LFS458 Kubernetes Administration training.
Quick Reference Table
| Action | Command | Common Options |
|---|---|---|
| List resources | kubectl get | -A, -o wide, -o yaml |
| Resource details | kubectl describe | -n |
| Create from file | kubectl apply -f | -k (kustomize) |
| Delete | kubectl delete | --force, --grace-period=0 |
| Edit live | kubectl edit | KUBE_EDITOR=nano |
| Logs | kubectl logs | -f, --previous, -c |
| Interactive shell | kubectl exec -it | -c |
According to the Spectro Cloud 2025 report, 80% of organizations run Kubernetes in production with an average of 20+ clusters to administer.
Remember: Memorize aliases:alias k=kubectlandalias kgp='kubectl get pods'speed up daily work.
Pod and Workload Commands
Pod Management
# List all pods (all namespaces)
kubectl get pods -A -o wide
# Pods with specific labels
kubectl get pods -l app=nginx,environment=production
# Sort by creation date
kubectl get pods --sort-by='.metadata.creationTimestamp'
# JSON format for scripting
kubectl get pods -o jsonpath='{.items[*].metadata.name}'
Deployments and ReplicaSets
# Deployment status
kubectl get deployments -o wide
kubectl rollout status deployment/nginx
# Revision history
kubectl rollout history deployment/nginx
# Manual scaling
kubectl scale deployment/nginx --replicas=5
# HPA autoscaling
kubectl autoscale deployment/nginx --min=2 --max=10 --cpu-percent=80
To master these operations, the LFS458 Kubernetes Administration training offers 4 days of intensive practice preparing for CKA (Linux Foundation Training).
See the complete guide on Kubernetes Application Development for the developer perspective.
Node and Cluster Management
Node Inspection
# Node status
kubectl get nodes -o wide
# Full node details
kubectl describe node <node-name>
# Available resources per node
kubectl top nodes
# Configured taints
kubectl describe node <name> | grep Taints
Maintenance Operations
# Mark a node as non-schedulable (cordon)
kubectl cordon <node-name>
# Evict pods (drain)
kubectl drain <node-name> --ignore-daemonsets --delete-emptydir-data
# Re-enable scheduling
kubectl uncordon <node-name>
# Add a taint
kubectl taint nodes <name> key=value:NoSchedule
Remember: Always drain before maintenance to avoid service interruptions. See Solving the 10 Most Common Kubernetes Cluster Problems.
IT teams spend an average of 34 working days per year resolving Kubernetes issues ().
Namespaces and Contexts
Namespace Management
# List namespaces
kubectl get namespaces
# Create a namespace
kubectl create namespace staging
# Set default namespace
kubectl config set-context --current --namespace=production
# Resources in a specific namespace
kubectl get all -n kube-system
Multi-cluster Contexts
# View current context
kubectl config current-context
# List all contexts
kubectl config get-contexts
# Switch context
kubectl config use-context production-cluster
# View full config
kubectl config view --minify
Multi-context management is essential for enterprise Kubernetes Cluster Administration.
Debugging and Diagnostics
Logs and Events
# Real-time logs
kubectl logs <pod> -f --tail=100
# Logs from previous container (after crash)
kubectl logs <pod> --previous
# Logs from specific container (multi-container)
kubectl logs <pod> -c <container>
# Cluster events
kubectl get events --sort-by='.lastTimestamp' | tail -30
# Namespace events
kubectl get events -n production --field-selector type=Warning
Advanced Debugging
# Shell into a pod
kubectl exec -it <pod> -- /bin/sh
# Ephemeral debug pod
kubectl debug <pod> -it --image=busybox
# Node debugging
kubectl debug node/<name> -it --image=ubuntu
# Check network connectivity
kubectl run test-curl --rm -it --image=curlimages/curl -- curl -v <service>
Remember: --previous saves hours when diagnosing CrashLoopBackOff. See Kubernetes system administrator for fundamentals.
ConfigMaps and Secrets
ConfigMaps
# Create from file
kubectl create configmap app-config --from-file=config.properties
# Create from literal
kubectl create configmap app-config --from-literal=DB_HOST=mysql.default.svc
# View content
kubectl get configmap app-config -o yaml
# Edit in place
kubectl edit configmap app-config
Secrets
# Create generic secret
kubectl create secret generic db-creds \
--from-literal=username=admin \
--from-literal=password=S3cureP@ss
# TLS secret
kubectl create secret tls my-tls-secret \
--cert=tls.crt --key=tls.key
# Decode a secret (base64)
kubectl get secret db-creds -o jsonpath='{.data.password}' | base64 -d
# List secrets
kubectl get secrets -o wide
For securing secrets, refer to the LFS460 Kubernetes Security training.
Services and Networking
Services
# Expose a deployment
kubectl expose deployment nginx --port=80 --type=ClusterIP
# NodePort service
kubectl expose deployment nginx --port=80 --type=NodePort
# List endpoints
kubectl get endpoints
# View services with IPs
kubectl get svc -o wide
Ingress
# List Ingress
kubectl get ingress -A
# Ingress details
kubectl describe ingress <name>
# Available Ingress classes
kubectl get ingressclass
Compare tools in kubeadm vs kops vs k3s for initial deployment.
Rollbacks and Updates
Rollout Management
# Update image
kubectl set image deployment/nginx nginx=nginx:1.25
# Check rollout status
kubectl rollout status deployment/nginx
# Pause a rollout
kubectl rollout pause deployment/nginx
# Resume
kubectl rollout resume deployment/nginx
# Rollback to previous version
kubectl rollout undo deployment/nginx
# Rollback to specific revision
kubectl rollout undo deployment/nginx --to-revision=2
82% of container users run Kubernetes in production (CNCF Annual Survey 2025), making these commands essential for daily operations.
Common Pitfalls and Solutions
| Problem | Cause | Solution |
|---|---|---|
Error: context deadline exceeded | API server overloaded | Check kubectl top nodes |
Unable to connect to the server | Incorrect config | kubectl config view --minify |
pod has unbound PersistentVolumeClaims | Missing PV | kubectl get pv,pvc -A |
CrashLoopBackOff | Application error | kubectl logs |
ImagePullBackOff | Inaccessible image | Check registry secret |
OOMKilled | Insufficient memory | Increase resources.limits.memory |
# Quick CrashLoopBackOff diagnosis
kubectl describe pod <name> | grep -A10 "State:"
kubectl logs <name> --previous | tail -50
kubectl get events --field-selector involvedObject.name=<pod>
See the Kubernetes Training: Complete Guide for an overview.
Useful Commands for Certifications
For CKA preparation, the Kubernetes infrastructure engineer and Kubernetes system administrator training paths detail the required skills.
# Quickly create a pod (exam)
kubectl run nginx --image=nginx --dry-run=client -o yaml > pod.yaml
# Generate deployment YAML
kubectl create deployment nginx --image=nginx --dry-run=client -o yaml
# Quickly create a service
kubectl expose pod nginx --port=80 --name=nginx-svc --dry-run=client -o yaml
Remember: --dry-run=client -o yaml generates manifests without creating the resource, essential for the CKA exam.
Training managers will find information on programs and schedules and talent strategies.
Take Action
This kubectl Kubernetes cheatsheet covers essential commands for administering your clusters. For structured training with certification:
- LFS458 Kubernetes Administration: 4 intensive days preparing for CKA
- Kubernetes Fundamentals: 1-day discovery for beginners
- LFD459 Kubernetes for Developers: 3 days focused on CKAD
Contact our advisors to build your personalized Kubernetes training path.