🏆SFEIR is the Google Cloud EMEA Training Partner of the Year 2025🤝New partnership: Official GitLab Training🤖New training: AI-Augmented Developer
🏆SFEIR is the Google Cloud EMEA Training Partner of the Year 2025🤝New partnership: Official GitLab Training🤖New training: AI-Augmented Developer
Cheatsheet6 min read

Kubernetes Memo: Objects, API Resources and Essential Shortcuts

SFEIR Institute

Key Takeaways

  • IT teams spend an average of 34 days/year resolving Kubernetes issues - these shortcuts reduce that time
  • kubectl shortcuts (po, svc, deploy) accelerate daily administration
  • Each Kubernetes object belongs to an API group and has a defined scope
TL;DR: This Kubernetes memo centralizes all native objects, their API shortcuts (po, svc, deploy) and essential kubectl commands. 82% of container users run Kubernetes in production according to the CNCF Annual Survey 2025. Print this reference.

To master these commands in real conditions, discover the LFS458 Kubernetes Administration training.

Kubernetes Objects Table: Full Names and Shortcuts

ObjectShortcutAPI GroupScope
podspocore/v1Namespaced
servicessvccore/v1Namespaced
deploymentsdeployapps/v1Namespaced
replicasetsrsapps/v1Namespaced
statefulsetsstsapps/v1Namespaced
daemonsetsdsapps/v1Namespaced
configmapscmcore/v1Namespaced
secrets-core/v1Namespaced
persistentvolumespvcore/v1Cluster
persistentvolumeclaimspvccore/v1Namespaced
namespacesnscore/v1Cluster
nodesnocore/v1Cluster
ingressesingnetworking.k8s.io/v1Namespaced
networkpoliciesnetpolnetworking.k8s.io/v1Namespaced
serviceaccountssacore/v1Namespaced
horizontalpodautoscalershpaautoscaling/v2Namespaced
cronjobscjbatch/v1Namespaced
jobs-batch/v1Namespaced
endpointsepcore/v1Namespaced
eventsevcore/v1Namespaced
Key takeaway: Use kubectl api-resources to display all available objects with their shortcuts on your cluster.

Essential kubectl Commands

Basic CRUD Operations

# List with shortcuts
kubectl get po -A                    # All pods, all namespaces
kubectl get deploy,svc -n prod       # Deployments + Services
kubectl get no -o wide               # Nodes with IPs

# Create / Apply
kubectl apply -f manifest.yaml       # Create or update
kubectl create deploy nginx --image=nginx:1.27

# Delete
kubectl delete po nginx-7fb9 --grace-period=0 --force
kubectl delete -f manifest.yaml

For deeper debugging, consult our guide Debug a Pod in CrashLoopBackOff.

Output and Filtering Shortcuts

FlagDescriptionExample
-o wideExtended columnskubectl get po -o wide
-o yamlFull YAML exportkubectl get deploy nginx -o yaml
-o jsonJSON exportkubectl get svc -o json
-o nameNames onlykubectl get po -o name
-o jsonpathTargeted extractionkubectl get po -o jsonpath='{.items[*].metadata.name}'
--selector / -lFilter by labelskubectl get po -l app=nginx
--field-selectorFilter by fieldskubectl get po --field-selector=status.phase=Running

Workload Objects: Pod, Deployment, StatefulSet, DaemonSet

Minimal Deployment Structure

apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deploy
namespace: production
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.27
ports:
- containerPort: 80
resources:
requests:
memory: "64Mi"
cpu: "100m"
limits:
memory: "128Mi"
cpu: "200m"
ObjectUse CaseKey Characteristic
DeploymentStateless appsRolling updates, rollbacks
StatefulSetDatabasesStable identity, persistent storage
DaemonSetMonitoring agents1 pod per node
JobOne-time tasksSingle execution
CronJobScheduled tasksCron schedule

According to Spectro Cloud, 80% of organizations run Kubernetes in production with an average of 20+ clusters.

Key takeaway: StatefulSet guarantees a stable DNS name (pod-0.service.namespace.svc.cluster.local).

Service and Networking Objects

NetworkPolicies control inter-pod traffic.

Service Types

# ClusterIP (default) - internal only
kubectl expose deploy nginx --port=80 --type=ClusterIP

# NodePort - accessible on each node
kubectl expose deploy nginx --port=80 --type=NodePort

# LoadBalancer - cloud provider LB
kubectl expose deploy nginx --port=80 --type=LoadBalancer
TypePort RangeAccessible From
ClusterIP-Internal cluster
NodePort30000-32767External via node IP
LoadBalancer-External via cloud LB
ExternalName-DNS CNAME

Minimal Ingress (nginx-ingress)

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: app-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
ingressClassName: nginx
rules:
- host: app.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: app-svc
port:
number: 80

Configuration and Storage Objects

ConfigMap and Secret

# ConfigMap from file
kubectl create cm app-config --from-file=config.yaml

# ConfigMap from literal
kubectl create cm app-config --from-literal=ENV=prod

# Generic secret
kubectl create secret generic db-creds \
--from-literal=username=admin \
--from-literal=password=s3cr3t

# TLS secret
kubectl create secret tls app-tls --cert=cert.pem --key=key.pem

According to Orca Security 2025, 70% of organizations use Kubernetes in cloud with Helm to manage these configurations.

PersistentVolume and PersistentVolumeClaim

# Dynamic PVC with StorageClass
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data-pvc
spec:
accessModes:
- ReadWriteOnce
storageClassName: standard
resources:
requests:
storage: 10Gi
AccessModeDescriptionAbbreviation
ReadWriteOnce1 node read/writeRWO
ReadOnlyManyMultiple nodes readROX
ReadWriteManyMultiple nodes read/writeRWX

Cluster and RBAC Objects

To become a Kubernetes system administrator, master these cluster-wide objects.

RBAC: Role, ClusterRole, Binding

# Create a Role
kubectl create role pod-reader \
--verb=get,list,watch \
--resource=pods \
-n default

# Bind to a ServiceAccount
kubectl create rolebinding pod-reader-binding \
--role=pod-reader \
--serviceaccount=default:my-sa \
-n default

# ClusterRole for cluster-wide access
kubectl create clusterrole node-reader \
--verb=get,list \
--resource=nodes
Key takeaway: Role = namespaced, ClusterRole = cluster-wide.

Quick Diagnostic Commands

IT teams spend an average of 34 days/year resolving Kubernetes issues according to Cloud Native Now. These commands reduce that time.

# Events sorted by date
kubectl get events --sort-by='.lastTimestamp' -A | tail -30

# Logs with context
kubectl logs deploy/nginx --tail=100 -f
kubectl logs nginx-pod -c sidecar --previous

# Describe for troubleshooting
kubectl describe po nginx-pod | grep -A10 "Events:"

# Resources by namespace
kubectl top pods -n prod --sort-by=memory
kubectl top nodes

# Check API state
kubectl api-resources --verbs=list --namespaced=true
kubectl api-versions | grep -E "apps|batch|networking"

Consult our complete kubectl cheatsheet for more commands.

Common Pitfalls to Avoid

ErrorCauseSolution
ImagePullBackOffImage not found or credentialsCheck imagePullSecrets
CrashLoopBackOffRepeated container crashkubectl logs --previous
PendingInsufficient resourceskubectl describe + check requests
OOMKilledMemory exceededIncrease limits.memory
EvictedNode under pressureCheck kubectl top nodes

To migrate from Docker Compose, follow our transition guide. Also discover the best free tools to practice.

Recommended kubectl Aliases

# ~/.bashrc or ~/.zshrc
alias k='kubectl'
alias kgp='kubectl get pods'
alias kgs='kubectl get svc'
alias kgd='kubectl get deploy'
alias kga='kubectl get all'
alias kd='kubectl describe'
alias kl='kubectl logs'
alias kex='kubectl exec -it'
alias kaf='kubectl apply -f'
alias kdf='kubectl delete -f'

# Autocompletion
source <(kubectl completion bash)  # or zsh
complete -F __start_kubectl k

Explore more Kubernetes practical tutorials and consult our alternatives comparisons.

Accelerate Your Kubernetes Mastery

This memo covers essential objects and shortcuts. To go further with practical labs supervised by experts:

Check the session schedule or contact our advisors for a personalized path.