Kubernetes Cheatsheet

Cheatsheet Content

### Core Concepts - **Cluster:** A set of nodes that run containerized applications. - **Master Node:** Manages the cluster (API server, scheduler, controller manager, etcd). - **Worker Node:** Runs application workloads (Kubelet, Kube-proxy, Container Runtime). - **Pod:** Smallest deployable unit, encapsulates one or more containers, storage, and network resources. - **Deployment:** Manages a set of identical Pods, ensuring desired state (scaling, rolling updates). - **Service:** An abstract way to expose an application running on a set of Pods as a network service. - **Namespace:** Provides a mechanism for isolating groups of resources within a single cluster. ### `kubectl` Commands - **View cluster info:** - `kubectl cluster-info` - `kubectl get nodes` - `kubectl get all` - **Manage Pods:** - `kubectl run --image= --port= ` (deprecated for Deployments) - `kubectl get pods` - `kubectl describe pod ` - `kubectl logs ` - `kubectl exec -it -- /bin/bash` - `kubectl delete pod ` - **Manage Deployments:** - `kubectl apply -f ` - `kubectl get deployments` - `kubectl describe deployment ` - `kubectl rollout status deployment ` - `kubectl scale deployment --replicas= ` - `kubectl delete deployment ` - **Manage Services:** - `kubectl expose deployment --type=NodePort --port= --target-port= ` - `kubectl get services` - `kubectl describe service ` - `kubectl delete service ` - **Namespace operations:** - `kubectl get namespaces` - `kubectl create namespace ` - `kubectl config set-context --current --namespace= ` - `kubectl delete namespace ` - **Configuration:** - `kubectl config get-contexts` - `kubectl config use-context ` - `kubectl apply -f ` - `kubectl get configmaps` - **Secrets:** - `kubectl create secret generic --from-literal=key1=value1 --from-literal=key2=value2` - `kubectl get secrets` ### YAML Examples #### Pod ```yaml apiVersion: v1 kind: Pod metadata: name: my-nginx-pod labels: app: nginx spec: containers: - name: nginx image: nginx:latest ports: - containerPort: 80 ``` #### Deployment ```yaml apiVersion: apps/v1 kind: Deployment metadata: name: my-app-deployment spec: replicas: 3 selector: matchLabels: app: my-app template: metadata: labels: app: my-app spec: containers: - name: my-app-container image: my-repo/my-app:1.0 ports: - containerPort: 8080 ``` #### Service (NodePort) ```yaml apiVersion: v1 kind: Service metadata: name: my-app-service spec: selector: app: my-app type: NodePort ports: - protocol: TCP port: 80 targetPort: 8080 nodePort: 30080 ``` #### Service (ClusterIP) ```yaml apiVersion: v1 kind: Service metadata: name: my-internal-service spec: selector: app: my-app ports: - protocol: TCP port: 80 targetPort: 8080 type: ClusterIP ``` #### ConfigMap ```yaml apiVersion: v1 kind: ConfigMap metadata: name: my-config data: config.properties: | database.url=jdbc:mysql://mysql-service:3306/mydb app.environment=production another_key: another_value ``` ### Networking - **ClusterIP:** Internal service, only reachable within the cluster. - **NodePort:** Exposes a service on a static port on each Node's IP. - **LoadBalancer:** Exposes the service externally using a cloud provider's load balancer. - **Ingress:** Manages external access to services in a cluster, typically HTTP/S. - Requires an Ingress Controller (e.g., Nginx Ingress Controller). - Defined by Ingress resources. ### Storage - **PersistentVolume (PV):** A piece of storage in the cluster provisioned by an administrator. - **PersistentVolumeClaim (PVC):** A request for storage by a user. - **StorageClass:** Defines different "classes" of storage (e.g., fast SSD, slow HDD) to dynamically provision PVs. - **Volume:** A directory, possibly with some data in it, accessible to the Pod's containers. - Types: `emptyDir`, `hostPath`, `nfs`, `awsElasticBlockStore`, `persistentVolumeClaim`. ### Troubleshooting - **Check Pod status:** `kubectl get pods -o wide` - **Describe resources:** `kubectl describe pod `, `kubectl describe deployment `, `kubectl describe service ` - **View logs:** `kubectl logs -f` (follow logs) - **Check events:** `kubectl get events` (cluster-wide), `kubectl describe ` (resource-specific) - **Exec into container:** `kubectl exec -it -- /bin/sh` (or `/bin/bash`) - **Port-forwarding:** `kubectl port-forward : ` - **Check deployments:** `kubectl rollout status deployment/ ` - **Check Kubelet logs on node:** `journalctl -u kubelet` (on worker node)