Kubernetes + GCloud + Kind Cheatsheet

Kubectl

Bash autocomplete

source <(kubectl completion bash)

Context - easy way of changing namespaces

Contexts are saved to $HOME/.kube/config, so you can edit that file manually if you mess up.

# One-time-only - create context
kubectl config set-context iix --namespace=iix --user=kubernetes-admin --cluster=kubernetes
# Later - use context 
kubectl config use-context iix

Listing

# List all images in the active namespace
kubectl -n dev get pods -o jsonpath="{.items[*].spec.containers[*].image}" |tr -s '[[:space:]]' '\n'

Modify existing daemonset

kubectl get ds fluentd-gcp-v2.0 --namespace kube-system -o yaml > fluentd-gcp-ds.yaml
# Replace stuff in fluentd-gcp-ds.yaml
kubectl replace -f fluentd-gcp-ds.yaml

Modify existing configmap

Updating ConfigMap in the apiserver is more complicated than updating DaemonSet. It’s better to consider ConfigMap to be immutable. Then, in order to update the configuration, you should create ConfigMap with a new name and then change DaemonSet to point to it.

kubectl get cm fluentd-gcp-config --namespace kube-system -o yaml > fluentd-gcp-configmap.yaml
# Replace stuff in fluentd-gcp-configmap.yaml
# Create configmap with a new name
# Update configmap in daemonset (see above)

Connect directly to resource from local machine

This is handy if you want to access a resource but bypass the Ingress.

kubectl port-forward service/my-service 8080:80

Restart item by adding annotation

kubectl annotate secretstore/vault-backend force-sync="$(date +%s)" --overwrite

Start a container without server

If you want to start a container without it starting the server (e.g. if you have a lot of volumes to mount), you can set args: [ "sleep", "infinity" ]. Probably does not work with busybox. If you don’t have a health-check which will force a restart you will have a sleeping server to do maintenance on.

Secrets

 kubectl get secret nameofsecret -o yaml
 kubectl create secret generic name-of-secret -n namespace --from-literal=secret-key=SECRET_KEY

Sidecar - workarounds when using exec or cp

# Exec into pod with sidecar
kubectl exec -it -n<namespace> <pod> -c <container> bash

# Copy from pod with sidecar
kubectl cp -c <container> <namespace>/<pod>:<file-inside-pod> <local-filename>

GCloud

Change project

gcloud container clusters get-credentials --project=projectname --zone=europe-north1 clustername

Kind

Upload image to kind

kind load docker-image image-name:version

Links#

Kubectl#

Bash autocomplete#

Context - easy way of changing namespaces#

Listing#

Modify existing daemonset#

Modify existing configmap#

Connect directly to resource from local machine#

Restart item by adding annotation#

Start a container without server#

Secrets#

Sidecar - workarounds when using exec or cp#

GCloud#

Change project#

Kind#

Upload image to kind#

Links