Kubernetes is a container orchestrator consisting of master and worker nodes. It allows communication only through an API server, which serves as the core component of the control plane. The API server exposes an HTTP REST API that allows communication between internal components—like users and the cluster—and between external components.
You can think of the API server as the main user interface or front end of Kubernetes. It enables you to query, update or manage the state of Kubernetes objects or resources. To establish these interactions, the Kubernetes API can directly make REST requests, use client libraries or receive direct commands via the kubectl command line.
kubectl can help you perform various actions, including:
- Deploying containerized applications
- Running Kubernetes operations
- Monitoring tasks
- Inspecting and managing cluster resources
- Viewing system logs
Before you start using kubectl, it’s important to have a basic understanding of the command structure. Here is the general syntax of commands:
kubectl [command] [TYPE] [NAME] [flags]
Let’s review each of these attributes:
- command—Describes the type of operation to be performed. Common operations include create, write, get, apply and delete. These commands either create new Kubernetes objects, modify existing objects or request information about existing objects. You can specify multiple resources in a single command.
- TYPE—Describes the kind of resource your command targets. Common options are pod, service, deployment, daemonset, statefulset, job or cronjob.
- NAME—This is case-sensitive and specifies the name of the resource your command should be applied to. It is not mandatory to provide a resource name—if you provide a name, the command is limited to that specific resource (or you receive an error if there is no resource by that name). If you don’t specify, the command applies to all resources in the current cluster of namespace.
- flags—These indicate special options or requests for specific information. They can also be used as modifiers to override default values or environment variables.
Top 8 kubectl Commands Explained
1. List Kubernetes Resources
Use the kubectl get operation to list one or multiple resources. For example, use kubectl get pods to list all Kubernetes pods. Adding an output flag like get pods -o wide will list the pods and additional data, such as their associated node names.
The get operation can list additional resources such as services and replication controllers. Use the kubectl command get rc or get services to list all services and replication controllers.
The different variations of the get operation allow you to perform actions such as specifying specific nodes and reducing the length of resources using short aliases.
While the get command provides a compact resource list, the kubectl describe command offers detailed reports of the state of one or multiple resources. Kubernetes resources. The kubectl describe pods command describes all your Kubernetes pods. If a replication controller is managing the pods, you can use the describe pods <controller-name> command to display the pods’ details for the specified controller.
The kubectl describe operation can focus on specific pods or nodes. For instance, you can use the kubectl command describe nodes <node-name> to display the details of the specified nodes. Alternatively, describe pods <pod-name> will display the specified pod’s details.
3. Create and Modify
You can use the apply command in kubectl to create resources from specific files or standard inputs (stdin). The kubectl apply -F servicename.yaml command creates a new service using a specific YAML file. The -f flag indicates the use of a file.
For example, if you want to create a new RC using the contents of your YAML file, you can use the apply -f controllername.yaml command. Another option is to use broader commands like apply -f <directory-path> to create a resource of service defined in a JSON or YAML file in your specified directory.
The kubectl delete operation terminates services and resources you no longer require. It is essential for managing Kubernetes, allowing you to free up computing capacity for different Kubernetes tasks.
For instance, you can use the kubectl delete pods –all command to eliminate all pods. When deleting pods, it is safer to use resource names and types specified in separate YAML files. If you use the examplepod.yaml file to create a pod, you can delete the pod using the command delete -f examplepod.yaml.
Kubectl may also delete services and pods sharing specific labels, which you can assign using the label operation. For example, the delete pods,services -l name=<example-name> command deletes all pods and services labeled “example-name”.
5. PersistentVolume (PV)
A Kubernetes PersistentVolume is a mechanism for provisioning storage in a Kubernetes cluster. It can be configured manually by an administrator or automatically using StorageClasses. PVs are separate resources within the cluster, independent from the individual pods that use them. If a pod goes down, the PV stays in place and can be mounted on other pods.
Behind the scenes, PV objects interact with physical storage devices using NFS, iSCSI, or with public cloud storage services.
Here are three useful commands you can use to work with PersistentVolumes.
Run the following command to create a PV on a node (provide the URL to your PV manifest):
kubectl apply -f https://k8s.io/examples/pods/storage/pv-volume.yaml
Create a PersistentVolumeClaim (PVC) that requests a PV with the specific criteria. This enables dynamic provisioning of PVs. Run this command to create the PVC in the cluster:
kubectl apply -f https://k8s.io/examples/pods/storage/pv-claim.yaml
As soon as you create the PVC, the Kubernetes control plane starts looking for an appropriate PV. When it finds one, it binds the PVC to the PV. Run this command to see the status of a PV:
kubectl get pv task-pv-volume
6. Security Context
Running workloads securely in Kubernetes can be challenging. Various settings affect security controls used by the Kubernetes API. One of the powerful tools Kubernetes provides is setting a securityContext that all pod manifests can use.
Using security contexts in Kubernetes is easy. All you need to do is include the security context block in a Deployment manifest when deploying pods. For example, the following block instructs Kubernetes to run a pod with user ID of 1000 and a group ID of 2000:
Unlike RBAC, a security context does not require you to define different types of files (such as Roles and RoleBindings) to apply security rules. Just add the required security context code when declaring your Deployment, and Kubernetes will apply the rules for you automatically.
7. Managing Deployments
There are several useful commands for managing Kubernetes Deployments. Deployment management also covers StatefulSet and DaemonSet management.
When updating a deployment, stateful set, or daemon set, you can use the rollout status command to view the update’s status. You can also cancel rollouts using the command rollout undo <statefulset-name / app-name>. On the other hand, the rollout history <deployment name / app name> command will provide you with a history of changes to the deployment.
These commands are uncommon in practice because most admins use tools like Helm to manage deployments.
You can use the command scale –replicas=N <deployment name / app name> to adjust the number of pods running for your deployment. In this context, N represents the updated number of replicas. It produces the same result as adjusting the number of replicas using the kubectl edit <deployment name / app name> command.
Because you are probably using Helm or the pod autoscaler to make static changes, you are unlikely to use this approach in practice or make any manual changes. It is also possible to set up basic Kubernetes autoscaling capabilities with the kubectl autoscale operation. However, this command only works with the CPU utilization metric.
8. Executing Commands
You can execute commands through kubectl using the exec operation, which runs commands against containers or pods. For instance, you can use the kubectl exec <pod-name> date command to run the date command in a shell on a specified pod and display the output. By default, this command executes on the first container in a pod.
For another example, you can use the exec <pod-name> -c container-name date command in a specified container within your pod.
That’s it! While this list of commands won’t let you do everything in Kubernetes, it is enough to accomplish many day-to-day tasks. I hope this will be useful as you improve your mastery of containerized environments on your way to becoming a Kubernetes hero.