KUBERNETES KUBECTL CHEATSHEET & DIAGNOSTICS
An offline-first search index of core Kubernetes orchestration commands, scaling parameters, service exposures, and debugging strategies.
Pod Management4 ENTRIES
List all pods in the current namespace with basic status, restarts count, and age.
kubectl get pods [flags]kubectl get pods -n kube-system
kubectl get pods -o wideLooking for pods in the default namespace when they are deployed in a specific namespace. Use -n <namespace> or -A to list all namespaces.
Show detailed state information of a specific pod, including lifecycle events, container states, and volumes.
kubectl describe pod <pod-name>kubectl describe pod my-web-app-7c569f-x12yRunning kubectl describe when logs would be more useful for application errors. Describe is best for scheduling errors, ImagePullBackOff, or Evicted states.
Print the logs for a container in a pod. Useful for troubleshooting startup or application run errors.
kubectl logs <pod-name> [-c <container-name>]kubectl logs my-web-app-7c569f-x12y -f --tail 100Forgetting to specify the container name using -c if the pod has multiple containers (e.g. sidecars or initContainers).
Execute a command inside a running container of a pod. Often used to open an interactive bash/sh shell.
kubectl exec -it <pod-name> [-c <container-name>] -- <command>kubectl exec -it my-web-app-7c569f-x12y -- /bin/shForgetting the double-dash '--' separator before the command, which causes kubectl to parse shell flags incorrectly.
Deployments & Scaling3 ENTRIES
Set a new size for a deployment, replica set, or stateful set. Increases or decreases container instances.
kubectl scale --replicas=<count> deployment/<deployment-name>kubectl scale --replicas=5 deployment/api-serverManually scaling replicas for resources managed by a HorizontalPodAutoscaler (HPA), as HPA will overwrite your scaling adjustments immediately.
Watch the progress of a deployment update (rolling restart/upgrade) until it finishes.
kubectl rollout status deployment/<deployment-name>kubectl rollout status deployment/api-serverRunning next steps in CI/CD pipeline without checking rollout status, resulting in broken deployment failures going undetected.
Roll back a deployment to the previous revision, or rollback to a specific revision history number.
kubectl rollout undo deployment/<deployment-name> [--to-revision=<number>]kubectl rollout undo deployment/api-server --to-revision=3Rolling back without checking deployment rollout history first (via 'kubectl rollout history'), which might make you roll back to a bad state.
Service & Networking2 ENTRIES
Forward one or more local ports to a pod or service. Great for debugging cluster microservices locally without exposing them.
kubectl port-forward <pod-or-service> <local-port>:<remote-port>kubectl port-forward svc/postgres-db 5432:5432Closing the terminal window or shell process while using port-forward, which terminates the active forwarding tunnel.
Expose a deployment, pod, or replica set as a new Kubernetes Service, mapping internal ports to cluster IPs or load balancers.
kubectl expose deployment <deploy-name> --port=<external-port> --target-port=<container-port> --type=<ClusterIP|NodePort|LoadBalancer>kubectl expose deployment web-server --port=80 --target-port=8080 --type=NodePortExposing services with target ports that do not match the port exposed by the application in the container image.
Cluster Diagnostics2 ENTRIES
Display CPU and memory usage metrics for cluster nodes or pods. Requires Metrics Server to be installed in the cluster.
kubectl top <node|pod>kubectl top pod -n production
kubectl top nodeAssuming top works without Metrics Server deployed, resulting in a 'Metrics API not available' error.
Print connection and diagnostic endpoint URLs for cluster master and core addons services (DNS, dashboard).
kubectl cluster-infokubectl cluster-infoRunning commands without checking cluster-info context, causing commands to run against production instead of staging/local.
Namespace Management2 ENTRIES
Create a new namespace within the cluster to isolate resource groups.
kubectl create namespace <namespace-name>kubectl create namespace stagingCreating namespaces manually for production apps instead of using Infrastructure as Code (IaC) manifests, which leads to configuration drift.
Change the default namespace for the current active kubectl context permanently, avoiding having to append -n every time.
kubectl config set-context --current --namespace=<namespace-name>kubectl config set-context --current --namespace=developmentForgetting which namespace is set as default and accidentally deleting or modifying resources in the wrong namespace.
Configuration & Secrets2 ENTRIES
Create a ConfigMap from literal values, files, or directories to inject non-sensitive configuration data into containers.
kubectl create configmap <config-name> --from-literal=<key>=<value> | --from-file=<path>kubectl create configmap app-config --from-literal=API_URL=https://api.example.com --from-file=configs/settings.jsonStoring sensitive information like database passwords or API keys in a ConfigMap instead of using a Kubernetes Secret resource.
Create a Secret resource containing sensitive information (e.g. passwords, OAuth tokens, SSH keys). Automatically Base64 encodes values.
kubectl create secret generic <secret-name> --from-literal=<key>=<value> | --from-file=<path>kubectl create secret generic db-credentials --from-literal=db-password=SuperSecretPass123Committing raw cleartext passwords to Git repositories inside shell commands or files used to create secrets.
Advanced Troubleshooting2 ENTRIES
Copy files and directories to or from containers in a running pod. Great for pulling log files or uploading hotfixes during debug sessions.
kubectl cp <source-path> <pod-name>:<destination-path> [-c <container-name>]
kubectl cp <pod-name>:<source-path> <destination-path> [-c <container-name>]kubectl cp ./nginx.conf web-pod-abc-123:/etc/nginx/nginx.conf
kubectl cp web-pod-abc-123:/var/log/nginx/error.log ./error.logUsing 'kubectl cp' and forgetting that the container requires the 'tar' binary installed inside it for file copies to work.
Create and run a temporary, interactive pod in the cluster. Highly useful for running network diagnostic tools like ping, curl, or nslookup.
kubectl run <pod-name> --image=<image-name> --rm -it -- <command>kubectl run dns-test --image=busybox --rm -it -- nslookup kubernetes.default.svc.cluster.localOmitting the '--rm' flag, which leaves the debugging pod in Completed/Error state in your cluster forever after you exit.
Resource Management & Lifecycle3 ENTRIES
Create or apply configuration changes to resources from a file or stdin using declarative YAML/JSON files.
kubectl apply -f <file-or-directory-path>kubectl apply -f deployments/web-app.yaml
kubectl apply -f k8s-configs/Running 'kubectl apply' without first validating configurations with 'kubectl diff' or '--dry-run=client' to verify changes.
Delete Kubernetes resources by file path, resource type and name, or label selectors.
kubectl delete -f <file-path> | <resource-type> <resource-name> | -l <label-selector>kubectl delete -f deployments/web-app.yaml
kubectl delete pod -l app=nginxUsing 'kubectl delete' on resources without checking dependencies or target namespaces, accidentally taking down critical system resources.
List events in the current namespace sorted by creation timestamp. Crucial for understanding scheduling failures, crashes, and volume issues.
kubectl get events --sort-by='.metadata.creationTimestamp'kubectl get events --sort-by='.metadata.creationTimestamp'Filtering through massive lists of events without sorting or restricting to a namespace, making it hard to find relevant error events.