Skip to main content

kubectl Commands

kgpo -A --watch | ts '[%Y-%m-%d %H:%M:%S]'
k rollout restart deployment/ticket-api -n prod

kubectl run test --rm -it --image get -- bash
kubectl run test --rm -it --image python:3.8 -- bash
kubectl run test --rm -it --image curlimages/curl -- sh
kubectl run nginx --image=nginx --restart=Never -n test
kubectl run nginx --image=nginx:1.17.4 --restart=Never --port=80
kubectl run busybox --image=busybox --restart=Never -- ls
kubectl run busybox --image=busybox --restart=Never -- /bin/sh -c "sleep 3600"
kubectl run busybox --image=nginx --restart=Never -it --rm -- echo "How are you"
kubectl run busybox --image=nginx --restart=Never -it --rm -- sh
kubectl run nginx --image=nginx --restart=Never --port=80 --expose
kubectl run nginx --image=nginx --restart=Never --requests='cpu=100m,memory=256Mi' --limits='cpu=200m,memory=512Mi'
kubectl run nginx --image=nginx --restart=Never --serviceaccount=myuser
kubectl run nginx1 --image=nginx --restart=Never --labels=app=v1

kubectl exec -it troubleshoot- -- /bin/sh
kubectl exec -it busybox -- wget -o- <IP Address>

kubectl create deploy nginx --image=nginx --dry-run -o yaml
kubectl create quota myrq --hard=cpu=1,memory=1G,pods=2 --dry-run -o yaml
kubectl create configmap config --from-literal=foo=lala --from-literal=foo2=lolo
kubectl create cm config2 --from-file=config.txt
kubectl create cm config4 --from-file=special=config4.txt
kubectl create cm config3 --from-env-file=config.env
kubectl create secret generic mysecret --from-literal=password=mypass
kubectl create secret generic mysecret2 --from-file=username
kubectl create sa myuser
kubectl create job pi --image=perl -- perl -Mbignum=bpi -wle 'print bpi(2000)'
kubectl create cronjob busybox --image=busybox --schedule="*/1 * * * *" -- /bin/sh -c 'date; echo Hello from the Kubernetes cluster'

kubectl expose deploy foo --port=6262 --target-port=8080

kubectl delete po nginx --grace-period=0 --force
kubectl delete deploy/nginx hpa/nginx

kubectl get po nginx --v=7 (6 to 10)
kubectl get po nginx --show-labels
kubectl get po -l app
kubectl get po --label-columns=app

kubectl get po -l app=v2
kubectl get po -l 'app in (v2,v1)'
kubectl get po --selector=app=v2
kubectl get pods --sort-by=.metadata.name (sorted by name)
kubectl get pods --sort-by=.metadata.creationTimestamp (sorted by creationTimestamp)
kubectl get po -o=custom-columns="POD_NAME:.metadata.name, POD_STATUS:.status.containerStatuses[].state" (custom columns)

# Annotations
kubectl annotate po nginx1 nginx2 nginx3 description='my description'
kubectl get pods -o custom-columns=Name:metadata.name,ANNOTATIONS:metadata.annotations.description
kubectl describe po nginx1 | grep -i 'annotations'
kubectl annotate po nginx{1..3} description-

kubectl label po nginx app=nginx
kubectl label po nginx1 nginx2 nginx3 app-
kubectl label po nginx{1..3} app-
kubectl label po -l app app-

kubectl label po nginx2 app=v2 --overwrite

# Rollouts / rollbacks
kubectl set image pod/nginx nginx=nginx:1.15-alpine
kubectl rollout status deploy nginx
kubectl rollout history deploy nginx
kubectl rollout history deploy nginx --revision=4

kubectl rollout undo deploy nginx
kubectl rollout undo deploy nginx --to-revision=2

kubectl rollout pause deploy nginx
kubectl rollout resume deploy nginx
kubectl rollout restart deployment/frontend #Rolling restart of frontend deploy

kubectl scale deploy nginx --replicas=5
kubectl scale sts airflow-worker --replicas=5

kubectl autoscale deploy nginx --min=5 --max=10 --cpu-percent=80

kubectl explain po.spec

kubectl top pod busybox --containers > file.log

wget -O- http://10.1.0.89:8080

Debugging

exit code=137 means that either (1) something killed the container that hosted the TE or (2) something killed the process with SIGKILL (kill -9) (We can figure that out by taking theexit codeand deduct 128 from it to get the actual signal number, i.e.137-128=9)

Commands

kubectl [command] [TYPE] [NAME] [flags]

  • command: Specifies the operation that you want to perform on one or more resources, for example create, get, describe, delete.

  • TYPE: Specifies the resource type. Resource types are case-insensitive and you can specify the singular, plural, or abbreviated forms.

  • NAME: Specifies the name of the resource. Names are case-sensitive. If the name is omitted, details for all resources are displayed, for example $ kubectl get pods

  • flags: Specifies optional flags. For example, you can use the -s or --server flags to specify the address and port of the Kubernetes API server.

Basic Commands (Beginner)

create

Create a resource from a file or from stdin

Imperative management of kubernetes objects using configuration files

kubectl create deploy nginx --image nginx:latest
kubectl create deploy python-test --image python:3.8
kubectl create deployment troubleshoot --image=nginx
kubectl create job --from=cronjob/loanetl loanetl-manual-002 -n apps
kubectl create secret tls example-com-tls --cert=tls.crt --key=tls.key
kubectl create secret tls ca-key-pair --key=ca.key --cert=ca.crt

# Create a pod based on the JSON passed into stdin
cat pod.json | kubectl create -f -

# Edit the data in docker-registry.yaml in JSON then create the resource using the edited data

kubectl create -f docker-registry.yaml --edit -o json
  • clusterrole Create a ClusterRole.
  • clusterrolebinding Create a ClusterRoleBinding for a particular ClusterRole
  • configmap Create a configmap from a local file, directory or literal value
  • cronjob Create a cronjob with the specified name.
  • deployment Create a deployment with the specified name.
  • job Create a job with the specified name.
  • namespace Create a namespace with the specified name
  • poddisruptionbudget Create a pod disruption budget with the specified name.
  • priorityclass Create a priorityclass with the specified name.
  • quota Create a quota with the specified name.
  • role Create a role with single rule.
  • rolebinding Create a RoleBinding for a particular Role or ClusterRole
  • secret Create a secret using specified subcommand
  • service Create a service using specified subcommand.
  • serviceaccount Create a service account with the specified name

expose

Take a replication controller, service, deployment or pod and expose it as a new Kubernetes Service

kubectl expose deployment hello-nginx --type=NodePort
kubectl expose deployment hello-server --type="LoadBalancer"

run

Run a particular image on the cluster

kubectl run hello-nginx --image=nginx --port=80
kubectl run -t -i kub-log --image=deepaksood619/kubernetes_logger:latest

set

Set specific features on objects

run-container Run a particular image on the cluster. This command is deprecated, use "run" instead

Basic Commands (Intermediate)

get Display one or many resources

kubectl get nodes

# show public ip of nodes
kubectl get nodes -o wide | awk {'print $1" " $2 " " $7'} | column -t
kubectl get pods -o wide
kubectl get pods --show-labels
kubectl get deployments
kubectl get services
kubectl get replicasets
kubectl get svc

kubectl get events
kubectl get events --watch

kubectl get crd
kubectl get endpoints (ep)
kubectl get pods -A (kubectl get pods --all-namespaces)

-w for watch

## explain Documentation of resources
kubectl explain deployment
kubectl explain deployment --recursive
kubectl explain deployment.spec.strategy
kubectl explain deploy.spec.strategy (works with short names too)

edit Edit a resource on the server

## delete Delete resources by filenames, stdin, resources and names, or by resources and label selector

kubectl delete service -l run=kubernetes-bootcamp
kubectl delete deployment hello-python
kubectl delete daemonsets,replicasets,services,deployments,pods,rc,pvc,cm --all

## Deploy Commands

## rollout Manage the rollout of a resource

rolling-update Perform a rolling update of the given ReplicationController
k rollout history deployment.v1.apps/kg-kong -n kong
k rollout undo deployment.v1.apps/kg-kong -n kong

## *scale* Set a new size for a Deployment, ReplicaSet, Replication Controller, or Job

kubectl scale --replicas=3 deployment/hello-nginx
kubectl scale --replicas=10 deployment/kub-log

## autoscale Auto-scale a Deployment, ReplicaSet, or ReplicationController

kubectl autoscale deployment foo --min=2 --max=10 --cpu-percent=70

# Autoscale pod foo with a minimum of 2 and maximum of 10 replicas when CPU utilization is equal to or greater than 70%

## Cluster Management Commands

certificate Modify certificate resources.

## *cluster-info* Display cluster info

## top Display Resource (CPU/Memory/Storage) usage

kubectl top node
kubectl top pod
kubectl top pod --namespace=NAMESPACE
kubectl top pod c360-production-598cf9c859-5jlx5 --containers
kubectl top po -A --sort-by=cpu
kubectl top po -A --sort-by=memory

## cordon Mark node as unschedulable. Used for maintenance of cluster

## uncordon Mark node as schedulable. Used after maintenance

## drain Drain node. Removes pods from node via graceful termination for maintenance

kubectl drain aks-agentpool-10140213-9 --ignore-daemonsets

## taint Update the taints on one or more nodes. Taint a node so they can only run dedicated workloads or certain pods that need specialized hardware

kubectl taint nodes aks-agentpool-10140213-9 node=historical:NoSchedule

# to overwrite previous taint

kubectl taint nodes --overwrite aks-agentpool-10140213-0 node=example-0:NoSchedule

# to remove a taint
kubectl taint nodes aks-agentpool-10140213-9 node=NoSchedule-

tolerations:
- key: "key"
operator: "Equal"
value: "value"
effect: "NoSchedule"

Troubleshooting and Debugging Commands

*describe* Show details of a specific resource or group of resources

kubectl describe node
kubectl describe pod
kubectl describe pod <pod_name> #get pod name using kubectl get pods
kubectl describe service hello-nginx
kubectl describe deployments <deployment_name>

## logs Print the logs for a container in a pod

kubectl logs counter
kubectl logs --previous counter # --previous command to retrieve logs from a previous instantiation of a container
kubectl logs -p alert-trent-7c55c54cb-6gjhc -n consumers
kubectl logs --since-time='2019-04-23T12:30:36.750121287Z' --timestamps ke-cp-kafka-connect658bfcd6fb-852fv -c cp-kafka-connect-server -n kafka
kubectl logs busybox
kubectl logs busybox -p #previous logs
klo -l app=admin-panel -c celery -n prod --prefix

## attach Attach to a running container
kubectl attach -it kafka-manager-5f54d74d89-mdxh4 -n kafka

## exec Execute a command in a container
kubectl exec monolith --stdin --tty -c monolith /bin/sh
kubectl exec -it druid-republisher-fd8bb77bd-zgjf7 -- /bin/bash
kubectl exec -n kafka -it my-kafka-connect-cp-kafka-connect-5ff6d9758d-gjk22 -c cp-kafka-connect-server -- /bin/bash
kubectl exec example-0 cfurl http://10.8.0.1:9101

## port-forward Forward one or more local ports to a pod

kubectl port-forward svc/emqx-service 18083:18083 --namespace kube-system
kubectl port-forward svc/kafka-manager 8000:80 -n kafka
kubectl port-forward <service_name> <host_port>:<service_running_port> -n kafka

proxy Run a proxy to the Kubernetes API server

cp Copy files and directories to and from containers
kubectl cp busybox:/etc/passwd ./passwd

# copy data from container to local
kubectl cp prod/admin-panel-0:/app/dumpdata.sql Downloads/Office/backup/dumpdata.sql

# Copy /tmp/foo_dir local directory to /tmp/bar_dir in a remote pod in the default namespace
kubectl cp /tmp/foo_dir<some-pod>:/tmp/bar_dir

# Copy /tmp/foo local file to /tmp/bar in a remote pod in a specific container
kubectl cp/tmp/foo<some-pod>:/tmp/bar-c<specific-container>

# Copy /tmp/foo local file to /tmp/bar in a remote pod in namespace <some-namespace>
kubectl cp /tmp/foo<some-namespace>/<some-pod>:/tmp/bar

# Copy /tmp/foo from a remote pod to /tmp/bar locally
kubectl cp <some-namespace>/<some-pod>:/tmp/foo/tmp/bar

auth Inspect authorization

## Advanced Commands

## apply Apply a configuration to a resource by filename or stdin

Declarative management of kubernetes objects using configuration files

kubectl apply -f k8s/vernemq-statefulset.yaml --dry-run
kubectl apply -f k8s/locust-service.yaml --force

# patch Update field(s) of a resource using strategic merge patch

# for performing rolling update on statefulset

## kubectl patch statefulset web -p '{"spec":{"updateStrategy":{"type":"RollingUpdate"}}}'

replace Replace a resource by filename or stdin

convert Convert config files between different API versions

## Settings Commands

## *label* Update the labels on a resource

kubectl label pod $POD_NAME app=v1
kubectl label nodes aks-agentpool-10140213-9 node=historical
kubectl label nodes aks-agentpool-10140213-0 node=example
kubectl label node aks-agentpool-10140213-0 node-

annotate Update the annotations on a resource

completion Output shell completion code for the specified shell (bash or zsh)

Patch

# remove daemonset from all nodes by adding selector
kubectl patch daemonset metricbeat-cms-metricbeat -p '{"spec": {"template": {"spec": {"nodeSelector": {"non-existing": "true"}}}}}'

# remove selector to deploy daemonset to all nodes
kubectl -n <namespace> patch daemonset <name-of-daemon-set> --type json -p='[{"op": "remove", "path": "/spec/template/spec/nodeSelector/non-existing"}]'

# https://stackoverflow.com/questions/53929693/how-to-scale-kubernetes-daemonset-to-0

# patch hpa
kubectl patch hpa cnext-backend-production-hpa -n prod --type='json' -p='[{"op": "replace", "path": "/spec/minReplicas", "value": 30}]'

Other Commands

api-resources

Print all api-resources available in the cluster

api-versions Print the supported API versions on the server, in the form of "group/version"

  • admissionregistration.k8s.io/v1beta1

  • apiextensions.k8s.io/v1beta1

  • apiregistration.k8s.io/v1

  • apiregistration.k8s.io/v1beta1

  • apps/v1

    apps/v1 is the most popular API group in Kubernetes, and it includes functionality related to running applications on Kubernetes, like Deployments, RollingUpdates, and ReplicaSets.

  • apps/v1beta1

  • apps/v1beta2

  • authentication.k8s.io/v1

  • authentication.k8s.io/v1beta1

  • authorization.k8s.io/v1

  • authorization.k8s.io/v1beta1

  • autoscaling/v1

    autoscaling/v1 allows pods to be autoscaled based on different resource usage metrics

  • autoscaling/v2beta1

  • autoscaling/v2beta2

  • azmon.container.insights/v1

  • batch/v1

  • batch/v1 is related to batch processing and and jobs

  • batch/v1beta1

  • batch/v1beta1 is the beta release of batch/v1

certificates.k8s.io/v1beta1

certificates.k8s.io/v1beta1 validates network certificates for secure communication in your cluster.

  • coordination.k8s.io/v1

  • coordination.k8s.io/v1beta1

  • enterprises.upmc.com/v1

  • events.k8s.io/v1beta1

  • extensions/v1beta1

    extensions/v1beta1 includes many new, commonly used features. In Kubernetes 1.6, some of these features were relocated fromextensionsto specific API groups like apps

  • metrics.k8s.io/v1beta1

  • monitoring.coreos.com/v1

  • networking.k8s.io/v1

  • node.k8s.io/v1beta1

  • policy/v1beta1

  • policy/v1beta1 enables setting a pod disruption budget and new pod security rules

  • rbac.authorization.k8s.io/v1

    rbac.authorization.k8s.io/v1 includes extra functionality for Kubernetes RBAC - (role-based access control)

  • rbac.authorization.k8s.io/v1beta1

  • scheduling.k8s.io/v1

  • scheduling.k8s.io/v1beta1

  • storage.k8s.io/v1

  • storage.k8s.io/v1beta1

  • v1

    v1 was the first stable release of the Kubernetes API. It contains many core objects.

config

Modify kubeconfig files

export KUBECONFIG=/Users/deepaksood/kubeconfig-file.yaml

kubectl --kubeconfig kubeconfig-file.yaml get pods
  • current-context Displays the current-context

  • delete-cluster Delete the specified cluster from the kubeconfig

  • delete-context Delete the specified context from the kubeconfig

  • get-clusters Display clusters defined in the kubeconfig

  • get-contexts Describe one or many contexts

  • rename-context Renames a context from the kubeconfig file.

  • set Sets an individual value in a kubeconfig file

  • set-cluster Sets a cluster entry in kubeconfig

  • set-context Sets a context entry in kubeconfig

    permanently save the namespace for all subsequent kubectl commands in that context.

  • kubectl config set-context --current --namespace=monitoring**

  • set-credentials Sets a user entry in kubeconfig

  • unset Unsets an individual value in a kubeconfig file

  • use-context Sets the current-context in a kubeconfig file

  • view Display merged kubeconfig settings or a specified kubeconfig file

  • kubectl config current-context

  • kubectl config use-context docker-for-desktop

  • kubectl config set-context $(kubectl config current-context) --namespace=blue

  • kubectl config delete-cluster my-cluster

  • kubectl config delete-context my-cluster-context

  • help Help about any command

  • plugin Runs a command-line plugin

version

Print the client and server version information

options

Usage

kubectl [flags] [options]

- kubectl apply -f service.yaml
- kubectl edit deployment <container_name>
- kubectl history deployment <container_name>

Commands

kubectl get secret eager-otter-grafana -o yaml
kubectl get secret --namespace default eager-otter-grafana -o jsonpath="{.data.admin-password}" | base64 --decode ; echo

# Adding Secrets for pulling images from private registry
https://container-solutions.com/using-google-container-registry-with-kubernetes/

kubectl create secret docker-registry gcr-json-key --docker-server=gcr.io --docker-username=_json_key --docker-password="$(cat ~/json-key-file.json)" --docker-email=deepak.sood@abc.com

kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "gcr-json-key"}]}'

kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "gcr-json-key"}]}' -n zenalytix

# CPU Requests
kubectl get po --all-namespaces -o=jsonpath="{range .items[*]}{.metadata.namespace}:{.metadata.name}{'\n'}{range .spec.containers[*]} {.name}:{.resources.requests.cpu}{'\n'}{end}{'\n'}{end}"

# Memory Requests
kubectl get po --all-namespaces -o=jsonpath="{range .items[*]}{.metadata.namespace}:{.metadata.name}{'\n'}{range .spec.containers[*]} {.name}:{.resources.requests.memory}{'\n'}{end}{'\n'}{end}"

# CPU Limits
kubectl get po --all-namespaces -o=jsonpath="{range .items[*]}{.metadata.namespace}:{.metadata.name}{'\n'}{range .spec.containers[*]} {.name}:{.resources.limits.cpu}{'\n'}{end}{'\n'}{end}"

Experimental commands

kubectl diff -f k8s/vernemq-statefulset.yaml

Kubectl dashboard

kubectl edit svc/kubernetes-dashboard -n kube-system

Add - loadBalancerIP: 52.172.40.253
Change - type: LoadBalancer

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml

kubectl proxy

https://github.com/kubernetes/dashboard

# Get bearer token
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJ0dGwtY29udHJvbGxlci10b2tlbi1zcTYyaiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJ0dGwtY29udHJvbGxlciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjZhMzFmZDYwLTMzNGQtMTFlOS04OTk4LTAyNTAwMDAwMDAwMSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTp0dGwtY29udHJvbGxlciJ9.bmsdSGQH2Pgn50DbyAOKSD25GZW6A51vxcPGmFpJn1ZBkD4GQxqt4g36dJGsuD4TAHnPUOecQxuGBNJYZrpxP9qbvByqd5AfllTTHRIp170oNO65f7bN9sNfXbQev0CbxU5zOoDUoLz7KuA1qKX1chiPTq2TioRd-g6tUc9Ly1qpg7nbt4LKMCw0Kyg7H9g2Pi7s484IHvtWtrDMOsoYaix1baeujMYq4pSE8X_MNA_IPYlkF9GdpjX2OMJmsXSXlCr7-hV9gkIporAVqozLL-Upxknpt-2jfIZ5UYmgoCC4dOXTTzAe9FaMAr50ipiQzj1b7ENVtn5hMYboyuvieQ

Kubernetes dashboard

http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy

Decoding a Secret

kubectl get secret mysecret -o yaml
echo 'MWYyZDFlMmU2N2Rm' | base64 --decode

https://kubernetes.io/docs/concepts/configuration/secret/#decoding-a-secret

Example - Counter every 1 sec

apiVersion: v1
kind: Pod
metadata:
name: counter
spec:
containers:
- name: count
image: busybox
args: [/bin/sh, -c, 'i=0; while true; do echo "$i: $(date)"; i=$((i+1)); sleep 1; done']

Kubectl apply vs create

Those are two different approaches.kubectl createis what we callImperative Management. On this approach you tell the Kubernetes API what you want to create, replace or delete, not how you want your K8s cluster world to look like.

kubectl applyis part of theDeclarative Management approach, where changes that you may have applied to a live object (i.e. throughscale) are maintained even if youapplyother changes to the object.

Tab Completion in iterm zsh / Auto complete

Add ~/.zshrc file

source <(kubectl completion zsh)

Storage Class

Setting default storage class

kubectl patch storageclass <your-class-name> -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"false"}}}'

kubectl patch storageclass <your-class-name> -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'

Cleanup / clean up commands

kubectl get pv | grep Released
kubectl delete pv $(kubectl get pv | grep Released | awk {'print $1'})
kubectl delete -n uat pvc $(kubectl get pvc -n uat | awk {'print $1'})

Delete unused PVCs
kubectl describe -A pvc | grep -E "^Name:.*$|^Namespace:.*$|^Used By:.*$" | grep -B 2 "<none>" | grep -E "^Name:.*$|^Namespace:.*$"

kubectl describe -A pvc | grep -E "^Name:.*$|^Namespace:.*$|^Used By:.*$" | grep -B 2 "<none>" | grep -E "^Name:.*$|^Namespace:.*$" | cut -f2 -d: | paste -d " " - - | xargs -n2 bash -c 'kubectl -n ${1} delete pvc ${0}'

#remove old replicasets
kubectl get --all-namespaces rs -o json|jq -r '.items[] | select(.spec.replicas | contains(0)) | "kubectl delete rs --namespace=\(.metadata.namespace) \(.metadata.name)"'

#remove jobs
kubectl delete job $(kubectl get jobs| awk '$3 ~ 1' | awk '{print $1}')
kubectl delete job $(kubectl get jobs -n maintenance | awk '{print $1}') -n maintenance
kubectl delete job $(kubectl get jobs -n zenalytix | awk '$3 ~ 0' | awk '{print $1}') -n zenalytix

kubectl delete pod $(kubectl get pods -l app=alertdriver -n zenalytix | awk '{print $1}') -n zenalytix

# Delete namespace stuck at terminating state
(
NAMESPACE=your-rogue-namespace
kubectl proxy &
kubectl get namespace $NAMESPACE -o json |jq '.spec = {"finalizers":[]}' >temp.json
curl -k -H "Content-Type: application/json" -X PUT --data-binary @temp.json 127.0.0.1:8001/api/v1/namespaces/$NAMESPACE/finalize
)

# delete pods using regex
kubectl get pods -n crons --no-headers=true | awk '/app-rating-report/{print $1}' | xargs kubectl delete -n crons pod

# delete all pods with Error status
kubectl get pods -n crons --no-headers=true | awk '/Error/{print $1}' | xargs kubectl delete -n crons pod

# completed pods
kubectl get pod --field-selector=status.phase==Succeeded
kubectl delete pod --field-selector=status.phase==Succeeded

kubectl get pods | grep Completed | awk '{print $1}' | xargs kubectl delete pod
kubectl get pods -n crons | grep -iv Running | awk '{print $1}' | xargs kubectl delete -n crons pod

#remove evicted pods
kubectl get pods -n <namespace> | grep Evicted | awk '{print $1}' | xargs kubectl delete pod -n <namespace>
kubectl get pods -n apps | grep Evicted | awk '{print $1}' | xargs kubectl delete pod -n apps
kubectl get pods -A | grep Evicted | awk '{print $1}' | xargs kubectl delete pod -A

# Delete pods older than X seconds
kubectl get pods -n crons -o go-template --template '{{range .items}}{{.metadata.name}} {{.metadata.creationTimestamp}}{{"\n"}}{{end}}' | awk '$2 <= "'$(date -d 'yesterday' -Ins --utc | sed 's/+0000/Z/')'" { print $1 }' | xargs --no-run-if-empty kubectl delete pod -n crons

kubectl get pods -n crons -o go-template --template '{{range .items}}{{.metadata.name}} {{.metadata.creationTimestamp}}{{"\n"}}{{end}}' | awk '$2 <= "'$(date -v-120M "+%Y-%m-%dT%H:%M:%S")'" { print $1 }' | xargs --no-run-if-empty kubectl delete pod -n crons

# delete NotReady Pods
kubectl delete node $(kubectl get nodes | grep NotReady,SchedulingDisabled | awk '{print $1;}')

# if stuck in EKS
kubectl patch node/ip-172-30-17-201.ap-southeast-1.compute.internal -p '{"metadata":{"finalizers":[]}}' --type=merge

Requests and Limits

GitHub - robscott/kube-capacity: A simple CLI that provides an overview of the resource requests, limits, and utilization in a Kubernetes cluster

curl -fsSLO https://github.com/robscott/kube-capacity/releases/download/v0.8.0/kube-capacity_v0.8.0_linux_x86_64.tar.gz

tar -xzvf kube-capacity_v0.8.0_linux_x86_64.tar.gz
mv kube-capacity /usr/bin

brew tap robscott/tap
brew install robscott/tap/kube-capacity

brew install kube-capacity

# cluster wide
kube-capacity
kube-capacity --util
kube-capacity --util --sort cpu.util
kube-capacity --util --sort cpu.util.percentage
kube-capacity --util --sort memory.util.percentage

kube-capacity --pods --util --sort cpu.util
kube-capacity --pods --util --sort memory.util.percentage

kube-capacity --available

kube-capacity --node-taints special:NoSchedule

kube-capacity --no-taint

kube-capacity --pod-count

kube-capacity --pods --util --sort memory.util.percentage --namespace prod

Easy to list Kubernetes resource requests and limits with kube-capacity

Releases · robscott/kube-capacity

import re
import subprocess

def get_total_requests(node_name):
result = subprocess.check_output("kubectl get pods --all-namespaces "
f"-o wide --field-selector spec.nodeName={node_name} "
"| awk '{print $1,$2,$4}'", shell=True)

result = result.decode('utf-8')
result = result.split('n')
pods = []

for i in range(1, len(result) - 1):
namespace, pod_name, state = result[i].split()

if state == 'Running':
pods.append((pod_name, namespace))

total_ram = 0
total_cpu = 0

for pod in pods:
pod_name, namespace = pod
query = f"kubectl get pod {pod_name} -n {namespace} -o=jsonpath='"
r'{.spec.containers[*].resources.requests.cpu}{"n"}'
"{.spec.containers[*].resources.requests.memory}'"
result = subprocess.check_output(query, shell=True)

result = result.decode('utf-8')
cpu_requests, memory_requests = result.split('n')

cpu_requests = cpu_requests.split()
memory_requests = memory_requests.split()
total_cpu_pod = total_ram_pod = 0

for cpu_request in cpu_requests:
total_cpu_pod += int(re.search(r'd+', cpu_request).group())

for ram_request in memory_requests:
total_ram_pod += int(re.search(r'd+', ram_request).group())

print(f'{pod_name}: {total_cpu_pod} {total_ram_pod}')
total_cpu += total_cpu_pod
total_ram += total_ram_pod

print(f'requested_cpu: {total_cpu} nrequested_ram: {total_ram}')

References