No More Backdoors: Know Who Has Access to What, Right Now
Jun 13
Register Today
Teleport logo

Teleport Blog - kubectl Cheat Sheet - Apr 11, 2022

kubectl Cheat Sheet

by Deborah Ruck

Kubernetes Cheat Sheet

Kubectl is the default command-line tool for Kubernetes. It makes it easier to use the Kubernetes API and manipulate Kubernetes resources, allowing you to control Kubernetes clusters and run commands to deploy applications, manage cluster resources, and view logs.

This guide will look at how best to integrate the most common and useful kubectl commands into your workflows, as well as provide some helpful tools for further optimization.

Why Kubectl is important

As mentioned, Kubectl makes it easier to manage, maintain, and troubleshoot Kubernetes clusters. You can use kubectl commands to create, update, or delete Kubernetes objects, making interacting with the Kubernetes environment much simpler.

Interfacing with the Kubernetes API

Since the Kubernetes API is an HTTP REST API, it exposes all operations as endpoints that can be executed via an HTTP request. While it’s possible to manually issue HTTP requests to the Kubernetes API, the process can be slow and cumbersome. Kubectl makes it easier to perform Kubernetes functions or tasks on clusters and resources.

Managing resources

With kubectl commands, you can get details and perform operations on Kubernetes clusters, nodes, running pods, containers, and deployments. Several commands also offer flags for specifying additional global or specific options.

What do you need to know about Kubectl?

Before we jump into specific kubectl commands, let’s get a basic understanding of the syntax and parameters of the kubectl command to understand each component.

kubectl [command] [type] [name] [flags]

[command] describes the action you want to perform on one or more resources, e.g., get, describe, create, apply.

[type] describes the resource type, which can be a Kubernetes-defined resource, e.g., a service, a pod, or a custom resource. Resource types are case sensitive and can be specified as singular, plural, or abbreviated, e.g., po for pod.

[name] is the name of a specific resource. If omitted, kubectl returns all resources of the specified type, e.g., kubectl get pods returns all pods. Names are case sensitive.

[flags] are additional options that can be global or command-specific, e.g., -o or -output to specify the output format. Flags specified at the command line override default values and environment variables.

To find out more about each kubectl command, use kubectl --help or kubectl <command> --help, e.g., kubectl --help or kubectl get --help.

Now let’s move on to some of the most commonly used kubectl commands.

Listing and getting resources

The kubectl get command allows you to get information about one or many Kubernetes resources, such as pods, namespaces, and deployments. It offers several useful flags such as -o or -output for customizing output format and -w or --watch to watch updates for a particular object.

kubectl get lists information about one or more resources.

kubectl get pods gets a list of all the pods in the current namespace.

kubectl get pods --namespace=<namespace> gets the pods in the specified namespace, e.g., kubectl get pods --namespace=kube-system.

kubectl get pods -o wide generates a detailed list of all pods in the current namespace with information such as node name, status, age and IP.

kubectl get pod my-pod -o yaml gets the YAML representation of a pod.

kubectl get namespaces or kubectl get ns generates a list of all namespaces.

Permanently save the namespace for all subsequent kubectl commands in that context.

kubectl config set-context --current --namespace=ggckad-s2 set current context to a namespace.

kubectl get deployment | kubectl get deploy lists all deployments.

kubectl get deployment <deployment-name> lists a specified deployment, e.g., kubectl get deployment nginx-deploy.

kubectl get services lists all services in the namespace.

Creating resources

Kubectl uses imperative and declarative commands. kubectl create is an imperative command. This type of command tells Kubernetes what action you want to perform on an object, e.g., kubectl create pod. With the kubectl create command, you can create resources such as deployments, services and namespaces, and components from the command line.

kubectl create creates new resources from files or standard input devices.

kubectl create namespace <namespace-name> e.g., kubectl create namespace new-namespace creates a new namespace with the specified new-namespace name.

kubectl create deploy <deploy-name> --image=<image-name> e.g., kubectl create deployment nginx-deploy --image=nginx creates a deployment called nginx-deploy that runs on the image nginx.

kubectl create deploy <deploy-name> --image=<image-name> --replicas=<no-of-replicas> --port=<port-number> e.g., kubectl create deployment nginx-deploy --image=nginx --replicas=4 --port=3000 creates a deployment called nginx-deploy that runs on image nginx with four replicas and exposes port number 3000.

Creating from a file

You can also run the kubectl create command on a JSON or YAML file to create objects from the definition in the file.

kubectl create -f <filename> creates a resource from a JSON or YAML file, e.g., kubectl create -f manifest.json.

Applying and updating resources

The kubectl apply command is a declarative technique that also allows you to create objects using one or more JSON or YAML manifest files as input. The kubectl apply command creates objects if none yet exist or applies changes to existing objects if they differ from the specifications in the input manifest file. This differs from the kubectl create command, which will return an error if you attempt to create an existing resource.

kubectl apply (-f filename | -k directory) applies a configuration to a resource by file name (including the URL of a remote file) or stdin.

Some examples below:

kubectl apply -f service.yaml creates a new service with the definition in the service.yaml file.

kubectl apply -f deployment.yaml creates a new deployment with the definition in the deployment.yaml file.

kubectl apply -f deployment.yaml --record creates a deployment using the definition in the deployment.yaml file using the --record flag to save the command.

kubectl apply -f [directory-name] creates the objects defined in any YAML, YML, or JSON file in a directory.

kubectl apply -f daemonset.yaml creates a new daemonset with the definition in the daemonset.yaml file.

kubectl apply -k kustomization-directory-name applies resources in a kustomization file.

Editing Kubernetes resources

kubectl edit lets you directly edit any API resource. It’ll open a text editor defined by your KUBE_EDITOR or EDITOR environment variables. As a default all files are YAML.

# Edit the service named docker-registry
kubectl edit svc/docker-registry                      
# Use an alternative editor
KUBE_EDITOR="code" kubectl edit svc/docker-registry   

Annotations are key/value pairs that you use to store non-identifying metadata, making it easier to work with external tools and libraries.

kubectl annotate pods my-pod icon-url=       # Add an annotation

Get a shell to a running container

You may need to get a shell into a running instance. Kubernetes let you access pods using kubectl exec to get a shell into a running container.

# Find the pod
kubectl get pod pod_name

Next we’ll exec into a pod using a bash shell. This may change depending on the base container image you’re using for pods.

kubectl exec --stdin --tty shell-demo -- /bin/bash

This is very similar to using docker exec and we’ve outlined options in this blog post. SSH into Docker Container or Use Docker Exec?

Viewing logs

It's often helpful to pull logs from misbehaving pods. You can do this using the kubectl logs command.

kubectl logs mypod dump pod logs to stdout, or tail the logs using kubectl logs -f my-pod.

Viewing the current state of resources

The kubectl describe command displays detailed information about the state of a specific resource or a group of resources, which includes uninitialized resources by default.

kubectl describe nodes shows the details for all nodes.

kubectl describe deployment-name shows the details for a specific deployment.

kubectl describe -f service.yaml displays details about a service defined in the service.yaml file.

kubectl describe pods -n namespace shows the details of the pods in a namespace.

Optimizing your Kubernetes workflow

Day-to-day Kubernetes management can involve connecting and managing many remote Kubernetes clusters, deploying container workloads into production clusters, having multiple workspaces active simultaneously, and wrangling dozens of config files. Several useful kubectl tools can help you optimize your Kubernetes workflow and day-to-day operations. The following are a few examples:

Kubectx and Kubens

It’s sometimes hard to keep track of which cluster you're working on, which is where Kubectx and Kubens can help. Kubectx allows you to quickly switch between Kubernetes contexts and is helpful when working with multi-cluster installations where you need to switch context between clusters. Instead of typing complicated kubectl commands, Kubectx allows you to alias long cluster names, so you can use one quick command. Kubectx also remembers the previous context, allowing you to switch back and forth using the kubectx - command. You can also autocomplete context names using the tab key.

Created by the same developer, Kubens is like Kubectx, but it allows you to switch between Kubernetes namespaces instead of clusters. Kubens is simple to use. The kubens - command allows you to switch back to the previous context.


Kubie is a Kubectl companion tool that makes working with multiple Kubernetes clusters and configuration files easier. Using the kubie ctx command, you can set your context, while kubie ns allows you to set your namespace. Unlike Kubectx and Kubens, which change global config files, Kubie isolates shells from each other, never altering the global config files.

When you run kubie ctx, it loads the context in a new shell in your terminal window, which is especially useful since it allows you to have isolated terminals for different environments, e.g., dev and prod.

Kubie also offers features like split configuration files, which enable you to load Kubernetes contexts from multiple files, and kubie exec, which allows you to run commands inside a context. You can also configure the paths where Kubie will look for contexts.


Lens is a Kubernetes IDE, built on open source and backed by several Kubernetes and cloud-native ecosystem pioneers. Lens removes the complexity of interacting with the Kubernetes API, making it an ideal tool for beginners just getting started with Kubernetes, as well as more experienced users who want to improve productivity.

Lens gives you all the information you need at a glance. You can get a quick overview of workloads on Kubernetes across clusters, visualize and control Kubernetes clusters, and troubleshoot issues all from the GUI. It's useful for developers, operations personnel, and SREs who need quick and secure control of their Kubernetes clusters and critical workloads across multiple infrastructures and workloads.

Lens is available as Lens Desktop, a desktop version for macOS, Windows, and Linux; Lens Spaces, a Kubernetes development environment in the cloud, and Lens Kubernetes, to manage development or self-hosted clusters. Both Lens Spaces and Lens Kubernetes fully integrate with Lens Desktop.


Kubernetes is a complex system. Learning Kubectl can help you better understand Kubernetes, pods, containers, and associated technologies. This guide looked at some common and useful kubectl commands you can apply in your day-to-day operations for managing your Kubernetes clusters. Kubectl, along with the tools discussed in this guide, can help optimize your workflow and increase productivity.


Teleport Newsletter

Stay up-to-date with the newest Teleport releases by subscribing to our monthly updates.


Subscribe to our newsletter

PAM / Teleport