Cheat Sheet: Kubernetes

Table of Contents

1. Introduction 1 3.B Install Minikube 3

2. Installation 2 3.C Install Kubectl 4
2.A Installing Kubectl 2 3.D Getting Started 4
2.B Administration 2 4. Kubectl CLI 5
2.C You’ll need more than Kubernetes 3 4.A Kubectl Operations 5
3. Running Locally via Minikube 3 5. About the Author 10
3.A Prerequisites 3

1. Introduction

Linux containers are a technology that allows you to package and isolate applications with
their entire runtime environment—all of the files necessary to run. This makes it easy to move
the contained application between environments (dev, test, production, etc.) while retaining
full functionality.

Containers package applications with the files on which they depend. This reduces the
friction between development and operations, simplifies application deployment, and
accelerates delivery cycles—allowing you to deliver value to customers faster.

Kubernetes is an open-source platform for automating deployment, scaling, and operations

of application containers across clusters of hosts, providing container-centric infrastructure.

• Container orchestrator
• Runs Linux containers
• Describe and launch containers
• Monitors and maintains container state
• Performs container oriented networking

- Openshift API Server Kube Proxy

- Build Controller
- Deployment Controller POD POD Registry

CLI Openshift Master Container

Container ...
Tool Registry

- Kubernetes API Server

- Kube Controller Containers Engine
- Scheduller
- Replication Controller
Kubelet
Kubernetes Master

Master(s) NODE(s)
Manage, build, deploy, & operate Run containers and registries

1
2. Installation

2.A Installing kubectl

Download a pre-compiled release[1] and unzip it --- kubectl should be located in the
platforms/<os>/<arch> directory.
[1] https://github.com/kubernetes/kubernetes/releases

Add kubectl to your path. Note, you can simply copy it into a directory that is already in
your $PATH (e.g. /usr/local/bin). For example:
# Linux
$ sudo cp kubernetes/platforms/linux/amd64/kubectl /usr/local/bin/kubectl
# OS X
$ sudo cp kubernetes/platforms/darwin/amd64/kubectl /usr/local/bin/kubectl

You also need to ensure it’s executable:

$ sudo chmod +x /usr/local/bin/kubectl

2.B Administration

To administer and interact with any given Kubernetes cluster (local or remote), you must set
up your kubeconfig file. By default, kubectl configuration lives at ~/.kube/config

You can also create a cluster in your local machine via Minikube (See section 3: Running
Locally via Minikube)
current-context: federal-context
apiVersion: v1
clusters:
- cluster:
api-version: v1
server: http://cow.org:8080
name: cow-cluster
- cluster:
certificate-authority: path/to/my/cafile
server: https://horse.org:4443
name: horse-cluster
contexts:
- context:
cluster: horse-cluster
namespace: chisel-ns
user: green-user
name: federal-context
kind: Config
preferences:
colors: true
users:
- name: green-user
user:
client-certificate: path/to/my/client/cert
client-key: path/to/my/client/key

2
 2.C You’ll need more than Kubernetes:

Kubernetes operates at the application level rather than at the hardware level, it provides
some generally applicable features common to PaaS offerings, such as deployment,
scaling, load balancing, logging, monitoring, etc.

However, Kubernetes is not an all-inclusive Platform as a Service (PaaS); therefore, you

will still need to consider any needs for DevOps functionality separately:

• Networking
• Image registry
• Metrics and logging
• Complex deployments such as A/B and Blue/Green
• Application lifecycle management
• Application services such as database and messaging
• Self-service portal
• Container security

Much of this additional functionality is provided by the Red Hat OpenShift Container
Platform (which includes Kubernetes.)

3. Running Locally via Minikube

Minikube is a tool that makes it easy to run Kubernetes locally --- it runs a single-node
Kubernetes cluster inside a virtual machine on your laptop. This is useful for users looking
to try out Kubernetes, or develop with it on a day-to-day basis.

3.A Prerequisites

Minikube requires that VT-x/AMD-v virtualization is enabled in BIOS on all platforms.

For example:
# Linux
$ cat /proc/cpuinfo | grep ‘vmx\|svm’
# OS X
$ sysctl -a | grep machdep.cpu.features | grep VMX

Make sure if the setting is enabled where this command should output something.

Install an x86 virtualization software package in your local machine:

• Linux: The latest VirtualBox

• OS X: The latest VirtualBox or VMware Fusion

3.B Install Minikube

3
Feel free to leave off the sudo mv minikube /usr/local/bin if you would like to add minikube to
your path manually.
# Linux/
curl -Lo minikube https://storage.googleapis.com/minikube/releases/v0.12.2/minikube-
linux-amd64 && chmod +x minikube && sudo mv minikube /usr/local/bin/

# OS X
curl -Lo minikube https://storage.googleapis.com/minikube/releases/v0.12.2/minikube-
darwin-amd64 && chmod +x minikube && sudo mv minikube /usr/local/bin/

3.C Install Kubectl

You will need to download and install the kubectl client binary to run commands against the
cluster. For example:
# Linux/amd64
curl -Lo kubectl http://storage.googleapis.com/kubernetes-release/release/v1.3.0/bin/
linux/amd64/kubectl && chmod +x kubectl && sudo mv kubectl /usr/local/bin/

# OS X/amd64
curl -Lo kubectl http://storage.googleapis.com/kubernetes-release/release/v1.3.0/bin/
darwin/amd64/kubectl && chmod +x kubectl && sudo mv kubectl /usr/local/bin/

3.D Getting Started

Note that the IP below is dynamic and can change. It can be retrieved with minikube ip.
$ minikube start
Starting local Kubernetes cluster...
Running pre-create checks...
Creating machine...
Starting local Kubernetes cluster...

$ kubectl run hello-minikube --image=gcr.io/google_containers/echoserver:1.4

--port=8080
deployment “hello-minikube” created
$ kubectl expose deployment hello-minikube --type=NodePort
service “hello-minikube” exposed

# We have now launched an echoserver pod but we have to wait until the pod is up before
curling/accessing it
# via the exposed service.
# To check whether the pod is up and running we can use the following:
$ kubectl get pod
NAME READY STATUS RESTARTS AGE
hello-minikube-3383150820-vctvh 1/1 ContainerCreating 0 3s

# We can see that the pod is still being created from the ContainerCreating status
$ kubectl get pod
NAME READY STATUS RESTARTS AGE
hello-minikube-3383150820-vctvh 1/1 Running 0 13s

# We can see that the pod is now Running and we will now be able to curl it:
$ curl $(minikube service hello-minikube --url)
CLIENT VALUES:
client_address=192.168.99.1
command=GET
real path=/
...

4
 # To access the Kubernetes Dashboard, run this command in a shell after starting minikube
to get the address:
$ minikube dashboard
$ minikube stop
Stopping local Kubernetes cluster...
Stopping “minikube”...

4. kubectl CLI

kubectl [command] [TYPE] [NAME] [flags]

• Command: Specifies the operation that you want to perform on one or more resources,
for example create, get, delete.
• Type: Specifies the resource type. Resource types are case-sensitive and you can
specify the singular, plural, or abbreviated forms.
• Name: Specifies the name of the resource. Names are case-sensitive. If the name is
omitted, details for all resources are displayed.

4.A Kubectl Operations

All examples include the general syntax and description for kubectl operations:

Creating Objects
# example my-rc.yaml file for creating a object based Replication Controller
apiVersion: v1
kind: ReplicationController
metadata:
name: nginx
spec:
replicas: 3
selector:
app: nginx
template:
metadata:
name: nginx
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80

# create resource(s)
$ kubectl create -f my-rc.yaml
replicationcontroller “nginx” created

# create resource(s) from url

$ kubectl create -f https://git.io/vPieo
pod “busybox0” created

# start a single instance of nginx

$ kubectl run nginx --image=nginx
deployment “nginx” created

5
Viewing, Finding Resources
# Get commands with basic output
$ kubectl get pod
NAME READY STATUS RESTARTS AGE

busybox-sleep 1/1 Running 0 8m

busybox-sleep-less 1/1 Running 0 8m

busybox0 1/1 Running 0 3m

hello-minikube-3015430129-vfgei 1/1 Running 0 20m

nginx-701339712-tkuma 1/1 Running 0 3m

# Get commands with yaml or json file format

$ kubectl get pod/nginx-cmpmt -o yaml
apiVersion: v1
kind: Pod
metadata:
annotations:
kubernetes.io/created-by: |

{“kind”:”SerializedReference”,”apiVersion”:”v1”,”reference”:{“kind”:”ReplicationControl
ler”,”namespace”:”default”,”name”:”nginx”,”uid”:”01e01208-bb6a-11e6-a905-7eca61497d69”,
”apiVersion”:”v1”,”resourceVersion”:”58757”}}
creationTimestamp: 2016-12-06T04:11:05Z
generateName: nginx-
labels:
app: nginx
name: nginx-cmpmt
namespace: default
ownerReferences:
- apiVersion: v1
controller: true
kind: ReplicationController
name: nginx
uid: 01e01208-bb6a-11e6-a905-7eca61497d69
resourceVersion: “58815”
selfLink: /api/v1/namespaces/default/pods/nginx-cmpmt
uid: 01e10582-bb6a-11e6-a905-7eca61497d69
spec:
containers:
- image: nginx
imagePullPolicy: Always
name: nginx
ports:
- containerPort: 80
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: default-token-xxufg
readOnly: true
dnsPolicy: ClusterFirst
nodeName: minikube
restartPolicy: Always
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
volumes:
- name: default-token-xxufg

6
 secret:
secretName: default-token-xxufg
status:
conditions:
- lastProbeTime: null
lastTransitionTime: 2016-12-06T04:11:05Z
status: “True”
type: Initialized
- lastProbeTime: null
lastTransitionTime: 2016-12-06T04:11:23Z
status: “True”
type: Ready
- lastProbeTime: null
lastTransitionTime: 2016-12-06T04:11:05Z
status: “True”
type: PodScheduled
containerStatuses:
- containerID:
docker://46cdf4314702cc368cf76b46d690134bc78e0de313eb324409fefe088753ed78
image: nginx
imageID: docker://
sha256:abf312888d132e461c61484457ee9fd0125d666672e22f972f3b8c9a0ed3f0a1
lastState: {}
name: nginx
ready: true
restartCount: 0
state:
running:
startedAt: 2016-12-06T04:11:23Z
hostIP: 192.168.99.100
phase: Running
podIP: 172.17.0.13
startTime: 2016-12-06T04:11:05Z

# Describe commands with verbose output

$ kubectl describe pods busybox-sleep
Name: busybox-sleep
Namespace: default
Node: minikube/192.168.99.100
Start Time: Sun, 27 Nov 2016 23:11:35 +0900
Labels: <none>
Status: Running
IP: 172.17.0.5
Controllers: <none>
Containers:
busybox:
Container ID:
docker://4f599b509de0e8504b151e2dfeb98c14082ee149ec8da9132824e38095a6b86f
Image: busybox
Image ID: docker://
sha256:e02e811dd08fd49e7f6032625495118e63f597eb150403d02e3238af1df240ba
Port:
Args:
sleep
1000000
State: Running
Started: Sun, 27 Nov 2016 23:11:43 +0900
Ready: True
Restart Count: 0
Environment Variables: <none>
Conditions:
Type Status
Initialized True
Ready True
PodScheduled True

7
Volumes:
default-token-xxufg:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-xxufg
QoS Tier: BestEffort

# List Services Sorted by Name

$ kubectl get services --sort-by=.metadata.name
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
hello-minikube 10.0.0.38 <nodes> 8080/TCP 51m
kubernetes 10.0.0.1 <none> 443/TCP 53m

# Get ExternalIPs of all nodes

$ kubectl get nodes -o jsonpath=’{.items[*].status.addresses[?(@.type==”ExternalIP”)].
address}’

Viewing, Finding Resources

# Add a Label
$ kubectl label pods busybox-sleep new-label=new-busybox-sleep
pod “busybox-sleep” labeled

# Add an annotation
$ kubectl annotate pods busybox-sleep icon-url=http://goo.gl/XXBTWq
pod “busybox-sleep” annotated

# Auto scale a deployment “nginx”

$ kubectl autoscale deployment nginx --min=2 --max=5
deployment “nginx” autoscaled

# Rolling update pods of frontend-v1

$ kubectl rolling-update frontend-v1 -f frontend-v2.json

# Force replace, delete and then re-create the resource. Will cause a service outage
$ kubectl replace --force -f ./pod.json

# Create a service for a replicated nginx, which serves on port 80 and connects to the
containers on port 8000
$ kubectl expose rc nginx --port=80 --target-port=8000

Patching Resources
# Partially update a node
$ kubectl patch node k8s-node-1 -p ‘{“spec”:{“unschedulable”:true}}’
“k8s-node-1” patched

# Update a container’s image; spec.containers[*].name is required because it’s a merge key

$ kubectl patch pod valid-pod -p ‘{“spec”:{“containers”:[{“name”:”kubernet
es-serve-hostname”,”image”:”new image”}]}}’
“k8s-node-1” patched

Editing Resources
# Edit the service named docker-registry
$ kubectl edit svc/docker-registry
service “docker-registry” edited

8
Scaling Resources
# Scale a replicaset named nginx-701339712 to 5
$ kubectl scale --replicas=5 rs/nginx-701339712
replicaset “nginx-701339712” scaled

# Scale multiple replication controllers

$ kubectl scale --replicas=5 rc/foo rc/bar rc/baz

Deleting Resources
# Delete a pod using the type and specific name
$ kubectl delete pod/nginx-701339712-tkuma
pod “nginx-701339712-tkuma” deleted

# Delete pods and services with same names “baz” and “foo”
$ kubectl delete pod,service baz foo
pod “baz” deleted
service “foo” deleted

# Delete pods and services with label name=myLabel

$ kubectl delete pods,services -l name=myLabel

# Delete all pods and services in namespace my-ns

$ kubectl -n my-ns delete po,svc --all

Interacting with running pods

# dump pod logs (stdout)
$ kubectl logs busybox-sleep

# stream pod logs (stdout)

$ kubectl logs -f hello-minikube-3015430129-vfgei

# Run pod as interactive shell

$ kubectl run -i --tty busybox --image=busybox -- sh

# Attach to Running Container

$ kubectl attach my-pod -i

# Forward port to service

$ kubectl port-forward my-svc 6000

Interacting with running pods

# Mark a specific node as unschedulable
$ kubectl cordon minikube
node “minikube” cordoned

# Mark a specific as schedulable

$ kubectl uncordon minikube
node “minikube” uncordoned

# Display addresses of the master and services

$ kubectl cluster-info
Kubernetes master is running at https://192.168.99.100:8443
KubeDNS is running at https://192.168.99.100:8443/api/v1/proxy/namespaces/
kube-system/services/kube-dns
kubernetes-dashboard is running at https://192.168.99.100:8443/api/v1/proxy/
namespaces/kube-system/services/kubernetes-dashboard

9
 # Dump current cluster state to stdout
$ kubectl cluster-info dump

# Dump current cluster state to /path/to/cluster-state

$ kubectl cluster-info dump --output-directory=/path/to/cluster-state

5. About the Author

Daniel Oh is an AppDev Solution Architect, Agile & DevOps

CoP Manager at Red Hat and has specialty about JBoss
middleware, Java EE, Containers, Agile methodology,
DevOps, PaaS(OpenShift), Containerized application
design, MSA, and Mobile application platform.
! Twitter @danieloh30
" Linkedin

10