Kubectl Cheat Sheet: Every Command You Need
Cluster & Context
# View current context
kubectl config current-context
# List all contexts
kubectl config get-contexts
# Switch context
kubectl config use-context my-cluster
# Set default namespace
kubectl config set-context --current --namespace=production
Pods
# List pods
kubectl get pods
kubectl get pods -A # All namespaces
kubectl get pods -o wide # With node/IP info
kubectl get pods --sort-by=.status.startTime
# Pod details
kubectl describe pod my-pod
kubectl get pod my-pod -o yaml
# Logs
kubectl logs my-pod
kubectl logs my-pod -c my-container # Specific container
kubectl logs my-pod --previous # Previous crash
kubectl logs -f my-pod # Follow/stream
kubectl logs -l app=nginx # By label
# Execute into pod
kubectl exec -it my-pod -- /bin/sh
kubectl exec -it my-pod -c my-container -- bash
# Port forward
kubectl port-forward pod/my-pod 8080:80
kubectl port-forward svc/my-service 8080:80
# Delete
kubectl delete pod my-pod
kubectl delete pod my-pod --force --grace-period=0 # Force kill
Deployments
# Create/update
kubectl apply -f deployment.yaml
kubectl create deployment nginx --image=nginx:1.25
# Scale
kubectl scale deployment nginx --replicas=5
# Rollout
kubectl rollout status deployment/nginx
kubectl rollout history deployment/nginx
kubectl rollout undo deployment/nginx
kubectl rollout undo deployment/nginx --to-revision=2
kubectl rollout restart deployment/nginx
# Update image
kubectl set image deployment/nginx nginx=nginx:1.26
Services & Networking
# List services
kubectl get svc
kubectl get endpoints
# Expose deployment
kubectl expose deployment nginx --port=80 --type=LoadBalancer
# DNS debugging
kubectl run dnstest --image=busybox:1.36 --rm -it -- nslookup my-service
Debugging
# Resource usage
kubectl top pods
kubectl top nodes
# Events (sorted by time)
kubectl get events --sort-by=.lastTimestamp
# Debug with ephemeral container
kubectl debug my-pod -it --image=busybox
# Check why pod isn't running
kubectl describe pod my-pod | grep -A 5 "Events"
# Node conditions
kubectl describe node my-node | grep -A 5 "Conditions"
Resource Management
# Apply/delete from file
kubectl apply -f . # All YAML in directory
kubectl apply -f https://url/to/manifest.yaml
kubectl delete -f deployment.yaml
# Dry run + diff
kubectl apply -f deployment.yaml --dry-run=client
kubectl diff -f deployment.yaml
# Edit live resource
kubectl edit deployment nginx
# Patch
kubectl patch deployment nginx -p '{"spec":{"replicas":3}}'
Labels & Selectors
# Filter by label
kubectl get pods -l app=nginx
kubectl get pods -l 'app in (nginx, redis)'
# Add/remove labels
kubectl label pod my-pod env=prod
kubectl label pod my-pod env- # Remove
Secrets & ConfigMaps
# Create secret
kubectl create secret generic db-creds \
--from-literal=username=admin \
--from-literal=password=s3cret
# Create configmap
kubectl create configmap app-config \
--from-file=config.yaml \
--from-literal=LOG_LEVEL=info
# View (base64 decoded)
kubectl get secret db-creds -o jsonpath='{.data.password}' | base64 -d
Quick JSON Queries
# Get all pod IPs
kubectl get pods -o jsonpath='{.items[*].status.podIP}'
# Get container images
kubectl get pods -o jsonpath='{.items[*].spec.containers[*].image}'
# Get pods not running
kubectl get pods --field-selector=status.phase!=Running
Related Articles
Was this article helpful?
Senior Kubernetes Architect
10+ years orchestrating containers in production. Battle-tested opinions on everything from pod scheduling to service mesh. I've seen clusters burn and helped rebuild them better.
Related Articles
Istio Observability and Authorization: Distributed Tracing, Metrics, and Access Policies
How to use Istio's built-in observability — distributed tracing with Jaeger, Prometheus metrics, Kiali service graph — and enforce zero-trust access control with AuthorizationPolicies.
Istio Service Mesh: Installation, Traffic Management, and mTLS
A practical guide to getting started with Istio — installing on Kubernetes, enabling automatic mTLS, configuring VirtualServices for traffic management, and understanding the sidecar injection model.
Fix Kubernetes OOMKilled: Pod Keeps Getting Killed for Memory
Diagnose and fix OOMKilled errors in Kubernetes pods — understand memory limits, identify leaks, and configure resource requests correctly.
The Complete Guide to Kubernetes Deployment Strategies: Rolling, Blue-Green, Canary, and Progressive Delivery
A comprehensive guide to every Kubernetes deployment strategy — rolling updates, blue-green, canary, and progressive delivery with Argo Rollouts and Flagger.
Kubernetes Ingress vs Gateway API: When to Migrate and How to Do It Without Breaking Everything
A practical comparison of Kubernetes Ingress and Gateway API, with a migration strategy that won't take down your production traffic.
Kubernetes Resource Requests vs Limits: The Guide I Wish I Had Before My First OOM Kill
A deep dive into Kubernetes resource requests, limits, QoS classes, and why getting them wrong leads to OOM kills, throttling, and wasted money.
More in Kubernetes
View all →Kubernetes Vertical Pod Autoscaler: Automating Resource Request Tuning In Production
Let me be direct with you: most Kubernetes clusters I audit are hemorrhaging money because of poorly configured resource requests. I've seen teams running...
Fix Helm 'UPGRADE FAILED: has no deployed releases'
Fix the Helm 'UPGRADE FAILED: has no deployed releases' error when a previous install failed and left the release in a broken state.
Fix Kubernetes 'Evicted' Pods Filling Up the Node
Clean up Kubernetes evicted pods and fix the underlying disk pressure or resource exhaustion that causes pod evictions.
Fix Kubernetes ImagePullBackOff: Container Image Won't Pull
Resolve ImagePullBackOff and ErrImagePull errors in Kubernetes — fix registry credentials, image tags, and network access issues.