🛡️
CTHFM: Kubernetes
  • Welcome
  • Kubernetes Fundamentals
    • Kubernetes Components
      • Kubernetes Master Node
      • Worker Nodes
      • Pods
      • Service
      • ConfigMaps and Secrets
      • Namespaces
      • Deployments
      • ReplicaSets
      • Jobs and CronJobs
      • Horizontal Pod Autoscaler (HPA)
      • Kubernetes Ports and Protocols
    • Kubectl
      • Installation and Setup
      • Basic Kubectl
      • Working With Pods
      • Deployments and ReplicaSets
      • Services and Networking
      • ConfigMaps and Secrets
      • YAML Manifest Management
      • Debugging and Troubleshooting
      • Kubectl Scripting: Security
      • Customizing Kubectl
      • Security Best Practices
      • Common Issues
      • Reading YAML Files
    • MiniKube
      • Intro
      • Prerequisites
      • Installation MiniKube
      • Starting MiniKube
      • Deploy a Sample Application
      • Managing Kubernetes Resources
      • Configuring MiniKube
      • Persistent Storage in Minikube
      • Using Minikube for Local Development
      • Common Pitfalls
      • Best Practices
  • Kubernetes Logging
    • Kubernetes Logging Overview
    • Audit Logs
    • Node Logs
    • Pod Logs
    • Application Logs
    • Importance of Logging
    • Types of Logs
    • Collecting and Aggregating Logs
    • Monitoring and Alerting
    • Log Parsing and Enrichment
    • Security Considerations in Logging
    • Best Practices
    • Kubernetes Logging Architecture
  • Threat Hunting
    • Threat Hunting Introduction
    • What Makes Kubernetes Threat Hunting Unique
    • Threat Hunting Process
      • Hypothesis Generation
      • Investigation
      • Identification
      • Resolution & Follow Up
    • Pyramid of Pain
    • Threat Frameworks
      • MITRE Containers Matrix
        • MITRE Att&ck Concepts
        • MITRE Att&ck Data Sources
        • MITRE ATT&CK Mitigations
        • MITRE Att&ck Containers Matrix
      • Microsoft Threat for Kubernetes
    • Kubernetes Behavioral Analysis and Anomaly Detection
    • Threat Hunting Ideas
    • Threat Hunting Labs
  • Security Tools
    • Falco
      • Falco Overview
      • Falco's Architecture
      • Runtime Security Explained
      • Installation and Setup
      • Falco Rules
      • Tuning Falco Rules
      • Integrating Falco with Kubernetes
      • Detecting Common Threats with Falco
      • Integrating Falco with Other Security Tools
      • Automating Incident Response with Falco
      • Managing Falco Performance and Scalability
      • Updating and Maintaining Falco
      • Real-World Case Studies and Lessons Learned
      • Labs
        • Deploying Falco on a Kubernetes Cluster
        • Writing and Testing Custom Falco Rules
        • Integrating Falco with a SIEM System
        • Automating Responses to Falco Alerts
    • Open Policy Agent (OPA)
      • Introduction to Open Policy Agent (OPA)
      • Getting Started with OPA
      • Rego
      • Advanced Rego Concepts
      • Integrating OPA with Kubernetes
      • OPA Gatekeeper
      • Policy Enforcement in Microservices
      • OPA API Gateways
      • Introduction to CI/CD Pipelines and Policy Enforcement
      • External Data in OPA
      • Introduction to Decision Logging
      • OPA Performance Monitoring
      • OPA Implementation Best Practices
      • OPA Case Studies
      • OPA Ecosystem
    • Kube-Bench
    • Kube-Hunter
    • Trivy
    • Security Best Practices and Documentation
      • RBAC Good Practices
      • Official CVE Feed
      • Kubernetes Security Checklist
      • Securing a Cluster
      • OWASP
  • Open Source Tools
    • Cloud Native Computing Foundation (CNCF)
      • Security Projects
  • Infrastructure as Code
    • Kubernetes and Terraform
      • Key Focus Areas for Threat Hunters
      • Infastructure As Code: Kubernetes
      • Infrastructure as Code (IaC) Basics
      • Infastructure As Code Essential Commands
      • Terraform for Container Orchestration
      • Network and Load Balancing
      • Secrets Management
      • State Management
      • CI/CD
      • Security Considerations
      • Monitoring and Logging
      • Scaling and High Availability
      • Backup and Disaster Recovery
    • Helm
      • What is Helm?
      • Helm Architecture
      • Write Helm Charts
      • Using Helm Charts
      • Customizing Helm Charts
      • Customizing Helm Charts
      • Building Your Own Helm Chart
      • Advanced Helm Chart Customization
      • Helm Repositories
      • Helm Best Practices
      • Helmfile and Continuous Integration
      • Managing Secrets with Helm and Helm Secrets
      • Troubleshooting and Debugging Helm
      • Production Deployments
      • Helm Case Studies
Powered by GitBook
On this page
  • Basic kubectl Commands
  • Getting Information About Resources
  • Creating and Deleting Resources
  • Updating Resources
  • Inspecting and Debugging Resources
  • Summary
  1. Kubernetes Fundamentals
  2. Kubectl

Basic Kubectl

Basic kubectl Commands

In this section, we'll cover some of the essential kubectl commands that form the foundation of managing Kubernetes resources. These commands will help you perform common tasks such as retrieving information, creating and deleting resources, and troubleshooting issues.

Getting Information About Resources

kubectl provides several commands to retrieve information about the resources running in your Kubernetes cluster. These commands are useful for monitoring the state of your cluster and identifying potential issues.

  • List resources: The kubectl get command is used to list resources of a specific type, such as pods, services, or deployments. For example, kubectl get pods will list all the pods in the current namespace.

  • Detailed information: The kubectl describe command provides detailed information about a specific resource. For example, kubectl describe pod <pod-name> gives you a comprehensive view of the pod’s configuration, status, and events.

  • Wide output: You can use the -o wide option with kubectl get to display additional information about resources, such as node names and IP addresses, which is particularly useful for troubleshooting.

Creating and Deleting Resources

Managing the lifecycle of Kubernetes resources often involves creating new resources and deleting old or unnecessary ones. kubectl provides straightforward commands for these operations.

  • Apply configuration files: The kubectl apply -f <file> command is used to create or update resources based on a configuration file (usually in YAML format). This command is ideal for declarative management of your cluster.

  • Create resources directly: The kubectl create <resource> command allows you to create resources directly from the command line. For example, kubectl create namespace <namespace-name> creates a new namespace.

  • Delete resources: The kubectl delete <resource> command is used to remove resources from your cluster. For example, kubectl delete pod <pod-name> deletes a specific pod. You can also delete resources based on a configuration file using kubectl delete -f <file>.

Updating Resources

As your applications evolve, you'll need to update Kubernetes resources. kubectl provides commands for both in-place editing and applying patches to existing resources.

  • Edit resources: The kubectl edit <resource> command opens the resource's configuration in your default text editor, allowing you to make changes directly. Once you save the file, the changes are applied to the resource.

  • Patch resources: The kubectl patch <resource> command lets you apply a JSON or YAML patch to update specific fields of a resource without opening the entire configuration. This is useful for making small, targeted changes.

Inspecting and Debugging Resources

When things go wrong, kubectl provides several commands to help you inspect and debug your resources.

  • View logs: The kubectl logs <pod> command retrieves logs from a container running in a pod. This is essential for troubleshooting application errors or monitoring application behavior.

  • Execute commands in containers: The kubectl exec <pod> -- <command> command allows you to run commands inside a container. This is useful for debugging or inspecting the state of a running container.

  • Monitor resource usage: The kubectl top command displays the current CPU and memory usage of nodes and pods, helping you identify performance bottlenecks or resource constraints.

Summary

These basic kubectl commands are the building blocks for managing Kubernetes clusters. By mastering these commands, you'll be well-equipped to handle day-to-day operations and troubleshooting tasks in your Kubernetes environment.

PreviousInstallation and SetupNextWorking With Pods

Last updated 7 months ago