Basic operations
This topic describes a few basic kubectl
command line tool operations.
View kubeconfig
settings
[root@test-1 ~]# kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://127.0.0.1:6443
name: default
contexts:
- context:
cluster: default
user: default
name: default
current-context: default
kind: Config
preferences: {}
users:
- name: default
user:
client-certificate-data: REDACTED
client-key-data: REDACTED
Get all nodes in the Kubernetes environment
[root@test-1 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
test-1.vpc.cloudera.com Ready control-plane,etcd,master 2d4h v1.25.14+rke2r1
test-2.vpc.cloudera.com Ready <none> 2d4h v1.25.14+rke2r1
Get all namespaces
[root@test-1 ~]# kubectl get namespaces
NAME STATUS AGE
cdp Active 2d4h
cdp-drs Active 2d4h
cdp-services Active 2d4h
default Active 2d4h
ecs-webhooks Active 2d4h
infra-prometheus Active 2d4h
k8tz Active 2d4h
kube-node-lease Active 2d4h
kube-public Active 2d4h
kube-system Active 2d4h
kubernetes-dashboard Active 2d4h
liftie-wjtncjzm-ns Active 2d4h
local-path-storage Active 2d4h
longhorn-system Active 2d4h
observability Active 2d4h
pod-reaper Active 2d4h
test-1-5ea742bf-monitoring-platform Active 2d4h
vault-system Active 2d4h
yunikorn Active 2d4h
Check all pods in a namespace
Use the following command format to check all pods in a namespace:
kubectl get pods -n <namespace_name>
For example, to get the pods and their status in the vault-system
namespace:
[root@test-1 ~]# kubectl get pods -n vault-system
NAME READY STATUS RESTARTS AGE
helm-install-vault-pd842 0/1 Completed 0 2d6h
vault-0 1/1 Running 0 2d6h
vault-exporter-84bd8f848d-s9grm 1/1 Running 0 2d6h
Get the containers in a pod
Use the following command format to get the containers in a pod:
root@test-1 ~]# kubectl get pods -n <namespace_name> <pod_name> -o=jsonpath='{.spec.containers[*].name}'
For example, to get the containers in the fluentd-aggregator-0
pod in the
cdp
namespace:
root@test-1 ~]# kubectl get pods -n cdp fluentd-aggregator-0 -o=jsonpath='{.spec.containers[*].name}'
thunderhead-diagnostics-api
fluentd-aggregator[
Get logs from a specific pod
Use the following command format to get logs from a specific pod:
kubectl logs -n <namespace_name> <pod_name>
For example, to get the logs from the vault-0
pod in the
vault-system
namespace:
[root@test-1 ~]# kubectl logs -n vault-system vault-0
==> Vault server configuration:
Api Address: https://10.42.0.15:8200
Cgo: disabled
Cluster Address: https://vault-0.vault-internal:8201
Environment Variables: GODEBUG, HOME, HOSTNAME, HOST_IP, KUBERNETES_PORT,
KUBERNETES_PORT_443_TCP, KUBERNETES_PORT_443_TCP_ADDR,
KUBERNETES_PORT_443_TCP_PORT, KUBERNETES_PORT_443_TCP_PROTO,
KUBERNETES_SERVICE_HOST, KUBERNETES_SERVICE_PORT,
KUBERNETES_SERVICE_PORT_HTTPS, NAME, PATH, POD_IP, PWD, SHLVL, SKIP_CHOWN,
SKIP_SETCAP, VAULT_ADDR, VAULT_API_ADDR, VAULT_CACERT, VAULT_CLUSTER_ADDR,
VAULT_K8S_NAMESPACE, VAULT_K8S_POD_NAME, VAULT_PORT, VAULT_PORT_8200_TCP,
VAULT_PORT_8200_TCP_ADDR, VAULT_PORT_8200_TCP_PORT, VAULT_PORT_8200_TCP_PROTO,
VAULT_PORT_8201_TCP, VAULT_PORT_8201_TCP_ADDR, VAULT_PORT_8201_TCP_PORT,
VAULT_PORT_8201_TCP_PROTO, VAULT_SERVICE_HOST, VAULT_SERVICE_PORT,
VAULT_SERVICE_PORT_HTTPS, VAULT_SERVICE_PORT_HTTPS_INTERNAL, VERSION
Go Version: go1.20.1
Listener 1: tcp (addr: "[::]:8200", cluster address: "[::]:8201",
max_request_duration: "1m30s", max_request_size: "33554432", tls: "enabled")
Log Level:
Mlock: supported: true, enabled: false
Recovery Mode: false
Storage: file
Version: Vault v1.13.1, built 2023-03-23T12:51:35Z
Version Sha: 4472e4a3fbcc984b7e3dc48f5a8283f3efe6f282
==> Vault server started! Log data will stream in below:
2023-11-28T20:34:33.998Z [INFO] proxy environment: http_proxy="" https_proxy="" no_proxy=""
2023-11-28T20:34:33.998Z [INFO] core: Initializing version history cache for core
2023-11-28T20:34:36.013Z [INFO] core: security barrier not initialized
2023-11-28T20:34:36.014Z [INFO] core: seal configuration missing, not initialized
2023-11-28T20:34:36.014Z [INFO] core: security barrier not initialized
2023-11-28T20:34:36.015Z [INFO] core: security barrier initialized: stored=1 shares=1 threshold=1
2023-11-28T20:34:36.016Z [INFO] core: post-unseal setup starting
2023-11-28T20:34:36.029Z [INFO] core: loaded wrapping token key
Get logs from a specific container
To get the logs from a specific container, use the following command format:
kubectl logs -n <namespace_name> <pod_name> -c container_name
For example, the following command lists all of the containers:
kubectl get pods cdp-release-thunderhead-environment-85bdfdb466-gprcb -n e2e-djwl0v -o jsonpath='{.spec.containers[*].name}'
thunderhead-environment fluentbit
Then the kubectl logs
command can be used with the -c
option to return the logs from the thunderhead-environment
container:
kubectl logs cdp-release-thunderhead-environment-85bdfdb466-gprcb -c thunderhead-environment -n e2e-djwl0v
Tunnel into a container
The following example demonstrates how to tunnel into one of the containers above, and then execute a list command:
[root@test-1 ~]# kubectl -n cdp exec -it pod/fluentd-aggregator-0 -c fluentd-aggregator -- bash
[cloudera@fluentd-aggregator-0 /]$ ls -lrth
total 152K
drwxr-xr-x 2 root root 6 Dec 14 2017 srv
drwxr-xr-x 2 root root 6 Dec 14 2017 mnt
drwxr-xr-x 2 root root 6 Dec 14 2017 media
dr-xr-xr-x 2 root root 6 Dec 14 2017 boot
drwxr-xr-x 1 root root 19 Jan 17 2023 usr
lrwxrwxrwx 1 root root 8 Jan 17 2023 sbin -> usr/sbin
lrwxrwxrwx 1 root root 9 Jan 17 2023 lib64 -> usr/lib64
lrwxrwxrwx 1 root root 7 Jan 17 2023 lib -> usr/lib
lrwxrwxrwx 1 root root 7 Jan 17 2023 bin -> usr/bin
drwxr-xr-x 1 root root 17 Jan 17 2023 var
drwxr-xr-x 1 root root 22 Feb 27 2023 opt
drwxr-xr-x 1 root root 21 Feb 27 2023 run
dr-xr-x--- 1 root root 30 Feb 27 2023 root
drwxr-xr-x 1 root root 22 Feb 27 2023 home
drwxr-xr-x 1 root root 64 Feb 27 2023 etc
dr-xr-xr-x 656 root root 0 Nov 28 20:39 proc
dr-xr-xr-x 13 root root 0 Nov 28 20:39 sys
drwxr-xr-x 3 root root 17 Nov 28 20:40 fluentd
drwxr-xr-x 5 root root 360 Nov 28 20:40 dev
drwxrwxrwt 1 root root 104 Nov 28 20:40 tmp