Basic operations

This topic describes a few basic kubectl command line tool operations.

View kubeconfig settings

[root@test-1 ~]# kubectl config view
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: https://127.0.0.1:6443
  name: default
contexts:
- context:
    cluster: default
    user: default
  name: default
current-context: default
kind: Config
preferences: {}
users:
- name: default
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED

Get all nodes in the Kubernetes environment

[root@test-1 ~]# kubectl get nodes
NAME                      STATUS   ROLES                                  AGE    VERSION
test-1.vpc.cloudera.com   Ready    control-plane,etcd,master              2d4h   v1.25.14+rke2r1
test-2.vpc.cloudera.com   Ready    <none>                                 2d4h   v1.25.14+rke2r1

Get all namespaces

[root@test-1 ~]# kubectl get namespaces
NAME                                  STATUS   AGE
cdp                                   Active   2d4h
cdp-drs                               Active   2d4h
cdp-services                          Active   2d4h
default                               Active   2d4h
ecs-webhooks                          Active   2d4h
infra-prometheus                      Active   2d4h
k8tz                                  Active   2d4h
kube-node-lease                       Active   2d4h
kube-public                           Active   2d4h
kube-system                           Active   2d4h
kubernetes-dashboard                  Active   2d4h
liftie-wjtncjzm-ns                    Active   2d4h
local-path-storage                    Active   2d4h
longhorn-system                       Active   2d4h
observability                         Active   2d4h
pod-reaper                            Active   2d4h
test-1-5ea742bf-monitoring-platform   Active   2d4h
vault-system                          Active   2d4h
yunikorn                              Active   2d4h

Check all pods in a namespace

Use the following command format to check all pods in a namespace:

kubectl get pods -n <namespace_name>

For example, to get the pods and their status in the vault-system namespace:

[root@test-1 ~]# kubectl get pods -n vault-system
NAME                                       READY                STATUS           RESTARTS             AGE
helm-install-vault-pd842                    0/1                Completed             0                2d6h
vault-0                                     1/1                 Running              0                2d6h
vault-exporter-84bd8f848d-s9grm             1/1                 Running              0                2d6h

Get the containers in a pod

Use the following command format to get the containers in a pod:

root@test-1 ~]# kubectl get pods -n <namespace_name> <pod_name> -o=jsonpath='{.spec.containers[*].name}'

For example, to get the containers in the fluentd-aggregator-0 pod in the cdp namespace:

root@test-1 ~]# kubectl get pods -n cdp fluentd-aggregator-0  -o=jsonpath='{.spec.containers[*].name}'
thunderhead-diagnostics-api 
fluentd-aggregator[

Get logs from a specific pod

Use the following command format to get logs from a specific pod:

kubectl logs -n <namespace_name> <pod_name>

For example, to get the logs from the vault-0 pod in the vault-system namespace:

[root@test-1 ~]# kubectl logs -n vault-system vault-0
==> Vault server configuration:

             Api Address: https://10.42.0.15:8200
                     Cgo: disabled
         Cluster Address: https://vault-0.vault-internal:8201
   Environment Variables: GODEBUG, HOME, HOSTNAME, HOST_IP, KUBERNETES_PORT, 
KUBERNETES_PORT_443_TCP, KUBERNETES_PORT_443_TCP_ADDR, 
KUBERNETES_PORT_443_TCP_PORT, KUBERNETES_PORT_443_TCP_PROTO, 
KUBERNETES_SERVICE_HOST, KUBERNETES_SERVICE_PORT, 
KUBERNETES_SERVICE_PORT_HTTPS, NAME, PATH, POD_IP, PWD, SHLVL, SKIP_CHOWN, 
SKIP_SETCAP, VAULT_ADDR, VAULT_API_ADDR, VAULT_CACERT, VAULT_CLUSTER_ADDR, 
VAULT_K8S_NAMESPACE, VAULT_K8S_POD_NAME, VAULT_PORT, VAULT_PORT_8200_TCP, 
VAULT_PORT_8200_TCP_ADDR, VAULT_PORT_8200_TCP_PORT, VAULT_PORT_8200_TCP_PROTO, 
VAULT_PORT_8201_TCP, VAULT_PORT_8201_TCP_ADDR, VAULT_PORT_8201_TCP_PORT, 
VAULT_PORT_8201_TCP_PROTO, VAULT_SERVICE_HOST, VAULT_SERVICE_PORT, 
VAULT_SERVICE_PORT_HTTPS, VAULT_SERVICE_PORT_HTTPS_INTERNAL, VERSION
              Go Version: go1.20.1
              Listener 1: tcp (addr: "[::]:8200", cluster address: "[::]:8201", 
max_request_duration: "1m30s", max_request_size: "33554432", tls: "enabled")
               Log Level: 
                   Mlock: supported: true, enabled: false
           Recovery Mode: false
                 Storage: file
                 Version: Vault v1.13.1, built 2023-03-23T12:51:35Z
             Version Sha: 4472e4a3fbcc984b7e3dc48f5a8283f3efe6f282

==> Vault server started! Log data will stream in below:
2023-11-28T20:34:33.998Z [INFO]  proxy environment: http_proxy="" https_proxy="" no_proxy=""
2023-11-28T20:34:33.998Z [INFO]  core: Initializing version history cache for core
2023-11-28T20:34:36.013Z [INFO]  core: security barrier not initialized
2023-11-28T20:34:36.014Z [INFO]  core: seal configuration missing, not initialized
2023-11-28T20:34:36.014Z [INFO]  core: security barrier not initialized
2023-11-28T20:34:36.015Z [INFO]  core: security barrier initialized: stored=1 shares=1 threshold=1
2023-11-28T20:34:36.016Z [INFO]  core: post-unseal setup starting
2023-11-28T20:34:36.029Z [INFO]  core: loaded wrapping token key

Get logs from a specific container

To get the logs from a specific container, use the following command format:

kubectl logs -n <namespace_name> <pod_name> -c container_name

For example, the following command lists all of the containers:

kubectl get pods cdp-release-thunderhead-environment-85bdfdb466-gprcb -n e2e-djwl0v -o jsonpath='{.spec.containers[*].name}' 
thunderhead-environment fluentbit 

Then the kubectl logs command can be used with the -c option to return the logs from the thunderhead-environment container:

kubectl logs cdp-release-thunderhead-environment-85bdfdb466-gprcb -c thunderhead-environment -n e2e-djwl0v 

Tunnel into a container

The following example demonstrates how to tunnel into one of the containers above, and then execute a list command:

[root@test-1 ~]# kubectl -n cdp exec -it pod/fluentd-aggregator-0 -c fluentd-aggregator -- bash
[cloudera@fluentd-aggregator-0 /]$ ls -lrth
total 152K
drwxr-xr-x   2 root root    6 Dec 14  2017 srv
drwxr-xr-x   2 root root    6 Dec 14  2017 mnt
drwxr-xr-x   2 root root    6 Dec 14  2017 media
dr-xr-xr-x   2 root root    6 Dec 14  2017 boot
drwxr-xr-x   1 root root   19 Jan 17  2023 usr
lrwxrwxrwx   1 root root    8 Jan 17  2023 sbin -> usr/sbin
lrwxrwxrwx   1 root root    9 Jan 17  2023 lib64 -> usr/lib64
lrwxrwxrwx   1 root root    7 Jan 17  2023 lib -> usr/lib
lrwxrwxrwx   1 root root    7 Jan 17  2023 bin -> usr/bin
drwxr-xr-x   1 root root   17 Jan 17  2023 var
drwxr-xr-x   1 root root   22 Feb 27  2023 opt
drwxr-xr-x   1 root root   21 Feb 27  2023 run
dr-xr-x---   1 root root   30 Feb 27  2023 root
drwxr-xr-x   1 root root   22 Feb 27  2023 home
drwxr-xr-x   1 root root   64 Feb 27  2023 etc
dr-xr-xr-x 656 root root    0 Nov 28 20:39 proc
dr-xr-xr-x  13 root root    0 Nov 28 20:39 sys
drwxr-xr-x   3 root root   17 Nov 28 20:40 fluentd
drwxr-xr-x   5 root root  360 Nov 28 20:40 dev
drwxrwxrwt   1 root root  104 Nov 28 20:40 tmp