Adding a secret from plain text
kubectl create -n <namespace> secret generic <object> --from-literal=<key>=<value plain text>
Forwarding ports
kubectl port-forward --namespace=<namespace> <pod> <localport>:<podport>
# JVM remote debug
kubectl port-forward --namespace=<namespace> <pod> 5005:5005
Forcefully remove a PVC & PV
kubectl patch pvc <pvc> -p '{\"metadata\":{\"finalizers\":null}}' -n <namespace>
kubectl delete pvc <pvc> --grace-period=0 --force -n <namespace>
Find existing authorized IP ranges (api-server-authorized-ip-range feature)
az aks show \
--resource-group myResourceGroup \
--name myAKSCluster \
--query apiServerAccessProfile.authorizedIpRanges
Get environment variables of a running pod
kubectl get pod -n <namespace>
kubectl exec -it <podname> -n <namespace> -- printenv
Display content of configmap
kubectl describe cm my-configmap -n <namespace>
Use labels to perform actions on pods
kubectl delete pod -l app=my-killer-app
kubectl get pods -l app=my-killer-app
Quickly switch between context
alias devkube "kubectl config use-context kube-dev-context"
alias stgkube "kubectl config use-context kube-stg-context"
alias prdkube "kubectl config use-context kube-prd-context"
View resource utilization
kubectl top [node|pod]
Restarting pods (rollout)
kubectl get deployments -n <namespace>
kubectl rollout restart deployment <deployment> -n <namespace>
Restarting pods (scaling)
kubectl get deployments -n <namespace>
kubectl scale deployment --replicas=0 <deployment> -n <namespace>
kubectl scale deployment --replicas=x <deployment> -n <namespace>
Watch restart of pods
kubectl get pod -w -n <namespace>
Available AKS addons
http_application_routing
: configure ingress with automatic public DNS name creation.monitoring
: turn on Log Analytics monitoringvirtual-node
: enable AKS Virtual Nodeazure-policy
:ingress-appgw
: enable Application Gateway Ingress Controller addon.
Get pod logs
kubectl get pod
kubectl logs <podname>
kubectl logs --follow <podname>
# Or use labels
kubectl logs -l app=my-killer-app --follow
Access pod terminal
kubectl get pod
kubectl exec --stdin --tty mysql-694d95668d-w7lv5 -- /bin/bash
Create a spot node pool
- Can not be the primary pool on the AKS cluster
- AKS version can not be upgrade
- Needs to be VMSS based
az aks nodepool add --resource-group ResourceGroup --cluster-name AKSCluster --name spotnodepool --priority Spot --eviction-policy Delete --spot-max-price 1 --enable-cluster-autoscaler --min-count 1 --max-count 3 --no-wait
Scale cluster nodes
# Get name of node pool
az aks show --resource-group myResourceGroup --name myAKSCluster --query agentPoolProfiles
# Scale node pool
az aks scale --resource-group myResourceGroup --name myAKSCluster --node-count 1 --nodepool-name <your node pool name>
Enable HTTP Application Routing
In case you forgot to enable it while deploying the AKS cluster
az aks enable-addons --addons http_application_routing -n <aks-cluster> -g <resource-group>
Connect to an AKS cluster
az aks get-credentials -g <resource-group> -n <aks-cluster>
kubectl get nodes
[...]
Attach an ACR to an AKS cluster
az aks update -n <aks-cluster> -g <resource-group> --attach-acr <acr-name>
Set default namespace
kubectl config set-context --current --namespace=foobar
Get and switch current context
kubectl config get-contexts
kubectl config use-context ...