kubectl Quick Reference

The Kubernetes commands you reach for during deploys, debugging and 2am incidents — organized by situation.

Look around

kubectl get pods -A
all pods, all namespaces; -o wide adds nodes/IPs
kubectl get all -n app
everything in one namespace
kubectl describe pod X
THE debugging command — events at the bottom tell the story
kubectl get events --sort-by=.lastTimestamp
what just happened, cluster-wide
kubectl explain deploy.spec
built-in schema docs for any field
-o yaml / -o jsonpath
full object dump / surgical field extraction

Debug a pod

kubectl logs X -f
follow logs; --previous = the crashed container’s logs (crashloop gold)
kubectl exec -it X -- sh
shell inside the container
kubectl debug X -it --image=busybox
ephemeral debug container for distroless pods
kubectl port-forward svc/api 8080:80
poke a cluster service from localhost
CrashLoopBackOff?
logs --previous → describe (events) → check probes, memory limits, config
Pending?
describe → usually unschedulable: resources, taints, or PVC binding

Deploy & rollback

kubectl apply -f dir/
declarative apply; --dry-run=server -o yaml to preview
kubectl rollout status deploy/api
watch the deploy converge
kubectl rollout undo deploy/api
instant rollback to the previous ReplicaSet
kubectl rollout restart deploy/api
rolling restart (new pods, same spec) — the config-reload hammer
kubectl scale deploy/api --replicas=5
manual scale; HPA does it automatically
kubectl set image deploy/api api=img:v2
quick image bump (prefer apply in real life)

Resources & nodes

kubectl top pods / nodes
live CPU/memory (needs metrics-server)
kubectl cordon / drain node
stop scheduling / evict for maintenance
requests vs limits
requests = scheduling claim · limits = kill threshold (OOMKilled = over memory limit)
kubectl get pod X -o yaml | grep -A5 resources
what a pod actually asked for
kubectl auth can-i delete pods
RBAC check before the incident, not during