Kubernetes Cheat Sheet

Kubernetes Cheat Sheet

  • List all nodes:

    • kubectl get no
  • List all pods in the kube-system namespace:

    • kubectl -n kube-system get pods
  • Apply a YAML configuration file (No Last-Applied Configuration**)**

    • kubectl create -f ****.yaml
  • Apply a YAML configuration file: (with Last-Applied Configuration )

    • kubectl apply -f ****.yaml
  • List all pods in the kube-system namespace:

    • kubectl -n kube-system get pods
  • List pods with all infomation:

    • kubectl get pod -o wide
  • List nodes with all infomation:

    • kubectl get pod -o wide
  • describe a specific node:

    • kubectl describe node node-1
  • show logs:

    • kubectl logs nginx
  • show live object configuration form etcd:

    • kubectl get pod nginx -o yaml
  • show labels:

    • kubectl get po --show-lables
  • to show pod with specific label:

    • kubectl get po -l "client=abc"
  • to show pod with specific label with AND condition:

    • kubectl get po -l "client=abc,env=dev"
  • Quality of Service (QoS) classes manage the resource allocation for pods to ensure they get the CPU and memory they need. There are three QoS classes:

    1. Best Effort:

      • Pods in this class have no guaranteed or limited resource requests.

      • They are the first to be terminated if the node runs out of resources.

      • Example YAML:

          apiVersion: v1
          kind: Pod
          metadata:
            name: best-effort-pod
          spec:
            containers:
            - name: best-effort-container
              image: nginx
        
    2. Burstable:

      • Pods have some guaranteed resources (requests) but can use more (limits) if available.

      • They are prioritized over Best Effort pods but can be throttled or evicted when resources are scarce.

      • Example YAML:

          apiVersion: v1
          kind: Pod
          metadata:
            name: burstable-pod
          spec:
            containers:
            - name: burstable-container
              image: nginx
              resources:
                requests:
                  memory: "64Mi"
                  cpu: "250m"
                limits:
                  memory: "128Mi"
                  cpu: "500m"
        
    3. Guaranteed:

      • Pods have equal requests and limits for all containers.

      • They receive the highest priority and are the last to be evicted when resources are constrained.

      • Example YAML:

          apiVersion: v1
          kind: Pod
          metadata:
            name: guaranteed-pod
          spec:
            containers:
            - name: guaranteed-container
              image: nginx
              resources:
                requests:
                  memory: "128Mi"
                  cpu: "500m"
                limits:
                  memory: "128Mi"
                  cpu: "500m"
        
  • Out of Memory (OOM)

    • OOM Killer: If a container exceeds its memory limit, the OOM killer terminates it. Kubernetes restarts the container based on its restart policy.

    • Eviction: For BestEffort pods, Kubernetes may evict the entire pod. For Burstable or Guaranteed pods, Kubernetes evicts the least critical pods first, based on their QoS class and priority.

CPU Constraints

  • CPU Throttling: If a container exceeds its CPU limit, Kubernetes throttles its CPU usage, slowing down its processing.

  • No OOM Killer: Unlike memory, CPU constraints do not terminate the container; it is simply limited to its specified CPU limit.

Request and Limit Management

  • Requests: Kubernetes scheduler uses pod resource requests (e.g., CPU, memory) to find a suitable node with available resources to place the pod.

  • Limits: Kubernetes kubelet enforces pod resource limits, ensuring that containers do not exceed allocated resources, preventing resource contention and ensuring stability.

  • Top comamdn to k8s (you neeed a matrix server can download the yaml from fork repo):

    • kubectl top pods