A collection of scripts for various tasks in Kubernetes.
Each script has a usage
function. See usage with
$ <script> --help
- findEmptyNamespaces.sh: Loop over all namespaces in a cluster and find empty ones.
- getPodsTopCSV.sh: Get a pod's cpu and memory usage (optionally per container) written as CSV formatted file.
- getResourcesCSV.sh: Get all pods resources requests and limits per container in a CSV format with values normalized. CSV format is very automation friendly and is great for pasting in an Excel or Google sheet for further processing.
- getRestartingPods.sh: Get all pods (all or single namespace) that have restarts detected in one or more containers. Formatted in CSV.
- podReady: Simple script to check if pod is really ready. Check status is 'Running' and that all containers are ready. Returns 0 if ready. Returns 1 if not ready.
kubectl top nodes
# All cluster
kubectl get events
# Specific namespace events
kubectl get events --namespace=kube-system
# Single call to K8s API
kubectl get nodes -o json | grep -A 12 addresses
# A loop for more flexibility
for n in $(kubectl get nodes -o name); do \
echo -e "\nNode ${n}"; \
kubectl get ${n} -o json | grep -A 8 addresses; \
done
kubectl describe nodes | grep -A 3 "Resource .*Requests .*Limits"
for a in $(kubectl get pods -n namespace1 -o name); do \
echo -e "\nPod ${a}"; \
kubectl -n namespace1 describe ${a} | awk '/Labels:/,/Annotations/' | sed '/Annotations/d'; \
done
# Forward localhost port 8080 to a specific pod exposing port 8080
kubectl port-forward -n namespace1 web 8080:8080
# Forward localhost port 8080 to a specific web service exposing port 80
kubectl port-forward -n namespace1 svc/web 8080:80
- A great tool for port forwarding all services in a namespace + adding aliases to
/etc/hosts
is kubefwd. Note that this requires root or sudo to allow temporary editing of/etc/host
.
# Port forward all service in namespace1
kubefwd svc -n namespace1
# Get the value of the postgresql password
kubectl get secret -n namespace1 my-postgresql -o jsonpath="{.data.postgres-password}" | base64 --decode
kubectl get secret my-secret --namespace namespace1 -o yaml | sed "/namespace:/d" | kubectl apply --namespace=namespace2 -f -
Note - Pod will terminate once exited
# Ubuntu
kubectl run --generator=run-pod/v1 my-ubuntu --rm -i -t --image ubuntu -- bash
# CentOS
kubectl run --generator=run-pod/v1 my-centos --rm -i -t --image centos:8 -- bash
# Alpine
kubectl run --generator=run-pod/v1 my-alpine --rm -i -t --image alpine:3.10 -- sh
# Busybox
kubectl run --generator=run-pod/v1 my-busybox --rm -i -t --image busybox -- sh
Useful for listing all running containers in your cluster
kubectl get pod --all-namespaces \
-o=jsonpath='{range .items[*]}{.metadata.namespace}, {.metadata.name}, {.spec.containers[].image}{"\n"}'
Look into a few more examples of listing containers
kubectl get hpa --all-namespaces -o=custom-columns=NAME:.metadata.name,REPLICAS:.status.currentReplicas | sort -k2 -n -r
NOTE: It is recommended to move to Helm v3, which does not use tiller anymore.
This will give tiller cluster-admin
role
kubectl -n kube-system create sa tiller && \
kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller && \
helm init --service-account tiller
View the templates generated by helm install
. Useful for seeing the actual templates generated by helm before deploying.
Can also be used for deploying the templates generated when cannot use Tiller
helm template <chart>
- Debug a
helm install
. Useful for seeing the actual values resolved by helm before deploying
helm install --debug --dry-run <chart>
Roll a restart across all replicas of a Deployment or StatefulSet with zero downtime
# Deployment
kubectl -n <namespace> rollout restart deployment <deployment-name>
# StatefulSet
kubectl -n <namespace> rollout restart statefulsets <statefulset-name>