K8s Quickly - Cheat Sheet

Written By Dillon Barry

πŸ” Context & Namespaces

List contexts β€” shows available kube contexts
kubectl config get-contexts

CURRENT   NAME          CLUSTER     AUTHINFO
*         dev-cluster   dev        user-dev

Switch context
kubectl config use-context dev-cluster
β†’ Switched to context "dev-cluster".

List namespaces
kubectl get ns

NAME        STATUS   AGE
default     Active   10d
monitoring  Active   3d

Set default namespace
kubectl config set-context --current --namespace=app-prod
β†’ Context updated.

πŸ“¦ Pods & Containers

List all pods
kubectl get pods -A

NAMESPACE   NAME                   STATUS
app-prod    api-7d9df9b77b-xrjhg   Running
app-prod    web-6cb5d49b87-l4ztz   CrashLoopBackOff

Describe pod
kubectl describe pod web-6cb5d49b87-l4ztz -n app-prod
β†’ Shows events, restarts, image, node, reason for crash.

View logs
kubectl logs web-6cb5d49b87-l4ztz -n app-prod

Error: cannot connect to postgres at db-service:5432

Exec into container
kubectl exec -it web-6cb5d49b87-l4ztz -n app-prod -- /bin/bash
β†’ Opens interactive shell inside the container.

βš™οΈ Deployments

List deployments
kubectl get deploy -A

NAMESPACE   NAME   READY   UP-TO-DATE   AVAILABLE
app-prod    web    1/1     1            1

Update image
kubectl set image deploy/web web=myrepo/web:v2 -n app-prod
β†’ Updates running container image.

Restart rollout
kubectl rollout restart deploy/web -n app-prod
β†’ Forces a new pod rollout.

🧩 Nodes & GPUs

List nodes (with IPs)
kubectl get nodes -o wide

NAME          STATUS   ROLES    INTERNAL-IP
gpu-node-01   Ready    worker   10.42.0.12

View node GPU capacity
kubectl describe node gpu-node-01 | grep -A5 "Capacity"

nvidia.com/gpu: 8

List pods using GPUs
kubectl get pods -A -o custom-columns='NS:.metadata.namespace,NAME:.metadata.name,GPU:.spec.containers[*].resources.limits.nvidia.com/gpu'

NS         NAME            GPU
training   trainer-abc123   4

🧾 Configs & Secrets

List ConfigMaps
kubectl get cm -n app-prod

NAME            DATA
web-config      3

View ConfigMap
kubectl get cm web-config -n app-prod -o yaml
β†’ Prints key-value data.

Decode a Secret
kubectl get secret db-secret -n app-prod -o jsonpath='{.data.password}' | base64 --decode
β†’ Reveals decoded secret value.

πŸ“Š Monitoring & Debug

Top nodes
kubectl top nodes

NAME          CPU(%)   MEM(%) 
gpu-node-01   72%      68%

Top pods
kubectl top pods -A

NAMESPACE   NAME     CPU(%)  MEM(%)
training    trainer   1800m   5Gi

Cluster events
kubectl get events --sort-by=.metadata.creationTimestamp
β†’ Shows recent failures, restarts, scheduling delays.

Debug into pod
kubectl debug -it trainer-abc123 -n training --image=ubuntu
β†’ Spawns ephemeral container for inspection.

🧹 Cleanup

Delete pod
kubectl delete pod web-6cb5d49b87-l4ztz -n app-prod
β†’ Kills and lets Deployment recreate it.

Remove evicted pods
kubectl get pods -A | grep Evicted | awk '{print $2}' | xargs kubectl delete pod -n app-prod
β†’ Clears out evicted pods.

Delete old jobs
kubectl delete jobs --all -n training
β†’ Cleans up completed batch jobs.

πŸ’‘ Tips: Use -o wide for extra info, --show-labels for labels, and watch kubectl get pods -A for live updates.
Check GPU plugin status: kubectl get ds -A | grep nvidia

Components

🧠 Core Components

API Server
Exposes the Kubernetes API β€” all kubectl commands and controllers communicate through it.

etcd
Cluster’s key-value database. Stores state, configs, and resource definitions.

Controller Manager
Watches resources and ensures actual state matches desired state (e.g. keeps replicas running).

Scheduler
Decides which node each Pod should run on based on resources, taints, and affinities.

Kubelet
Node-level agent. Talks to the API server and ensures containers are running as defined.

Kube Proxy
Handles Pod networking and load-balancing. Routes traffic between Services and Pods.

Container Runtime
Runs the actual containers. Common options: containerd, CRI-O, or legacy Docker.

πŸ“¦ Workload Components

Pod
Smallest deployable unit β€” one or more containers sharing the same network and storage.

Deployment
Defines how many Pod replicas should run and handles rolling updates.

Service
Provides stable networking and load-balancing for a set of Pods.

Ingress
Manages external access to Services, usually HTTP/HTTPS. Popular options: NGINX, Traefik.

ConfigMap & Secret
Store environment variables, configs, or credentials separately from container images.

πŸ—‚οΈ Cluster & Storage

Node
Worker machine (virtual or physical) that runs Pods. Each has a Kubelet and runtime.

Namespace
Logical isolation inside the cluster β€” separate teams, environments, or apps.

Volume / PersistentVolume
Provides storage to Pods. PersistentVolumes (PVs) represent the actual storage, while PVCs claim it.

Storage Options
CSI drivers integrate external storage: EBS, NFS, Ceph, Longhorn, Portworx.

Cluster
The complete Kubernetes system β€” control plane (API, etcd, controller, scheduler) + worker nodes.

πŸ”Œ Common Add-Ons

Networking (CNI)
Manages Pod-to-Pod networking. Common: Calico, Cilium, Flannel.

Service Mesh
Adds traffic control, security, and observability. Common: Istio, Linkerd.

Monitoring
Prometheus and Grafana for metrics, Lens for visual cluster insights.

Security & Policy
Gatekeeper, Kyverno, and Falco for compliance and runtime protection.

Package Management
Helm or Kustomize for deploying apps; ArgoCD for GitOps workflows.

πŸ’‘ Quick mental model: The control plane is the brain, the nodes are the hands, and Pods are the workers doing the job.
Cluster add-ons handle networking, storage, monitoring, and security layers.

Dillon Barry
Next

Kubernetes and its real world application