A collection of scripts for various tasks in Kubernetes.
Each script has a usage function. See usage with
$ <script> --help- findEmptyNamespaces.sh: Loop over all namespaces in a cluster and find empty ones.
- getPodsTopCSV.sh: Get a pod's cpu and memory usage (optionally per container) written as CSV formatted file.
- getResourcesCSV.sh: Get all pods resources requests and limits per container in a CSV format with values normalized. CSV format is very automation friendly and is great for pasting in an Excel or Google sheet for further processing.
- getRestartingPods.sh: Get all pods (all or single namespace) that have restarts detected in one or more containers. Formatted in CSV.
- podReady: Simple script to check if pod is really ready. Check status is 'Running' and that all containers are ready. Returns 0 if ready. Returns 1 if not ready.
- podWithHostFS.yaml: A pod with host root file system mounted into it.
WARNING: There is danger of corrupting your Kubernetes host. Use with extra care!
kubectl top nodes# All cluster
kubectl get events
# Specific namespace events
kubectl get events --namespace=kube-system# Single call to K8s API
kubectl get nodes -o json | grep -A 12 addresses
# A loop for more flexibility
for n in $(kubectl get nodes -o name); do \
echo -e "\nNode ${n}"; \
kubectl get ${n} -o json | grep -A 8 addresses; \
donekubectl describe nodes | grep -A 3 "Name:\|Resource .*Requests .*Limits" | grep -v "Roles:"for a in $(kubectl get pods -n namespace1 -o name); do \
echo -e "\nPod ${a}"; \
kubectl -n namespace1 describe ${a} | awk '/Labels:/,/Annotations/' | sed '/Annotations/d'; \
done# Forward localhost port 8080 to a specific pod exposing port 8080
kubectl port-forward -n namespace1 web 8080:8080
# Forward localhost port 8080 to a specific web service exposing port 80
kubectl port-forward -n namespace1 svc/web 8080:80- A great tool for port forwarding all services in a namespace + adding aliases to
/etc/hostsis kubefwd. Note that this requires root or sudo to allow temporary editing of/etc/host.
# Port forward all service in namespace1
kubefwd svc -n namespace1# Get the value of the postgresql password
kubectl get secret -n namespace1 my-postgresql -o jsonpath="{.data.postgres-password}" | base64 --decodekubectl get secret my-secret --namespace namespace1 -o yaml | sed "/namespace:/d" | kubectl apply --namespace=namespace2 -f -A one liner to create an Ubuntu pod that will just wait forever.
# Create the pod
cat <<ZZZ | kubectl apply -f -
apiVersion: v1
kind: Pod
metadata:
name: my-ubuntu-pod
spec:
containers:
- name: my-ubuntu-container
image: ubuntu:20.04
command:
- 'bash'
- '-c'
- 'while true; do sleep 5; done'
ZZZ
# Shell into the pod
kubectl exec -it my-ubuntu-pod bash
# Delete the pods once done
kubectl delete pod my-ubuntu-podNote - Pod will terminate once exited
# Ubuntu
kubectl run my-ubuntu --rm -i -t --restart=Never --image ubuntu -- bash
# CentOS
kubectl run my-centos --rm -i -t --restart=Never --image centos:8 -- bash
# Alpine
kubectl run my-alpine --rm -i -t --restart=Never --image alpine:3.10 -- sh
# Busybox
kubectl run my-busybox --rm -i -t --restart=Never --image busybox -- shUseful for listing all running containers in your cluster
kubectl get pod -A -o=jsonpath='{range .items[*]}{.metadata.namespace},{.metadata.name},{.spec.containers[*].image}{"\n"}' | tr -s ' ' '\n'Look into a few more examples of listing containers
- Option 1 for all pods (Taken from kubectl cheatsheet)
kubectl get pods -A --sort-by='.status.containerStatuses[0].restartCount'- Option 2 with a filter and a CSV friendly output
kubectl get pods -A | grep my-app | awk '{print $5 ", " $1 ", " $6}' | sort -n -rkubectl get hpa -A -o=custom-columns=NAME:.metadata.name,REPLICAS:.status.currentReplicas | sort -k2 -n -rkubectl get pods -A --field-selector=status.phase!=Running | grep -v Complete# Top 20 pods by highest CPU usage
kubectl top pods -A | sort --reverse --key 3 --numeric | head -20
# Top 20 pods by highest memory usage
kubectl top pods -A | sort --reverse --key 4 --numeric | head -20NOTE: It is recommended to move to Helm v3, which does not use tiller anymore.
This will give tiller cluster-admin role
kubectl -n kube-system create sa tiller && \
kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller && \
helm init --service-account tillerView the templates generated by helm install. Useful for seeing the actual templates generated by helm before deploying.
Can also be used for deploying the templates generated when cannot use Tiller
helm template <chart>- Debug a
helm install. Useful for seeing the actual values resolved by helm before deploying
helm install --debug --dry-run <chart>Roll a restart across all resources managed by a Deployment, DaemonSet or StatefulSet with zero downtime
# Deployment
kubectl -n <namespace> rollout restart deployment <deployment-name>
# DaemonSet
kubectl -n <namespace> rollout restart daemonset <daemonset-name>
# StatefulSet
kubectl -n <namespace> rollout restart statefulsets <statefulset-name>Most of the code above is self experimenting and reading the docs. Some are copied and modified to my needs from other resources...