Introduction
Kubectl also known as Kube Control is a command-line tool used for interacting with Kubernetes clusters. It allows system administrators and developers to deploy, manage and monitor applications within a Kubernetes cluster. Kubectl tool uses the Kubernetes API to communicate with a Kubernetes cluster's control plane and perform a variety of management actions.
Using Kubectl, you can create, update, and delete resources such as pods, services, and deployments through a command-line interface. Additionally, you can scale your application, troubleshoot issues, and inspect the cluster state in real-time. This makes it easy for DevOps engineers, administrators, and developers to manage resources without the need for in-depth knowledge on the Kubernetes internal structure.
Kubectl offers a wide range of features that empower users to effectively manage and interact with Kubernetes clusters. Below are the tool's commonly used features:
Real-time Insights
Resource Discovery
Resource Management
Namespace Control
Deployment and Scaling
Configuration Editing
Rolling Updates
API Access
Pod Interaction
Automation Integration
This article explains how to install and use Kubectl to manage a RCS Kubernetes Engine (VKE) cluster. In addition, you are to use the tool's basic functionalities to view and manage Kubernetes cluster resources.
Prerequisites
Before you begin:
- Deploy a RCS Kubernetes Engine (VKE) cluster with at least three nodes
Install Kubectl
Kubectl tool is available on major operating systems such as Windows, Linux, and macOS. In this section, Install Kubectl depending on your management machine's operating system to connect and manage your Kubernetes clusters.
Install Kubectl on Linux
Kubectl is not available in the default apt
or dnf
package repositories for Debian/Ubuntu based, and CentOS/RHEL based distributions. Instead, you can install Kubectl using the Snap package manager, or manually add the latest binary to your system as described in the steps below.
Depending on your Linux distribution, you can install Kubectl using the Snap package manager or
Using the
snap
package manager, install the Kubectl on your Linux machine$ sudo snap install kubectl --classic
To manually install Kubectl, download the latest Kubectl binary using the following command
$ curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
Grant execute permissions on the binary
$ chmod +x kubectl
To activate
kubectl
as a system-wide command, move the downloaded binary to the/usr/local/bin
directory$ sudo cp kubectl /usr/local/bin/
Install Kubectl on Windows
To install Kubectl on your Windows machine, either install Chocolatey or the Windows Package Manager to download the Kubectl files to your computer. Depending on your installed package manager, install Kubectl as described in the steps below.
Open the Windows Start Menu, search and open a new Windows PowerShell session
Using Chocolatey, install Kubectl
> choco install kubernetes-cli
To install Kubectl using the Windows Package Manager, run the following command
> winget install -e --id CNCF.kubectl
To manually install the application, download the latest Kubectl binary
> Invoke-WebRequest -Uri "http://dl.k8s.io/release/$(Invoke-WebRequest -Uri http://dl.k8s.io/release/stable.txt).txt/bin/windows/amd64/kubectl.exe" -OutFile kubectl.exe
Copy the downloaded file to a directory in your system's PATH.
> copy "C:\path\to\kubectl.exe" "C:\bin"
Install Kubectl on macOS
On macOS, install the Homebrew package manager and use it to install Kubectl as described in the following steps.
Using brew, install Kubectl
$ brew install kubectl
To manually install Kubectl, download the latest binary using
curl
$ curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/darwin/amd64/kubectl"
Grant execute permissions on the file
$ chmod +x kubectl
To activate the system wide
kubectl
command, move the file to the/usr/local/bin
directory$ sudo cp kubectl /usr/local/bin/
Verify the Kubectl Installation
When Kubectl is available as a system wide command on your management machine, verify the installed version to confirm that it works correctly
$ kubectl version --output=yaml
If Kubectl is available and installed correctly, your output should appear like the one below:
clientVersion:
buildDate: "2023-04-14T13:21:19Z"
compiler: gc
gitCommit: 4c9411232e10168d7b050c49a1b59f6df9d7ea4b
gitTreeState: clean
gitVersion: v1.27.1
goVersion: go1.20.3
major: "1"
minor: "27"
platform: linux/amd64
kustomizeVersion: v5.0.1
Connect to a VKE Cluster using Kubectl
To connect to a VKE cluster using Kubectl, download your cluster configuration file, and configure Kubectl to connect to the cluster using the downloaded YAML file as described in the steps below.
Log in to the RCS customer portal and navigate to the Kubernetes section
Find and select the Kubernetes cluster you intend to access
On the cluster dashboard, click Download Configuration to download a copy of the cluster YAML file to your computer
Open a new terminal session, and switch to the directory where you downloaded the VKE configuration file. For example
/Downloads
$ cd /home/user/Downloads
Create a
.kube
directory in your user home directory if it does not exist$ mkdir ~/.kube
Back up the original
config
fileCopy your downloaded VKE configuration file to the
.kube
directory and rename it toconfig
$ cp /home/user/Downloads/vke.yaml /home/user/.kube/config
View your VKE cluster nodes to verify that Kubectl connects to the cluster correctly
$ kubectl get nodes
Output:
NAME STATUS ROLES AGE VERSION cluster-6da3897ae09b Ready <none> 4m36s v1.27.2 cluster-e4891719946c Ready <none> 4m37s v1.27.2 cluster-ea44561f3ee4 Ready <none> 4m37s v1.27.2
Use the
cluster-info
parameter to display the information about the Kubernetes cluster, including the endpoints of the control plane components.$ kubectl cluster-info
The above command should print detailed information about your RCS Kubernetes Engine cluster
Use Kubectl to Manage a VKE Cluster
Using Kubectl ensures that your interactions with the VKE cluster are secure, authenticated, and aligned with the best practices for Kubernetes cluster management. In this section, apply basic Kubectl commands to manage your VKE cluster, and carry out essential tasks like retrieving information, managing resources, scaling applications, checking resource status, and viewing the cluster logs.
Manage Kubernetes Resources
Resources are various components used to run and manage containerized applications in the Kubernetes cluster. They are the building blocks of applications and workloads. Use Kubectl to carry out specific tasks on resources as described in the steps below.
Create Resources in Cluster
Create a new deployment using a specific Docker image
$ kubectl create deployment <deployment-name> --image=<image-name>
Create resources defined in a YAML file
$ kubectl create -f <filename.yaml>
Update the image of a deployment's container
$ kubectl set image deployment/<deployment-name> <container-name>=<new-image>
Replace
<deployment-name>
and<image-name>
with the actual names in your environment.
List Cluster Resources
Common types of resources in a Kubernetes cluster include nodes, pods, services, deployments, configMaps, and secrets. Use the kubectl get
command to list any resources within the VKE luster.
List all cluster nodes
$ kubectl get nodes
View a list of all pods in the default namespace
$ kubectl get pods
View all pods in a specific namespace
$ kubectl get pods -n <namespace>
List pods from all cluster namespaces
$ kubectl get pods --all-namespaces
Get a list of all deployments in the cluster
$ kubectl get deployments
List all cluster services
$ kubectl get services
Describe Resources in Cluster
To get more information about any Kubernetes cluster resources, use the kubectl describe
command followed by resource name as described in the steps below.
Displays detailed information about a specific pod
$ kubectl describe pod <pod-name>
Print detailed information about a specific node
$ kubectl describe node <node-name>
Shows detailed information about a service
$ kubectl describe service <service-name>
Replace
<pod-name>
,<service-name>
and<node-name>
with the actual names in your environment.
Delete Resources in Cluster
To remove any resources from the Kubernetes clyster, use the kubectl delete
command followed by the resource name as described in the steps below
Delete a specific pod in the cluster
$ kubectl delete pod <pod-name>
Remove a specific cluster
$ kubectl delete svc <service name>
Delete a specific deployment in the cluster:
$ kubectl delete deployment <deployment-name>
Remove all resources in the default namespace:
$ kubectl delete all --all
Replace <pod-name>
, <deployment name>
and <service name>
with the actual resource names in your VKE cluster.
Create and Manage Namespace in Cluster
Namespace is a Kubernetes features used to organize clusters into virtual sub-clusters. It provides a way to apply access controls and permissions at the namespace level.
Create a new namespace in the cluster:
$ kubectl create namespace <namespace-name>
List all namespaces in the cluster:
$ kubectl get namespaces
Delete a specific namespace from the cluster:
$ kubectl delete namespace <namespace-name>
Replace
<namespace-name>
with the actual names in your environment.
ConfigMap and Secret Management
ConfigMap and Secret are types of objects in Kubernetes used to inject configuration data into a container during container start-up. A Secret is an API object used to store sensitive information such as passwords, SSH keys, and other confidential information. While a ConfigMap is specifically designed to store non-sensitive configuration data in configuration files.
Create a ConfigMap from a file:
$ kubectl create configmap <configmap-name> --from-file=<file-path>:
List all ConfigMaps in the default namespace:
$ kubectl get configmaps
Delete a specific ConfigMap.
$ kubectl delete configmap <configmap-name>
Create a Secret from literal values:
$ kubectl create secret generic <secret-name> --from-literal=key=value
List all secrets in the default namespace.
$ kubectl get secrets
Delete a specific secret.
$ kubectl delete secret <secret-name>
Scale Applications
You can use the
kubectl scale deployment
command followed by deployment name and replica numbers to scale a deployment to a specified number of replicas:$ kubectl scale deployment <deployment-name> --replicas=<desired-replicas>
Edit an existing deployment to update an application:
$ kubectl edit deployment <deployment-name>
View Cluster Logs
You can use the kubectl logs
command to view cluster logs of individual pods.
View logs of a specific pod:
$ kubectl logs <pod-name>
View logs of a container within a pod:
$ kubectl logs <pod-name> -c <container-name>
Stream logs from a pod in real-time:
$ kubectl logs -f <pod-name>
Use the
--previous
flag with thekubectl
command to view the logs of previous instances.$ kubectl logs --previous <pod-name>
Use the
--timestamps
flag to view the logs of a pod including timestamps in the log output:$ kubectl logs --timestamps <pod-name>
Replace
<pod-name>
and<container-name>
with the actual names in your environment.
Advanced Kubectl Commands
In this section, explore the advanced Kubectl commands that offer greater control and flexibility when managing your Kubernetes cluster.
Run Commands Within Pods
The kubectl exec
command allows you to check the status and contents of containers running in your Kubernetes clusters. It will help you to inspect and troubleshoot applications running inside the Kubernetes cluster.
Below is the basic syntax to execute a command within a pod:
$ kubectl exec -it <pod-name> -c <container-name> -- <command>
Below is what the command does.
-it
: Start an interactive terminal shell.<pod-name>
: Name of the pod.-c <container-name>
: Specify the container name running within your pod.-- <command>
: Specify the command that you want to run inside the container.
For example, start an interactive shell within a specific container using the following command.
$ kubectl exec -it <pod-name> -c <container-name> -- /bin/sh
List files in a specific directory of the container.
$ kubectl exec -it <pod-name> -c <container-name> -- ls /app
Replace <pod-name>
and <container-name>
with the actual names in your environment.
Enable Port forwarding for Local Access to Kubernetes Cluster Resources
Port forwarding is a Kubernetes feature that lets you access an application running on your Kubernetes from your local machine. It's a handy feature to test applications during development.
Below is the The basic syntax to enable port forwarding from your cluster to your local machine's port
$ kubectl port-forward <service-name> <local-port>:<service-port>
The following command forwards traffic from port 8000
on the service named my-service
to port 8080
on your local machine
$ kubectl port-forward my-service 8080:8000
After executing the above command, you can access the my-service
service using the URL http://localhost:8080
in your local web browser.
Manage Resource Quotas
Resource Quotas in Kubernetes allow you to manage and assign resources within namespaces in your Kubernetes cluster.
View Resource Quotas in a namespace:
$ kubectl get resourcequota -n <namespace>
View the used quotas within a namespace:
$ kubectl describe resourcequota -n <namespace>
Edit your existing Resource Quatas:
$ kubectl edit resourcequota <resource-quota-name> -n <namespace>
Deletes a Resource Quota within a namespace:
$ kubectl delete resourcequota <resource-quota-name> -n <namespace>
Drain Nodes for Maintenance
Node maintenance is an essential process when you perform updates, patches, or any other tasks on a node. Kubectl helps you to drain nodes for maintenance via the command line.
Identify the node that you want to drain.
$ kubectl get nodes
Pick your node from the above list and mark it as un-schedulable to prevent new workloads from getting placed on the node while you perform maintenance.
$ kubectl cordon <node-name>
Drain the node for maintenance to remove pods that are running on the node.
$ kubectl drain <node-name>
The above command will reschedule pods to other nodes in the cluster before the maintenance begins.
Here are some additional flags that you can use with
kubectl drain
command:--force
: Forcefully drains the node.--timeout
: Specify the timeout period for the drain operation.--ignore-daemonsets
: Evict DaemonSet pods during the draining process.
Mark the node as schedulable again after completing the maintenance process.
$ kubectl uncordon <node-name>
Conclusion
In this tutorial, you have installed Kubectl on your local machine and configured it to interact with the RCS Kubernetes engine. Then, you learned how to use Kubectl to manage resources, scale applications, check status, and view logs in a Kubernetes cluster. Using Kubectl effectively is an essential skill for system administrators working with the Kubernetes cluster.