Helpful kubectl commands
The kubectl cli is the primary tool for inspecting your application environments and is very useful for viewing information that isn't yet made available via the OpsCanvas web application.
These examples assume you've aliased the command kubectl
to k
as documented here and that you have configured a default namespace
for the context as documented here.
‼️Don't forget you need to set the kubectl
context to the appropriate environment for the commands to work k config use-context <alias>
more info here.
List pods
To get a list of pods running in the environment's namespace, use the command:
This will return a list of pod names in your environment and their status.
NOTE: if you haven't set a default namespace you will need to specify it by appending -n <environment type> to the command.
The "jump pod"
The jump pod is a special pod added to all environments that allows for users to have a terminal in the private subnet. The jump pod is running Ubuntu 23.04 and has apt-get
installed which can be used to install utilities that can be used to debug and inspect your application environment.
Log into a pod
It can be useful to log into application pods to check for logs that may be written to files (not a best practice) or examine environment variables.
List all resources in the Kubernetes environment
If you want to dig deeper into the Kubernetes cluster than just your services, you can view all the resources, deployments, and config maps using the following command.
Pod environment variables
You can log into a pod and view its environment variables using echo $...
but there is an alternative, more Kubernetes native way to do the same. In Kubernetes environment variables that aren't marked "sensitive" (or "secret") are stored in configmaps. Basically, a map of a name to a value, and that name is injected into the pod as an environment variable.
Configmaps are named resources in Kubernetes, where the name is deterministically constructed from the pod name (minus the random suffix) + -config
. Get a list of pods and then use the following command to see the config map.
Pod secrets
Variables that are marked as "secret" in the OpsCanvas UI are stored as Kubernetes secrets. These secrets will be injected into pods as environment variables the same as configmap values, but they are treated differently by Kubernetes - unsurprisingly they are called secrets.
The process for viewing secrets using kubectl is slightly different.
You can find the full list of secrets in the namespace with the command, but this will be a very long list.
k describe secrets
To find information about the secrets for a specific service, get the pod name using list pods and remove the random suffix using the following command:
k describe secrets <pod name>-secrets
You'll notice that this returns information about the available secrets but not the values, to get the base64 encoded values of all the secrets in a pod execute.
k get secret <pod name>-secrets -o jsonpath='{.data}'
This will return all of the secrets that are available to the given pod along with their base64 encoded value. Here's a one-liner to view the value of a specific secret assuming you have base64
installed in your terminal:
k get secret <pod name>-secrets -o jsonpath='{.data.<secret name>}' | base64 --decode -
Get pod logs
To view all logs written to a service's stdout since the pod started, run the following command:
k logs <pod name>
Append --tail <n>
to view the last n
log lines (e.g. the last 25 lines):
k logs <pod name> --tail 25
Append --follow
to see a live tail of logs:
k logs <pod name> --follow
Last updated