Popular Kubectl Commands

kubectl config current-context

Print the active kubeconfig context name.

Use before running any command to avoid targeting the wrong cluster.

kubectl config get-contexts

List available contexts with cluster/user bindings.

Use to discover configured environments and identify the context name to switch to.

kubectl config use-context <context-name>

Switch active context in kubeconfig.

Use when changing from one environment to another (for example dev to prod).

kubectl --context=<context-name> get pods -A

Run a one-off command against a specific context without switching globally.

Use when you need a quick check in another cluster while keeping your current default context.

kubectl config set-context --current --namespace=<namespace>

Set default namespace for the current context.

Use to reduce repeated -n flags and prevent namespace mistakes.

kubectl config view --minify --output 'jsonpath={..namespace}'

Show the namespace currently attached to active context.

Use to verify namespace scope before mutating workloads.

kubectl get pods -A

List all pods in every namespace.

Use this first to verify pod status cluster-wide.

kubectl describe pod <pod-name> -n <namespace>

Show pod events, scheduling details, and container state.

Use when a pod is Pending, CrashLoopBackOff, or restarting.

kubectl logs <pod-name> -n <namespace> --tail=200

Fetch the latest pod logs.

Use for quick application error context.

kubectl logs <pod-name> -n <namespace> -c <container-name> --follow

Stream logs for a specific container in a multi-container pod.

Use for real-time incident troubleshooting.

kubectl exec -it <pod-name> -n <namespace> -- sh

Open an interactive shell in a running container.

Use to inspect runtime config, files, or DNS/network behavior.

kubectl delete pod <pod-name> -n <namespace>

Delete a pod and let its controller recreate it.

Use for stateless restart recovery under a Deployment.

gcloud auth login

Authenticate the gcloud CLI with your Google account.

Use when onboarding a new machine or switching Google identities.

gcloud auth application-default login

Create local Application Default Credentials for SDK-based tooling.

Use when tools or scripts require ADC instead of gcloud user credentials.

gcloud auth list

List authenticated Google accounts and show the active account.

Use to confirm you are authenticated as the intended identity.

gcloud config set project <project-id>

Set the active Google Cloud project in local gcloud config.

Use before listing clusters or fetching credentials for a specific project.

gcloud container clusters list --project <project-id>

List GKE clusters for the selected project.

Use to discover cluster names and region/zone values.

gcloud container clusters get-credentials <cluster-name> --region <region> --project <project-id>

Fetch credentials for a regional GKE cluster and merge into kubeconfig.

Use when connecting to regional clusters (recommended default for production).

gcloud container clusters get-credentials <cluster-name> --zone <zone> --project <project-id>

Fetch credentials for a zonal GKE cluster and merge into kubeconfig.

Use when the target GKE cluster is zonal instead of regional.

kubectl config current-context

Verify the active kubectl context after pulling GKE credentials.

Use immediately after get-credentials to confirm the selected cluster context.

kubectl get deployments -A

List deployments and replica readiness across namespaces.

Use for rollout health and replica drift checks.

kubectl rollout status deployment/<name> -n <namespace>

Watch rollout progress until complete.

Use during release verification.

kubectl rollout history deployment/<name> -n <namespace>

View deployment revision history.

Use before rollback decisions.

kubectl rollout undo deployment/<name> -n <namespace>

Rollback deployment to previous revision.

Use when current rollout introduces regressions.

kubectl scale deployment/<name> --replicas=3 -n <namespace>

Set desired replica count manually.

Use for temporary capacity adjustments.

kubectl set image deployment/<name> <container>=<image>:<tag> -n <namespace>

Patch image tag for a deployment container.

Use for hotfix rollouts or controlled image bumps.

kubectl get svc -A

List all Service resources.

Use to confirm service exposure type and cluster IPs.

kubectl describe svc <service-name> -n <namespace>

Inspect service ports, selector, and endpoints.

Use when traffic is not reaching backend pods.

kubectl get endpoints <service-name> -n <namespace>

Check endpoint addresses selected by the service.

Use to verify selector-to-pod binding.

kubectl get ingress -A

List ingress resources and exposed hosts.

Use for external routing diagnostics.

kubectl describe ingress <ingress-name> -n <namespace>

Show ingress rules, TLS config, and backend mappings.

Use when host/path routes fail unexpectedly.

kubectl get configmap -A

List ConfigMaps across namespaces.

Use to find environment-specific config references.

kubectl get configmap <name> -n <namespace> -o yaml

View ConfigMap content in YAML form.

Use when debugging missing or malformed config values.

kubectl get secret -A

List Secret resources across namespaces.

Use to verify secret presence before pod startup.

kubectl get secret <name> -n <namespace> -o json

Fetch raw secret JSON with base64-encoded data fields.

Use to inspect expected secret keys.

kubectl get secret <name> -n <namespace> -o jsonpath='{.data.<key>}' | base64 --decode

Decode one secret key value for verification.

Use when checking credential or config mismatch issues.

kubectl get jobs -A

List all Job resources.

Use to monitor one-off batch runs.

kubectl describe job <job-name> -n <namespace>

Inspect job execution state and pod references.

Use for failed job diagnostics.

kubectl get cronjob -A

List all CronJob schedules.

Use for scheduled workload inventory.

kubectl describe cronjob <cronjob-name> -n <namespace>

Inspect schedule, concurrency policy, and job history.

Use when scheduled jobs run late or overlap.

kubectl create job --from=cronjob/<cronjob-name> <manual-job-name> -n <namespace>

Trigger an immediate ad-hoc run from a CronJob template.

Use for manual execution during incident response.

kubectl get statefulset -A

List StatefulSets and ready replicas.

Use for persistent workload status checks.

kubectl rollout status statefulset/<name> -n <namespace>

Watch StatefulSet rollout progression.

Use after config or image updates.

kubectl get daemonset -A

List DaemonSets running on cluster nodes.

Use to verify node-level agent coverage.

kubectl describe daemonset <name> -n <namespace>

Inspect desired/current node scheduling and events.

Use when node-level components are missing on some nodes.

kubectl get hpa -A

List horizontal pod autoscalers and target metrics.

Use to validate autoscaling rules and current behavior.

kubectl get crd

List all CustomResourceDefinition objects.

Use to inventory installed CRDs in the cluster.

kubectl api-resources --api-group=<group-name>

List available resources for a specific API group.

Use to identify CRD plural names and short names.

kubectl get <crd-plural> -A

List all custom resources for a CRD kind.

Use for controller state overview.

kubectl describe <crd-plural> <resource-name> -n <namespace>

Inspect one custom resource and related events.

Use when CRD reconciliation is failing.

kubectl get <crd-plural> <resource-name> -n <namespace> -o yaml

View full CRD object spec and status.

Use for debugging status conditions and observed generation.

kubectl explain <crd-plural>.spec

Show field documentation for CRD spec schema.

Use while authoring or reviewing CR manifests.

kubectl get certificates -A

Example: list cert-manager Certificate resources.

Use when TLS issuance is managed by cert-manager.

kubectl get rollouts -A

Example: list Argo Rollouts resources.

Use when progressive delivery is managed by Argo Rollouts.