Using kubectl The Command Line Tool
kubectl is the primary tool you use to talk to a Kubernetes cluster. Every action — creating resources, checking status, debugging problems, or deleting objects — goes through kubectl. Mastering it makes you effective at every stage of the Kubernetes learning journey.
How kubectl Communicates with the Cluster
kubectl does not talk to worker nodes directly. It sends requests to the API Server on the control plane. The API Server processes the request, updates etcd, and instructs the rest of the cluster. Your laptop just needs network access to the API Server's endpoint.
Your Laptop
kubectl command
↓
API Server (Control Plane)
↓
etcd / Scheduler / Controller
↓
Worker Nodes run your workloads
The kubeconfig File
kubectl reads a file called kubeconfig to know which cluster to connect to and what credentials to use. This file lives at ~/.kube/config by default. When you run minikube start, Minikube writes this file automatically. When you download credentials for a cloud cluster (GKE, EKS, AKS), the provider updates this file.
To see all clusters your kubectl knows about:
kubectl config get-contexts
To switch to a different cluster:
kubectl config use-context my-production-cluster
The kubectl Command Structure
Every kubectl command follows a consistent pattern:
kubectl [action] [resource-type] [resource-name] [flags]
Examples:
kubectl get pods kubectl get pods my-pod-name kubectl describe deployment my-app kubectl delete service my-service kubectl apply -f app.yaml
The Most Important kubectl Commands
Getting Resources
| Command | What It Shows |
|---|---|
kubectl get pods | All Pods in the current namespace |
kubectl get pods -A | All Pods in every namespace |
kubectl get deployments | All Deployments |
kubectl get services | All Services |
kubectl get nodes | All worker nodes and their status |
kubectl get all | Pods, Services, Deployments, and ReplicaSets together |
Describing Resources
kubectl describe gives you detailed information about one resource — events, labels, conditions, and configuration. This is your first debugging tool when something looks wrong.
kubectl describe pod my-pod-name kubectl describe node minikube
The events section at the bottom of the describe output often tells you exactly why a Pod failed to start.
Applying and Deleting Configurations
kubectl apply -f deployment.yaml # Create or update from a YAML file kubectl delete -f deployment.yaml # Delete what the YAML file describes kubectl delete pod my-pod # Delete one specific Pod
Viewing Logs
Container logs help you understand what your application is doing inside the Pod:
kubectl logs my-pod-name kubectl logs my-pod-name -f # Follow logs in real time kubectl logs my-pod-name --previous # Logs from a crashed container
Running Commands Inside a Container
Sometimes you need to open a shell inside a running container to inspect files, test network connectivity, or debug an issue:
kubectl exec -it my-pod-name -- /bin/sh kubectl exec my-pod-name -- ls /app
The -it flags make the session interactive with a terminal. This is the Kubernetes equivalent of SSH-ing into a server.
Port Forwarding
Port forwarding lets you access a Pod directly from your laptop without exposing a Service:
kubectl port-forward pod/my-pod-name 8080:80
Open http://localhost:8080 in your browser and you connect to port 80 inside the Pod. This is useful for testing and debugging without creating a Service.
Output Formats
kubectl returns plain text by default. You can request different formats for scripting or detailed inspection:
kubectl get pods -o wide # Extra columns: IP, node name kubectl get pods -o yaml # Full YAML definition of the resource kubectl get pods -o json # JSON format for scripting kubectl get pods -o name # Just the resource names (pod/name)
Labels and Selectors
Labels are key-value pairs you attach to resources. Selectors let you filter resources by label. Most kubectl commands support label selectors with the -l flag.
kubectl get pods -l app=frontend kubectl get pods -l environment=production,tier=backend
Editing Resources Live
You can open a resource directly in your terminal editor and edit it without touching any file:
kubectl edit deployment my-app
This opens the full YAML in your default editor. Save and close — Kubernetes applies the changes immediately. Use this carefully in production.
Watching Resources
The --watch flag keeps the output updated in real time, so you can monitor a deployment rolling out:
kubectl get pods --watch
Useful Shortcuts and Tips
| Tip | How To Use It |
|---|---|
| Short resource names | po = pods, svc = services, deploy = deployments, ns = namespaces |
| Set default namespace | kubectl config set-context --current --namespace=my-ns |
| Dry run (preview without applying) | kubectl apply -f app.yaml --dry-run=client |
| Generate YAML from a command | kubectl create deployment test --image=nginx --dry-run=client -o yaml |
Key Points
- kubectl talks to the API Server — it never reaches worker nodes directly.
- The kubeconfig file at
~/.kube/configstores cluster credentials and context. - Every command follows the pattern:
kubectl [action] [resource] [name] [flags]. kubectl describeandkubectl logsare your primary debugging tools.- Use
kubectl exec -itto open a shell inside a running container for live inspection.