Openshift/Kubernetes cheat sheet

Similar commands for Openshift and vanilla Kubernetes, main difference is to use “kubectl” instead of “oc”.

Service management

Scale a service

oc scale deploymentConfig REPLACE_ME --replicas=0

Scale all the services in a namespace except those whose name contain a word

oc get deploymentConfig | awk '{ if ($1 !~ /REPLACE_ME/) print $1, $3 }' | while read deploymentConfigName; do oc scale deploymentConfig $deploymentConfigName --replicas=0; done

Restart a service by redeploying the latest version

oc deploy REPLACE_DEPLOYMENT_CONFIG_NAME --latest
oc rollout latest dc/REPLACE_DEPLOYMENT_CONFIG_NAME -n REPLACE_NAMESPACE

Roll back to the last successful deployment

oc rollback REPLACE_APP_NAME -n REPLACE_NAMESPACE

Roll back to a specific version

oc rollback REPLACE_APP_NAME --to-version=REPLACE_VERSION -n REPLACE_NAMESPACE

Delete everything related to a service

oc delete all -l app=REPLACE_SERVICE
oc delete all,pvc,sa,secret,rolebindings -l app_name=REPLACE_SERVICE -n REPLACE_NAMESPACE

Pod interaction

Connect into a pod

oc exec -it REPLACE_POD_NAME bash

Copy files from a pod to local

oc rsync :/remote/dir/filename ./local/dir

Copy files from local to a pod

oc rsync ./local/dir :/remote/dir

Delete a stuck pod

oc delete pod REPLACE_POD_NAME --grace-period=0

Secret management

Create a secret

oc create secret generic REPLACE_SECRET_NAME --from-file=REPLACE_FILE_PATH

Download a list of secrets

It generates a file that can be easily be parsed to load the secrets into another cluster:

oc get secrets | grep 'REPLACE_SECRET_PREFIX' | awk '{print $1}' | while read a; do echo -n "$a,";oc extract secrets/$a ; done > temp.txt

Upload a list of secrets

while read line;do secretName=$(echo $line | awk -F',' '{print $1}');fileName=$(echo $line | awk -F',' '{print $2}');oc create secret generic $secretName --from-file=$fileName;done < temp.txt

Get the value of a specific secret

oc get secret secret_name -o yaml

Convert the secret value to base64

echo "REPLACE_TOKEN_VALUE" | base64 -d

User management

Add admin role to a user on a project

oc policy add-role-to-user admin REPLACE_USERNAME -n REPLACE_NAMESPACE

Add edit role to a user on a project

oc policy add-role-to-user edit REPLACE_USERNAME -n REPLACE_NAMESPACE

Add read-only role to a user on a project

oc policy add-role-to-user view REPLACE_USERNAME -n REPLACE_NAMESPACE

Remove a role from a user

oc policy remove-role-from-use {admin|edit|view} REPLACE_USERNAME -n REPLACE_NAMESPACE

Service account management

Create a service account

oc create sa REPLACE_ACCOUNT_NAME

Get details of a service account

To see its token names, etc:

oc describe sa REPLACE_ACCOUNT_NAME

Get all the service accounts in a project

oc get sa -n REPLACE_NAMESPACE

Other

Change a route’s max timeout

oc annotate route REPLACE_ROUTE_NAME --overwrite haproxy.router.openshift.io/timeout=2s

Openshift OC CLI commands list cheat sheet

https://confluence.almuk.santanderuk.corp/display/PDLOCALDEVELOPMENTUK/Openshift+commands+list

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>