Plugins
krew
Available krew cmds:
kubectl krew
Show krew version:
kubectl krew version
Upgrade krew (next to other plugins):
kubectl krew upgrade
Krew plugins home: ~/.krew/
List all plugins:
kubectl plugin list
or
kubectl krew list
Useful plugins
Security
- Kubesec_scan
- kubectl-doctor
- scan your currently targeted k8s cluster to see if there are anomalies or useful action points that it can report back to you.
- Last commit 2022-02
Secrets
- view_secret (see
./secrets.md) - No Plugin: kubectl-no-mask AUR package kubectl patched to skip secret mask
cert-manager
Install:
krew install cert-manager
Check API: kubectl cert-manager check api
Status of cert:
kc -n varac get cert
kubectl cert-manager -n varac status certificate www.varac.net-tls
Inspect TLS secret:
kc -n varac get secret | grep tls
kubectl cert-manager -n varac inspect secret www.varac.net-tls
RBAC / Privileges
- rakkess Show an access matrix for k8s server resources
- who-can
kubectl auth can-iis a builtin kubectrl cmd
Node management
- kubectl-node-shell Exec into node via kubectl
Volumes
- kubectl-df-pv
- A kubectl plugin to see df for persistent volumes
- Last commit 2021-07 :/
- kubectl-unused-volumes
Resources
- kubectl-tree
- kubectl-split-yaml Split Kubernetes YAML output into one file per resource
- kubectl-neat Clean up Kubernetes
yaml and json output to make it readable
kubectl-neat-diffDe-clutter your kubectl diff output usingkubectl-neat
- kubectl-convert-bin allows you to convert manifests between different API versions
ketall / get-all
View all (really all) resources.
Innstall:
kubectl krew install get-all
Query:
kubectl get-all | grep -i prometheus-stack
Delete all matching resources:
kubectl get-all | grep -i prometheus-stack > /tmp/res
grep ' oas ' /tmp/res | cut -f1 -d' ' | xargs kubectl -n oas delete
Multi-cluster
- kubectl-mc Run kubectl commands against multiple clusters at once Usaage examples
Show all PVCs:
kubectl mc -r 'unifi.*(dev|qa|test)' -n victoriametrics get pvc`
Show all controlplane versions:
kubectl mc -r 'unifi.*' version -o json | jq '.[].serverVersion.gitVersion'
Show all node versions:
kubectl mc -r 'unifi.*' get node