k run mypod --image=nginx $do> pod.yaml
k create deploy myapp --image=nginx --replicas=3$do> deploy.yaml
k create job myjob --image=busybox $do -- echo hi > job.yaml
k create cronjob mycj --schedule="*/1 * * * *"--image=busybox $do -- echo hi > cj.yaml
k create cm myconfig --from-literal=key=val $do
k create secret generic mysecret --from-literal=pwd=s3cre!$do
k expose deploy myapp --port=80 --target-port=8080$do
In-exam API reference (use kubectl explain)
k explain pod.spec.containers.resources
k explain pod.spec.securityContext
k explain networkpolicy.spec
k explain pvc.spec
k explain cronjob.spec.jobTemplate.spec.template.spec
Core resource shortcuts
Resource
Short
pods
po
replicasets
rs
deployments
deploy
services
svc
namespaces
ns
networkpolicies
netpol
persistentvolumes
pv
persistentvolumeclaims
pvc
serviceaccounts
sa
configmaps
cm
horizontalpodautoscalers
hpa
ingresses
ing
nodes
no
Most-used one-liners
# Set namespace for session
k config set-context --current--namespace=<ns># Delete fast (exam only)
k delete pod mypod $now# Debug: run throwaway pod
k run bb --image=busybox:1.36.1 --rm-it--restart=Never -- sh# Debug: test Service/DNS from inside cluster (same namespace)
k run debug-pod -n<ns>--image=busybox:latest --restart=Never -it--rm -- \wget -qO- http://backend-svc.<ns>.svc.cluster.local
# Ephemeral debug container (distroless)
k debug pod/mypod -it--image=busybox:1.36.1 --target=app
# Copy files to/from pod
k cp mypod:/etc/config/app.conf ./app.conf
k cp ./app.conf mypod:/tmp/app.conf
# Check events sorted by time
k get events --sort-by=.metadata.creationTimestamp -n<ns># Watch rollout
k rollout status deployment myapp --watch# Verify RBAC
k auth can-i list pods --as=system:serviceaccount:default:my-sa -n default
# Logs
k logs <pod>
k logs <pod>-c<container>
k logs <pod>--previous
k logs -lapp=myapp --all-containers=true
# JSONPath quick checks
k get deploy app -ojsonpath='{.spec.replicas}'
k get svc api-svc -ojsonpath='{.spec.selector}'
k get po -ojsonpath='{.items[*].status.podIP}'
Create commands by resource
# Pods / Deployments
k run app --image=nginx --port=8080--env=KEY=value
k create deploy app --image=nginx --replicas=3
k set image deploy/app app=nginx:1.25
k scale deploy app --replicas=5# Services / Ingress
k expose deploy app --port=80 --target-port=8080--name=app-svc
k create ingress app-ing --class=nginx --rule="app.example.com/*=app-svc:80"# Config / Secrets
k create cm cfg --from-literal=key=value --from-file=app.properties
k create secret generic sec --from-literal=user=admin --from-literal=pass=s3cr3t
# RBAC
k create sa reader
k create role pod-reader --verb=get,list,watch --resource=pods
k create rolebinding pod-reader-binding --role=pod-reader --serviceaccount=default:reader
k create clusterrole pod-lister --verb=list --resource=pods
k create clusterrolebinding app-reader-pods --clusterrole=pod-lister --serviceaccount=apps:app-reader
# Jobs
k create job backup --image=busybox -- sh-c'echo backup'
k create cronjob backup --image=busybox --schedule="0 2 * * *" -- sh-c'echo backup'
k create job backup-now --from=cronjob/backup
Inspect / debug flow
k get all -n<ns>
k get po --show-labels
k get svc -o wide
k get endpoints <svc>
k describe po <pod>
k describe svc <svc>
k get events -n<ns> --sort-by=.metadata.creationTimestamp
k explain deployment.spec.strategy
Muscle-memory drills
# Create + expose
k create deploy api --image=nginx --replicas=2$do| k apply -f -
k expose deploy api --port=8080 --target-port=80--name=api-svc
k get endpoints api-svc
# RBAC trio + verification
k create sa reader
k create role pod-reader --verb=get,list --resource=pods
k create rolebinding pod-reader-binding --role=pod-reader --serviceaccount=default:reader
k auth can-i get pods --as=system:serviceaccount:default:reader
# Crash debug
k describe po <pod>
k logs <pod>
k logs <pod>--previous