I am getting error while copying the kubernetes secret from one namespace to another:
kubectl get secret secret1 --namespace=test --export -o=yaml | kubectl apply --namespace=test1 -f -
Error: unknown flag: --export
See 'kubectl get --help' for usage.
error: no objects passed to apply
--export option has been deprecated in version 1.14 and removed in version 1.18. If you are using kubernetes version 1.18 or above, you can try using below command (using sed) to copy secret from one namespace to other.
kubectl get secret secret1 --namespace=test -o yaml | sed 's/namespace: test/namespace: test1/g' | kubectl create -f -
Thanks,
Export is deprecated in latest version of Openshift. We can directly do it like below in openshift. Replace oc with kubectl if you are in kubernates.
oc get virtualservices --all-namespaces -o yaml > project.yaml --> for all namespaces
oc get virtualservices -n <your-namespace>-all-namespaces -o yaml > project.yaml
Actually you should be good just without --export
This command works for me to copy secret between contexts:
kubectl get secret <secret> --context <context_1> -o yaml | kubectl apply --context <context_2> -f -
When I use the kubectl run command instead of creating a deployment it creates a pod/selenium-node-chrome and as a result, I am unable to scale the selenium-node-chrome using the replicas command.
PS C:\Users\Test> kubectl run selenium-node-chrome --image selenium/node-chrome:latest --env="HUB_PORT_4444_TCP_ADDR=selenium-hub" --env="HUB_PORT_4444_TCP_PORT=4444"
pod/selenium-node-chrome created
PS C:\Users\Test> kubectl scale deployment selenium-node-chrome --replicas=5
Error from server (NotFound): deployments.extensions "selenium-node-chrome" not found
The video tutorial that I followed successfully created deployment "selenium-node-chrome" after running the same command. Please I need help and I am new to Kubernetes. Thanks.
You should use a generator
kubectl run selenium-node-chrome \
--image selenium/node-chrome:latest \
--env="HUB_PORT_4444_TCP_ADDR=selenium-hub" \
--env="HUB_PORT_4444_TCP_PORT=4444" \
--generator=deployment/apps.v1beta1
https://v1-17.docs.kubernetes.io/docs/reference/kubectl/conventions/#generators
All generators are deprecated in Kubernetes version 1.18. From the docs here
Note: All kubectl generators are deprecated. See the Kubernetes v1.17
documentation for a list of generators and how they were used.
You can use kubectl create deployment my-dep --image=busybox to create a deployment.
Also to create a yaml file use kubectl create deployment my-dep --image=busybox --dry-run=client -o yaml > deployment.yaml and then edit the yaml file to add env or any other details and apply the yaml via kubectl apply -f deployment.yaml
I was wondering if there is an easier way to create daemonsets in k8s other than yaml files.
For eg, for pods we have kubectl run --generator=run-pod/v1 command. I was wondering if there is something similar for DS.
Thanks in advance.
There is no such quick kubectl create type command for creating daemonsets. But you can do it in some other way.
One way to do this is:
$ kubectl create deploy nginx --image=nginx --dry-run=client -o yaml | \
sed '/null\|{}\|replicas/d;/status/,$d;s/Deployment/DaemonSet/g' > nginx-ds.yaml
$ kubectl apply -f nginx-ds.yaml
If you don't want to save the yaml data to any file, here's how you can do this:
$ kubectl create deploy nginx --image=nginx --dry-run=client -o yaml | \
sed '/null\|{}\|replicas/d;/status/,$d;s/Deployment/DaemonSet/g' | \
kubectl apply -f -
You have your daemonset now.
What we are doing here is: at first we're creating a deployment yaml and then replacing kind: Deployment with kind: DaemonSet and remove replicas: 1 from the deployment yaml.
Thats's how we get yaml for daemonset.
You can access Kubernetes Documentation for DaemonSets. You could use the link and get examples of DaemonSet yaml files. However there is no way you could create a Daemonset by imperative way. You could create a deployment specification and change the deployment specification to DaemonSet specification. You need to change the kind to Daemonset, remove strategy, replicas and status fields. That would do.
I installed istio using these commands:
VERSION = 1.0.5
GCP = gcloud
K8S = kubectl
#$(K8S) apply -f istio-$(VERSION)/install/kubernetes/helm/istio/templates/crds.yaml
#$(K8S) apply -f istio-$(VERSION)/install/kubernetes/istio-demo-auth.yaml
#$(K8S) get pods -n istio-system
#$(K8S) label namespace default istio-injection=enabled
#$(K8S) get svc istio-ingressgateway -n istio-system
Now, how do I completely uninstall it including all containers/ingress/egress etc (everthing installed by istio-demo-auth.yaml?
Thanks.
If you used istioctl, it's pretty easy:
istioctl x uninstall --purge
Of course, it would be easier if that command were listed in istioctl --help...
Reference: https://istio.io/latest/docs/setup/install/istioctl/#uninstall-istio
Based on their documentation here, you can generate all specs as yml file then pipe it to simple kubectl's delete operation
istioctl manifest generate <your original installation options> | kubectl delete -f -
here's an example:
istioctl manifest generate --set profile=default | kubectl delete -f -
A drawback of this approach though is to remember all options you have used when you installed istio which might be quite hard to remember especially if you enabled specific components.
If you have installed istio using helm's chart, you can uninstall it easily
First, list all installed charts:
helm list -n istio-system
NAME NAMESPACE REVISION UPDATED STATUS
istiod istio-system 1 2020-03-07 15:01:56.141094 -0500 EST deployed
and then delete/uninstall the chart using the following syntax:
helm delete -n istio-system --purge istio-system
helm delete -n istio-system --purge istio-init
...
Check their website for more information on how to do this.
If you already installed istio using istioctl or helm in its own separate namespace, you can easily delete completely that namespace which will in turn delete all resources created inside it.
kubectl delete namespace istio-system
Just run kubectl delete for the files you applied.
kubectl delete -f istio-$(VERSION)/install/kubernetes/istio-demo-auth.yaml
You can find this in docs as well.
If you have installed it as described, then you will need to delete it in the same way.
kubectl delete -f istio-$(VERSION)/install/kubernetes/helm/istio/templates/crds.yaml
kubectl delete -f istio-$(VERSION)/install/kubernetes/istio-demo-auth.yaml
Then you would manually delete the folder, and istioctl, if you moved to anywhere.
IMPORTANT: Deleting a namespace is super comfortable to clean up, but you can't do it for all scenarios. In this situation, if you delete the namespace only, you are leaving all the permissions and credentials intact. Now, say you want to update Istio, and Istio team has made some security changes in their RBAC rules, but has not changed the name of the object. You would deploy the new yaml file, and it will throw an error saying the object (for example clusterrolebinding) already exists. If you don't pay attention to what that error was, you can end up with the worse type of errors (when there are no error, but something goes wrong).
Cleaning up Istio is a bit tricky, because of all the things it adds: CustomResourceDefinitions, ConfigMaps, MutatingWebhookConfigurations, etc. Just deleting the istio-system namespace is not sufficient. The safest bet is to use the uninstall instructions from istio.io for the method you used to install.
Kubectl: https://istio.io/docs/setup/kubernetes/install/kubernetes/#uninstall
Helm: https://istio.io/docs/setup/kubernetes/install/helm/#uninstall
When performing these steps, use the version of Istio you are attempting to remove. So if you are trying to remove Istio 1.0.2, grab that release from istio.io.
Don't forget to disable the injection:
kubectl delete -f istio-$(VERSION)/install/kubernetes/helm/istio/templates/crds.yaml
kubectl delete -f istio-$(VERSION)/install/kubernetes/istio-demo-auth.yaml
kubectl label default your-namespace istio-injection=disabled
Using the profile you used in installation, demo for example, run the following command
istioctl manifest generate --set profile=demo | kubectl delete -f -
After normal istio uninstall (depending on the way istio was installed by helm or istioctl) following steps can be performed
Check if anything still exists in the istio-system namespace, if exists then delete manually, also remove the istio-system namespace
Check if there is a sidecar associated with any pod (sometimes sidecars not get cleaned up in case of failed uninstallation)
kubectl get pods -o=jsonpath='{range .items[*]}{.metadata.name}{"\t"}{.metadata.namespace}{"\t"}{..image}{"\n\n"}{end}' -A | grep 'istio/proxyv' | grep -v istio-system
Get the CRD that is still in use and remove associated resources
kubectl get crds | grep 'istio.io' | cut -f1-1 -d "." | xargs -n1 -I{} bash -c " echo {} && kubectl get --all-namespaces {} -o wide && echo -e '---'"
Delete all the CRD
kubectl get crds | grep 'istio.io' | xargs -n1 -I{} sh -c "kubectl delete crd {}"
Edit the labels back (optional)
kubectl label default <namespace name> istio-injection=disabled
Just delete the ns
k delete ns istio-system
Deleting CRDs without needing to find the helm charts:
kubectl delete crd -l chart=istio
Hi if you installated via helm-template you can use these commands :
For CRD's:
$ helm template ${ISTIO_BASE_DIR}/install/kubernetes/helm/istio-init --name istio-init --namespace istio-system | kubectl delete -f -
$ kubectl delete crd $(kubectl get crd |grep istio)
For Deployment/NS..etc other resources:
$ helm template install/kubernetes/helm/istio --name istio --namespace istio-system\
--values install/kubernetes/helm/istio/values-istio-demo.yaml \
--set global.controlPlaneSecurityEnabled=true \
--set global.mtls.enabled=true | kubectl delete -f -
I am trying to deploy my app to Kubernetes running in Google Container
Engine.
The app can be found at: https://github.com/Industrial/docker-znc.
The Dockerfile is built into an image on Google Container Registry.
I have deployed the app in Kubernetes via the + button. I don't have the YAML
for this.
I have inserted a Secret in Kubernetes for the PEM file required by the app.
How do I get the YAML for the Deployment, Service and Pod created by
Kubernetes by filling in the form?
How do I get the Secret into my Pod for usage?
To get the yaml for a deployment (service, pod, secret, etc):
kubectl get deploy deploymentname -o yaml
How do I get the YAML for the Deployment, Service and Pod created by
Kubernetes by filling in the form?
kubectl get deployment,service,pod yourapp -o yaml --export
Answering #Sinaesthetic question:
any idea how to do it for the full cluster (all deployments)?
kubectl get deploy --all-namespaces -o yaml --export
The problem with this method is that export doesn't include the namespace. So if you want to export many resources at the same time, I recommend doing it per namespace:
kubectl get deploy,sts,svc,configmap,secret -n default -o yaml --export > default.yaml
Unfortunately kubernetes still doesn't support a true get all command, so you need to list manually the type of resources you want to export. You can get a list of resource types with
kubectl api-resources
The same issue is discussed at kubernetes GitHub issues page and the user "alahijani" made a bash script that exports all yaml and writes them to single files and folders.
Since this question ranks well on Google and since I found that solution very good, I represent it here.
Bash script exporting yaml to sub-folders:
for n in $(kubectl get -o=name pvc,configmap,serviceaccount,secret,ingress,service,deployment,statefulset,hpa,job,cronjob)
do
mkdir -p $(dirname $n)
kubectl get -o=yaml --export $n > $n.yaml
done
Another user "acondrat" made a script that do not use directories, which makes it easy to make a kubectl apply -f later.
Bash script exporting yaml to current folder:
for n in $(kubectl get -o=name pvc,configmap,ingress,service,secret,deployment,statefulset,hpa,job,cronjob | grep -v 'secret/default-token')
do
kubectl get -o=yaml --export $n > $(dirname $n)_$(basename $n).yaml
done
The last script does not include service account.
Now that --export is deprecated, to get the output from your resources in the 'original' format (just cleaned up, without any information about the current object state (unnecessary metadata in this circumstance)) you can do the following using yq v4.x:
kubectl get <resource> -n <namespace> <resource-name> -o yaml \
| yq eval 'del(.metadata.resourceVersion, .metadata.uid, .metadata.annotations, .metadata.creationTimestamp, .metadata.selfLink, .metadata.managedFields)' -
Syntax for downloading yaml's from kubernetes
kubectl get [resource type] -n [namespace] [resource Name] -o yaml > [New file name]
Create yaml file from running pod:
kubectl get po -n nginx nginx-deployment-755cfc7dcf-5s7j8 -o yaml > podDetail.yaml
Create replicaset yaml file from running pod:
kubectl get rs -n nginx -o yaml > latestReplicaSet.yaml
Create deployement yaml file from running pod:
kubectl get deploy -n nginx -o yaml > latestDeployement.yaml
Also its possible to use the view-last-applied command e.g.
kubectl apply view-last-applied services --all > services.yaml
which will return all the manifests applied to create services. Also you can specify a certain k8 resource by services/resource-name label.
If you need to get 'clean' export, removing the annotations added by Kubernetes, there's an opensource project that does that by piping the output of kubectl get - https://github.com/itaysk/kubectl-neat.
It removes the timestamp metadata, etc.
kubectl get pod mypod -o yaml | kubectl neat
kubectl get pod mypod -oyaml | kubectl neat -o json
Use this command to get yaml format of your service
kubectl get service servicename -n <namespace> -o yaml
You can put it in some file also
kubectl get service servicename -n <namespace> -o yaml > service.yaml
The following code will extract all your K8s definitions at once and place them on individual folders below the current folder.
for OBJ in $(kubectl api-resources --verbs=list --namespaced -o name)
do
for DEF in $(kubectl get --show-kind --ignore-not-found $OBJ -o name)
do
mkdir -p $(dirname $DEF)
kubectl get $DEF -o yaml \
| yq eval 'del(.metadata.resourceVersion, .metadata.uid, .metadata.annotations, .metadata.creationTimestamp, .metadata.selfLink, .metadata.managedFields)' - > $DEF.yaml
done
done
You can store output of deployed kubernetes service by using below command -
kubectl get svc -n -o yaml > svc-output.yaml
For deployments -
kubectl get deploy <deployment-name> -n <your-namespace> -o yaml > deploy-output.yaml
For Pod -
kubectl get pod <pod-name> -n <your-namespace> -o yaml > pod-output.yaml
You can get your secret details using below command -
kubectl get secret -n -o yaml
In order to use update your deployment file by using below command -
kubectl edit deploy -n
Under your pod template add below -
this will go under pod containers section to mount secret volume to container
volumeMounts:
- name: foo
mountPath: "/etc/foo"
readOnly: true
this will go inside your pod template section in deployment
volumes:
- name: foo
secret:
secretName: mysecret
for the 2nd question regarding the secret, this is from the k8s documentation. see https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets for more info.
Create a secret or use an existing one. Multiple pods can reference the same secret.
Modify your Pod definition to add a volume under spec.volumes[]. Name the volume anything, and have a spec.volumes[].secret.secretName field equal to the name of the secret object.
Add a spec.containers[].volumeMounts[] to each container that needs the secret. Specify spec.containers[].volumeMounts[].readOnly = true and spec.containers[].volumeMounts[].mountPath to an unused directory name where you would like the secrets to appear.
Modify your image and/or command line so that the program looks for files in that directory. Each key in the secret data map becomes the filename under mountPath.
I have used this and it works fine.
Like mentioned above "--export" is one option to get the manifest corresponding to the kubeernetes objects
But "--export" is considered to be buggy and there is a proposal to deprecate it
Currently the better option is to do "-o yaml" or "-o json" and remove the unnecessary fields
The main difference is "--export" is expected to remove the cluster specific settings (e.g. cluster service IP of a k8s service). But it is found to be inconsistent in this regard
All services
kubectl get service --all-namespaces -o yaml > all-service.yaml
All deployments
kubectl get deploy --all-namespaces -o yaml > all-deployment.yaml
We can get the contents associated with any kind from a Kubernetes cluster through the command line if you have the read access.
kubectl get <kind> <kindname> -n <namespace> -o <yaml or json>
For example, if you want to export a deployment from a namespace follow the below command -
kubectl get deploy mydeploy -n mynamespace -o yaml > mydeploy.yaml
kubectl get deploy mydeploy -n mynamespace -o json > mydeploy.json
To get all yaml file deployments backup (not a specific deployment):
kubectl get deployments -n <namespace> -o yaml > deployments.yaml
for getting all yaml file services backup (not a specific deployment):
kubectl get services -n <namespace> -o yaml > services.yaml
enjoy it.
To get YAML for current running deployment on kubernetes, you can run this command:
kubectl get deployment <deployment_name> -o yaml
To generate YAML for deployment you can run the imperative command.
kubectl create deployment <deployment_name>--image=<image_name> -o yaml
To generate and export the deployment you can run the imperative command.
kubectl create deployment <deployment_name>--image=<image_name> --dry-run=client -o yaml > example.yaml
kubectl -n <namespace> get <resource type> <resource Name> -o yaml
With the command above, any resource defined in Kubernetes can be exported in YAML format.
You can try use kube-dump bash script
With this utility, you can save Kubernetes cluster resources as a pure yaml manifest without unnecessary metadata.
GitHub repository
Review of the utility in blog page
We can get yaml for deployed resources using below command.
kubectl get <resource name> -o yaml
OR
kubectl get <resource name> <name of pod> -o yaml
example:-
kubectl get deploy Nginx -o yaml
above commands will give you yaml output.
if you want to store the output into any file you can use below command.
kubectl get pod nginx -o yaml > Nginx-pod.yaml
above command will redirect you output to Nginx-pod.yaml in your courrent directory.
If you need to view and edit the file use:
kubectl edit service servicename
You can get the yaml files of the resources using this command
kubectl -n <namespace> get <resource type> <resource Name> -o yaml
To get the secret into your pod,
use something like this
env
- valueFrom
secretKeyRef:
name: secret_name
key: key_name
or
envFrom
- secretRef:
name: secret_name
Is only minor difference from #Janos Lenart's answer!
kubectl get deploy deploymentname -o yaml > outputFile.yaml will do
I know it is too old to answer, but hopefully, someone will find it helpful.
We can try below command to fetch a kind export from all namespace -
kubectl get <kind> --all-namespaces --export -o yaml