Kubernetes Troubleshooting Cheat Sheet

Kubernetes•Permalink

Debugging, inspection, RBAC checks, rollout failures, node health, and maintenance-oriented kubectl workflows.

View

Standard Detailed Compact

Export

Copy the compact sheet, download it, or print it.

Download

`D` dense toggle · `C` copy all

## Inspection and Deep Queries

Custom columns output

↗#

kubectl get pods -n payments -o custom-columns=NAME:.metadata.name,PHASE:.status.phase,NODE:.spec.nodeName,IP:.status.podIP

# Render table output with selected fields.

Get JSON output

↗#

kubectl get deployment web -n payments -o json

# Dump a resource as JSON.

Get YAML output

↗#

kubectl get deployment web -n payments -o yaml

# Dump a resource as YAML.

Sort resources

↗#

kubectl get pods -n payments --sort-by=.status.startTime

# Sort list output by a JSONPath-like field.

Field selector filter

↗#

kubectl get pods -A --field-selector=status.phase!=Running

# Filter server-side using field selectors.

Label selector filter

↗#

kubectl get pods -n payments -l 'app=web,component=api'

# Filter resources using labels.

Machine-friendly output

↗#

kubectl get pods -n payments --no-headers

# Suppress table headers for scripting.

Get resource names only

↗#

kubectl get pods -n payments -o name

# Return resource identifiers only.

## Debugging Pods and Containers

Debug node with ephemeral pod

↗#

kubectl debug node/worker-02 -it --image=busybox:1.36

# Launch a debugging pod on a node.

Debug pod by copying it

↗#

kubectl debug web-abc123 -n payments --copy-to=web-debug --container=web -- sh

# Create a debug copy of a pod.

Add ephemeral debug container

↗#

kubectl debug -it web-abc123 -n payments --image=nicolaka/netshoot --target=web

# Inject an ephemeral debug container into a running pod.

Check RBAC permission

↗#

kubectl auth can-i create deployments -n payments

# Ask the API server whether an action is allowed.

Check permission as another identity

↗#

kubectl auth can-i get secrets -n payments --as=system:serviceaccount:payments:web

# Test RBAC from another subject's perspective.

Show pod conditions

↗#

kubectl get pod web-abc123 -n payments -o jsonpath='{range .status.conditions[*]}{.type}{"="}{.status}{"
"}{end}'

# Print pod condition states.

Describe failed pods by selector

↗#

kubectl describe pods -n payments -l app=worker

# Inspect all matching pods for failure clues.

## Rollout and Scheduling Failures

List pending pods

↗#

kubectl get pods -A --field-selector=status.phase=Pending

# Find pods waiting to schedule or start.

Describe pending pod

↗#

kubectl describe pod pending-pod -n payments

# Look for failed scheduling and image pull events.

Show node conditions

↗#

kubectl get nodes -o custom-columns=NAME:.metadata.name,READY:.status.conditions[?(@.type=="Ready")].status,MEMORYPRESSURE:.status.conditions[?(@.type=="MemoryPressure")].status,DISKPRESSURE:.status.conditions[?(@.type=="DiskPressure")].status

# Check high-level node health indicators.

Pause deployment rollout

↗#

kubectl rollout pause deployment/web -n payments

# Temporarily pause a deployment rollout.

Resume deployment rollout

↗#

kubectl rollout resume deployment/web -n payments

# Resume a paused deployment rollout.

List PodDisruptionBudgets

↗#

kubectl get pdb -A

# Show PodDisruptionBudgets.

Describe PodDisruptionBudget

↗#

kubectl describe pdb web -n payments

# Inspect disruption constraints that may block eviction.

## Cluster Maintenance and Cleanup

Delete evicted pods

↗#

kubectl get pods -A --field-selector=status.phase=Failed | grep Evicted | awk '{print $1, $2}'

# Pattern to find evicted pods for cleanup.

Delete completed jobs

↗#

kubectl delete jobs -n ops --field-selector=status.successful=1

# Clean up successful Jobs when appropriate.

Inspect finalizers

↗#

kubectl get namespace stuck-ns -o jsonpath='{.spec.finalizers}'

# See whether finalizers are blocking deletion.

Call API server health endpoint

↗#

kubectl get --raw='/healthz?verbose'

# Read API server health information.

Call API server ready endpoint

↗#

kubectl get --raw='/readyz?verbose'

# Read API server readiness information.

Get component statuses (legacy)

↗#

kubectl get componentstatuses

# Legacy command seen on older clusters; modern clusters rely on health endpoints and metrics.

More in Kubernetes

kubeadm Cheat Sheet

Bootstrap, join, cert, kubeconfig, reset, phase, image, and upgrade commands for kubeadm-managed clusters.

Kubernetes JSONPath and Kustomize Cheat Sheet

JSONPath recipes, custom output patterns, jq/yq workflows, and Kustomize commands supported by kubectl.

Kubernetes Networking, Storage, and Config Cheat Sheet

Services, ingress, EndpointSlices, network policies, PVCs, PVs, storage classes, ConfigMaps, Secrets, and nodes.

Kubernetes Workloads Cheat Sheet

Deployments, StatefulSets, DaemonSets, Jobs, CronJobs, autoscaling, rollouts, and workload maintenance.

Kubernetes & kubectl Cheat Sheet

Comprehensive kubectl commands for contexts, resources, apply flows, creation, deletion, logs, and cluster introspection.

Recommended next

Terraform Troubleshooting and Migration Cheat Sheet

TERRAFORM

Commands and patterns for debugging, upgrades, migration, and state repair in Terraform.

Terraform HCP Remote and CI Cheat Sheet

TERRAFORM

Commands and snippets for HCP Terraform remote runs, CLI auth, automation, and CI-friendly usage.

Terraform Language Patterns Cheat Sheet

TERRAFORM

High-value HCL patterns for variables, locals, outputs, loops, conditionals, dynamic blocks, and data shaping.

Terraform Modules and Providers Cheat Sheet

TERRAFORM

Commands and snippets for modules, providers, version constraints, registry access, and dependency management.

Terraform Workspaces and State Cheat Sheet

TERRAFORM

Manage Terraform CLI workspaces, local and remote state, imports, and state surgery commands.

Terraform CLI Cheat Sheet

TERRAFORM

Core Terraform CLI commands for init, plan, apply, state, output, variables, workspaces, and automation.

Browse all sheets →