kubectl Reference — Top-Level Commands & Resources¶

Survival Rule¶

If you can't remember a command: k <thing> --help
If you can't remember a subcommand: k <thing> <subcommand> --help
If you don't know what fields a resource takes: k explain <resource>.<field>

Top-Level Commands¶

CRUD¶

Command	What it does
`get`	List resources
`describe`	Detailed info on a resource
`create`	Create from file or stdin
`apply`	Create or update (idempotent)
`delete`	Remove a resource
`edit`	Open resource in editor
`patch`	Partial update

Debugging¶

Command	What it does
`logs`	Container logs
`exec`	Run command inside container
`port-forward`	Tunnel pod/service port to localhost
`top`	CPU/memory usage (nodes or pods)
`events`	Cluster events (what happened recently)

Generation¶

Command	What it does
`run`	Create a pod
`expose`	Create a service from a resource
`scale`	Change replica count
`rollout`	Manage deployment rollouts (status, undo, history)

Discovery¶

Command	What it does
`explain`	Field definitions for any resource
`api-resources`	List all available resource types
`api-versions`	List all API versions

Config & Auth¶

Command	What it does
`config`	Manage kubeconfig (contexts, clusters, users)
`auth can-i`	Check RBAC permissions

Exam Aliases (set these immediately)¶

alias k=kubectl
export do="--dry-run=client -o yaml"
export now="--force --grace-period 0"

Top-Level Resources¶

Workloads¶

Resource	Short	What it is
`pod`	`po`	Smallest deployable unit
`deployment`	`deploy`	Manages ReplicaSets, rolling updates
`replicaset`	`rs`	Maintains N pod replicas
`statefulset`	`sts`	Pods with stable identity + storage
`daemonset`	`ds`	One pod per node
`job`		Run-to-completion workload
`cronjob`	`cj`	Scheduled job

Networking¶

Resource	Short	What it is
`service`	`svc`	Stable endpoint for pods
`ingress`	`ing`	HTTP routing into the cluster
`networkpolicy`	`netpol`	Firewall rules between pods
`endpoints`	`ep`	IP:port pairs behind a service

Config & Storage¶

Resource	Short	What it is
`configmap`	`cm`	Non-sensitive key/value config
`secret`		Sensitive data (base64 encoded)
`persistentvolume`	`pv`	Cluster-level storage resource
`persistentvolumeclaim`	`pvc`	Pod's request for storage
`storageclass`	`sc`	Dynamic provisioning rules

RBAC¶

Resource	Short	What it is
`serviceaccount`	`sa`	Identity for pods
`role`		Permissions within a namespace
`clusterrole`	`cr`	Permissions cluster-wide
`rolebinding`	`rb`	Binds role to subject in namespace
`clusterrolebinding`	`crb`	Binds clusterrole to subject cluster-wide

Cluster¶

Resource	Short	What it is
`node`	`no`	Worker/control plane node
`namespace`	`ns`	Logical cluster partition
`resourcequota`	`quota`	Limits on namespace resource usage
`limitrange`	`lr`	Default/max limits per pod/container

Quick Patterns¶

# Dump all resource types (exam fallback)
k api-resources

# What fields can I set on a pod?
k explain pod.spec

# Dry-run YAML generation
k run mypod --image=nginx $do

# Force delete a stuck pod
k delete pod mypod $now

# Check what you're allowed to do
k auth can-i create pods --namespace=default