DevOps Command Cheat Sheets

Search across kubectl, Docker, Terraform, Git, and Linux. Click any row to copy.

/

kubectl 21

kubectl get pods -n <namespace> List all pods in a namespace

kubectl get pods -A List all pods across all namespaces

kubectl describe pod <pod> Detailed info + events for a pod

kubectl logs <pod> -f Stream logs from a pod

kubectl logs <pod> -c <container> --previous Logs from previous (crashed) container

kubectl exec -it <pod> -- /bin/sh Interactive shell into a pod

kubectl apply -f manifest.yaml Apply or update a manifest

kubectl delete -f manifest.yaml Delete resources from a manifest

kubectl rollout restart deploy/<name> Rolling restart a deployment

kubectl rollout status deploy/<name> Watch rollout progress

kubectl rollout undo deploy/<name> Rollback to previous revision

kubectl scale deploy/<name> --replicas=5 Scale a deployment

kubectl top pods -n <namespace> CPU/Memory usage per pod

kubectl top nodes CPU/Memory usage per node

kubectl get events --sort-by=.lastTimestamp Recent cluster events

kubectl port-forward svc/<svc> 8080:80 Port-forward a service locally

kubectl get nodes -o wide Node list with IPs and roles

kubectl cordon <node> Mark node as unschedulable

kubectl drain <node> --ignore-daemonsets Evict pods from a node safely

kubectl config get-contexts List all kubeconfig contexts

kubectl config use-context <ctx> Switch active context

Docker 17

docker build -t myapp:latest . Build an image from Dockerfile

docker build --no-cache -t myapp:latest . Build without layer cache

docker run -d -p 8080:80 --name web myapp Run container in background

docker run -it --rm myapp /bin/sh Interactive one-off container

docker exec -it <id> /bin/bash Shell into running container

docker logs <id> -f --tail=100 Stream last 100 log lines

docker ps -a All containers (incl. stopped)

docker stop <id> && docker rm <id> Stop and remove a container

docker images | grep myapp Filter local images

docker rmi $(docker images -f dangling=true -q) Remove dangling images

docker system prune -af Wipe unused images, containers, volumes

docker push registry/myapp:tag Push image to a registry

docker pull registry/myapp:tag Pull image from a registry

docker inspect <id> | jq '.[0].NetworkSettings' Network config for a container

docker stats Live resource usage for all containers

docker compose up -d Start all services in background

docker compose down -v Stop and remove volumes

Terraform 16

terraform init Initialise working directory

terraform init -upgrade Upgrade provider plugins

terraform validate Validate configuration syntax

terraform fmt -recursive Auto-format all .tf files

terraform plan -out=tfplan Preview changes, save plan

terraform apply tfplan Apply a saved plan

terraform apply -auto-approve Apply without confirmation (CI)

terraform destroy -target=<resource> Destroy a specific resource

terraform state list List all resources in state

terraform state show <resource> Show state for one resource

terraform state rm <resource> Remove resource from state

terraform import <resource> <id> Import existing infra to state

terraform output -json Print all outputs as JSON

terraform workspace list List workspaces

terraform workspace new staging Create a new workspace

terraform graph | dot -Tsvg > graph.svg Visualise dependency graph

Git 16

git log --oneline --graph --all Visual branch history

git log -p --follow <file> Full diff history for a file

git diff main..HEAD Diff from main to current branch

git stash push -m 'wip: feature' Stash with a message

git stash pop Restore most recent stash

git cherry-pick <sha> Apply a specific commit

git rebase -i HEAD~5 Interactive rebase last 5 commits

git reset --soft HEAD~1 Undo last commit, keep changes staged

git restore --staged <file> Unstage a file

git bisect start && git bisect bad Start binary search for bug

git blame -L 20,40 <file> Who changed lines 20–40

git reflog History of HEAD movements

git tag -a v1.0.0 -m 'release' Annotated tag

git push origin --tags Push all local tags

git remote prune origin Remove stale remote-tracking branches

git clean -fdx Remove untracked files and dirs

Linux 16

ss -tlnp Listening TCP ports with process

lsof -i :8080 What process is using port 8080

ps aux --sort=-%cpu | head -15 Top CPU-consuming processes

df -h && du -sh /* Disk usage summary

free -m Memory usage in MB

iotop -oPb Disk I/O per process

tail -f /var/log/syslog Stream syslog

journalctl -u nginx -n 100 -f Systemd service logs (live)

systemctl restart nginx && systemctl status nginx Restart and check service

grep -rn 'ERROR' /var/log/ --include='*.log' Recursive grep across log files

find / -name '*.conf' -mtime -1 2>/dev/null Config files modified in last 24 h

curl -svo /dev/null https://example.com Verbose HTTP request (TLS debug)

netstat -rn Routing table

strace -p <pid> -e trace=open,read Trace syscalls of a process

tcpdump -i eth0 port 443 -w cap.pcap Capture HTTPS traffic to file

crontab -l | crontab -e View / edit crontab

Copied!