Before you begin You must use a kubectl version that is within one minor version difference of your cluster. For example, a v1.25 client can communicate with v1.24, v1.25, and v1.26 control planes. Using the latest compatible version of kubectl helps avoid unforeseen issues. Install kubectl on Windows The following methods exist for installing kubectl on Windows: Install kubectl binary with curl on Windows Install on Windows using Chocolatey, Scoop, or Winget Install kubectl binary with curl on Windows Download the latest release v1.

A model for thinking about Kubernetes security in the context of Cloud Native security.

FEATURE STATE: Kubernetes v1.14 [beta] kube-scheduler is the Kubernetes default scheduler. It is responsible for placement of Pods on Nodes in a cluster. Nodes in a cluster that meet the scheduling requirements of a Pod are called feasible Nodes for the Pod. The scheduler finds feasible Nodes for a Pod and then runs a set of functions to score the feasible Nodes, picking a Node with the highest score among the feasible ones to run the Pod.

This page outlines steps to find out what container runtime the nodes in your cluster use. Depending on the way you run your cluster, the container runtime for the nodes may have been pre-configured or you need to configure it. If you're using a managed Kubernetes service, there might be vendor-specific ways to check what container runtime is configured for the nodes. The method described on this page should work whenever the execution of kubectl is allowed.

Debugging common cluster issues.

This page describes the CoreDNS upgrade process and how to install CoreDNS instead of kube-dns. Before you begin You need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster. It is recommended to run this tutorial on a cluster with at least two nodes that are not acting as control plane hosts. If you do not already have a cluster, you can create one by using minikube or you can use one of these Kubernetes playgrounds:

This example demonstrates how to limit the amount of storage consumed in a namespace. The following resources are used in the demonstration: ResourceQuota, LimitRange, and PersistentVolumeClaim. Before you begin You need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster. It is recommended to run this tutorial on a cluster with at least two nodes that are not acting as control plane hosts.

FEATURE STATE: Kubernetes v1.19 [stable] Seccomp stands for secure computing mode and has been a feature of the Linux kernel since version 2.6.12. It can be used to sandbox the privileges of a process, restricting the calls it is able to make from userspace into the kernel. Kubernetes lets you automatically apply seccomp profiles loaded onto a node to your Pods and containers. Identifying the privileges required for your workloads can be difficult.

Explore Your App Viewing Pods and Nodes Interactive Tutorial - Exploring Your App Feedback Was this page helpful? Yes...

The Kubernetes API lets you query and manipulate the state of objects in Kubernetes. The core of Kubernetes' control plane is the API server and the HTTP API that it exposes. Users, the different parts of your cluster, and external components all communicate with one another through the API server.