Why It Matters
Kubernetes nodes are Linux systems
You regularly inspect files under /etc, logs under /var/log, services managed by systemd, packages installed through apt, and permissions that decide what can run.
An interactive quick-grasp guide for file system work, users and permissions, services and logs, package management, shell history, and the Linux skills that show up constantly in Kubernetes labs.
kubelet, containerd, manifests, logs, packages, and troubleshooting on Ubuntu hosts.
You regularly inspect files under /etc, logs under /var/log, services managed by systemd, packages installed through apt, and permissions that decide what can run.
Prefer inspection commands like pwd, ls -l, cat, less, systemctl status, and journalctl before running edits or restarts.
Pod issue? Check manifests and events. Node issue? Check kubelet, containerd, disk, network, and package state on the host.
Use pwd, ls, and cd confidently before anything else.
Use cat, less, tail -f, and grep to inspect config and logs.
Learn sudo, id, groups, chmod, and chown.
Use systemctl and journalctl for kubelet and container runtime issues.
Use apt, ps, ss, df, and free when the node itself behaves badly.
man command or command --help to learn safelywhich and type to see what command will actually runhistory and Ctrl+r to reuse previous commandssudo -l to see what you are allowed to dohostnamectl, ip a, and ss -tulpn for host identity and network basics/etc/kubernetes/ for kubeadm-generated configuration/etc/kubernetes/manifests/ for static control plane Pod manifests/var/lib/kubelet/ for kubelet-managed state/etc/containerd/ for container runtime config/var/log/ for host logs and troubleshooting clues| Command | What It Does | Common Switches | Kubernetes-Flavored Example |
|---|---|---|---|
pwd |
Print the current working directory. | No common switch needed for basics. | pwd before editing manifests so you know which folder you are in. |
ls |
List files and directories. | -l detailed, -a hidden, -h human readable |
ls -lh /etc/kubernetes/manifests |
cd |
Change directory. | cd - previous directory, cd ~ home |
cd /etc/kubernetes when inspecting kubeadm-generated files. |
mkdir |
Create directories. | -p create parents too |
mkdir -p ~/k8s-labs/yaml |
cp |
Copy files or folders. | -r recursive, -p preserve metadata |
sudo cp /etc/kubernetes/admin.conf ~/.kube/config |
mv |
Move or rename files. | No major switch for basics | mv old.yaml deployment.yaml |
cat, less |
Read file contents. less is better for long files. |
less +G go to end |
less /etc/containerd/config.toml |
tail |
Show the end of a file, useful for logs. | -n 50 last 50 lines, -f follow live changes |
sudo tail -f /var/log/syslog during cluster setup. |
find |
Search for files by name, path, or type. | -name, -type f, -type d |
find /etc -name '*kubelet*' |
grep |
Search inside files for matching text. | -i ignore case, -n line numbers, -r recursive |
grep -n 'SystemdCgroup' /etc/containerd/config.toml |
du and df |
Inspect disk usage. | du -sh, df -h |
Check if image pulls fail because the node is full: df -h. |
tar |
Archive or extract file collections. | -czf create gzip archive, -xzf extract gzip archive |
Useful for packaging logs or manifests before sharing for support. |
cd /etc/kubernetes/manifests
pwd
ls -lh
less kube-apiserver.yaml
grep -n "advertise-address" kube-apiserver.yamlWhen you are new, start with cat, less, tail, grep, and find. That habit prevents accidental damage when you are only trying to understand the system.
whoami shows current usernameid shows UID, GID, and groupsgroups shows supplementary groupsgetent passwd username looks up user recordMany Kubernetes setup steps need root because they touch system packages, services, kernel settings, or protected directories like /etc/kubernetes and /var/lib/kubelet.
sudo elevates one commandUse sudo command when you need privilege for a specific action. Avoid staying in a root shell unless you truly need it.
| Command | What It Does | Common Switches | Example |
|---|---|---|---|
sudo |
Run one command with elevated privilege. | -l list allowed commands, -k forget cached credentials, -i login shell |
sudo systemctl restart kubelet |
chmod |
Change file mode bits. | Numeric modes like 644, 600, 755 |
chmod 600 ~/.kube/config |
chown |
Change file owner and group. | -R recursive |
sudo chown -R $USER:$USER ~/.kube |
useradd / adduser |
Create users. On Ubuntu, adduser is friendlier. |
--disabled-password, interactive prompts |
Create a demo user for shell practice. |
usermod |
Change user settings like group membership. | -aG append supplementary groups |
sudo usermod -aG sudo student |
history shows shell command historyhistory | grep sudo finds previous sudo commandsCtrl+r interactively searches command historyjournalctl _COMM=sudo or journalctl SYSLOG_IDENTIFIER=sudo can show sudo events when logged by the systemsudo -l shows what you are permitted to run644: owner can read/write, others read600: owner only, ideal for sensitive config755: executable directories and scripts777: almost never a good idea| Command | Purpose | Common Switches | Kubernetes Example |
|---|---|---|---|
systemctl status |
Check whether a service is active and recent log lines. | --no-pager easier output in scripts |
sudo systemctl status kubelet |
systemctl start|stop|restart |
Control service lifecycle. | No major switch for basics | sudo systemctl restart containerd |
systemctl enable |
Start service automatically at boot. | --now enable and start immediately |
sudo systemctl enable --now kubelet |
journalctl |
Read systemd journal logs. | -u unit, -xeu detailed errors, -f follow, -n 100 last lines |
sudo journalctl -u kubelet -n 100 --no-pager |
ps |
List running processes. | aux broad listing, -ef full format |
ps -ef | grep kubelet |
top |
Interactive process and CPU/memory view. | No major beginner switch | Check whether the node is under memory pressure during labs. |
ss |
Inspect listening sockets and connections. | -tulpn TCP/UDP listening with process names |
sudo ss -tulpn | grep 6443 for the API server port. |
kubectl is failing, think host-side toosudo systemctl status kubelet
sudo journalctl -u kubelet -xe --no-pager
sudo systemctl status containerd
sudo journalctl -u containerd -n 100 --no-pager
sudo ss -tulpn | grep 6443journalctl is often more useful than log filesOn Ubuntu systems using systemd, many service logs live in the journal rather than a plain file. If you keep searching only under /var/log, you may miss the real error.
| Command | Use | Common Switches | Example |
|---|---|---|---|
apt update |
Refresh package index metadata. | No common switch needed here | Run before installing kubeadm, kubelet, or kubectl. |
apt install |
Install packages. | -y answer yes automatically |
sudo apt install -y curl apt-transport-https ca-certificates |
apt remove |
Remove package but often keep config. | -y automatic yes |
Useful when rebuilding a training node cleanly. |
apt purge |
Remove package and config where applicable. | -y automatic yes |
Use carefully during reinstall or reset workflows. |
apt-cache policy |
See candidate version and source repositories. | No major switch for basics | apt-cache policy kubeadm |
hostnamectl |
Show or change host identity. | set-hostname |
hostnamectl before joining nodes to a cluster. |
ip a |
Show network interfaces and addresses. | No major switch for basics | Check the node IP used by kubelet. |
free -h |
Show memory usage. | -h human readable |
Helpful when Pods fail because the VM is too small. |
uname -a |
Show kernel and system identity. | No major switch for basics | Useful while checking compatibility and environment details. |
curl |
Make HTTP requests from the CLI. | -I headers, -k ignore TLS verification, -L follow redirects |
curl -k https://127.0.0.1:6443/version for API checks on a control plane node. |
sudo apt update
sudo apt install -y curl ca-certificates gnupg
apt-cache policy kubeadm
sudo apt install -y kubelet kubeadm kubectl
sudo systemctl enable --now kubeletwatch -n 2 command reruns a command every 2 secondstee writes output to screen and file at the same timexargs helps feed output into another command in bulkenv and printenv show environment variablesUse ls, less, and grep under /etc/kubernetes/manifests to understand how the API server, scheduler, and controller manager are launched.
sudo ls -lh /etc/kubernetes/manifests
sudo less /etc/kubernetes/manifests/kube-apiserver.yamlWhen Pods are not coming up, host services are often the real place to inspect.
sudo systemctl status kubelet
sudo journalctl -u kubelet -n 100 --no-pager
sudo journalctl -u containerd -n 100 --no-pagerImage pull errors, eviction, and scheduling pain can all come from host resource pressure.
df -h
du -sh /var/lib/containerd
free -h| Linux Need | Typical Command | Why It Helps in K8s |
|---|---|---|
| Find config files | find /etc -name '*kube*' |
Locate kubelet, container runtime, or kubeadm-generated config. |
| Inspect service health | sudo systemctl status kubelet |
Quickly see whether kubelet is active, failed, or flapping. |
| Read recent error logs | sudo journalctl -u kubelet -xe |
Surface certificate, cgroup, swap, CRI, or bootstrap errors. |
| Verify listening ports | sudo ss -tulpn |
Check whether expected control plane ports are actually open. |
| Confirm user access | ls -l ~/.kube/config |
Permission mistakes on kubeconfig files break local admin access. |
| Check package versions | apt-cache policy kubeadm kubelet kubectl |
Helpful during upgrades, skew checks, and installation issues. |