Docker & Kubernetes Cheatsheets
Your complete container operations reference — from writing your first Dockerfile to managing production Kubernetes clusters. This pack covers Docker commands and Dockerfile best practices, Kubernetes resource types and kubectl commands, Helm chart authoring, networking and storage, and a dedicated troubleshooting guide for when pods won't start. Print it, pin it, ship containers with confidence.
What's Included
- Docker CLI Cheatsheet — Build, run, inspect, network, volume, and compose commands
- Dockerfile Best Practices — Multi-stage builds, layer caching, security hardening
- Kubernetes Resource Types — Pods, Deployments, Services, ConfigMaps, Secrets, Ingress, Jobs, CronJobs
- kubectl Command Reference — CRUD, debugging, logs, port-forwarding, context switching
- Helm Charts Guide — Chart structure, values, templates, hooks, repositories
- Networking & Storage — Service types, NetworkPolicies, PVs, PVCs, StorageClasses
- Troubleshooting Flowchart — Pod lifecycle debugging from Pending to CrashLoopBackOff
Preview / Sample Content
Docker Commands — Most Used
# Build and tag an image
docker build -t myapp:1.0 -f Dockerfile.prod .
# Run with port mapping, env vars, auto-remove
docker run -d --name web -p 8080:80 -e NODE_ENV=production --rm myapp:1.0
# Execute command in running container
docker exec -it web /bin/sh
# View logs (follow + timestamps + last 100 lines)
docker logs -f --timestamps --tail 100 web
# Copy files between host and container
docker cp web:/app/data.json ./local-data.json
docker cp ./config.yaml web:/app/config.yaml
# List images with size, filter dangling
docker images --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
docker images -f "dangling=true"
# Clean up everything unused
docker system prune -a --volumes
# Multi-platform build
docker buildx build --platform linux/amd64,linux/arm64 -t myapp:1.0 --push .
Dockerfile — Production Best Practices
# Stage 1: Build
FROM python:3.12-slim AS builder
WORKDIR /build
COPY requirements.txt .
RUN pip install --no-cache-dir --prefix=/install -r requirements.txt
COPY src/ ./src/
# Stage 2: Runtime (minimal attack surface)
FROM python:3.12-slim AS runtime
RUN groupadd -r appuser && useradd -r -g appuser appuser
COPY --from=builder /install /usr/local
COPY --from=builder /build/src /app/src
WORKDIR /app
USER appuser
EXPOSE 8000
HEALTHCHECK --interval=30s --timeout=3s CMD curl -f http://localhost:8000/health || exit 1
ENTRYPOINT ["python", "-m", "src.main"]
kubectl — Essential Commands
# Context and namespace
kubectl config get-contexts
kubectl config use-context production
kubectl config set-context --current --namespace=backend
# Get resources (wide output, labels, all namespaces)
kubectl get pods -o wide --show-labels
kubectl get all -A
# Describe for debugging (shows events!)
kubectl describe pod my-pod
# Logs (previous crashed container, specific container in multi-container pod)
kubectl logs my-pod --previous
kubectl logs my-pod -c sidecar-container
# Port forward for local debugging
kubectl port-forward svc/my-service 8080:80
kubectl port-forward pod/my-pod 5432:5432
# Apply, diff, and dry-run
kubectl apply -f manifest.yaml
kubectl diff -f manifest.yaml
kubectl apply -f manifest.yaml --dry-run=server
# Quick debugging pod
kubectl run debug --rm -it --image=busybox -- /bin/sh
# Scale and rollout
kubectl scale deployment web --replicas=5
kubectl rollout status deployment web
kubectl rollout undo deployment web --to-revision=2
kubectl rollout history deployment web
Pod Troubleshooting Decision Tree
Pod not running?
├── Status: Pending
│ ├── Check: kubectl describe pod → Events section
│ ├── Insufficient resources? → Adjust requests/limits or add nodes
│ ├── No matching node? → Check nodeSelector, taints, tolerations
│ └── PVC pending? → Check StorageClass and PV availability
├── Status: CrashLoopBackOff
│ ├── Check: kubectl logs <pod> --previous
│ ├── OOMKilled? → Increase memory limits
│ ├── Config error? → Check ConfigMap/Secret mounts
│ └── App crash? → Fix application code, check entrypoint
├── Status: ImagePullBackOff
│ ├── Wrong image name/tag? → Verify image exists in registry
│ ├── Private registry? → Create/check imagePullSecrets
│ └── Rate limited? → Configure registry mirror or credentials
└── Status: Running but not working
├── Check: kubectl exec -it <pod> -- curl localhost:PORT
├── Service selector matches pod labels? → kubectl get endpoints
└── NetworkPolicy blocking traffic? → Check ingress/egress rules
Quick Reference Table
| Resource | Short Name | kubectl Command | Use Case |
|---|---|---|---|
| Pod | po | kubectl get po |
Smallest deployable unit |
| Deployment | deploy | kubectl get deploy |
Stateless app management |
| Service | svc | kubectl get svc |
Network endpoint for pods |
| ConfigMap | cm | kubectl get cm |
Non-secret configuration |
| Secret | secret | kubectl get secret |
Sensitive data (base64) |
| Ingress | ing | kubectl get ing |
HTTP routing + TLS |
| StatefulSet | sts | kubectl get sts |
Stateful apps (databases) |
| DaemonSet | ds | kubectl get ds |
One pod per node (agents) |
| Job | job | kubectl get job |
One-time batch tasks |
| CronJob | cj | kubectl get cj |
Scheduled batch tasks |
| PersistentVolumeClaim | pvc | kubectl get pvc |
Storage requests |
| Namespace | ns | kubectl get ns |
Cluster resource isolation |
Usage Tips
- Start with the troubleshooting flowchart — it solves 90% of "why won't my pod start" questions.
- Use the Dockerfile template as a starting point for every new service — it follows all security best practices.
-
Memorize the short names in the quick reference —
k get po -Ais much faster than typing it all out. -
Set up shell aliases — the pack includes a
.kubectl_aliasesfile with 50+ time-saving shortcuts. - Print the networking page — understanding ClusterIP vs NodePort vs LoadBalancer vs Ingress prevents architecture mistakes.
This is 1 of 11 resources in the Cheatsheet Reference Pro toolkit. Get the complete [Docker & Kubernetes Cheatsheets] with all files, templates, and documentation for $15.
Or grab the entire Cheatsheet Reference Pro bundle (11 products) for $79 — save 30%.
Top comments (0)