# MicroK8s Cheatsheet

MicroK8s is a lightweight, single-package Kubernetes distribution developed by Canonical for development, IoT, and edge computing. It runs on Linux and is easy to install via snap.

## Installation
- Install MicroK8s: `sudo snap install microk8s --classic`
- Add user to group: `sudo usermod -a -G microk8s $USER` (then relogin)
- Alias kubectl: `alias kubectl='microk8s kubectl'`
- Verify: `microk8s status`

## Basic Operations
- Start MicroK8s: `microk8s start`
- Stop MicroK8s: `microk8s stop`
- Check status: `microk8s status --wait-ready`
- Reset cluster: `microk8s reset` (caution: deletes all data)

## Add-ons
- List available add-ons: `microk8s status`
- Enable add-on: `microk8s enable <add-on>` (e.g., `dns`, `dashboard`, `registry`, `istio`, `storage`)
- Disable add-on: `microk8s disable <add-on>`
- Common add-ons: dns (required for pods), dashboard (Kubernetes Dashboard), helm3, ingress, metrics-server

## Kubectl Commands
- Use `microk8s kubectl` for all kubectl commands
- Get nodes: `microk8s kubectl get nodes`
- Get pods: `microk8s kubectl get pods -A`
- Describe pod: `microk8s kubectl describe pod <pod-name> -n <namespace>`
- Logs: `microk8s kubectl logs <pod-name> -n <namespace>`
- Exec: `microk8s kubectl exec -it <pod-name> -n <namespace> -- /bin/bash`
- Apply YAML: `microk8s kubectl apply -f <file.yaml>`
- Delete: `microk8s kubectl delete -f <file.yaml>`

## Clustering
- Generate join token on master: `microk8s add-node`
- Join from worker: `microk8s join <master-ip>:<port>/<token>`
- Remove node: `microk8s remove-node <node-name>`
- Leave cluster: `microk8s leave` (on worker)

## Dashboard Access
- Enable dashboard: `microk8s enable dashboard`
- Get token: `microk8s kubectl -n kube-system describe secret $(microk8s kubectl -n kube-system get secret | grep default-token | cut -d " " -f1)`
- Proxy: `microk8s dashboard-proxy` (access at https://127.0.0.1:10443)

## Helm
- Enable Helm: `microk8s enable helm3`
- Alias: `alias helm='microk8s helm3'`
- Install chart: `microk8s helm3 install <name> <chart>`

## Networking and Ingress
- Enable ingress: `microk8s enable ingress`
- Create ingress resource for services

## Storage
- Enable storage: `microk8s enable storage` (provides hostpath storage class)

## Troubleshooting
- Inspect: `microk8s inspect`
- Refresh certs: `microk8s refresh-certs`
- Debug pod issues: Check logs and describe

## Security Best Practices
- Run with least privilege: Use snap's confinement.
- Enable RBAC if not default.
- Secure add-ons: Use HTTPS for dashboard, authenticate properly.
- Scan images: Integrate with tools like Trivy for vulnerability scanning.
- Network policies: Use Kubernetes network policies for isolation.
- Secrets management: Use Kubernetes secrets, avoid plaintext.

## Advanced
- High availability: `microk8s enable ha-cluster`
- Upgrade: `sudo snap refresh microk8s --classic`
- Switch channel: `sudo snap switch microk8s --channel=1.28/stable`
- Export config: `microk8s kubectl config view --raw > kubeconfig.yaml`

For more details, refer to official docs: https://microk8s.io/docs

## Additional Add-ons
- GPU: `microk8s enable gpu`
- MetalLB: `microk8s enable metallb:<ip-range>`
- Cert-Manager: `microk8s enable cert-manager`

This cheatsheet is compiled from official MicroK8s documentation (https://microk8s.io/docs/commands) and community sources."