kubectl set
Set specific features on objects. Provides subcommands to update images, environment variables, resources, selectors, service accounts, and subjects.
kubectl set SUBCOMMAND [flags]Common Flags
| Flag | Short | Description |
|---|---|---|
| --all | — | Select all resources in the namespace of the specified resource types |
| --dry-run | — | Must be none, server, or client. Preview changes without applying |
| --local | — | Set image or resources on local file, do not contact the API server |
| --output | -o | Output format: json, yaml, name, go-template |
| --selector | -l | Selector to filter which resources to update |
| --namespace | -n | The namespace of the resource to update |
Examples
Update the image of a deployment
kubectl set image deployment/my-app app=nginx:1.26Update images for all containers in a deployment
kubectl set image deployment/my-app *=nginx:1.26Set environment variables on a deployment
kubectl set env deployment/my-app DB_HOST=db.example.com LOG_LEVEL=infoSet resource requests and limits
kubectl set resources deployment/my-app -c app --limits=cpu=500m,memory=256Mi --requests=cpu=250m,memory=128MiSet a service account on a deployment
kubectl set serviceaccount deployment/my-app my-service-accountView current environment variables
kubectl set env deployment/my-app --listRemove an environment variable
kubectl set env deployment/my-app DB_HOST-When to Use kubectl set
kubectl set provides targeted subcommands for updating specific aspects of resources. Unlike kubectl edit or kubectl patch, which require you to specify JSON paths or navigate YAML, kubectl set offers purpose-built commands for the most common update operations.
Setting Images
The set image subcommand is the most frequently used. It updates the container image and triggers a rolling update:
# Update a single container image
kubectl set image deployment/my-app app=myapp:v2
# Update multiple containers
kubectl set image deployment/my-app app=myapp:v2 sidecar=sidecar:v3
# Update all containers to the same image
kubectl set image deployment/my-app *=myapp:v2
# Update and record the change cause
kubectl set image deployment/my-app app=myapp:v2
# Preview the change
kubectl set image deployment/my-app app=myapp:v2 --dry-run=client -o yaml
After setting the image, monitor the rollout:
kubectl set image deployment/my-app app=myapp:v2
kubectl rollout status deployment/my-app
Setting Environment Variables
The set env subcommand manages environment variables on workloads:
# Set environment variables
kubectl set env deployment/my-app DB_HOST=db.example.com DB_PORT=5432
# Import from a ConfigMap
kubectl set env deployment/my-app --from=configmap/app-config
# Import from a Secret
kubectl set env deployment/my-app --from=secret/db-credentials
# List current environment variables
kubectl set env deployment/my-app --list
# Remove an environment variable (note the trailing dash)
kubectl set env deployment/my-app DB_HOST-
# Set env vars on all deployments with a label
kubectl set env deployment -l app=myapp LOG_LEVEL=debug
Setting Resources
Resource requests and limits control scheduling and quality of service:
# Set both requests and limits
kubectl set resources deployment/my-app -c app \
--requests=cpu=100m,memory=128Mi \
--limits=cpu=500m,memory=256Mi
# Set resources on all containers
kubectl set resources deployment/my-app \
--requests=cpu=100m,memory=128Mi \
--limits=cpu=500m,memory=256Mi
# Remove resource limits
kubectl set resources deployment/my-app -c app --limits=cpu=0,memory=0
# Preview the change
kubectl set resources deployment/my-app -c app \
--limits=cpu=500m,memory=256Mi --dry-run=client -o yaml
Setting Service Accounts
Changing the service account controls what permissions the pod's containers have:
# Set the service account
kubectl set serviceaccount deployment/my-app restricted-sa
# Verify the change
kubectl get deployment my-app -o jsonpath='{.spec.template.spec.serviceAccountName}'
Setting Selectors
The set selector subcommand updates the selector on a service:
# Update the service selector
kubectl set selector svc my-service app=myapp-v2,tier=frontend
This is useful when migrating traffic between different versions of an application.
Updating Local Files
The --local flag modifies local YAML files without contacting the API server. This is useful in CI/CD pipelines:
# Update image in a local file
kubectl set image -f deployment.yaml app=myapp:v2 --local -o yaml > deployment-updated.yaml
# Set env in a local file
kubectl set env -f deployment.yaml DB_HOST=prod-db.example.com --local -o yaml > deployment-updated.yaml
CI/CD Integration
kubectl set commands integrate well with automation:
# In a CI/CD pipeline
IMAGE_TAG="${BUILD_NUMBER}"
kubectl set image deployment/my-app app="registry.example.com/myapp:${IMAGE_TAG}"
kubectl rollout status deployment/my-app --timeout=300s
# Rollback if the deployment fails
if ! kubectl rollout status deployment/my-app --timeout=300s; then
kubectl rollout undo deployment/my-app
exit 1
fi
Best Practices
Use kubectl set image for quick image updates in development and CI/CD. For production, prefer updating the manifest in Git and using kubectl apply or a GitOps tool. Always verify the container name before setting images on multi-container pods. Use --dry-run=client -o yaml to preview changes before applying them to production resources.
Interview Questions About This Command
Common Mistakes
- Using kubectl set image with the wrong container name, causing no change or an error. Check container names with kubectl get deployment -o jsonpath='{.spec.template.spec.containers[*].name}'.
- Forgetting that kubectl set image triggers a rollout, which can cause downtime if the new image does not exist or fails health checks.
- Not specifying the container name with -c when setting resources on a multi-container pod.