Need help with kubeletctl?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

304 Stars 39 Forks Apache License 2.0 72 Commits 5 Opened issues


A client for kubelet

Services available


Need anything else?

Contributors list

# 43,286
50 commits
# 79,325
2 commits
# 447,791
2 commits

GitHub release License Go version Downloads


Kubeletctl is a command line tool that implement kubelet's API.
Part of kubelet's API is documented but most of it is not.
This tool covers all the documented and undocumented APIs.
The full list of all kubelet's API can be view through the tool or this API table.
A related blog post:

What can it do ?

  • Run any kubelet API call
  • Scan for nodes with opened kubelet API
  • Scan for containers with RCE
  • Run a command on all the available containers by kubelet at the same time
  • Get service account tokens from all available containers by kubelet
  • Nice printing :)


On the releases page you will find the latest releases with links based on the operating system.

For the following examples, we will use the kubeletctllinuxamd64 binary link. If you plan to use other link, change it accordingly.


wget && chmod a+x ./kubeletctl_linux_amd64 && mv ./kubeletctl_linux_amd64 /usr/local/bin/kubeletctl


curl -LO && chmod a+x ./kubeletctl_linux_amd64 && mv ./kubeletctl_linux_amd64 /usr/local/bin/kubeletctl


kubeletctl works similar to kubectl, use the following syntax to run commands:
``` Usage: kubeletctl [flags] kubeletctl [command]

Available Commands: attach Attach to a container configz Return kubelet's configuration. containerLogs Return container log cri Run commands inside a container through the Container Runtime Interface (CRI) debug Return debug information (pprof or flags) exec Run commands inside a container healthz Check the state of the node help Help about any command log Return the log from the node. metrics Return resource usage metrics (such as container CPU, memory usage, etc.) pods Get list of pods on the node portForward Attach to a container run Run commands inside a container runningpods Returns all pods running on kubelet from looking at the container runtime cache. scan Scans for nodes with opened kubelet API spec Cached MachineInfo returned by cadvisor stats Return statistical information for the resources in the node. version Print the version of the kubeletctl

Flags: --cacert string CA certificate (example: /etc/kubernetes/pki/ca.crt ) --cert string Private key (example: /var/lib/kubelet/pki/kubelet-client-current.pem) --cidr string A network of IP addresses (Example: x.x.x.x/24) -k, --config string KubeConfig file -c, --container string Container name -h, --help help for kubeletctl --http Use HTTP (default is HTTPS) -i, --ignoreconfig Ignore the default KUBECONFIG environment variable or location ~/.kube --key string Digital certificate (example: /var/lib/kubelet/pki/kubelet-client-current.pem) -n, --namespace string pod namespace -p, --pod string Pod name --port string Kubelet's port, default is 10250 -r, --raw Prints raw data -s, --server string Server address (format: x.x.x.x. For Example: -u, --uid string Pod UID

Use "kubeletctl [command] --help" for more information about a command.

To view the details on each command or subcommand use the `-h`\\`--help` switch.





To build the project run:

make ```

This will create


For Windows users it is possible to use

gox -ldflags "-s -w" -osarch linux/amd64 -osarch linux/386 -osarch windows/amd64 -osarch windows/386 -osarch="darwin/amd64"

Build with Dockerfile locally

You can use the attached release Dockerfile to build a local image by running:

make docker-release

Then run:

docker run -it --rm kubeletctl:release

This will fetch and unpack the latest release binary into the Dockerfile.

If you wish to build from source run:

make docker

Then run:

docker run -it --rm kubeletctl:latest


We welcome contributions of all kinds to this repository.
For instructions on how to get started and descriptions of our development workflows, please see our contributing guide.


Copyright (c) 2020 CyberArk Software Ltd. All rights reserved
This repository is licensed under Apache License 2.0 - see

for more details.

Share Your Thoughts And Feedback

For more comments, suggestions or questions, you can contact Eviatar Gerzi (@g3rzi) from CyberArk Labs. You can find more projects developed by us in

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.