You are looking for information, articles, knowledge about the topic nail salons open on sunday near me kubectl cp on Google, you do not find the information you need! Here are the best content compiled and compiled by the https://chewathai27.com/to team, along with other related topics such as: kubectl cp Kubectl cp
Table of Contents
Kubectl Reference Docs
- Article author: kubernetes.io
- Reviews from users: 33092
Ratings - Top rated: 3.2
- Lowest rated: 1
- Summary of article content: Articles about Kubectl Reference Docs kubectl create clusterrole pod-reader –verb=get –resource=pods … kubectl cp /tmp/foo
:/tmp/bar -c . … - Most searched keywords: Whether you are looking for Kubectl Reference Docs kubectl create clusterrole pod-reader –verb=get –resource=pods … kubectl cp /tmp/foo
:/tmp/bar -c . - Table of Contents:
clusterrole
clusterrolebinding
configmap
cronjob
deployment
ingress
job
namespace
poddisruptionbudget
priorityclass
quota
role
rolebinding
secret
secret docker-registry
secret generic
secret tls
service
service clusterip
service externalname
service loadbalancer
service nodeport
serviceaccount
token
edit-last-applied
set-last-applied
view-last-applied
history
pause
restart
resume
status
undo
env
image
resources
selector
serviceaccount
subject
can-i
reconcile
node
pod
approve
deny
dump
events
current-context
delete-cluster
delete-context
delete-user
get-clusters
get-contexts
get-users
rename-context
set
set-cluster
set-context
set-credentials
unset
use-context
view
list
azure aks – How to copy files from kubernetes Pods to local system – Stack Overflow
- Article author: stackoverflow.com
- Reviews from users: 37607 Ratings
- Top rated: 3.2
- Lowest rated: 1
- Summary of article content: Articles about azure aks – How to copy files from kubernetes Pods to local system – Stack Overflow As stated in kubectl help: kubectl cp –help Copy files and directories to and from containers. Examples: # !!!Important Note!!! …
- Most searched keywords: Whether you are looking for azure aks – How to copy files from kubernetes Pods to local system – Stack Overflow As stated in kubectl help: kubectl cp –help Copy files and directories to and from containers. Examples: # !!!Important Note!!!
- Table of Contents:
19 Answers
19
Your Answer
Not the answer you’re looking for Browse other questions tagged kubernetes azure-aks or ask your own question
azure aks – How to copy files from kubernetes Pods to local system – Stack Overflow
- Article author: medium.com
- Reviews from users: 20984 Ratings
- Top rated: 3.7
- Lowest rated: 1
- Summary of article content: Articles about azure aks – How to copy files from kubernetes Pods to local system – Stack Overflow Similar to that we have ‘KUBECTL CP’ to Copy the files and directories from a Kubernetes Container [POD] to the local host and vice versa. Syntax: …
- Most searched keywords: Whether you are looking for azure aks – How to copy files from kubernetes Pods to local system – Stack Overflow Similar to that we have ‘KUBECTL CP’ to Copy the files and directories from a Kubernetes Container [POD] to the local host and vice versa. Syntax:
- Table of Contents:
19 Answers
19
Your Answer
Not the answer you’re looking for Browse other questions tagged kubernetes azure-aks or ask your own question
How to Copy Files Between Kubernetes Pods and Your Machine
- Article author: www.howtogeek.com
- Reviews from users: 9713 Ratings
- Top rated: 3.2
- Lowest rated: 1
- Summary of article content: Articles about How to Copy Files Between Kubernetes Pods and Your Machine The kubectl cp command lets you copy files between Kubernetes Pods and your machine. It works in either direction but can’t be used to move … …
- Most searched keywords: Whether you are looking for How to Copy Files Between Kubernetes Pods and Your Machine The kubectl cp command lets you copy files between Kubernetes Pods and your machine. It works in either direction but can’t be used to move … Containers running in Kubernetes Pods are meant to be self-contained compute units that you don’t need to manually interact with. Sometimes you might have to copy files to or from a Pod’s filesystem though, perhaps because you’re debugging a problem and want to archive logs, config files, or caches stored in a container.
- Table of Contents:
Copying To or From Your Machine
Command Arguments
When Kubectl Cp Won’t Work
Summary
Use “kubectl cp” to Copy Files to and from Kubernetes Pods – Howchoo
- Article author: howchoo.com
- Reviews from users: 48728 Ratings
- Top rated: 3.6
- Lowest rated: 1
- Summary of article content: Articles about Use “kubectl cp” to Copy Files to and from Kubernetes Pods – Howchoo The kubectl cp command takes two parameters. The first is the source; the second is the destination. As with scp , either parameter (source … …
- Most searched keywords: Whether you are looking for Use “kubectl cp” to Copy Files to and from Kubernetes Pods – Howchoo The kubectl cp command takes two parameters. The first is the source; the second is the destination. As with scp , either parameter (source … With “kubectl cp” you can move files to and from pods or specific containers running within a Kubernetes pod. In this guide, learn how to use kubectl cp.
- Table of Contents:
How to Copy Files and Folder from Kubernetes Pods ? – Techplayon
- Article author: www.techplayon.com
- Reviews from users: 49674 Ratings
- Top rated: 4.9
- Lowest rated: 1
- Summary of article content: Articles about How to Copy Files and Folder from Kubernetes Pods ? – Techplayon In this post, we will dicuss how log files and folder can be transferred to Master Node using kubectl cp command. Best thing about kubectl … …
- Most searched keywords: Whether you are looking for How to Copy Files and Folder from Kubernetes Pods ? – Techplayon In this post, we will dicuss how log files and folder can be transferred to Master Node using kubectl cp command. Best thing about kubectl … In 5G Telcom networks, almost all network elements (RAN, CORE & IMS) are moving to cloud using the cloud native applications. Kubernetes Pods
- Table of Contents:
kubectl-cp man page – kubernetes-client – General Commands
- Article author: www.mankier.com
- Reviews from users: 4890 Ratings
- Top rated: 4.8
- Lowest rated: 1
- Summary of article content: Articles about kubectl-cp man page – kubernetes-client – General Commands Synopsis. kubectl cp [Options] · Description. Copy files and directories to and from containers. · Options. -c, –container=”” Container name. If omitted, use the … …
- Most searched keywords: Whether you are looking for kubectl-cp man page – kubernetes-client – General Commands Synopsis. kubectl cp [Options] · Description. Copy files and directories to and from containers. · Options. -c, –container=”” Container name. If omitted, use the … Copy files and directories to and from containers.
- Table of Contents:
Synopsis
Description
Options
Options Inherited from Parent Commands
Example
See Also
History
Referenced By
See more articles in the same category here: Chewathai27.com/to/blog.
Kubectl Reference Docs
GETTING STARTED
This section contains the most basic commands for getting a workload running on your cluster.
run will start running 1 or more instances of a container image on your cluster.
will start running 1 or more instances of a container image on your cluster. expose will load balance traffic across the running instances, and can create a HA proxy for accessing the containers from outside the cluster.
Once your workloads are running, you can use the commands in the WORKING WITH APPS section to inspect them.
create
Create a pod using the data in pod.json
kubectl create -f ./pod.json
Create a pod based on the JSON passed into stdin
cat pod.json | kubectl create -f –
Edit the data in registry.yaml in JSON then create the resource using the edited data
kubectl create -f registry.yaml — edit -o json
Create a resource from a file or from stdin.
JSON and YAML formats are accepted.
Usage
$ kubectl create -f FILENAME
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. edit false Edit the API resource before creating field-manager kubectl-create Name of the manager used to track field ownership. filename f [] Filename, directory, or URL to files to use to create the resource kustomize k Process the kustomization directory. This flag can’t be used together with -f or -R. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). raw Raw URI to POST to the server. Uses the transport specified by the kubeconfig file. record false Record current kubectl command in the resource annotation. If set to false, do not record the command. If set to true, record the command. If not set, default to updating the existing annotation value only if one already exists. recursive R false Process the directory used in -f, –filename recursively. Useful when you want to manage related manifests organized within the same directory. save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. selector l Selector (label query) to filter on, supports ‘=’, ‘==’, and ‘!=’.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields. windows-line-endings false Only relevant if –edit=true. Defaults to the line ending native to your platform.
clusterrole
Create a cluster role named “pod-reader” that allows user to perform “get”, “watch” and “list” on pods
kubectl create clusterrole pod-reader –verb =get,list,watch –resource =pods
Create a cluster role named “pod-reader” with ResourceName specified
kubectl create clusterrole pod-reader –verb =get –resource =pods –resource-name =readablepod –resource-name =anotherpod
Create a cluster role named “foo” with API Group specified
kubectl create clusterrole foo –verb =get,list,watch –resource =rs.extensions
Create a cluster role named “foo” with SubResource specified
kubectl create clusterrole foo –verb =get,list,watch –resource =pods,pods/status
Create a cluster role name “foo” with NonResourceURL specified
kubectl create clusterrole “foo” –verb =get –non-resource-url =/logs/*
Create a cluster role name “monitoring” with AggregationRule specified
kubectl create clusterrole monitoring
Create a cluster role.
Usage
$ kubectl create clusterrole NAME –verb=verb –resource=resource.group [–resource-name=resourcename] [–dry-run=server|client|none]
Flags
Name Shorthand Default Usage aggregation-rule An aggregation label selector for combining ClusterRoles. allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. non-resource-url [] A partial url that user should have access to. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). resource [] Resource that the rule applies to resource-name [] Resource in the white list that the rule applies to, repeat this flag for multiple items save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields. verb [] Verb that applies to the resources contained in the rule
clusterrolebinding
Create a cluster role binding for user1, user2, and group1 using the cluster-admin cluster role
kubectl create clusterrolebinding cluster-admin –clusterrole =cluster-admin –user =user1 –user =user2 –group =group1
Create a cluster role binding for a particular cluster role.
Usage
$ kubectl create clusterrolebinding NAME –clusterrole=NAME [–user=username] [–group=groupname] [–serviceaccount=namespace:serviceaccountname] [–dry-run=server|client|none]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. clusterrole ClusterRole this ClusterRoleBinding should reference dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. group [] Groups to bind to the clusterrole output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. serviceaccount [] Service accounts to bind to the clusterrole, in the format
: show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false). “true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
configmap
Create a new config map named my-config based on folder bar
kubectl create configmap my-config — from -file= path / to /bar
Create a new config map named my-config with specified keys instead of file basenames on disk
kubectl create configmap my-config — from – file =key1= /path/ to /bar/ file1.txt — from – file =key2= /path/ to /bar/ file2.txt
Create a new config map named my-config with key1=config1 and key2=config2
kubectl create configmap my-config –from-literal =key1=config1 –from-literal =key2=config2
Create a new config map named my-config from the key=value pairs in the file
kubectl create configmap my-config — from -file= path / to /bar
Create a new config map named my-config from an env file
kubectl create configmap my-config — from -env-file= path / to /foo.env — from -env-file= path / to /bar.env
Create a config map based on a file, directory, or specified literal value.
A single config map may package one or more key/value pairs.
When creating a config map based on a file, the key will default to the basename of the file, and the value will default to the file content. If the basename is an invalid key, you may specify an alternate key.
When creating a config map based on a directory, each file whose basename is a valid key in the directory will be packaged into the config map. Any directory entries except regular files are ignored (e.g. subdirectories, symlinks, devices, pipes, etc).
Usage
$ kubectl create configmap NAME [–from-file=[key=]source] [–from-literal=key1=value1] [–dry-run=server|client|none]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. append-hash false Append a hash of the configmap to its name. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. from-env-file [] Specify the path to a file to read lines of key=val pairs to create a configmap. from-file [] Key file can be specified using its file path, in which case file basename will be used as configmap key, or optionally with a key and file path, in which case the given key will be used. Specifying a directory will iterate each named file in the directory whose basename is a valid configmap key. from-literal [] Specify a key and literal value to insert in configmap (i.e. mykey=somevalue) output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
cronjob
Create a cron job
kubectl create cronjob my-job –image =busybox –schedule = “*/1 * * * *”
Create a cron job with a command
kubectl create cronjob my-job –image =busybox –schedule = “*/1 * * * *” — date
Create a cron job with the specified name.
Usage
$ kubectl create cronjob NAME –image=image –schedule=’0/5 * * * ?’ — [COMMAND] [args…]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. image Image name to run. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). restart job’s restart policy. supported values: OnFailure, Never save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. schedule A schedule in the Cron format the job should be run with. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
deployment
Create a deployment named my-dep that runs the busybox image
kubectl create deployment my -dep
Create a deployment with a command
kubectl create deployment my -dep
Create a deployment named my-dep that runs the nginx image with 3 replicas
kubectl create deployment my-dep –image =nginx –replicas =3
Create a deployment named my-dep that runs the busybox image and expose port 5701
kubectl create deployment my-dep –image =busybox –port =5701
Create a deployment with the specified name.
Usage
$ kubectl create deployment NAME –image=image — [COMMAND] [args…]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. image [] Image names to run. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). port -1 The port that this container exposes. replicas r 1 Number of replicas to create. Default is 1. save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
ingress
Create a single ingress called ‘simple’ that directs requests to foo.com/bar to svc # svc1:8080 with a tls secret “my-cert”
kubectl create ingress simple –rule = “foo.com/bar=svc1:8080,tls=my-cert”
Create a catch all ingress of “/path” pointing to service svc:port and Ingress Class as “otheringress”
kubectl create ingress catch -all — class =otheringress –rule= “/path=svc:port”
Create an ingress with two annotations: ingress.annotation1 and ingress.annotations2
kubectl create ingress annotated –class =default –rule = “foo.com/bar=svc:port” \ –annotation ingress. annotation1 =foo \ –annotation ingress. annotation2 =bla
Create an ingress with the same host and multiple paths
kubectl create ingress multipath –class =default \ –rule = “foo.com/=svc:port” \ –rule = “foo.com/admin/=svcadmin:portadmin”
Create an ingress with multiple hosts and the pathType as Prefix
kubectl create ingress ingress1 –class =default \ –rule = “foo.com/path*=svc:8080” \ –rule = “bar.com/admin*=svc2:http”
Create an ingress with TLS enabled using the default ingress certificate and different path types
kubectl create ingress ingtls –class =default \ –rule = “foo.com/=svc:https,tls” \ –rule = “foo.com/path/subpath*=othersvc:8080”
Create an ingress with TLS enabled using a specific secret and pathType as Prefix
kubectl create ingress ingsecret — class = default \ –rule= “foo.com/*=svc:8080,tls=secret1”
Create an ingress with a default backend
kubectl create ingress ingdefault –class =default \ –default-backend =defaultsvc:http \ –rule = “foo.com/*=svc:8080,tls=secret1”
Create an ingress with the specified name.
Usage
$ kubectl create ingress NAME –rule=host/path=service:port[,tls[=secret]]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. annotation [] Annotation to insert in the ingress object, in the format annotation=value class Ingress Class to be used default-backend Default service for backend, in format of svcname:port dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). rule [] Rule in format host/path=service:port [ ,tls=secretname ] . Paths containing the leading character ‘*’ are considered pathType=Prefix. tls argument is optional. save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
job
Create a job
kubectl create job my -job
Create a job with a command
kubectl create job my- job –image= busybox — date
Create a job from a cron job named “a-cronjob”
kubectl create job test -job
Create a job with the specified name.
Usage
$ kubectl create job NAME –image=image [–from=cronjob/name] — [COMMAND] [args…]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. from The name of the resource to create a Job from (only cronjob is supported). image Image name to run. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
namespace
Create a new namespace named my-namespace
kubectl create namespace my- namespace
Create a namespace with the specified name.
Usage
$ kubectl create namespace NAME [–dry-run=server|client|none]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
poddisruptionbudget
Create a pod disruption budget named my-pdb that will select all pods with the app=rails label # and require at least one of them being available at any point in time
kubectl create poddisruptionbudget my-pdb –selector =app=rails –min-available =1
Create a pod disruption budget named my-pdb that will select all pods with the app=nginx label # and require at least half of the pods selected to be available at any point in time
kubectl create pdb my-pdb –selector =app=nginx –min-available =50%
Create a pod disruption budget with the specified name, selector, and desired minimum available pods.
Usage
$ kubectl create poddisruptionbudget NAME –selector=SELECTOR –min-available=N [–dry-run=server|client|none]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. max-unavailable The maximum number or percentage of unavailable pods this budget requires. min-available The minimum number or percentage of available pods this budget requires. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. selector A label selector to use for this budget. Only equality-based selector requirements are supported. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
priorityclass
Create a priority class named high-priority
kubectl create priorityclass high-priority –value =1000 –description = “high priority”
Create a priority class named default-priority that is considered as the global default priority
kubectl create priorityclass default -priority — value = 1000 — global – default = true –description= “default priority”
Create a priority class named high-priority that cannot preempt pods with lower priority
kubectl create priorityclass high-priority –value =1000 –description = “high priority” –preemption-policy = “Never”
Create a priority class with the specified name, value, globalDefault and description.
Usage
$ kubectl create priorityclass NAME –value=VALUE –global-default=BOOL [–dry-run=server|client|none]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. description description is an arbitrary string that usually provides guidelines on when this priority class should be used. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. global-default false global-default specifies whether this PriorityClass should be considered as the default priority. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). preemption-policy PreemptLowerPriority preemption-policy is the policy for preempting pods with lower priority. save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields. value 0 the value of this priority class.
quota
Create a new resource quota named my-quota
kubectl create quota my-quota –hard=cpu= 1 ,memory= 1 G,pods= 2 ,services= 3 ,replicationcontrollers= 2 ,resourcequotas= 1 ,secrets= 5 ,persistentvolumeclaims= 10
Create a new resource quota named best-effort
kubectl create quota best-effort –hard =pods=100 –scopes =BestEffort
Create a resource quota with the specified name, hard limits, and optional scopes.
Usage
$ kubectl create quota NAME [–hard=key1=value1,key2=value2] [–scopes=Scope1,Scope2] [–dry-run=server|client|none]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. hard A comma-delimited set of resource=quantity pairs that define a hard limit. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. scopes A comma-delimited set of quota scopes that must all match each object tracked by the quota. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
role
Create a role named “pod-reader” that allows user to perform “get”, “watch” and “list” on pods
kubectl create role pod-reader –verb =get –verb =list –verb =watch –resource =pods
Create a role named “pod-reader” with ResourceName specified
kubectl create role pod-reader –verb =get –resource =pods –resource-name =readablepod –resource-name =anotherpod
Create a role named “foo” with API Group specified
kubectl create role foo –verb =get,list,watch –resource =rs.extensions
Create a role named “foo” with SubResource specified
kubectl create role foo –verb =get,list,watch –resource =pods,pods/status
Create a role with single rule.
Usage
$ kubectl create role NAME –verb=verb –resource=resource.group/subresource [–resource-name=resourcename] [–dry-run=server|client|none]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). resource [] Resource that the rule applies to resource-name [] Resource in the white list that the rule applies to, repeat this flag for multiple items save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields. verb [] Verb that applies to the resources contained in the rule
rolebinding
Create a role binding for user1, user2, and group1 using the admin cluster role
kubectl create rolebinding admin –clusterrole =admin –user =user1 –user =user2 –group =group1
Create a role binding for a particular role or cluster role.
Usage
$ kubectl create rolebinding NAME –clusterrole=NAME|–role=NAME [–user=username] [–group=groupname] [–serviceaccount=namespace:serviceaccountname] [–dry-run=server|client|none]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. clusterrole ClusterRole this RoleBinding should reference dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. group [] Groups to bind to the role output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). role Role this RoleBinding should reference save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. serviceaccount [] Service accounts to bind to the role, in the format
: show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false). “true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
secret
Create a secret using specified subcommand.
Usage
$ kubectl create secret
secret docker-registry
If you don’t already have a .dockercfg file, you can create a dockercfg secret directly by using:
kubectl create secret docker-registry my-secret –docker-server =DOCKER_REGISTRY_SERVER –docker-username =DOCKER_USER –docker-password =DOCKER_PASSWORD –docker-email =DOCKER_EMAIL
Create a new secret named my-secret from ~/.docker/config.json
kubectl create secret docker-registry my-secret –from-file =.dockerconfigjson=path/to/.docker/config.json
Create a new secret for use with Docker registries.
Dockercfg secrets are used to authenticate against Docker registries.
When using the Docker command line to push images, you can authenticate to a given registry by running: ‘$ docker login DOCKER_REGISTRY_SERVER –username=DOCKER_USER –password=DOCKER_PASSWORD –email=DOCKER_EMAIL’.
That produces a ~/.dockercfg file that is used by subsequent ‘docker push’ and ‘docker pull’ commands to authenticate to the registry. The email address is optional.
When creating applications, you may have a Docker registry that requires authentication. In order for the nodes to pull images on your behalf, they must have the credentials. You can provide this information by creating a dockercfg secret and attaching it to your service account.
Usage
$ kubectl create docker-registry NAME –docker-username=user –docker-password=password –docker-email=email [–docker-server=string] [–from-file=[key=]source] [–dry-run=server|client|none]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. append-hash false Append a hash of the secret to its name. docker-email Email for Docker registry docker-password Password for Docker registry authentication docker-server https://index.docker.io/v1/ Server location for Docker registry docker-username Username for Docker registry authentication dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. from-file [] Key files can be specified using their file path, in which case a default name will be given to them, or optionally with a name and file path, in which case the given name will be used. Specifying a directory will iterate each named file in the directory that is a valid secret key. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
secret generic
Create a new secret named my-secret with keys for each file in folder bar
kubectl create secret generic my-secret –from-file =path/to/bar
Create a new secret named my-secret with specified keys instead of names on disk
kubectl create secret generic my-secret –from-file =ssh-privatekey=path/to/id_rsa –from-file =ssh-publickey=path/to/id_rsa.pub
Create a new secret named my-secret with key1=supersecret and key2=topsecret
kubectl create secret generic my-secret –from-literal =key1=supersecret –from-literal =key2=topsecret
Create a new secret named my-secret using a combination of a file and a literal
kubectl create secret generic my-secret –from-file =ssh-privatekey=path/to/id_rsa –from-literal =passphrase=topsecret
Create a new secret named my-secret from env files
kubectl create secret generic my-secret –from-env-file =path/to/foo.env –from-env-file =path/to/bar.env
Create a secret based on a file, directory, or specified literal value.
A single secret may package one or more key/value pairs.
When creating a secret based on a file, the key will default to the basename of the file, and the value will default to the file content. If the basename is an invalid key or you wish to chose your own, you may specify an alternate key.
When creating a secret based on a directory, each file whose basename is a valid key in the directory will be packaged into the secret. Any directory entries except regular files are ignored (e.g. subdirectories, symlinks, devices, pipes, etc).
Usage
$ kubectl create generic NAME [–type=string] [–from-file=[key=]source] [–from-literal=key1=value1] [–dry-run=server|client|none]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. append-hash false Append a hash of the secret to its name. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. from-env-file [] Specify the path to a file to read lines of key=val pairs to create a secret. from-file [] Key files can be specified using their file path, in which case a default name will be given to them, or optionally with a name and file path, in which case the given name will be used. Specifying a directory will iterate each named file in the directory that is a valid secret key. from-literal [] Specify a key and literal value to insert in secret (i.e. mykey=somevalue) output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . type The type of secret to create validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
secret tls
Create a new TLS secret named tls-secret with the given key pair
kubectl create secret tls tls-secret –cert =path/to/tls.cert –key =path/to/tls.key
Create a TLS secret from the given public/private key pair.
The public/private key pair must exist beforehand. The public key certificate must be .PEM encoded and match the given private key.
Usage
$ kubectl create tls NAME –cert=path/to/cert/file –key=path/to/key/file [–dry-run=server|client|none]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. append-hash false Append a hash of the secret to its name. cert Path to PEM encoded public key certificate. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. key Path to private key associated with given certificate. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
service
Create a service using a specified subcommand.
Usage
$ kubectl create service
service clusterip
Create a new ClusterIP service named my-cs
kubectl create service clusterip my-cs –tcp =5678:8080
Create a new ClusterIP service named my-cs (in headless mode)
kubectl create service clusterip my-cs –clusterip = “None”
Create a ClusterIP service with the specified name.
Usage
$ kubectl create clusterip NAME [–tcp=
: ] [–dry-run=server|client|none] Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. clusterip Assign your own ClusterIP or set to ‘None’ for a ‘headless’ service (no loadbalancing). dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. tcp [] Port pairs can be specified as ‘
: ‘. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false). “true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
service externalname
Create a new ExternalName service named my-ns
kubectl create service externalname my-ns –external-name bar.com
Create an ExternalName service with the specified name.
ExternalName service references to an external DNS address instead of only pods, which will allow application authors to reference services that exist off platform, on other clusters, or locally.
Usage
$ kubectl create externalname NAME –external-name external.name [–dry-run=server|client|none]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. external-name External name of service field-manager kubectl-create Name of the manager used to track field ownership. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. tcp [] Port pairs can be specified as ‘
: ‘. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false). “true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
service loadbalancer
Create a new LoadBalancer service named my-lbs
kubectl create service loadbalancer my-lbs –tcp =5678:8080
Create a LoadBalancer service with the specified name.
Usage
$ kubectl create loadbalancer NAME [–tcp=port:targetPort] [–dry-run=server|client|none]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. tcp [] Port pairs can be specified as ‘
: ‘. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false). “true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
service nodeport
Create a new NodePort service named my-ns
kubectl create service nodeport my-ns –tcp =5678:8080
Create a NodePort service with the specified name.
Usage
$ kubectl create nodeport NAME [–tcp=port:targetPort] [–dry-run=server|client|none]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. node-port 0 Port used to expose the service on each node in a cluster. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. tcp [] Port pairs can be specified as ‘
: ‘. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false). “true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
serviceaccount
Create a new service account named my-service-account
kubectl create serviceaccount my-service- account
Create a service account with the specified name.
Usage
$ kubectl create serviceaccount NAME [–dry-run=server|client|none]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-create Name of the manager used to track field ownership. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields.
token
Request a token to authenticate to the kube-apiserver as the service account “myapp” in the current namespace
kubectl create token myapp
Request a token for a service account in a custom namespace
kubectl create token myapp
Request a token with a custom expiration
kubectl create token myapp
Request a token with a custom audience
kubectl create token myapp –audience https:
Request a token bound to an instance of a Secret object
kubectl create token myapp –bound-object-kind Secret –bound-object-name mysecret
Request a token bound to an instance of a Secret object with a specific uid
kubectl create token myapp –bound-object-kind Secret –bound-object-name mysecret –bound-object-uid 0d4691ed – 659b-4935 -a832-355f77ee47cc
Request a service account token.
Usage
$ kubectl create token SERVICE_ACCOUNT_NAME
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. audience [] Audience of the requested token. If unset, defaults to requesting a token for use with the Kubernetes API server. May be repeated to request a token valid for multiple audiences. bound-object-kind Kind of an object to bind the token to. Supported kinds are Pod, Secret. If set, –bound-object-name must be provided. bound-object-name Name of an object to bind the token to. The token will expire when the object is deleted. Requires –bound-object-kind. bound-object-uid UID of an object to bind the token to. Requires –bound-object-kind and –bound-object-name. If unset, the UID of the existing object is used. duration 0s Requested lifetime of the issued token. The server may return a token with a longer or shorter lifetime. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] .
get
List all pods in ps output format
kubectl get pods
List all pods in ps output format with more information (such as node name)
kubectl get pods -o wide
List a single replication controller with specified NAME in ps output format
kubectl get replicationcontroller web
List deployments in JSON output format, in the “v1” version of the “apps” API group
kubectl get deployments .v1 .apps -o json
List a single pod in JSON output format
kubectl get -o json pod web-pod -13 je7
List a pod identified by type and name specified in “pod.yaml” in JSON output format
kubectl get -f pod.yaml -o json
List resources from a directory with kustomization.yaml – e.g. dir/kustomization.yaml
kubectl get -k dir/
Return only the phase value of the specified pod
kubectl get -o template pod/web-pod -13 je7 — template ={{.status.phase}}
List resource information in custom columns
kubectl get pod test-pod -o custom-columns =CONTAINER:.spec.containers[0].name,IMAGE:.spec.containers[0].image
List all replication controllers and services together in ps output format
kubectl get rc,services
List one or more resources by their type and names
kubectl get rc/web service/frontend pods/web-pod-13je7
List status subresource for a single pod.
kubectl get pod web-pod -13 je7
Display one or many resources.
Prints a table of the most important information about the specified resources. You can filter the list using a label selector and the –selector flag. If the desired resource type is namespaced you will only see results in your current namespace unless you pass –all-namespaces.
By specifying the output as ‘template’ and providing a Go template as the value of the –template flag, you can filter the attributes of the fetched resources.
Use “kubectl api-resources” for a complete list of supported resources.
Usage
$ kubectl get [(-o|–output=)json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file|custom-columns|custom-columns-file|wide] (TYPE[.VERSION][.GROUP] [NAME | -l label] | TYPE[.VERSION][.GROUP]/NAME …) [flags]
Flags
Name Shorthand Default Usage all-namespaces A false If present, list the requested object(s) across all namespaces. Namespace in current context is ignored even if specified with –namespace. allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. chunk-size 500 Return large lists in chunks rather than all at once. Pass 0 to disable. This flag is beta and may change in the future. field-selector Selector (field query) to filter on, supports ‘=’, ‘==’, and ‘!=’.(e.g. –field-selector key1=value1,key2=value2). The server only supports a limited number of field queries per type. filename f [] Filename, directory, or URL to files identifying the resource to get from a server. ignore-not-found false If the requested object does not exist the command will return exit code 0. kustomize k Process the kustomization directory. This flag can’t be used together with -f or -R. label-columns L [] Accepts a comma separated list of labels that are going to be presented as columns. Names are case-sensitive. You can also use multiple flag options like -L label1 -L label2… no-headers false When using the default or custom-column output format, don’t print headers (default print headers). output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file, custom-columns, custom-columns-file, wide). See custom columns [ https://kubernetes.io/docs/reference/kubectl/overview/#custom-columns ] , golang template [ http://golang.org/pkg/text/template/#pkg-overview ] and jsonpath template [ https://kubernetes.io/docs/reference/kubectl/jsonpath/ ] . output-watch-events false Output watch event objects when –watch or –watch-only is used. Existing objects are output as initial ADDED events. raw Raw URI to request from the server. Uses the transport specified by the kubeconfig file. recursive R false Process the directory used in -f, –filename recursively. Useful when you want to manage related manifests organized within the same directory. selector l Selector (label query) to filter on, supports ‘=’, ‘==’, and ‘!=’.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. server-print true If true, have the server return the appropriate table output. Supports extension APIs and CRDs. show-kind false If present, list the resource type for the requested object(s). show-labels false When printing, show all labels as the last column (default hide labels column) show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. sort-by If non-empty, sort list types using this field specification. The field specification is expressed as a JSONPath expression (e.g. ‘{.metadata.name}’). The field in the API resource specified by this JSONPath expression must be an integer or a string. subresource If specified, gets the subresource of the requested object. Must be one of [ status scale ] . This flag is alpha and may change in the future. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . use-openapi-print-columns false If true, use x-kubernetes-print-column metadata (if present) from the OpenAPI schema for displaying a resource. watch w false After listing/getting the requested object, watch for changes. watch-only false Watch for changes to the requested object(s), without listing/getting first.
run
Start a nginx pod
kubectl run nginx –image =nginx
Start a hazelcast pod and let the container expose port 5701
kubectl run hazelcast –image =hazelcast/hazelcast –port =5701
Start a hazelcast pod and set environment variables “DNS_DOMAIN=cluster” and “POD_NAMESPACE=default” in the container
kubectl run hazelcast –image =hazelcast/hazelcast –env = “DNS_DOMAIN=cluster” –env = “POD_NAMESPACE=default”
Start a hazelcast pod and set labels “app=hazelcast” and “env=prod” in the container
kubectl run hazelcast –image =hazelcast/hazelcast –labels = “app=hazelcast,env=prod”
Dry run; print the corresponding API objects without creating them
kubectl run nginx –image =nginx –dry-run =client
Start a nginx pod, but overload the spec with a partial set of values parsed from JSON
kubectl run nginx –image=nginx –overrides= ‘{ “apiVersion” : “v1” , “spec” : { … } }’
Start a busybox pod and keep it in the foreground, don’t restart it if it exits
kubectl run -i -t busybox –image =busybox –restart =Never
Start the nginx pod using the default command, but use custom arguments (arg1 .. argN) for that command
kubectl run nginx –image =nginx —
.. . Start the nginx pod using a different command and custom arguments
kubectl run nginx –image =nginx –command —
.. . Create and run a particular image in a pod.
Usage
$ kubectl run NAME –image=image [–env=”key=value”] [–port=port] [–dry-run=server|client] [–overrides=inline-json] [–command] — [COMMAND] [args…]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. annotations [] Annotations to apply to the pod. attach false If true, wait for the Pod to start running, and then attach to the Pod as if ‘kubectl attach …’ were called. Default false, unless ‘-i/–stdin’ is set, in which case the default is true. With ‘–restart=Never’ the exit code of the container process is returned. cascade background Must be “background”, “orphan”, or “foreground”. Selects the deletion cascading strategy for the dependents (e.g. Pods created by a ReplicationController). Defaults to background. command false If true and extra arguments are present, use them as the ‘command’ field in the container, rather than the ‘args’ field which is the default. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. env [] Environment variables to set in the container. expose false If true, create a ClusterIP service associated with the pod. Requires –port . field-manager kubectl-run Name of the manager used to track field ownership. filename f [] to use to replace the resource. force false If true, immediately remove resources from API and bypass graceful deletion. Note that immediate deletion of some resources may result in inconsistency or data loss and requires confirmation. grace-period -1 Period of time in seconds given to the resource to terminate gracefully. Ignored if negative. Set to 1 for immediate shutdown. Can only be set to 0 when –force is true (force deletion). image The image for the container to run. image-pull-policy The image pull policy for the container. If left empty, this value will not be specified by the client and defaulted by the server. kustomize k Process a kustomization directory. This flag can’t be used together with -f or -R. labels l Comma separated labels to apply to the pod. Will override previous values. leave-stdin-open false If the pod is started in interactive mode or with stdin, leave stdin open after the first attach completes. By default, stdin will be closed after the first attach completes. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). override-type merge The method used to override the generated object: json, merge, or strategic. overrides An inline JSON override for the generated object. If this is non-empty, it is used to override the generated object. Requires that the object supply a valid apiVersion field. pod-running-timeout 1m0s The length of time (like 5s, 2m, or 3h, higher than zero) to wait until at least one pod is running port The port that this container exposes. privileged false If true, run the container in privileged mode. quiet q false If true, suppress prompt messages. record false Record current kubectl command in the resource annotation. If set to false, do not record the command. If set to true, record the command. If not set, default to updating the existing annotation value only if one already exists. recursive R false Process the directory used in -f, –filename recursively. Useful when you want to manage related manifests organized within the same directory. restart Always The restart policy for this Pod. Legal values [ Always, OnFailure, Never ] . rm false If true, delete the pod after it exits. Only valid when attaching to the container, e.g. with ‘–attach’ or with ‘-i/–stdin’. save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. stdin i false Keep stdin open on the container in the pod, even if nothing is attached. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . timeout 0s The length of time to wait before giving up on a delete, zero means determine a timeout from the size of the object tty t false Allocate a TTY for the container in the pod. wait false If true, wait for resources to be gone before returning. This waits for finalizers.
expose
Create a service for a replicated nginx, which serves on port 80 and connects to the containers on port 8000
kubectl expose rc nginx –port =80 –target-port =8000
Create a service for a replication controller identified by type and name specified in “nginx-controller.yaml”, which serves on port 80 and connects to the containers on port 8000
kubectl expose -f nginx-controller.yaml –port =80 –target-port =8000
Create a service for a pod valid-pod, which serves on port 444 with the name “frontend”
kubectl expose pod valid-pod –port =444 –name =frontend
Create a second service based on the above service, exposing the container port 8443 as port 443 with the name “nginx-https”
kubectl expose service nginx –port =443 –target-port =8443 –name =nginx-https
Create a service for a replicated streaming application on port 4100 balancing UDP traffic and named ‘video-stream’.
kubectl expose rc streamer –port =4100 –protocol =UDP –name =video-stream
Create a service for a replicated nginx using replica set, which serves on port 80 and connects to the containers on port 8000
kubectl expose rs nginx –port =80 –target-port =8000
Create a service for an nginx deployment, which serves on port 80 and connects to the containers on port 8000
kubectl expose deployment nginx –port =80 –target-port =8000
Expose a resource as a new Kubernetes service.
Looks up a deployment, service, replica set, replication controller or pod by name and uses the selector for that resource as the selector for a new service on the specified port. A deployment or replica set will be exposed as a service only if its selector is convertible to a selector that service supports, i.e. when the selector contains only the matchLabels component. Note that if no port is specified via –port and the exposed resource has multiple ports, all will be re-used by the new service. Also if no labels are specified, the new service will re-use the labels from the resource it exposes.
Possible resources include (case insensitive):
pod (po), service (svc), replicationcontroller (rc), deployment (deploy), replicaset (rs)
Usage
$ kubectl expose (-f FILENAME | TYPE NAME) [–port=port] [–protocol=TCP|UDP|SCTP] [–target-port=number-or-name] [–name=name] [–external-ip=external-ip-of-service] [–type=type]
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. cluster-ip ClusterIP to be assigned to the service. Leave empty to auto-allocate, or set to ‘None’ to create a headless service. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. external-ip Additional external IP address (not managed by Kubernetes) to accept for the service. If this IP is routed to a node, the service can be accessed by this IP in addition to its generated service IP. field-manager kubectl-expose Name of the manager used to track field ownership. filename f [] Filename, directory, or URL to files identifying the resource to expose a service kustomize k Process the kustomization directory. This flag can’t be used together with -f or -R. labels l Labels to apply to the service created by this call. load-balancer-ip IP to assign to the LoadBalancer. If empty, an ephemeral IP will be created and used (cloud-provider specific). name The name for the newly created object. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). override-type merge The method used to override the generated object: json, merge, or strategic. overrides An inline JSON override for the generated object. If this is non-empty, it is used to override the generated object. Requires that the object supply a valid apiVersion field. port The port that the service should serve on. Copied from the resource being exposed, if unspecified protocol The network protocol for the service to be created. Default is ‘TCP’. record false Record current kubectl command in the resource annotation. If set to false, do not record the command. If set to true, record the command. If not set, default to updating the existing annotation value only if one already exists. recursive R false Process the directory used in -f, –filename recursively. Useful when you want to manage related manifests organized within the same directory. save-config false If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. selector A label selector to use for this service. Only equality-based selector requirements are supported. If empty (the default) infer the selector from the replication controller or replica set.) session-affinity If non-empty, set the session affinity for the service to this; legal values: ‘None’, ‘ClientIP’ show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. target-port Name or number for the port on the container that the service should direct traffic to. Optional. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . type Type for this service: ClusterIP, NodePort, LoadBalancer, or ExternalName. Default is ‘ClusterIP’.
delete
Delete a pod using the type and name specified in pod.json
kubectl delete -f ./pod.json
Delete resources from a directory containing kustomization.yaml – e.g. dir/kustomization.yaml
kubectl delete -k dir
Delete resources from all files that end with ‘.json’ – i.e. expand wildcard characters in file names
kubectl apply -f ‘*.json’
Delete a pod based on the type and name in the JSON passed into stdin
cat pod.json | kubectl delete -f –
Delete pods and services with same names “baz” and “foo”
kubectl delete pod,service baz foo
Delete pods and services with label name=myLabel
kubectl delete pods,services -l name =myLabel
Delete a pod with minimal delay
kubectl delete pod foo
Force delete a pod on a dead node
kubectl delete pod foo
Delete all pods
kubectl delete pods
Delete resources by file names, stdin, resources and names, or by resources and label selector.
JSON and YAML formats are accepted. Only one type of argument may be specified: file names, resources and names, or resources and label selector.
Some resources, such as pods, support graceful deletion. These resources define a default period before they are forcibly terminated (the grace period) but you may override that value with the –grace-period flag, or pass –now to set a grace-period of 1. Because these resources often represent entities in the cluster, deletion may not be acknowledged immediately. If the node hosting a pod is down or cannot reach the API server, termination may take significantly longer than the grace period. To force delete a resource, you must specify the –force flag. Note: only a subset of resources support graceful deletion. In absence of the support, the –grace-period flag is ignored.
IMPORTANT: Force deleting pods does not wait for confirmation that the pod’s processes have been terminated, which can leave those processes running until the node detects the deletion and completes graceful deletion. If your processes use shared storage or talk to a remote API and depend on the name of the pod to identify themselves, force deleting those pods may result in multiple processes running on different machines using the same identification which may lead to data corruption or inconsistency. Only force delete pods when you are sure the pod is terminated, or if your application can tolerate multiple copies of the same pod running at once. Also, if you force delete pods, the scheduler may place new pods on those nodes before the node has released those resources and causing those pods to be evicted immediately.
Note that the delete command does NOT do resource version checks, so if someone submits an update to a resource right when you submit a delete, their update will be lost along with the rest of the resource.
After a CustomResourceDefinition is deleted, invalidation of discovery cache may take up to 10 minutes. If you don’t want to wait, you might want to run “kubectl api-resources” to refresh the discovery cache.
Usage
$ kubectl delete ([-f FILENAME] | [-k DIRECTORY] | TYPE [(NAME | -l label | –all)])
Flags
Name Shorthand Default Usage all false Delete all resources, in the namespace of the specified resource types. all-namespaces A false If present, list the requested object(s) across all namespaces. Namespace in current context is ignored even if specified with –namespace. cascade background Must be “background”, “orphan”, or “foreground”. Selects the deletion cascading strategy for the dependents (e.g. Pods created by a ReplicationController). Defaults to background. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-selector Selector (field query) to filter on, supports ‘=’, ‘==’, and ‘!=’.(e.g. –field-selector key1=value1,key2=value2). The server only supports a limited number of field queries per type. filename f [] containing the resource to delete. force false If true, immediately remove resources from API and bypass graceful deletion. Note that immediate deletion of some resources may result in inconsistency or data loss and requires confirmation. grace-period -1 Period of time in seconds given to the resource to terminate gracefully. Ignored if negative. Set to 1 for immediate shutdown. Can only be set to 0 when –force is true (force deletion). ignore-not-found false Treat “resource not found” as a successful delete. Defaults to “true” when –all is specified. kustomize k Process a kustomization directory. This flag can’t be used together with -f or -R. now false If true, resources are signaled for immediate shutdown (same as –grace-period=1). output o Output mode. Use “-o name” for shorter output (resource/name). raw Raw URI to DELETE to the server. Uses the transport specified by the kubeconfig file. recursive R false Process the directory used in -f, –filename recursively. Useful when you want to manage related manifests organized within the same directory. selector l Selector (label query) to filter on, supports ‘=’, ‘==’, and ‘!=’.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. timeout 0s The length of time to wait before giving up on a delete, zero means determine a timeout from the size of the object wait true If true, wait for resources to be gone before returning. This waits for finalizers.
APP MANAGEMENT
This section contains commands for creating, updating, deleting, and viewing your workloads in a Kubernetes cluster.
apply
Apply the configuration in pod.json to a pod
kubectl apply -f ./pod.json
Apply resources from a directory containing kustomization.yaml – e.g. dir/kustomization.yaml
kubectl apply -k dir/
Apply the JSON passed into stdin to a pod
cat pod.json | kubectl apply -f –
Apply the configuration from all files that end with ‘.json’ – i.e. expand wildcard characters in file names
kubectl apply -f ‘*.json’
Note: –prune is still in Alpha # Apply the configuration in manifest.yaml that matches label app=nginx and delete all other resources that are not in the file and match label app=nginx
kubectl apply –prune -f manifest.yaml -l app =nginx
Apply the configuration in manifest.yaml and delete all the other config maps that are not in the file
— – . — — –
Apply a configuration to a resource by file name or stdin. The resource name must be specified. This resource will be created if it doesn’t exist yet. To use ‘apply’, always create the resource initially with either ‘apply’ or ‘create –save-config’.
JSON and YAML formats are accepted.
Alpha Disclaimer: the –prune functionality is not yet complete. Do not use unless you are aware of what the current state is. See https://issues.k8s.io/34274.
Usage
$ kubectl apply (-f FILENAME | -k DIRECTORY)
Flags
Name Shorthand Default Usage all false Select all resources in the namespace of the specified resource types. allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. cascade background Must be “background”, “orphan”, or “foreground”. Selects the deletion cascading strategy for the dependents (e.g. Pods created by a ReplicationController). Defaults to background. dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. field-manager kubectl-client-side-apply Name of the manager used to track field ownership. filename f [] that contains the configuration to apply force false If true, immediately remove resources from API and bypass graceful deletion. Note that immediate deletion of some resources may result in inconsistency or data loss and requires confirmation. force-conflicts false If true, server-side apply will force the changes against conflicts. grace-period -1 Period of time in seconds given to the resource to terminate gracefully. Ignored if negative. Set to 1 for immediate shutdown. Can only be set to 0 when –force is true (force deletion). kustomize k Process a kustomization directory. This flag can’t be used together with -f or -R. openapi-patch true If true, use openapi to calculate diff when the openapi presents and the resource can be found in the openapi spec. Otherwise, fall back to use baked-in types. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). overwrite true Automatically resolve conflicts between the modified and live configuration by using values from the modified configuration prune false Automatically delete resource objects, that do not appear in the configs and are created by either apply or create –save-config. Should be used with either -l or –all. prune-whitelist [] Overwrite the default whitelist with
for –prune record false Record current kubectl command in the resource annotation. If set to false, do not record the command. If set to true, record the command. If not set, default to updating the existing annotation value only if one already exists. recursive R false Process the directory used in -f, –filename recursively. Useful when you want to manage related manifests organized within the same directory. selector l Selector (label query) to filter on, supports ‘=’, ‘==’, and ‘!=’.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. server-side false If true, apply runs in the server instead of the client. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . timeout 0s The length of time to wait before giving up on a delete, zero means determine a timeout from the size of the object validate strict Must be one of: strict (or true), warn, ignore (or false). “true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields. wait false If true, wait for resources to be gone before returning. This waits for finalizers.
edit-last-applied
Edit the last-applied-configuration annotations by type/name in YAML
kubectl apply edit- last -applied deployment/nginx
Edit the last-applied-configuration annotations by file in JSON
kubectl apply edit- last -applied -f deploy.yaml -o json
Edit the latest last-applied-configuration annotations of resources from the default editor.
The edit-last-applied command allows you to directly edit any API resource you can retrieve via the command-line tools. It will open the editor defined by your KUBE_EDITOR, or EDITOR environment variables, or fall back to ‘vi’ for Linux or ‘notepad’ for Windows. You can edit multiple objects, although changes are applied one at a time. The command accepts file names as well as command-line arguments, although the files you point to must be previously saved versions of resources.
The default format is YAML. To edit in JSON, specify “-o json”.
The flag –windows-line-endings can be used to force Windows line endings, otherwise the default for your operating system will be used.
In the event an error occurs while updating, a temporary file will be created on disk that contains your unapplied changes. The most common error when updating a resource is another editor changing the resource on the server. When this occurs, you will have to apply your changes to the newer version of the resource, or update your temporary saved copy to include the latest resource version.
Usage
$ kubectl apply edit-last-applied (RESOURCE/NAME | -f FILENAME)
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. field-manager kubectl-client-side-apply Name of the manager used to track field ownership. filename f [] Filename, directory, or URL to files to use to edit the resource kustomize k Process the kustomization directory. This flag can’t be used together with -f or -R. output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). record false Record current kubectl command in the resource annotation. If set to false, do not record the command. If set to true, record the command. If not set, default to updating the existing annotation value only if one already exists. recursive R false Process the directory used in -f, –filename recursively. Useful when you want to manage related manifests organized within the same directory. show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] . validate strict Must be one of: strict (or true), warn, ignore (or false).
“true” or “strict” will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
“warn” will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as “ignore” otherwise.
“false” or “ignore” will not perform any schema validation, silently dropping any unknown or duplicate fields. windows-line-endings false Defaults to the line ending native to your platform.
set-last-applied
Set the last-applied-configuration of a resource to match the contents of a file
kubectl apply set-last-applied -f deploy. yaml
Execute set-last-applied against each configuration file in a directory
kubectl apply set-last-applied -f path/
Set the last-applied-configuration of a resource to match the contents of a file; will create the annotation if it does not already exist
kubectl apply set-last-applied -f deploy. yaml –create-annotation=true
Set the latest last-applied-configuration annotations by setting it to match the contents of a file. This results in the last-applied-configuration being updated as though ‘kubectl apply -f ‘ was run, without updating any other parts of the object.
Usage
$ kubectl apply set-last-applied -f FILENAME
Flags
Name Shorthand Default Usage allow-missing-template-keys true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. create-annotation false Will create ‘last-applied-configuration’ annotations if current objects doesn’t have one dry-run none Must be “none”, “server”, or “client”. If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. filename f [] Filename, directory, or URL to files that contains the last-applied-configuration annotations output o Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). show-managed-fields false If true, keep the managedFields when printing objects in JSON or YAML format. template Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ http://golang.org/pkg/text/template/#pkg-overview ] .
view-last-applied
View the last-applied-configuration annotations by type/name in YAML
kubectl apply view – last -applied deployment/nginx
View the last-applied-configuration annotations by file in JSON
kubectl apply view – last -applied -f deploy.yaml -o json
View the latest last-applied-configuration annotations by type/name or file.
The default output will be printed to stdout in YAML format. You can use the -o option to change the output format.
Usage
$ kubectl apply view-last-applied (TYPE [NAME | -l label] | TYPE/NAME | -f FILENAME)
Flags
Name Shorthand Default Usage all false Select all resources in the namespace of the specified resource types filename f [] Filename, directory, or URL to files that contains the last-applied-configuration annotations kustomize k Process the kustomization directory. This flag can’t be used together with -f or -R. output o yaml Output format. Must be one of (yaml, json) recursive R false Process the directory used in -f, –filename recursively. Useful when you want to manage related manifests organized within the same directory. selector l Selector (label query) to filter on, supports ‘=’, ‘==’, and ‘!=’.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints.
annotate
Update pod ‘foo’ with the annotation ‘description’ and the value ‘my frontend’ # If the same annotation is set multiple times, only the last value will be applied
kubectl annotate pods foo description = ‘my frontend’
Update a pod identified by type and name in “pod.json”
kubectl annotate -f pod.json description = ‘my frontend’
Update pod ‘foo’ with the annotation ‘description’ and the value ‘my frontend running nginx’, overwriting any existing value
kubectl annotate –overwrite pods foo description= ‘my frontend running nginx’
Update all pods in the namespace
kubectl annotate pods –all description= ‘my frontend running nginx’
Update pod ‘foo’ only i
How to copy files from kubernetes Pods to local system
kubectl cp command is already mentioned by some of the users on this thread.
kubectl cp
: -n -c Note that to run this command tar utility should already be installed on the pod.
However I have come across few errors while running this command on windows PowerShell.
PS P:\Users
stty\Downloads\k8s-diags> kubectl cp dremio-master-0:/var/log/dremio/server.log P:\Users
stty\Downloads\k8s-diags\server-logs\ error: one of src or dest must be a local file specification
error: one of src or dest must be a local file specification
When running this command on windows, don’t use the full path of the local system. Use relative path instead (. or ..). Now using relative path in the below command but getting a different error.
PS P:\Users
stty\Downloads\k8s-diags> kubectl cp dremio-master-0:/var/log/dremio/server.log . tar: Removing leading `/’ from member names error: open .: is a directory
error: open .: is a directory
If you are copying a file, then in the local path use the relative path along with the file name that you want for the copied file. kubectl will first create this file and then copy the contents to this file. Below is the working command.
PS P:\Users
stty\Downloads\k8s-diags> kubectl cp dremio-master-0:/var/log/dremio/server.log .\server-logs\server.log tar: Removing leading `/’ from member names
tar: Removing leading `/’ from member names
This message is just a warning from tar utility in your pod. The file should be copied to your local system.
How to Copy Files Between Kubernetes Pods and Your Machine
Containers running in Kubernetes Pods are meant to be self-contained compute units that you don’t need to manually interact with. Sometimes you might have to copy files to or from a Pod’s filesystem though, perhaps because you’re debugging a problem and want to archive logs, config files, or caches stored in a container.
Here’s how to move files between your machine and containers in a Pod, using Kubectl’s built-in transfer feature or a manual alternative.
Copying To or From Your Machine
The kubectl cp command is the simplest way to copy to or from a container filesystem. It works similarly to the docker cp you may already be familiar with from local container development.
kubectl cp requires source and destination arguments. One of the source or destination must be a Pod reference. This is formatted as the Pod name, followed by a colon and the in-container filesystem path.
kubectl cp example-pod:/tmp/example-dir ./example-dir
This example copies the contents of /tmp/example-dir from example-pod to example-dir on your local filesystem. Reversing the arguments would copy your machine’s example-dir back to the Pod.
Command Arguments
As a single Pod can hold multiple containers, it’s important to bear this in mind when using cp . Kubernetes will default to copying to or from the first container instance within the Pod. You can target a specific container instead by adding the -c flag:
kubectl cp example-pod:/tmp/example-dir ./example-dir -c second-container
Like all other kubectl commands, cp runs against the cluster connection defined by your KUBECONFIG environment variable. This defaults to ~/.kube/conf .
There are two options when you’re referencing namespaced Pods. You can either add the standard –namespace example-namespace flag or use a full Pod path in your filesystem reference:
kubectl cp example-namespace/example-pod:/tmp/example-dir ./example-dir
File attributes are preserved by default. Add the –no-preserve flag to your cp command to strip ownership and permissions data from the copied files left at the destination. Unlike regular Unix cp , Kubectl’s implementation is always recursive so referencing a directory will include its contents too.
When Kubectl Cp Won’t Work
kubectl cp comes with one big caveat: internally, it’s a simple wrapper around tar . The command will compress the source path, copy the archive to the destination, and then extract its content. Your container image must include the tar binary in its path for this to work.
This means kubectl cp may not always be an option when you’re following Docker best practices to keep images small. Although popular minimal bases such as alpine do include tar , it may not feature in every image and won’t be present if you’re assembling them from scratch.
The use of tar also limits what kubectl cp can copy. You can’t resolve symlinks or use wildcards like /tmp/*.log . You’ll have to use a different approach when this functionality is needed.
One option is to combine kubectl exec , the cat command, and shell redirection to stream a file’s content out of the cluster and into a local file:
kubectl exec –namespace example-namespace example-pod -c second-container — cat /tmp/example-file > local-file
The kubectl exec command starts a shell session in the Pod. Everything after the — is run inside the container. The output of calling cat on the file will be emitted to your terminal where it can be redirected into a local file.
This technique is suitable when you’re copying a handful of relatively small files. It would quickly become tedious if you needed to retrieve a large directory. Unfortunately there’s no better alternative without adding additional software to your container.
If you’re feeling daring, you could install SSH in your container and use scp to access its filesystem from your host. This would give you a complete copying experience at the expense of running an extra daemon and creating a potential security issue. It should only be considered on properly protected clusters.
Adding tar to your container images is a much safer option. This lets you use kubectl cp and unlocks more advanced manual copying via kubectl exec when you need extra functionality. If you run into limitations with the cp syntax, invoke tar directly via kubectl exec to add extra flags to the command:
kubectl exec –namespace example-namespace example-pod -c second-container — tar -cf /tmp/example-dir | tar xf – -C ./extracted-dir
This runs tar -cF inside your container and pipes the result to the tar xf extraction command on your local machine. The – instructs tar to extract the data fed to it via the standard input stream. -C is used to specify a destination directory.
Summary
The kubectl cp command lets you copy files between Kubernetes Pods and your machine. It works in either direction but can’t be used to move files from Pod to Pod. If you need to do that, it’s best to use a two-stage procedure, copying first from Pod A to your machine, then onward to Pod B.
So you have finished reading the kubectl cp topic article, if you find this article useful, please share it. Thank you very much. See more: Kubectl cp
