1KUBERNETES(1) Jan 2015 KUBERNETES(1)
2
3
4
6 kubectl patch - Update field(s) of a resource using strategic merge
7 patch
8
9
10
12 kubectl patch [OPTIONS]
13
14
15
17 Update field(s) of a resource using strategic merge patch, a JSON merge
18 patch, or a JSON patch.
19
20
21 JSON and YAML formats are accepted.
22
23
24 Please refer to the models in ⟨https://htmlpre‐
25 view.github.io/?https://github.com/kubernetes/kuber‐
26 netes/blob/HEAD/docs/api-reference/v1/definitions.html⟩ to find if a
27 field is mutable.
28
29
30
32 --allow-missing-template-keys=true
33 If true, ignore any errors in templates when a field or map key is
34 missing in the template. Only applies to golang and jsonpath output
35 formats.
36
37
38 --dry-run=false
39 If true, only print the object that would be sent, without sending
40 it.
41
42
43 -f, --filename=[]
44 Filename, directory, or URL to files identifying the resource to
45 update
46
47
48 --local=false
49 If true, patch will operate on the content of the file, not the
50 server-side resource.
51
52
53 -o, --output=""
54 Output format. One of: json|yaml|name|template|go-template|go-tem‐
55 plate-file|templatefile|jsonpath|jsonpath-file.
56
57
58 -p, --patch=""
59 The patch to be applied to the resource JSON file.
60
61
62 --record=false
63 Record current kubectl command in the resource annotation. If set
64 to false, do not record the command. If set to true, record the com‐
65 mand. If not set, default to updating the existing annotation value
66 only if one already exists.
67
68
69 -R, --recursive=false
70 Process the directory used in -f, --filename recursively. Useful
71 when you want to manage related manifests organized within the same
72 directory.
73
74
75 --template=""
76 Template string or path to template file to use when -o=go-tem‐
77 plate, -o=go-template-file. The template format is golang templates [
78 ⟨http://golang.org/pkg/text/template/#pkg-overview⟩].
79
80
81 --type="strategic"
82 The type of patch being provided; one of [json merge strategic]
83
84
85
87 --allow-verification-with-non-compliant-keys=false
88 Allow a SignatureVerifier to use keys which are technically
89 non-compliant with RFC6962.
90
91
92 --alsologtostderr=false
93 log to standard error as well as files
94
95
96 --application-metrics-count-limit=100
97 Max number of application metrics to store (per container)
98
99
100 --as=""
101 Username to impersonate for the operation
102
103
104 --as-group=[]
105 Group to impersonate for the operation, this flag can be repeated
106 to specify multiple groups.
107
108
109 --azure-container-registry-config=""
110 Path to the file containing Azure container registry configuration
111 information.
112
113
114 --boot-id-file="/proc/sys/kernel/random/boot_id"
115 Comma-separated list of files to check for boot-id. Use the first
116 one that exists.
117
118
119 --cache-dir="/builddir/.kube/http-cache"
120 Default HTTP cache directory
121
122
123 --certificate-authority=""
124 Path to a cert file for the certificate authority
125
126
127 --client-certificate=""
128 Path to a client certificate file for TLS
129
130
131 --client-key=""
132 Path to a client key file for TLS
133
134
135 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
136 CIDRs opened in GCE firewall for LB traffic proxy health checks
137
138
139 --cluster=""
140 The name of the kubeconfig cluster to use
141
142
143 --container-hints="/etc/cadvisor/container_hints.json"
144 location of the container hints file
145
146
147 --containerd="unix:///var/run/containerd.sock"
148 containerd endpoint
149
150
151 --context=""
152 The name of the kubeconfig context to use
153
154
155 --default-not-ready-toleration-seconds=300
156 Indicates the tolerationSeconds of the toleration for
157 notReady:NoExecute that is added by default to every pod that does not
158 already have such a toleration.
159
160
161 --default-unreachable-toleration-seconds=300
162 Indicates the tolerationSeconds of the toleration for unreach‐
163 able:NoExecute that is added by default to every pod that does not
164 already have such a toleration.
165
166
167 --docker="unix:///var/run/docker.sock"
168 docker endpoint
169
170
171 --docker-env-metadata-whitelist=""
172 a comma-separated list of environment variable keys that needs to
173 be collected for docker containers
174
175
176 --docker-only=false
177 Only report docker containers in addition to root stats
178
179
180 --docker-root="/var/lib/docker"
181 DEPRECATED: docker root is read from docker info (this is a fall‐
182 back, default: /var/lib/docker)
183
184
185 --docker-tls=false
186 use TLS to connect to docker
187
188
189 --docker-tls-ca="ca.pem"
190 path to trusted CA
191
192
193 --docker-tls-cert="cert.pem"
194 path to client certificate
195
196
197 --docker-tls-key="key.pem"
198 path to private key
199
200
201 --enable-load-reader=false
202 Whether to enable cpu load reader
203
204
205 --event-storage-age-limit="default=0"
206 Max length of time for which to store events (per type). Value is a
207 comma separated list of key values, where the keys are event types
208 (e.g.: creation, oom) or "default" and the value is a duration. Default
209 is applied to all non-specified event types
210
211
212 --event-storage-event-limit="default=0"
213 Max number of events to store (per type). Value is a comma sepa‐
214 rated list of key values, where the keys are event types (e.g.: cre‐
215 ation, oom) or "default" and the value is an integer. Default is
216 applied to all non-specified event types
217
218
219 --global-housekeeping-interval=1m0s
220 Interval between global housekeepings
221
222
223 --google-json-key=""
224 The Google Cloud Platform Service Account JSON Key to use for
225 authentication.
226
227
228 --housekeeping-interval=10s
229 Interval between container housekeepings
230
231
232 --insecure-skip-tls-verify=false
233 If true, the server's certificate will not be checked for validity.
234 This will make your HTTPS connections insecure
235
236
237 --kubeconfig=""
238 Path to the kubeconfig file to use for CLI requests.
239
240
241 --log-backtrace-at=:0
242 when logging hits line file:N, emit a stack trace
243
244
245 --log-cadvisor-usage=false
246 Whether to log the usage of the cAdvisor container
247
248
249 --log-dir=""
250 If non-empty, write log files in this directory
251
252
253 --log-flush-frequency=5s
254 Maximum number of seconds between log flushes
255
256
257 --logtostderr=true
258 log to standard error instead of files
259
260
261 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
262 Comma-separated list of files to check for machine-id. Use the
263 first one that exists.
264
265
266 --match-server-version=false
267 Require server version to match client version
268
269
270 --mesos-agent="127.0.0.1:5051"
271 Mesos agent address
272
273
274 --mesos-agent-timeout=10s
275 Mesos agent timeout
276
277
278 -n, --namespace=""
279 If present, the namespace scope for this CLI request
280
281
282 --request-timeout="0"
283 The length of time to wait before giving up on a single server
284 request. Non-zero values should contain a corresponding time unit (e.g.
285 1s, 2m, 3h). A value of zero means don't timeout requests.
286
287
288 -s, --server=""
289 The address and port of the Kubernetes API server
290
291
292 --stderrthreshold=2
293 logs at or above this threshold go to stderr
294
295
296 --storage-driver-buffer-duration=1m0s
297 Writes in the storage driver will be buffered for this duration,
298 and committed to the non memory backends as a single transaction
299
300
301 --storage-driver-db="cadvisor"
302 database name
303
304
305 --storage-driver-host="localhost:8086"
306 database host:port
307
308
309 --storage-driver-password="root"
310 database password
311
312
313 --storage-driver-secure=false
314 use secure connection with database
315
316
317 --storage-driver-table="stats"
318 table name
319
320
321 --storage-driver-user="root"
322 database username
323
324
325 --token=""
326 Bearer token for authentication to the API server
327
328
329 --user=""
330 The name of the kubeconfig user to use
331
332
333 -v, --v=0
334 log level for V logs
335
336
337 --version=false
338 Print version information and quit
339
340
341 --vmodule=
342 comma-separated list of pattern=N settings for file-filtered log‐
343 ging
344
345
346
348 # Partially update a node using a strategic merge patch. Specify the patch as JSON.
349 kubectl patch node k8s-node-1 -p '{"spec":{"unschedulable":true}}'
350
351 # Partially update a node using a strategic merge patch. Specify the patch as YAML.
352 kubectl patch node k8s-node-1 -p $'spec:\n unschedulable: true'
353
354 # Partially update a node identified by the type and name specified in "node.json" using strategic merge patch.
355 kubectl patch -f node.json -p '{"spec":{"unschedulable":true}}'
356
357 # Update a container's image; spec.containers[*].name is required because it's a merge key.
358 kubectl patch pod valid-pod -p '{"spec":{"containers":[{"name":"kubernetes-serve-hostname","image":"new image"}]}}'
359
360 # Update a container's image using a json patch with positional arrays.
361 kubectl patch pod valid-pod --type='json' -p='[{"op": "replace", "path": "/spec/containers/0/image", "value":"new image"}]'
362
363
364
365
367 kubectl(1),
368
369
370
372 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
373 com) based on the kubernetes source material, but hopefully they have
374 been automatically generated since!
375
376
377
378Eric Paris kubernetes User Manuals KUBERNETES(1)