1KUBERNETES(1) Jan 2015 KUBERNETES(1)
2
6 kubectl expose - Take a replication controller, service, deployment or
7 pod and expose it as a new Kubernetes Service
8
12 kubectl expose [OPTIONS]
13
17 Expose a resource as a new Kubernetes service.
18 Looks up a deployment, service, replica set, replication controller or
21 pod by name and uses the selector for that resource as the selector for
22 a new service on the specified port. A deployment or replica set will
23 be exposed as a service only if its selector is convertible to a selec‐
24 tor that service supports, i.e. when the selector contains only the
25 matchLabels component. Note that if no port is specified via --port and
26 the exposed resource has multiple ports, all will be re-used by the new
27 service. Also if no labels are specified, the new service will re-use
28 the labels from the resource it exposes.
29 Possible resources include (case insensitive):
32 pod (po), service (svc), replicationcontroller (rc), deployment
35 (deploy), replicaset (rs)
36
40 --allow-missing-template-keys=true
41 If true, ignore any errors in templates when a field or map key is
42 missing in the template. Only applies to golang and jsonpath output
43 formats.
44 --cluster-ip=""
47 ClusterIP to be assigned to the service. Leave empty to auto-allo‐
48 cate, or set to 'None' to create a headless service.
49 --container-port=""
52 Synonym for --target-port
53 --dry-run=false
56 If true, only print the object that would be sent, without sending
57 it.
58 --external-ip=""
61 Additional external IP address (not managed by Kubernetes) to
62 accept for the service. If this IP is routed to a node, the service can
63 be accessed by this IP in addition to its generated service IP.
64 -f, --filename=[]
67 Filename, directory, or URL to files identifying the resource to
68 expose a service
69 --generator="service/v2"
72 The name of the API generator to use. There are 2 generators: 'ser‐
73 vice/v1' and 'service/v2'. The only difference between them is that
74 service port in v1 is named 'default', while it is left unnamed in v2.
75 Default is 'service/v2'.
76 -l, --labels=""
79 Labels to apply to the service created by this call.
80 --load-balancer-ip=""
83 IP to assign to the LoadBalancer. If empty, an ephemeral IP will be
84 created and used (cloud-provider specific).
85 --name=""
88 The name for the newly created object.
89 -o, --output=""
92 Output format. One of: json|yaml|name|go-template|go-tem‐
93 plate-file|template|templatefile|jsonpath|jsonpath-file.
94 --overrides=""
97 An inline JSON override for the generated object. If this is
98 non-empty, it is used to override the generated object. Requires that
99 the object supply a valid apiVersion field.
100 --port=""
103 The port that the service should serve on. Copied from the resource
104 being exposed, if unspecified
105 --protocol=""
108 The network protocol for the service to be created. Default is
109 'TCP'.
110 --record=false
113 Record current kubectl command in the resource annotation. If set
114 to false, do not record the command. If set to true, record the com‐
115 mand. If not set, default to updating the existing annotation value
116 only if one already exists.
117 -R, --recursive=false
120 Process the directory used in -f, --filename recursively. Useful
121 when you want to manage related manifests organized within the same
122 directory.
123 --save-config=false
126 If true, the configuration of current object will be saved in its
127 annotation. Otherwise, the annotation will be unchanged. This flag is
128 useful when you want to perform kubectl apply on this object in the
129 future.
130 --selector=""
133 A label selector to use for this service. Only equality-based
134 selector requirements are supported. If empty (the default) infer the
135 selector from the replication controller or replica set.)
136 --session-affinity=""
139 If non-empty, set the session affinity for the service to this;
140 legal values: 'None', 'ClientIP'
141 --target-port=""
144 Name or number for the port on the container that the service
145 should direct traffic to. Optional.
146 --template=""
149 Template string or path to template file to use when -o=go-tem‐
150 plate, -o=go-template-file. The template format is golang templates [
151 ⟨http://golang.org/pkg/text/template/#pkg-overview⟩].
152 --type=""
155 Type for this service: ClusterIP, NodePort, LoadBalancer, or Exter‐
156 nalName. Default is 'ClusterIP'.
157
161 --alsologtostderr=false
162 log to standard error as well as files
163 --application-metrics-count-limit=100
166 Max number of application metrics to store (per container)
167 --as=""
170 Username to impersonate for the operation
171 --as-group=[]
174 Group to impersonate for the operation, this flag can be repeated
175 to specify multiple groups.
176 --azure-container-registry-config=""
179 Path to the file containing Azure container registry configuration
180 information.
181 --boot-id-file="/proc/sys/kernel/random/boot_id"
184 Comma-separated list of files to check for boot-id. Use the first
185 one that exists.
186 --cache-dir="/builddir/.kube/http-cache"
189 Default HTTP cache directory
190 --certificate-authority=""
193 Path to a cert file for the certificate authority
194 --client-certificate=""
197 Path to a client certificate file for TLS
198 --client-key=""
201 Path to a client key file for TLS
202 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
205 CIDRs opened in GCE firewall for LB traffic proxy health checks
206 --cluster=""
209 The name of the kubeconfig cluster to use
210 --container-hints="/etc/cadvisor/container_hints.json"
213 location of the container hints file
214 --containerd="unix:///var/run/containerd.sock"
217 containerd endpoint
218 --context=""
221 The name of the kubeconfig context to use
222 --default-not-ready-toleration-seconds=300
225 Indicates the tolerationSeconds of the toleration for
226 notReady:NoExecute that is added by default to every pod that does not
227 already have such a toleration.
228 --default-unreachable-toleration-seconds=300
231 Indicates the tolerationSeconds of the toleration for unreach‐
232 able:NoExecute that is added by default to every pod that does not
233 already have such a toleration.
234 --docker="unix:///var/run/docker.sock"
237 docker endpoint
238 --docker-env-metadata-whitelist=""
241 a comma-separated list of environment variable keys that needs to
242 be collected for docker containers
243 --docker-only=false
246 Only report docker containers in addition to root stats
247 --docker-root="/var/lib/docker"
250 DEPRECATED: docker root is read from docker info (this is a fall‐
251 back, default: /var/lib/docker)
252 --docker-tls=false
255 use TLS to connect to docker
256 --docker-tls-ca="ca.pem"
259 path to trusted CA
260 --docker-tls-cert="cert.pem"
263 path to client certificate
264 --docker-tls-key="key.pem"
267 path to private key
268 --enable-load-reader=false
271 Whether to enable cpu load reader
272 --event-storage-age-limit="default=0"
275 Max length of time for which to store events (per type). Value is a
276 comma separated list of key values, where the keys are event types
277 (e.g.: creation, oom) or "default" and the value is a duration. Default
278 is applied to all non-specified event types
279 --event-storage-event-limit="default=0"
282 Max number of events to store (per type). Value is a comma sepa‐
283 rated list of key values, where the keys are event types (e.g.: cre‐
284 ation, oom) or "default" and the value is an integer. Default is
285 applied to all non-specified event types
286 --global-housekeeping-interval=1m0s
289 Interval between global housekeepings
290 --housekeeping-interval=10s
293 Interval between container housekeepings
294 --insecure-skip-tls-verify=false
297 If true, the server's certificate will not be checked for validity.
298 This will make your HTTPS connections insecure
299 --kubeconfig=""
302 Path to the kubeconfig file to use for CLI requests.
303 --log-backtrace-at=:0
306 when logging hits line file:N, emit a stack trace
307 --log-cadvisor-usage=false
310 Whether to log the usage of the cAdvisor container
311 --log-dir=""
314 If non-empty, write log files in this directory
315 --log-file=""
318 If non-empty, use this log file
319 --log-flush-frequency=5s
322 Maximum number of seconds between log flushes
323 --logtostderr=true
326 log to standard error instead of files
327 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
330 Comma-separated list of files to check for machine-id. Use the
331 first one that exists.
332 --match-server-version=false
335 Require server version to match client version
336 --mesos-agent="127.0.0.1:5051"
339 Mesos agent address
340 --mesos-agent-timeout=10s
343 Mesos agent timeout
344 -n, --namespace=""
347 If present, the namespace scope for this CLI request
348 --password=""
351 Password for basic authentication to the API server
352 --profile="none"
355 Name of profile to capture. One of (none|cpu|heap|goroutine|thread‐
356 create|block|mutex)
357 --profile-output="profile.pprof"
360 Name of the file to write the profile to
361 --request-timeout="0"
364 The length of time to wait before giving up on a single server
365 request. Non-zero values should contain a corresponding time unit (e.g.
366 1s, 2m, 3h). A value of zero means don't timeout requests.
367 -s, --server=""
370 The address and port of the Kubernetes API server
371 --skip-headers=false
374 If true, avoid header prefixes in the log messages
375 --stderrthreshold=2
378 logs at or above this threshold go to stderr
379 --storage-driver-buffer-duration=1m0s
382 Writes in the storage driver will be buffered for this duration,
383 and committed to the non memory backends as a single transaction
384 --storage-driver-db="cadvisor"
387 database name
388 --storage-driver-host="localhost:8086"
391 database host:port
392 --storage-driver-password="root"
395 database password
396 --storage-driver-secure=false
399 use secure connection with database
400 --storage-driver-table="stats"
403 table name
404 --storage-driver-user="root"
407 database username
408 --token=""
411 Bearer token for authentication to the API server
412 --user=""
415 The name of the kubeconfig user to use
416 --username=""
419 Username for basic authentication to the API server
420 -v, --v=0
423 log level for V logs
424 --version=false
427 Print version information and quit
428 --vmodule=
431 comma-separated list of pattern=N settings for file-filtered log‐
432 ging
433
437 # Create a service for a replicated nginx, which serves on port 80 and connects to the containers on port 8000.
438 kubectl expose rc nginx --port=80 --target-port=8000
439 # Create a service for a replication controller identified by type and name specified in "nginx-controller.yaml", which serves on port 80 and connects to the containers on port 8000.
441 kubectl expose -f nginx-controller.yaml --port=80 --target-port=8000
442 # Create a service for a pod valid-pod, which serves on port 444 with the name "frontend"
444 kubectl expose pod valid-pod --port=444 --name=frontend
445 # Create a second service based on the above service, exposing the container port 8443 as port 443 with the name "nginx-https"
447 kubectl expose service nginx --port=443 --target-port=8443 --name=nginx-https
448 # Create a service for a replicated streaming application on port 4100 balancing UDP traffic and named 'video-stream'.
450 kubectl expose rc streamer --port=4100 --protocol=udp --name=video-stream
451 # Create a service for a replicated nginx using replica set, which serves on port 80 and connects to the containers on port 8000.
453 kubectl expose rs nginx --port=80 --target-port=8000
454 # Create a service for an nginx deployment, which serves on port 80 and connects to the containers on port 8000.
456 kubectl expose deployment nginx --port=80 --target-port=8000
457
462 kubectl(1),
463
467 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
468 com) based on the kubernetes source material, but hopefully they have
469 been automatically generated since!
470Eric Paris kubernetes User Manuals KUBERNETES(1)