1OC CREATE(1)                       June 2016                      OC CREATE(1)
2
3
4

NAME

6       oc  create identity - Manually create an identity (only needed if auto‐
7       matic creation is disabled).
8
9
10

SYNOPSIS

12       oc create identity [OPTIONS]
13
14
15

DESCRIPTION

17       This command can be used to create an identity object.
18
19
20       Typically, identities are created automatically during login. If  auto‐
21       matic  creation  is  disabled  (by  using the "lookup" mapping method),
22       identities must be created manually.
23
24
25       Corresponding user and useridentitymapping objects must also be created
26       to allow logging in with the created identity.
27
28
29

OPTIONS

31       --allow-missing-template-keys=true
32           If  true, ignore any errors in templates when a field or map key is
33       missing in the template. Only applies to  golang  and  jsonpath  output
34       formats.
35
36
37       --dry-run=false
38           If  true, only print the object that would be sent, without sending
39       it.
40
41
42       -o, --output=""
43           Output format. One of:  json|yaml|name|template|go-template|go-tem‐
44       plate-file|templatefile|jsonpath|jsonpath-file.
45
46
47       --template=""
48           Template  string  or  path  to template file to use when -o=go-tem‐
49       plate, -o=go-template-file. The template format is golang  templates  [
50http://golang.org/pkg/text/template/#pkg-overview⟩].
51
52
53

OPTIONS INHERITED FROM PARENT COMMANDS

55       --allow_verification_with_non_compliant_keys=false
56           Allow  a  SignatureVerifier  to  use  keys  which  are  technically
57       non-compliant with RFC6962.
58
59
60       --alsologtostderr=false
61           log to standard error as well as files
62
63
64       --application_metrics_count_limit=100
65           Max number of application metrics to store (per container)
66
67
68       --as=""
69           Username to impersonate for the operation
70
71
72       --as-group=[]
73           Group to impersonate for the operation, this flag can  be  repeated
74       to specify multiple groups.
75
76
77       --azure-container-registry-config=""
78           Path  to the file containing Azure container registry configuration
79       information.
80
81
82       --boot_id_file="/proc/sys/kernel/random/boot_id"
83           Comma-separated list of files to check for boot-id. Use  the  first
84       one that exists.
85
86
87       --cache-dir="/builddir/.kube/http-cache"
88           Default HTTP cache directory
89
90
91       --certificate-authority=""
92           Path to a cert file for the certificate authority
93
94
95       --client-certificate=""
96           Path to a client certificate file for TLS
97
98
99       --client-key=""
100           Path to a client key file for TLS
101
102
103       --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
104           CIDRs opened in GCE firewall for LB traffic proxy  health checks
105
106
107       --cluster=""
108           The name of the kubeconfig cluster to use
109
110
111       --container_hints="/etc/cadvisor/container_hints.json"
112           location of the container hints file
113
114
115       --containerd="unix:///var/run/containerd.sock"
116           containerd endpoint
117
118
119       --context=""
120           The name of the kubeconfig context to use
121
122
123       --default-not-ready-toleration-seconds=300
124           Indicates   the   tolerationSeconds   of   the    toleration    for
125       notReady:NoExecute  that is added by default to every pod that does not
126       already have such a toleration.
127
128
129       --default-unreachable-toleration-seconds=300
130           Indicates the tolerationSeconds  of  the  toleration  for  unreach‐
131       able:NoExecute  that  is  added  by  default to every pod that does not
132       already have such a toleration.
133
134
135       --docker="unix:///var/run/docker.sock"
136           docker endpoint
137
138
139       --docker-tls=false
140           use TLS to connect to docker
141
142
143       --docker-tls-ca="ca.pem"
144           path to trusted CA
145
146
147       --docker-tls-cert="cert.pem"
148           path to client certificate
149
150
151       --docker-tls-key="key.pem"
152           path to private key
153
154
155       --docker_env_metadata_whitelist=""
156           a comma-separated list of environment variable keys that  needs  to
157       be collected for docker containers
158
159
160       --docker_only=false
161           Only report docker containers in addition to root stats
162
163
164       --docker_root="/var/lib/docker"
165           DEPRECATED:  docker  root is read from docker info (this is a fall‐
166       back, default: /var/lib/docker)
167
168
169       --enable_load_reader=false
170           Whether to enable cpu load reader
171
172
173       --event_storage_age_limit="default=24h"
174           Max length of time for which to store events (per type). Value is a
175       comma  separated  list  of  key  values, where the keys are event types
176       (e.g.: creation, oom) or "default" and the value is a duration. Default
177       is applied to all non-specified event types
178
179
180       --event_storage_event_limit="default=100000"
181           Max  number  of  events to store (per type). Value is a comma sepa‐
182       rated list of key values, where the keys are event  types  (e.g.:  cre‐
183       ation,  oom)  or  "default"  and  the  value  is an integer. Default is
184       applied to all non-specified event types
185
186
187       --global_housekeeping_interval=0
188           Interval between global housekeepings
189
190
191       --housekeeping_interval=0
192           Interval between container housekeepings
193
194
195       --httptest.serve=""
196           if non-empty, httptest.NewServer serves on this address and blocks
197
198
199       --insecure-skip-tls-verify=false
200           If true, the server's certificate will not be checked for validity.
201       This will make your HTTPS connections insecure
202
203
204       --kubeconfig=""
205           Path to the kubeconfig file to use for CLI requests.
206
207
208       --log-flush-frequency=0
209           Maximum number of seconds between log flushes
210
211
212       --log_backtrace_at=:0
213           when logging hits line file:N, emit a stack trace
214
215
216       --log_cadvisor_usage=false
217           Whether to log the usage of the cAdvisor container
218
219
220       --log_dir=""
221           If non-empty, write log files in this directory
222
223
224       --logtostderr=true
225           log to standard error instead of files
226
227
228       --machine_id_file="/etc/machine-id,/var/lib/dbus/machine-id"
229           Comma-separated  list  of  files  to  check for machine-id. Use the
230       first one that exists.
231
232
233       --match-server-version=false
234           Require server version to match client version
235
236
237       -n, --namespace=""
238           If present, the namespace scope for this CLI request
239
240
241       --request-timeout="0"
242           The length of time to wait before giving  up  on  a  single  server
243       request. Non-zero values should contain a corresponding time unit (e.g.
244       1s, 2m, 3h). A value of zero means don't timeout requests.
245
246
247       -s, --server=""
248           The address and port of the Kubernetes API server
249
250
251       --stderrthreshold=2
252           logs at or above this threshold go to stderr
253
254
255       --storage_driver_buffer_duration=0
256           Writes in the storage driver will be buffered  for  this  duration,
257       and committed to the non memory backends as a single transaction
258
259
260       --storage_driver_db="cadvisor"
261           database name
262
263
264       --storage_driver_host="localhost:8086"
265           database host:port
266
267
268       --storage_driver_password="root"
269           database password
270
271
272       --storage_driver_secure=false
273           use secure connection with database
274
275
276       --storage_driver_table="stats"
277           table name
278
279
280       --storage_driver_user="root"
281           database username
282
283
284       --token=""
285           Bearer token for authentication to the API server
286
287
288       --user=""
289           The name of the kubeconfig user to use
290
291
292       -v, --v=0
293           log level for V logs
294
295
296       --version=false
297           Print version information and quit
298
299
300       --vmodule=
301           comma-separated  list  of pattern=N settings for file-filtered log‐
302       ging
303
304
305

EXAMPLE

307                # Create an identity with identity provider "acme_ldap" and the identity provider username "adamjones"
308                oc create identity acme_ldap:adamjones
309
310
311
312

SEE ALSO

314       oc-create(1),
315
316
317

HISTORY

319       June 2016, Ported from the Kubernetes man-doc generator
320
321
322
323Openshift                  Openshift CLI User Manuals             OC CREATE(1)
Impressum