1OC IMAGE(1)                        June 2016                       OC IMAGE(1)
2
3
4

NAME

6       oc image append - Add layers to images and push them to a registry
7
8
9

SYNOPSIS

11       oc image append [OPTIONS]
12
13
14

DESCRIPTION

16       Add layers to Docker images
17
18
19       Modifies  an  existing image by adding layers or changing configuration
20       and then pushes that image to a remote registry. Any  inherited  layers
21       are  streamed  from  registry to registry without being stored locally.
22       The default docker credentials are used for authenticating to the  reg‐
23       istries.
24
25
26       Layers  may  be provided as arguments to the command and must each be a
27       gzipped tar archive representing a filesystem overlay to the  inherited
28       images.  The  archive  may contain a "whiteout" file (the prefix '.wh.'
29       and the filename) which will hide files in the lower layers.  All  sup‐
30       ported filesystem attributes present in the archive will be used as is.
31
32
33       Metadata  about  the  image  (the configuration passed to the container
34       runtime) may be altered by passing a JSON  string  to  the  --image  or
35       --meta  options.  The  --image  flag changes what the container runtime
36       sees, while the --meta option allows you to change  the  attributes  of
37       the  image used by the runtime. Use --dry-run to see the result of your
38       changes. You may add the --drop-history flag to remove information from
39       the image about the system that built the base image.
40
41
42       Images  in manifest list format will automatically select an image that
43       matches the current operating system and architecture  unless  you  use
44       --filter-by-os  to select a different image. This flag has no effect on
45       regular images.
46
47
48

OPTIONS

50       --created-at=""
51           The creation date for this image, in RFC3339 format or milliseconds
52       from the Unix epoch.
53
54
55       --drop-history=false
56           Fields on the image that relate to the history of how the image was
57       created will be removed.
58
59
60       --dry-run=false
61           Print the actions that would be taken and exit without  writing  to
62       the destination.
63
64
65       --filter-by-os=""
66           A  regular  expression to control which images are mirrored. Images
67       will be passed as '<platform>/<architecture>[/<variant>]'.
68
69
70       --force=false
71           If set, the command will attempt to upload all  layers  instead  of
72       skipping those that are already uploaded.
73
74
75       --from=""
76           The  image  to use as a base. If empty, a new scratch image is cre‐
77       ated.
78
79
80       --image=""
81           A JSON patch that will be used with the output image data.
82
83
84       --insecure=false
85           Allow push and pull operations to registries to be made over HTTP
86
87
88       --max-per-registry=3
89           Number of concurrent requests allowed per registry.
90
91
92       --meta=""
93           A JSON patch that will be used with image base  metadata  (advanced
94       config).
95
96
97       --to=""
98           The Docker repository tag to upload the appended image to.
99
100
101

OPTIONS INHERITED FROM PARENT COMMANDS

103       --allow_verification_with_non_compliant_keys=false
104           Allow  a  SignatureVerifier  to  use  keys  which  are  technically
105       non-compliant with RFC6962.
106
107
108       --alsologtostderr=false
109           log to standard error as well as files
110
111
112       --application_metrics_count_limit=100
113           Max number of application metrics to store (per container)
114
115
116       --as=""
117           Username to impersonate for the operation
118
119
120       --as-group=[]
121           Group to impersonate for the operation, this flag can  be  repeated
122       to specify multiple groups.
123
124
125       --azure-container-registry-config=""
126           Path  to the file containing Azure container registry configuration
127       information.
128
129
130       --boot_id_file="/proc/sys/kernel/random/boot_id"
131           Comma-separated list of files to check for boot-id. Use  the  first
132       one that exists.
133
134
135       --cache-dir="/builddir/.kube/http-cache"
136           Default HTTP cache directory
137
138
139       --certificate-authority=""
140           Path to a cert file for the certificate authority
141
142
143       --client-certificate=""
144           Path to a client certificate file for TLS
145
146
147       --client-key=""
148           Path to a client key file for TLS
149
150
151       --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
152           CIDRs opened in GCE firewall for LB traffic proxy  health checks
153
154
155       --cluster=""
156           The name of the kubeconfig cluster to use
157
158
159       --container_hints="/etc/cadvisor/container_hints.json"
160           location of the container hints file
161
162
163       --containerd="unix:///var/run/containerd.sock"
164           containerd endpoint
165
166
167       --context=""
168           The name of the kubeconfig context to use
169
170
171       --default-not-ready-toleration-seconds=300
172           Indicates   the   tolerationSeconds   of   the    toleration    for
173       notReady:NoExecute  that is added by default to every pod that does not
174       already have such a toleration.
175
176
177       --default-unreachable-toleration-seconds=300
178           Indicates the tolerationSeconds  of  the  toleration  for  unreach‐
179       able:NoExecute  that  is  added  by  default to every pod that does not
180       already have such a toleration.
181
182
183       --docker="unix:///var/run/docker.sock"
184           docker endpoint
185
186
187       --docker-tls=false
188           use TLS to connect to docker
189
190
191       --docker-tls-ca="ca.pem"
192           path to trusted CA
193
194
195       --docker-tls-cert="cert.pem"
196           path to client certificate
197
198
199       --docker-tls-key="key.pem"
200           path to private key
201
202
203       --docker_env_metadata_whitelist=""
204           a comma-separated list of environment variable keys that  needs  to
205       be collected for docker containers
206
207
208       --docker_only=false
209           Only report docker containers in addition to root stats
210
211
212       --docker_root="/var/lib/docker"
213           DEPRECATED:  docker  root is read from docker info (this is a fall‐
214       back, default: /var/lib/docker)
215
216
217       --enable_load_reader=false
218           Whether to enable cpu load reader
219
220
221       --event_storage_age_limit="default=24h"
222           Max length of time for which to store events (per type). Value is a
223       comma  separated  list  of  key  values, where the keys are event types
224       (e.g.: creation, oom) or "default" and the value is a duration. Default
225       is applied to all non-specified event types
226
227
228       --event_storage_event_limit="default=100000"
229           Max  number  of  events to store (per type). Value is a comma sepa‐
230       rated list of key values, where the keys are event  types  (e.g.:  cre‐
231       ation,  oom)  or  "default"  and  the  value  is an integer. Default is
232       applied to all non-specified event types
233
234
235       --global_housekeeping_interval=0
236           Interval between global housekeepings
237
238
239       --housekeeping_interval=0
240           Interval between container housekeepings
241
242
243       --insecure-skip-tls-verify=false
244           If true, the server's certificate will not be checked for validity.
245       This will make your HTTPS connections insecure
246
247
248       --kubeconfig=""
249           Path to the kubeconfig file to use for CLI requests.
250
251
252       --log-flush-frequency=0
253           Maximum number of seconds between log flushes
254
255
256       --log_backtrace_at=:0
257           when logging hits line file:N, emit a stack trace
258
259
260       --log_cadvisor_usage=false
261           Whether to log the usage of the cAdvisor container
262
263
264       --log_dir=""
265           If non-empty, write log files in this directory
266
267
268       --logtostderr=true
269           log to standard error instead of files
270
271
272       --machine_id_file="/etc/machine-id,/var/lib/dbus/machine-id"
273           Comma-separated  list  of  files  to  check for machine-id. Use the
274       first one that exists.
275
276
277       --match-server-version=false
278           Require server version to match client version
279
280
281       -n, --namespace=""
282           If present, the namespace scope for this CLI request
283
284
285       --request-timeout="0"
286           The length of time to wait before giving  up  on  a  single  server
287       request. Non-zero values should contain a corresponding time unit (e.g.
288       1s, 2m, 3h). A value of zero means don't timeout requests.
289
290
291       -s, --server=""
292           The address and port of the Kubernetes API server
293
294
295       --stderrthreshold=2
296           logs at or above this threshold go to stderr
297
298
299       --storage_driver_buffer_duration=0
300           Writes in the storage driver will be buffered  for  this  duration,
301       and committed to the non memory backends as a single transaction
302
303
304       --storage_driver_db="cadvisor"
305           database name
306
307
308       --storage_driver_host="localhost:8086"
309           database host:port
310
311
312       --storage_driver_password="root"
313           database password
314
315
316       --storage_driver_secure=false
317           use secure connection with database
318
319
320       --storage_driver_table="stats"
321           table name
322
323
324       --storage_driver_user="root"
325           database username
326
327
328       --token=""
329           Bearer token for authentication to the API server
330
331
332       --user=""
333           The name of the kubeconfig user to use
334
335
336       -v, --v=0
337           log level for V logs
338
339
340       --version=false
341           Print version information and quit
342
343
344       --vmodule=
345           comma-separated  list  of pattern=N settings for file-filtered log‐
346       ging
347
348
349

EXAMPLE

351                # Remove the entrypoint on the mysql:latest image
352                oc image --from mysql:latest --to myregistry.com/myimage:latest --image {"Entrypoint":null}
353
354                # Add a new layer to the image
355                oc image --from mysql:latest --to myregistry.com/myimage:latest layer.tar.gz
356
357
358
359

SEE ALSO

361       oc-image(1),
362
363
364

HISTORY

366       June 2016, Ported from the Kubernetes man-doc generator
367
368
369
370Openshift                  Openshift CLI User Manuals              OC IMAGE(1)
Impressum