1KUBERNETES(1)                      Jan 2015                      KUBERNETES(1)
2
3
4

NAME

6       kubectl expose - Take a replication controller, service, deployment or
7       pod and expose it as a new Kubernetes Service
8
9
10

SYNOPSIS

12       kubectl expose [OPTIONS]
13
14
15

DESCRIPTION

17       Expose a resource as a new Kubernetes service.
18
19
20       Looks up a deployment, service, replica set, replication controller or
21       pod by name and uses the selector for that resource as the selector for
22       a new service on the specified port. A deployment or replica set will
23       be exposed as a service only if its selector is convertible to a
24       selector that service supports, i.e. when the selector contains only
25       the matchLabels component. Note that if no port is specified via --port
26       and the exposed resource has multiple ports, all will be re-used by the
27       new service. Also if no labels are specified, the new service will
28       re-use the labels from the resource it exposes.
29
30
31       Possible resources include (case insensitive):
32
33
34       pod (po), service (svc), replicationcontroller (rc), deployment
35       (deploy), replicaset (rs)
36
37
38

OPTIONS

40       --allow-missing-template-keys=true
41           If true, ignore any errors in templates when a field or map key is
42       missing in the template. Only applies to golang and jsonpath output
43       formats.
44
45
46       --cluster-ip=""
47           ClusterIP to be assigned to the service. Leave empty to
48       auto-allocate, or set to 'None' to create a headless service.
49
50
51       --container-port=""
52           Synonym for --target-port
53
54
55       --dry-run="none"
56           Must be "none", "server", or "client". If client strategy, only
57       print the object that would be sent, without sending it. If server
58       strategy, submit server-side request without persisting the resource.
59
60
61       --external-ip=""
62           Additional external IP address (not managed by Kubernetes) to
63       accept for the service. If this IP is routed to a node, the service can
64       be accessed by this IP in addition to its generated service IP.
65
66
67       -f, --filename=[]
68           Filename, directory, or URL to files identifying the resource to
69       expose a service
70
71
72       --generator="service/v2"
73           The name of the API generator to use. There are 2 generators:
74       'service/v1' and 'service/v2'. The only difference between them is that
75       service port in v1 is named 'default', while it is left unnamed in v2.
76       Default is 'service/v2'.
77
78
79       -k, --kustomize=""
80           Process the kustomization directory. This flag can't be used
81       together with -f or -R.
82
83
84       -l, --labels=""
85           Labels to apply to the service created by this call.
86
87
88       --load-balancer-ip=""
89           IP to assign to the LoadBalancer. If empty, an ephemeral IP will be
90       created and used (cloud-provider specific).
91
92
93       --name=""
94           The name for the newly created object.
95
96
97       -o, --output=""
98           Output format. One of:
99       json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
100
101
102       --overrides=""
103           An inline JSON override for the generated object. If this is
104       non-empty, it is used to override the generated object. Requires that
105       the object supply a valid apiVersion field.
106
107
108       --port=""
109           The port that the service should serve on. Copied from the resource
110       being exposed, if unspecified
111
112
113       --protocol=""
114           The network protocol for the service to be created. Default is
115       'TCP'.
116
117
118       --record=false
119           Record current kubectl command in the resource annotation. If set
120       to false, do not record the command. If set to true, record the
121       command. If not set, default to updating the existing annotation value
122       only if one already exists.
123
124
125       -R, --recursive=false
126           Process the directory used in -f, --filename recursively. Useful
127       when you want to manage related manifests organized within the same
128       directory.
129
130
131       --save-config=false
132           If true, the configuration of current object will be saved in its
133       annotation. Otherwise, the annotation will be unchanged. This flag is
134       useful when you want to perform kubectl apply on this object in the
135       future.
136
137
138       --selector=""
139           A label selector to use for this service. Only equality-based
140       selector requirements are supported. If empty (the default) infer the
141       selector from the replication controller or replica set.)
142
143
144       --session-affinity=""
145           If non-empty, set the session affinity for the service to this;
146       legal values: 'None', 'ClientIP'
147
148
149       --target-port=""
150           Name or number for the port on the container that the service
151       should direct traffic to. Optional.
152
153
154       --template=""
155           Template string or path to template file to use when
156       -o=go-template, -o=go-template-file. The template format is golang
157       templates [ ⟨http://golang.org/pkg/text/template/#pkg-overview⟩].
158
159
160       --type=""
161           Type for this service: ClusterIP, NodePort, LoadBalancer, or
162       ExternalName. Default is 'ClusterIP'.
163
164
165

OPTIONS INHERITED FROM PARENT COMMANDS

167       --add-dir-header=false
168           If true, adds the file directory to the header
169
170
171       --alsologtostderr=false
172           log to standard error as well as files
173
174
175       --application-metrics-count-limit=100
176           Max number of application metrics to store (per container)
177
178
179       --as=""
180           Username to impersonate for the operation
181
182
183       --as-group=[]
184           Group to impersonate for the operation, this flag can be repeated
185       to specify multiple groups.
186
187
188       --azure-container-registry-config=""
189           Path to the file containing Azure container registry configuration
190       information.
191
192
193       --boot-id-file="/proc/sys/kernel/random/boot_id"
194           Comma-separated list of files to check for boot-id. Use the first
195       one that exists.
196
197
198       --cache-dir="/builddir/.kube/http-cache"
199           Default HTTP cache directory
200
201
202       --certificate-authority=""
203           Path to a cert file for the certificate authority
204
205
206       --client-certificate=""
207           Path to a client certificate file for TLS
208
209
210       --client-key=""
211           Path to a client key file for TLS
212
213
214       --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
215           CIDRs opened in GCE firewall for L7 LB traffic proxy  health checks
216
217
218       --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
219           CIDRs opened in GCE firewall for L4 LB traffic proxy  health checks
220
221
222       --cluster=""
223           The name of the kubeconfig cluster to use
224
225
226       --container-hints="/etc/cadvisor/container_hints.json"
227           location of the container hints file
228
229
230       --containerd="/run/containerd/containerd.sock"
231           containerd endpoint
232
233
234       --containerd-namespace="k8s.io"
235           containerd namespace
236
237
238       --context=""
239           The name of the kubeconfig context to use
240
241
242       --default-not-ready-toleration-seconds=300
243           Indicates the tolerationSeconds of the toleration for
244       notReady:NoExecute that is added by default to every pod that does not
245       already have such a toleration.
246
247
248       --default-unreachable-toleration-seconds=300
249           Indicates the tolerationSeconds of the toleration for
250       unreachable:NoExecute that is added by default to every pod that does
251       not already have such a toleration.
252
253
254       --disable-root-cgroup-stats=false
255           Disable collecting root Cgroup stats
256
257
258       --docker="unix:///var/run/docker.sock"
259           docker endpoint
260
261
262       --docker-env-metadata-whitelist=""
263           a comma-separated list of environment variable keys that needs to
264       be collected for docker containers
265
266
267       --docker-only=false
268           Only report docker containers in addition to root stats
269
270
271       --docker-root="/var/lib/docker"
272           DEPRECATED: docker root is read from docker info (this is a
273       fallback, default: /var/lib/docker)
274
275
276       --docker-tls=false
277           use TLS to connect to docker
278
279
280       --docker-tls-ca="ca.pem"
281           path to trusted CA
282
283
284       --docker-tls-cert="cert.pem"
285           path to client certificate
286
287
288       --docker-tls-key="key.pem"
289           path to private key
290
291
292       --enable-load-reader=false
293           Whether to enable cpu load reader
294
295
296       --event-storage-age-limit="default=0"
297           Max length of time for which to store events (per type). Value is a
298       comma separated list of key values, where the keys are event types
299       (e.g.: creation, oom) or "default" and the value is a duration. Default
300       is applied to all non-specified event types
301
302
303       --event-storage-event-limit="default=0"
304           Max number of events to store (per type). Value is a comma
305       separated list of key values, where the keys are event types (e.g.:
306       creation, oom) or "default" and the value is an integer. Default is
307       applied to all non-specified event types
308
309
310       --global-housekeeping-interval=1m0s
311           Interval between global housekeepings
312
313
314       --housekeeping-interval=10s
315           Interval between container housekeepings
316
317
318       --insecure-skip-tls-verify=false
319           If true, the server's certificate will not be checked for validity.
320       This will make your HTTPS connections insecure
321
322
323       --kubeconfig=""
324           Path to the kubeconfig file to use for CLI requests.
325
326
327       --log-backtrace-at=:0
328           when logging hits line file:N, emit a stack trace
329
330
331       --log-cadvisor-usage=false
332           Whether to log the usage of the cAdvisor container
333
334
335       --log-dir=""
336           If non-empty, write log files in this directory
337
338
339       --log-file=""
340           If non-empty, use this log file
341
342
343       --log-file-max-size=1800
344           Defines the maximum size a log file can grow to. Unit is megabytes.
345       If the value is 0, the maximum file size is unlimited.
346
347
348       --log-flush-frequency=5s
349           Maximum number of seconds between log flushes
350
351
352       --logtostderr=true
353           log to standard error instead of files
354
355
356       --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
357           Comma-separated list of files to check for machine-id. Use the
358       first one that exists.
359
360
361       --match-server-version=false
362           Require server version to match client version
363
364
365       -n, --namespace=""
366           If present, the namespace scope for this CLI request
367
368
369       --password=""
370           Password for basic authentication to the API server
371
372
373       --profile="none"
374           Name of profile to capture. One of
375       (none|cpu|heap|goroutine|threadcreate|block|mutex)
376
377
378       --profile-output="profile.pprof"
379           Name of the file to write the profile to
380
381
382       --request-timeout="0"
383           The length of time to wait before giving up on a single server
384       request. Non-zero values should contain a corresponding time unit (e.g.
385       1s, 2m, 3h). A value of zero means don't timeout requests.
386
387
388       -s, --server=""
389           The address and port of the Kubernetes API server
390
391
392       --skip-headers=false
393           If true, avoid header prefixes in the log messages
394
395
396       --skip-log-headers=false
397           If true, avoid headers when opening log files
398
399
400       --stderrthreshold=2
401           logs at or above this threshold go to stderr
402
403
404       --storage-driver-buffer-duration=1m0s
405           Writes in the storage driver will be buffered for this duration,
406       and committed to the non memory backends as a single transaction
407
408
409       --storage-driver-db="cadvisor"
410           database name
411
412
413       --storage-driver-host="localhost:8086"
414           database host:port
415
416
417       --storage-driver-password="root"
418           database password
419
420
421       --storage-driver-secure=false
422           use secure connection with database
423
424
425       --storage-driver-table="stats"
426           table name
427
428
429       --storage-driver-user="root"
430           database username
431
432
433       --tls-server-name=""
434           Server name to use for server certificate validation. If it is not
435       provided, the hostname used to contact the server is used
436
437
438       --token=""
439           Bearer token for authentication to the API server
440
441
442       --update-machine-info-interval=5m0s
443           Interval between machine info updates.
444
445
446       --user=""
447           The name of the kubeconfig user to use
448
449
450       --username=""
451           Username for basic authentication to the API server
452
453
454       -v, --v=0
455           number for the log level verbosity
456
457
458       --version=false
459           Print version information and quit
460
461
462       --vmodule=
463           comma-separated list of pattern=N settings for file-filtered
464       logging
465
466
467

EXAMPLE

469                # Create a service for a replicated nginx, which serves on port 80 and connects to the containers on port 8000.
470                kubectl expose rc nginx --port=80 --target-port=8000
471
472                # Create a service for a replication controller identified by type and name specified in "nginx-controller.yaml", which serves on port 80 and connects to the containers on port 8000.
473                kubectl expose -f nginx-controller.yaml --port=80 --target-port=8000
474
475                # Create a service for a pod valid-pod, which serves on port 444 with the name "frontend"
476                kubectl expose pod valid-pod --port=444 --name=frontend
477
478                # Create a second service based on the above service, exposing the container port 8443 as port 443 with the name "nginx-https"
479                kubectl expose service nginx --port=443 --target-port=8443 --name=nginx-https
480
481                # Create a service for a replicated streaming application on port 4100 balancing UDP traffic and named 'video-stream'.
482                kubectl expose rc streamer --port=4100 --protocol=UDP --name=video-stream
483
484                # Create a service for a replicated nginx using replica set, which serves on port 80 and connects to the containers on port 8000.
485                kubectl expose rs nginx --port=80 --target-port=8000
486
487                # Create a service for an nginx deployment, which serves on port 80 and connects to the containers on port 8000.
488                kubectl expose deployment nginx --port=80 --target-port=8000
489
490
491
492

SEE ALSO

494       kubectl(1),
495
496
497

HISTORY

499       January 2015, Originally compiled by Eric Paris (eparis at redhat dot
500       com) based on the kubernetes source material, but hopefully they have
501       been automatically generated since!
502
503
504
505Eric Paris                  kubernetes User Manuals              KUBERNETES(1)
Impressum