1KUBERNETES(1) Jan 2015 KUBERNETES(1)
2
3
4
6 kubectl patch - Update field(s) of a resource using strategic merge
7 patch
8
9
10
12 kubectl patch [OPTIONS]
13
14
15
17 Update field(s) of a resource using strategic merge patch, a JSON merge
18 patch, or a JSON patch.
19
20
21 JSON and YAML formats are accepted.
22
23
24
26 --allow-missing-template-keys=true
27 If true, ignore any errors in templates when a field or map key is
28 missing in the template. Only applies to golang and jsonpath output
29 formats.
30
31
32 --dry-run="none"
33 Must be "none", "server", or "client". If client strategy, only
34 print the object that would be sent, without sending it. If server
35 strategy, submit server-side request without persisting the resource.
36
37
38 -f, --filename=[]
39 Filename, directory, or URL to files identifying the resource to
40 update
41
42
43 -k, --kustomize=""
44 Process the kustomization directory. This flag can't be used
45 together with -f or -R.
46
47
48 --local=false
49 If true, patch will operate on the content of the file, not the
50 server-side resource.
51
52
53 -o, --output=""
54 Output format. One of:
55 json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
56
57
58 -p, --patch=""
59 The patch to be applied to the resource JSON file.
60
61
62 --record=false
63 Record current kubectl command in the resource annotation. If set
64 to false, do not record the command. If set to true, record the
65 command. If not set, default to updating the existing annotation value
66 only if one already exists.
67
68
69 -R, --recursive=false
70 Process the directory used in -f, --filename recursively. Useful
71 when you want to manage related manifests organized within the same
72 directory.
73
74
75 --template=""
76 Template string or path to template file to use when
77 -o=go-template, -o=go-template-file. The template format is golang
78 templates [ ⟨http://golang.org/pkg/text/template/#pkg-overview⟩].
79
80
81 --type="strategic"
82 The type of patch being provided; one of [json merge strategic]
83
84
85
87 --add-dir-header=false
88 If true, adds the file directory to the header
89
90
91 --alsologtostderr=false
92 log to standard error as well as files
93
94
95 --application-metrics-count-limit=100
96 Max number of application metrics to store (per container)
97
98
99 --as=""
100 Username to impersonate for the operation
101
102
103 --as-group=[]
104 Group to impersonate for the operation, this flag can be repeated
105 to specify multiple groups.
106
107
108 --azure-container-registry-config=""
109 Path to the file containing Azure container registry configuration
110 information.
111
112
113 --boot-id-file="/proc/sys/kernel/random/boot_id"
114 Comma-separated list of files to check for boot-id. Use the first
115 one that exists.
116
117
118 --cache-dir="/builddir/.kube/http-cache"
119 Default HTTP cache directory
120
121
122 --certificate-authority=""
123 Path to a cert file for the certificate authority
124
125
126 --client-certificate=""
127 Path to a client certificate file for TLS
128
129
130 --client-key=""
131 Path to a client key file for TLS
132
133
134 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
135 CIDRs opened in GCE firewall for L7 LB traffic proxy health checks
136
137
138 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
139 CIDRs opened in GCE firewall for L4 LB traffic proxy health checks
140
141
142 --cluster=""
143 The name of the kubeconfig cluster to use
144
145
146 --container-hints="/etc/cadvisor/container_hints.json"
147 location of the container hints file
148
149
150 --containerd="/run/containerd/containerd.sock"
151 containerd endpoint
152
153
154 --containerd-namespace="k8s.io"
155 containerd namespace
156
157
158 --context=""
159 The name of the kubeconfig context to use
160
161
162 --default-not-ready-toleration-seconds=300
163 Indicates the tolerationSeconds of the toleration for
164 notReady:NoExecute that is added by default to every pod that does not
165 already have such a toleration.
166
167
168 --default-unreachable-toleration-seconds=300
169 Indicates the tolerationSeconds of the toleration for
170 unreachable:NoExecute that is added by default to every pod that does
171 not already have such a toleration.
172
173
174 --disable-root-cgroup-stats=false
175 Disable collecting root Cgroup stats
176
177
178 --docker="unix:///var/run/docker.sock"
179 docker endpoint
180
181
182 --docker-env-metadata-whitelist=""
183 a comma-separated list of environment variable keys that needs to
184 be collected for docker containers
185
186
187 --docker-only=false
188 Only report docker containers in addition to root stats
189
190
191 --docker-root="/var/lib/docker"
192 DEPRECATED: docker root is read from docker info (this is a
193 fallback, default: /var/lib/docker)
194
195
196 --docker-tls=false
197 use TLS to connect to docker
198
199
200 --docker-tls-ca="ca.pem"
201 path to trusted CA
202
203
204 --docker-tls-cert="cert.pem"
205 path to client certificate
206
207
208 --docker-tls-key="key.pem"
209 path to private key
210
211
212 --enable-load-reader=false
213 Whether to enable cpu load reader
214
215
216 --event-storage-age-limit="default=0"
217 Max length of time for which to store events (per type). Value is a
218 comma separated list of key values, where the keys are event types
219 (e.g.: creation, oom) or "default" and the value is a duration. Default
220 is applied to all non-specified event types
221
222
223 --event-storage-event-limit="default=0"
224 Max number of events to store (per type). Value is a comma
225 separated list of key values, where the keys are event types (e.g.:
226 creation, oom) or "default" and the value is an integer. Default is
227 applied to all non-specified event types
228
229
230 --global-housekeeping-interval=1m0s
231 Interval between global housekeepings
232
233
234 --housekeeping-interval=10s
235 Interval between container housekeepings
236
237
238 --insecure-skip-tls-verify=false
239 If true, the server's certificate will not be checked for validity.
240 This will make your HTTPS connections insecure
241
242
243 --kubeconfig=""
244 Path to the kubeconfig file to use for CLI requests.
245
246
247 --log-backtrace-at=:0
248 when logging hits line file:N, emit a stack trace
249
250
251 --log-cadvisor-usage=false
252 Whether to log the usage of the cAdvisor container
253
254
255 --log-dir=""
256 If non-empty, write log files in this directory
257
258
259 --log-file=""
260 If non-empty, use this log file
261
262
263 --log-file-max-size=1800
264 Defines the maximum size a log file can grow to. Unit is megabytes.
265 If the value is 0, the maximum file size is unlimited.
266
267
268 --log-flush-frequency=5s
269 Maximum number of seconds between log flushes
270
271
272 --logtostderr=true
273 log to standard error instead of files
274
275
276 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
277 Comma-separated list of files to check for machine-id. Use the
278 first one that exists.
279
280
281 --match-server-version=false
282 Require server version to match client version
283
284
285 -n, --namespace=""
286 If present, the namespace scope for this CLI request
287
288
289 --password=""
290 Password for basic authentication to the API server
291
292
293 --profile="none"
294 Name of profile to capture. One of
295 (none|cpu|heap|goroutine|threadcreate|block|mutex)
296
297
298 --profile-output="profile.pprof"
299 Name of the file to write the profile to
300
301
302 --request-timeout="0"
303 The length of time to wait before giving up on a single server
304 request. Non-zero values should contain a corresponding time unit (e.g.
305 1s, 2m, 3h). A value of zero means don't timeout requests.
306
307
308 -s, --server=""
309 The address and port of the Kubernetes API server
310
311
312 --skip-headers=false
313 If true, avoid header prefixes in the log messages
314
315
316 --skip-log-headers=false
317 If true, avoid headers when opening log files
318
319
320 --stderrthreshold=2
321 logs at or above this threshold go to stderr
322
323
324 --storage-driver-buffer-duration=1m0s
325 Writes in the storage driver will be buffered for this duration,
326 and committed to the non memory backends as a single transaction
327
328
329 --storage-driver-db="cadvisor"
330 database name
331
332
333 --storage-driver-host="localhost:8086"
334 database host:port
335
336
337 --storage-driver-password="root"
338 database password
339
340
341 --storage-driver-secure=false
342 use secure connection with database
343
344
345 --storage-driver-table="stats"
346 table name
347
348
349 --storage-driver-user="root"
350 database username
351
352
353 --tls-server-name=""
354 Server name to use for server certificate validation. If it is not
355 provided, the hostname used to contact the server is used
356
357
358 --token=""
359 Bearer token for authentication to the API server
360
361
362 --update-machine-info-interval=5m0s
363 Interval between machine info updates.
364
365
366 --user=""
367 The name of the kubeconfig user to use
368
369
370 --username=""
371 Username for basic authentication to the API server
372
373
374 -v, --v=0
375 number for the log level verbosity
376
377
378 --version=false
379 Print version information and quit
380
381
382 --vmodule=
383 comma-separated list of pattern=N settings for file-filtered
384 logging
385
386
387
389 # Partially update a node using a strategic merge patch. Specify the patch as JSON.
390 kubectl patch node k8s-node-1 -p '{"spec":{"unschedulable":true}}'
391
392 # Partially update a node using a strategic merge patch. Specify the patch as YAML.
393 kubectl patch node k8s-node-1 -p $'spec:\n unschedulable: true'
394
395 # Partially update a node identified by the type and name specified in "node.json" using strategic merge patch.
396 kubectl patch -f node.json -p '{"spec":{"unschedulable":true}}'
397
398 # Update a container's image; spec.containers[*].name is required because it's a merge key.
399 kubectl patch pod valid-pod -p '{"spec":{"containers":[{"name":"kubernetes-serve-hostname","image":"new image"}]}}'
400
401 # Update a container's image using a json patch with positional arrays.
402 kubectl patch pod valid-pod --type='json' -p='[{"op": "replace", "path": "/spec/containers/0/image", "value":"new image"}]'
403
404
405
406
408 kubectl(1),
409
410
411
413 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
414 com) based on the kubernetes source material, but hopefully they have
415 been automatically generated since!
416
417
418
419Eric Paris kubernetes User Manuals KUBERNETES(1)