kubectl-apply(1)

1KUBERNETES(1)                      Jan 2015                      KUBERNETES(1)
2
3
4

NAME

6       kubectl  apply  -  Apply  a  configuration to a resource by filename or
7       stdin
8
9
10

SYNOPSIS

12       kubectl apply [OPTIONS]
13
14
15

DESCRIPTION

17       Apply a configuration to a resource by filename or stdin. The  resource
18       name  must  be  specified.  This resource will be created if it doesn't
19       exist yet. To use 'apply', always create the  resource  initially  with
20       either 'apply' or 'create --save-config'.
21
22
23       JSON and YAML formats are accepted.
24
25
26       Alpha Disclaimer: the --prune functionality is not yet complete. Do not
27       use  unless  you  are  aware  of  what  the  current  state   is.   See
28       ⟨https://issues.k8s.io/34274⟩.
29
30
31

OPTIONS

33       --all=false
34           Select  all  resources  in  the namespace of the specified resource
35       types.
36
37
38       --allow-missing-template-keys=true
39           If true, ignore any errors in templates when a field or map key  is
40       missing  in  the  template.  Only applies to golang and jsonpath output
41       formats.
42
43
44       --cascade=true
45           If true, cascade the deletion of  the  resources  managed  by  this
46       resource (e.g. Pods created by a ReplicationController).  Default true.
47
48
49       --dry-run=false
50           If  true, only print the object that would be sent, without sending
51       it.
52
53
54       -f, --filename=[]
55           that contains the configuration to apply
56
57
58       --force=false
59           Only  used  when  grace-period=0.  If  true,   immediately   remove
60       resources  from  API  and bypass graceful deletion. Note that immediate
61       deletion of some resources may result in inconsistency or data loss and
62       requires confirmation.
63
64
65       --grace-period=-1
66           Period of time in seconds given to the resource to terminate grace‐
67       fully. Ignored if negative. Set to 1 for immediate shutdown.  Can  only
68       be set to 0 when --force is true (force deletion).
69
70
71       --include-uninitialized=false
72           If  true,  the kubectl command applies to uninitialized objects. If
73       explicitly set to false, this flag overrides other flags that make  the
74       kubectl commands apply to uninitialized objects, e.g., "--all". Objects
75       with empty metadata.initializers are regarded as initialized.
76
77
78       --openapi-patch=true
79           If true, use openapi to calculate diff when  the  openapi  presents
80       and the resource can be found in the openapi spec. Otherwise, fall back
81       to use baked-in types.
82
83
84       -o, --output=""
85           Output format. One of:  json|yaml|name|template|go-template|go-tem‐
86       plate-file|templatefile|jsonpath|jsonpath-file.
87
88
89       --overwrite=true
90           Automatically  resolve conflicts between the modified and live con‐
91       figuration by using values from the modified configuration
92
93
94       --prune=false
95           Automatically delete resource objects, including the  uninitialized
96       ones, that do not appear in the configs and are created by either apply
97       or create --save-config. Should be used with either -l or --all.
98
99
100       --prune-whitelist=[]
101           Overwrite  the  default  whitelist  with  <group/version/kind>  for
102       --prune
103
104
105       --record=false
106           Record  current  kubectl command in the resource annotation. If set
107       to false, do not record the command. If set to true,  record  the  com‐
108       mand.  If  not  set,  default to updating the existing annotation value
109       only if one already exists.
110
111
112       -R, --recursive=false
113           Process the directory used in -f,  --filename  recursively.  Useful
114       when  you  want  to  manage related manifests organized within the same
115       directory.
116
117
118       -l, --selector=""
119           Selector (label query)  to  filter  on,  supports  '=',  '==',  and
120       '!='.(e.g. -l key1=value1,key2=value2)
121
122
123       --server-dry-run=false
124           If  true,  request  will be sent to server with dry-run flag, which
125       means the modifications won't be persisted. This is  an  alpha  feature
126       and flag.
127
128
129       --template=""
130           Template  string  or  path  to template file to use when -o=go-tem‐
131       plate, -o=go-template-file. The template format is golang  templates  [
132       ⟨http://golang.org/pkg/text/template/#pkg-overview⟩].
133
134
135       --timeout=0s
136           The length of time to wait before giving up on a delete, zero means
137       determine a timeout from the size of the object
138
139
140       --validate=true
141           If true, use a schema to validate the input before sending it
142
143
144       --wait=false
145           If true, wait for resources to be gone before returning. This waits
146       for finalizers.
147
148
149

OPTIONS INHERITED FROM PARENT COMMANDS

151       --allow-verification-with-non-compliant-keys=false
152           Allow  a  SignatureVerifier  to  use  keys  which  are  technically
153       non-compliant with RFC6962.
154
155
156       --alsologtostderr=false
157           log to standard error as well as files
158
159
160       --application-metrics-count-limit=100
161           Max number of application metrics to store (per container)
162
163
164       --as=""
165           Username to impersonate for the operation
166
167
168       --as-group=[]
169           Group to impersonate for the operation, this flag can  be  repeated
170       to specify multiple groups.
171
172
173       --azure-container-registry-config=""
174           Path  to the file containing Azure container registry configuration
175       information.
176
177
178       --boot-id-file="/proc/sys/kernel/random/boot_id"
179           Comma-separated list of files to check for boot-id. Use  the  first
180       one that exists.
181
182
183       --cache-dir="/builddir/.kube/http-cache"
184           Default HTTP cache directory
185
186
187       --certificate-authority=""
188           Path to a cert file for the certificate authority
189
190
191       --client-certificate=""
192           Path to a client certificate file for TLS
193
194
195       --client-key=""
196           Path to a client key file for TLS
197
198
199       --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
200           CIDRs opened in GCE firewall for LB traffic proxy  health checks
201
202
203       --cluster=""
204           The name of the kubeconfig cluster to use
205
206
207       --container-hints="/etc/cadvisor/container_hints.json"
208           location of the container hints file
209
210
211       --containerd="unix:///var/run/containerd.sock"
212           containerd endpoint
213
214
215       --context=""
216           The name of the kubeconfig context to use
217
218
219       --default-not-ready-toleration-seconds=300
220           Indicates   the   tolerationSeconds   of   the    toleration    for
221       notReady:NoExecute  that is added by default to every pod that does not
222       already have such a toleration.
223
224
225       --default-unreachable-toleration-seconds=300
226           Indicates the tolerationSeconds  of  the  toleration  for  unreach‐
227       able:NoExecute  that  is  added  by  default to every pod that does not
228       already have such a toleration.
229
230
231       --docker="unix:///var/run/docker.sock"
232           docker endpoint
233
234
235       --docker-env-metadata-whitelist=""
236           a comma-separated list of environment variable keys that  needs  to
237       be collected for docker containers
238
239
240       --docker-only=false
241           Only report docker containers in addition to root stats
242
243
244       --docker-root="/var/lib/docker"
245           DEPRECATED:  docker  root is read from docker info (this is a fall‐
246       back, default: /var/lib/docker)
247
248
249       --docker-tls=false
250           use TLS to connect to docker
251
252
253       --docker-tls-ca="ca.pem"
254           path to trusted CA
255
256
257       --docker-tls-cert="cert.pem"
258           path to client certificate
259
260
261       --docker-tls-key="key.pem"
262           path to private key
263
264
265       --enable-load-reader=false
266           Whether to enable cpu load reader
267
268
269       --event-storage-age-limit="default=0"
270           Max length of time for which to store events (per type). Value is a
271       comma  separated  list  of  key  values, where the keys are event types
272       (e.g.: creation, oom) or "default" and the value is a duration. Default
273       is applied to all non-specified event types
274
275
276       --event-storage-event-limit="default=0"
277           Max  number  of  events to store (per type). Value is a comma sepa‐
278       rated list of key values, where the keys are event  types  (e.g.:  cre‐
279       ation,  oom)  or  "default"  and  the  value  is an integer. Default is
280       applied to all non-specified event types
281
282
283       --global-housekeeping-interval=1m0s
284           Interval between global housekeepings
285
286
287       --google-json-key=""
288           The Google Cloud Platform Service  Account  JSON  Key  to  use  for
289       authentication.
290
291
292       --housekeeping-interval=10s
293           Interval between container housekeepings
294
295
296       --insecure-skip-tls-verify=false
297           If true, the server's certificate will not be checked for validity.
298       This will make your HTTPS connections insecure
299
300
301       --kubeconfig=""
302           Path to the kubeconfig file to use for CLI requests.
303
304
305       --log-backtrace-at=:0
306           when logging hits line file:N, emit a stack trace
307
308
309       --log-cadvisor-usage=false
310           Whether to log the usage of the cAdvisor container
311
312
313       --log-dir=""
314           If non-empty, write log files in this directory
315
316
317       --log-flush-frequency=5s
318           Maximum number of seconds between log flushes
319
320
321       --logtostderr=true
322           log to standard error instead of files
323
324
325       --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
326           Comma-separated list of files to  check  for  machine-id.  Use  the
327       first one that exists.
328
329
330       --match-server-version=false
331           Require server version to match client version
332
333
334       --mesos-agent="127.0.0.1:5051"
335           Mesos agent address
336
337
338       --mesos-agent-timeout=10s
339           Mesos agent timeout
340
341
342       -n, --namespace=""
343           If present, the namespace scope for this CLI request
344
345
346       --request-timeout="0"
347           The  length  of  time  to  wait before giving up on a single server
348       request. Non-zero values should contain a corresponding time unit (e.g.
349       1s, 2m, 3h). A value of zero means don't timeout requests.
350
351
352       -s, --server=""
353           The address and port of the Kubernetes API server
354
355
356       --stderrthreshold=2
357           logs at or above this threshold go to stderr
358
359
360       --storage-driver-buffer-duration=1m0s
361           Writes  in  the  storage driver will be buffered for this duration,
362       and committed to the non memory backends as a single transaction
363
364
365       --storage-driver-db="cadvisor"
366           database name
367
368
369       --storage-driver-host="localhost:8086"
370           database host:port
371
372
373       --storage-driver-password="root"
374           database password
375
376
377       --storage-driver-secure=false
378           use secure connection with database
379
380
381       --storage-driver-table="stats"
382           table name
383
384
385       --storage-driver-user="root"
386           database username
387
388
389       --token=""
390           Bearer token for authentication to the API server
391
392
393       --user=""
394           The name of the kubeconfig user to use
395
396
397       -v, --v=0
398           log level for V logs
399
400
401       --version=false
402           Print version information and quit
403
404
405       --vmodule=
406           comma-separated list of pattern=N settings for  file-filtered  log‐
407       ging
408
409
410

EXAMPLE

412                # Apply the configuration in pod.json to a pod.
413                kubectl apply -f ./pod.json
414
415                # Apply the JSON passed into stdin to a pod.
416                cat pod.json | kubectl apply -f -
417
418                # Note: --prune is still in Alpha
419                # Apply the configuration in manifest.yaml that matches label app=nginx and delete all the other resources that are not in the file and match label app=nginx.
420                kubectl apply --prune -f manifest.yaml -l app=nginx
421
422                # Apply the configuration in manifest.yaml and delete all the other configmaps that are not in the file.
423                kubectl apply --prune -f manifest.yaml --all --prune-whitelist=core/v1/ConfigMap
424
425
426
427

HISTORY

435       January 2015, Originally compiled by Eric Paris (eparis at  redhat  dot
436       com)  based  on the kubernetes source material, but hopefully they have
437       been automatically generated since!
438
439
440
441Eric Paris                  kubernetes User Manuals              KUBERNETES(1)