1OC ADM CA(1) June 2016 OC ADM CA(1)
2
3
4
6 oc adm ca encrypt - Encrypt data with AES-256-CBC encryption
7
8
9
11 oc adm ca encrypt [OPTIONS]
12
13
14
16 Encrypt data with AES-256-CBC encryption
17
18
19
21 --genkey=""
22 File to write a randomly generated key to.
23
24
25 --in=""
26 File containing the data to encrypt. Read from stdin if omitted.
27
28
29 --key=""
30 File containing the encrypting key from in the format written by
31 --genkey.
32
33
34 --out=""
35 File to write the encrypted data to. Written to stdout if omitted.
36
37
38
40 --allow_verification_with_non_compliant_keys=false
41 Allow a SignatureVerifier to use keys which are technically
42 non-compliant with RFC6962.
43
44
45 --alsologtostderr=false
46 log to standard error as well as files
47
48
49 --application_metrics_count_limit=100
50 Max number of application metrics to store (per container)
51
52
53 --as=""
54 Username to impersonate for the operation
55
56
57 --as-group=[]
58 Group to impersonate for the operation, this flag can be repeated
59 to specify multiple groups.
60
61
62 --azure-container-registry-config=""
63 Path to the file containing Azure container registry configuration
64 information.
65
66
67 --boot_id_file="/proc/sys/kernel/random/boot_id"
68 Comma-separated list of files to check for boot-id. Use the first
69 one that exists.
70
71
72 --cache-dir="/builddir/.kube/http-cache"
73 Default HTTP cache directory
74
75
76 --certificate-authority=""
77 Path to a cert file for the certificate authority
78
79
80 --client-certificate=""
81 Path to a client certificate file for TLS
82
83
84 --client-key=""
85 Path to a client key file for TLS
86
87
88 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
89 CIDRs opened in GCE firewall for LB traffic proxy health checks
90
91
92 --cluster=""
93 The name of the kubeconfig cluster to use
94
95
96 --container_hints="/etc/cadvisor/container_hints.json"
97 location of the container hints file
98
99
100 --containerd="unix:///var/run/containerd.sock"
101 containerd endpoint
102
103
104 --context=""
105 The name of the kubeconfig context to use
106
107
108 --default-not-ready-toleration-seconds=300
109 Indicates the tolerationSeconds of the toleration for
110 notReady:NoExecute that is added by default to every pod that does not
111 already have such a toleration.
112
113
114 --default-unreachable-toleration-seconds=300
115 Indicates the tolerationSeconds of the toleration for unreach‐
116 able:NoExecute that is added by default to every pod that does not
117 already have such a toleration.
118
119
120 --docker="unix:///var/run/docker.sock"
121 docker endpoint
122
123
124 --docker-tls=false
125 use TLS to connect to docker
126
127
128 --docker-tls-ca="ca.pem"
129 path to trusted CA
130
131
132 --docker-tls-cert="cert.pem"
133 path to client certificate
134
135
136 --docker-tls-key="key.pem"
137 path to private key
138
139
140 --docker_env_metadata_whitelist=""
141 a comma-separated list of environment variable keys that needs to
142 be collected for docker containers
143
144
145 --docker_only=false
146 Only report docker containers in addition to root stats
147
148
149 --docker_root="/var/lib/docker"
150 DEPRECATED: docker root is read from docker info (this is a fall‐
151 back, default: /var/lib/docker)
152
153
154 --enable_load_reader=false
155 Whether to enable cpu load reader
156
157
158 --event_storage_age_limit="default=24h"
159 Max length of time for which to store events (per type). Value is a
160 comma separated list of key values, where the keys are event types
161 (e.g.: creation, oom) or "default" and the value is a duration. Default
162 is applied to all non-specified event types
163
164
165 --event_storage_event_limit="default=100000"
166 Max number of events to store (per type). Value is a comma sepa‐
167 rated list of key values, where the keys are event types (e.g.: cre‐
168 ation, oom) or "default" and the value is an integer. Default is
169 applied to all non-specified event types
170
171
172 --global_housekeeping_interval=0
173 Interval between global housekeepings
174
175
176 --housekeeping_interval=0
177 Interval between container housekeepings
178
179
180 --httptest.serve=""
181 if non-empty, httptest.NewServer serves on this address and blocks
182
183
184 --insecure-skip-tls-verify=false
185 If true, the server's certificate will not be checked for validity.
186 This will make your HTTPS connections insecure
187
188
189 --kubeconfig=""
190 Path to the kubeconfig file to use for CLI requests.
191
192
193 --log-flush-frequency=0
194 Maximum number of seconds between log flushes
195
196
197 --log_backtrace_at=:0
198 when logging hits line file:N, emit a stack trace
199
200
201 --log_cadvisor_usage=false
202 Whether to log the usage of the cAdvisor container
203
204
205 --log_dir=""
206 If non-empty, write log files in this directory
207
208
209 --logtostderr=true
210 log to standard error instead of files
211
212
213 --machine_id_file="/etc/machine-id,/var/lib/dbus/machine-id"
214 Comma-separated list of files to check for machine-id. Use the
215 first one that exists.
216
217
218 --match-server-version=false
219 Require server version to match client version
220
221
222 -n, --namespace=""
223 If present, the namespace scope for this CLI request
224
225
226 --request-timeout="0"
227 The length of time to wait before giving up on a single server
228 request. Non-zero values should contain a corresponding time unit (e.g.
229 1s, 2m, 3h). A value of zero means don't timeout requests.
230
231
232 -s, --server=""
233 The address and port of the Kubernetes API server
234
235
236 --stderrthreshold=2
237 logs at or above this threshold go to stderr
238
239
240 --storage_driver_buffer_duration=0
241 Writes in the storage driver will be buffered for this duration,
242 and committed to the non memory backends as a single transaction
243
244
245 --storage_driver_db="cadvisor"
246 database name
247
248
249 --storage_driver_host="localhost:8086"
250 database host:port
251
252
253 --storage_driver_password="root"
254 database password
255
256
257 --storage_driver_secure=false
258 use secure connection with database
259
260
261 --storage_driver_table="stats"
262 table name
263
264
265 --storage_driver_user="root"
266 database username
267
268
269 --token=""
270 Bearer token for authentication to the API server
271
272
273 --user=""
274 The name of the kubeconfig user to use
275
276
277 -v, --v=0
278 log level for V logs
279
280
281 --version=false
282 Print version information and quit
283
284
285 --vmodule=
286 comma-separated list of pattern=N settings for file-filtered log‐
287 ging
288
289
290
292 # Encrypt the content of secret.txt with a generated key:
293 oc adm ca encrypt --genkey=secret.key --in=secret.txt --out=secret.encrypted
294
295 # Encrypt the content of secret2.txt with an existing key:
296 oc adm ca encrypt --key=secret.key < secret2.txt > secret2.encrypted
297
298
299
300
302 oc-adm-ca(1),
303
304
305
307 June 2016, Ported from the Kubernetes man-doc generator
308
309
310
311Openshift Openshift CLI User Manuals OC ADM CA(1)