1OC CREATE(1) June 2016 OC CREATE(1)
2
6 oc create identity - Manually create an identity (only needed if auto‐
7 matic creation is disabled).
8
12 oc create identity [OPTIONS]
13
17 This command can be used to create an identity object.
18 Typically, identities are created automatically during login. If auto‐
21 matic creation is disabled (by using the "lookup" mapping method),
22 identities must be created manually.
23 Corresponding user and useridentitymapping objects must also be created
26 to allow logging in with the created identity.
27
31 --allow-missing-template-keys=true
32 If true, ignore any errors in templates when a field or map key is
33 missing in the template. Only applies to golang and jsonpath output
34 formats.
35 --dry-run=false
38 If true, only print the object that would be sent, without sending
39 it.
40 -o, --output=""
43 Output format. One of: json|yaml|name|template|go-template|go-tem‐
44 plate-file|templatefile|jsonpath|jsonpath-file.
45 --template=""
48 Template string or path to template file to use when -o=go-tem‐
49 plate, -o=go-template-file. The template format is golang templates [
50 ⟨http://golang.org/pkg/text/template/#pkg-overview⟩].
51
55 --allow_verification_with_non_compliant_keys=false
56 Allow a SignatureVerifier to use keys which are technically
57 non-compliant with RFC6962.
58 --alsologtostderr=false
61 log to standard error as well as files
62 --application_metrics_count_limit=100
65 Max number of application metrics to store (per container)
66 --as=""
69 Username to impersonate for the operation
70 --as-group=[]
73 Group to impersonate for the operation, this flag can be repeated
74 to specify multiple groups.
75 --azure-container-registry-config=""
78 Path to the file containing Azure container registry configuration
79 information.
80 --boot_id_file="/proc/sys/kernel/random/boot_id"
83 Comma-separated list of files to check for boot-id. Use the first
84 one that exists.
85 --cache-dir="/builddir/.kube/http-cache"
88 Default HTTP cache directory
89 --certificate-authority=""
92 Path to a cert file for the certificate authority
93 --client-certificate=""
96 Path to a client certificate file for TLS
97 --client-key=""
100 Path to a client key file for TLS
101 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
104 CIDRs opened in GCE firewall for LB traffic proxy health checks
105 --cluster=""
108 The name of the kubeconfig cluster to use
109 --container_hints="/etc/cadvisor/container_hints.json"
112 location of the container hints file
113 --containerd="unix:///var/run/containerd.sock"
116 containerd endpoint
117 --context=""
120 The name of the kubeconfig context to use
121 --default-not-ready-toleration-seconds=300
124 Indicates the tolerationSeconds of the toleration for
125 notReady:NoExecute that is added by default to every pod that does not
126 already have such a toleration.
127 --default-unreachable-toleration-seconds=300
130 Indicates the tolerationSeconds of the toleration for unreach‐
131 able:NoExecute that is added by default to every pod that does not
132 already have such a toleration.
133 --docker="unix:///var/run/docker.sock"
136 docker endpoint
137 --docker-tls=false
140 use TLS to connect to docker
141 --docker-tls-ca="ca.pem"
144 path to trusted CA
145 --docker-tls-cert="cert.pem"
148 path to client certificate
149 --docker-tls-key="key.pem"
152 path to private key
153 --docker_env_metadata_whitelist=""
156 a comma-separated list of environment variable keys that needs to
157 be collected for docker containers
158 --docker_only=false
161 Only report docker containers in addition to root stats
162 --docker_root="/var/lib/docker"
165 DEPRECATED: docker root is read from docker info (this is a fall‐
166 back, default: /var/lib/docker)
167 --enable_load_reader=false
170 Whether to enable cpu load reader
171 --event_storage_age_limit="default=24h"
174 Max length of time for which to store events (per type). Value is a
175 comma separated list of key values, where the keys are event types
176 (e.g.: creation, oom) or "default" and the value is a duration. Default
177 is applied to all non-specified event types
178 --event_storage_event_limit="default=100000"
181 Max number of events to store (per type). Value is a comma sepa‐
182 rated list of key values, where the keys are event types (e.g.: cre‐
183 ation, oom) or "default" and the value is an integer. Default is
184 applied to all non-specified event types
185 --global_housekeeping_interval=0
188 Interval between global housekeepings
189 --housekeeping_interval=0
192 Interval between container housekeepings
193 --httptest.serve=""
196 if non-empty, httptest.NewServer serves on this address and blocks
197 --insecure-skip-tls-verify=false
200 If true, the server's certificate will not be checked for validity.
201 This will make your HTTPS connections insecure
202 --kubeconfig=""
205 Path to the kubeconfig file to use for CLI requests.
206 --log-flush-frequency=0
209 Maximum number of seconds between log flushes
210 --log_backtrace_at=:0
213 when logging hits line file:N, emit a stack trace
214 --log_cadvisor_usage=false
217 Whether to log the usage of the cAdvisor container
218 --log_dir=""
221 If non-empty, write log files in this directory
222 --logtostderr=true
225 log to standard error instead of files
226 --machine_id_file="/etc/machine-id,/var/lib/dbus/machine-id"
229 Comma-separated list of files to check for machine-id. Use the
230 first one that exists.
231 --match-server-version=false
234 Require server version to match client version
235 -n, --namespace=""
238 If present, the namespace scope for this CLI request
239 --request-timeout="0"
242 The length of time to wait before giving up on a single server
243 request. Non-zero values should contain a corresponding time unit (e.g.
244 1s, 2m, 3h). A value of zero means don't timeout requests.
245 -s, --server=""
248 The address and port of the Kubernetes API server
249 --stderrthreshold=2
252 logs at or above this threshold go to stderr
253 --storage_driver_buffer_duration=0
256 Writes in the storage driver will be buffered for this duration,
257 and committed to the non memory backends as a single transaction
258 --storage_driver_db="cadvisor"
261 database name
262 --storage_driver_host="localhost:8086"
265 database host:port
266 --storage_driver_password="root"
269 database password
270 --storage_driver_secure=false
273 use secure connection with database
274 --storage_driver_table="stats"
277 table name
278 --storage_driver_user="root"
281 database username
282 --token=""
285 Bearer token for authentication to the API server
286 --user=""
289 The name of the kubeconfig user to use
290 -v, --v=0
293 log level for V logs
294 --version=false
297 Print version information and quit
298 --vmodule=
301 comma-separated list of pattern=N settings for file-filtered log‐
302 ging
303
307 # Create an identity with identity provider "acme_ldap" and the identity provider username "adamjones"
308 oc create identity acme_ldap:adamjones
309
314 oc-create(1),
315
319 June 2016, Ported from the Kubernetes man-doc generator
320Openshift Openshift CLI User Manuals OC CREATE(1)