1OC(1) June 2016 OC(1)
2
6 oc proxy - Run a proxy to the Kubernetes API server
7
11 oc proxy [OPTIONS]
12
16 Run a proxy to the API server
17
21 --accept-hosts="^localhost$,^127\.0\.0\.1$,^\[::1\]$"
22 Regular expression for hosts that the proxy should accept.
23 --accept-paths="^.*"
26 Regular expression for paths that the proxy should accept.
27 --address="127.0.0.1"
30 The IP address on which to serve on.
31 --api-prefix="/"
34 Prefix to serve the proxied API under.
35 --disable-filter=false
38 If true, disable request filtering in the proxy. This is dangerous,
39 and can leave you vulnerable to XSRF attacks, when used with an acces‐
40 sible port.
41 -p, --port=8001
44 The port on which to run the proxy. Set to 0 to pick a random port.
45 --reject-methods="^$"
48 Regular expression for HTTP methods that the proxy should reject
49 (example --reject-methods='POST,PUT,PATCH').
50 --reject-paths="^/api/./pods/./exec,^/api/./pods/./attach"
53 Regular expression for paths that the proxy should reject. Paths
54 specified here will be rejected even accepted by --accept-paths.
55 -u, --unix-socket=""
58 Unix socket on which to run the proxy.
59 -w, --www=""
62 Also serve static files from the given directory under the speci‐
63 fied prefix.
64 -P, --www-prefix="/static/"
67 Prefix to serve static files under, if static file directory is
68 specified.
69
73 --allow_verification_with_non_compliant_keys=false
74 Allow a SignatureVerifier to use keys which are technically
75 non-compliant with RFC6962.
76 --alsologtostderr=false
79 log to standard error as well as files
80 --application_metrics_count_limit=100
83 Max number of application metrics to store (per container)
84 --as=""
87 Username to impersonate for the operation
88 --as-group=[]
91 Group to impersonate for the operation, this flag can be repeated
92 to specify multiple groups.
93 --azure-container-registry-config=""
96 Path to the file containing Azure container registry configuration
97 information.
98 --boot_id_file="/proc/sys/kernel/random/boot_id"
101 Comma-separated list of files to check for boot-id. Use the first
102 one that exists.
103 --cache-dir="/builddir/.kube/http-cache"
106 Default HTTP cache directory
107 --certificate-authority=""
110 Path to a cert file for the certificate authority
111 --client-certificate=""
114 Path to a client certificate file for TLS
115 --client-key=""
118 Path to a client key file for TLS
119 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
122 CIDRs opened in GCE firewall for LB traffic proxy health checks
123 --cluster=""
126 The name of the kubeconfig cluster to use
127 --container_hints="/etc/cadvisor/container_hints.json"
130 location of the container hints file
131 --containerd="unix:///var/run/containerd.sock"
134 containerd endpoint
135 --context=""
138 The name of the kubeconfig context to use
139 --default-not-ready-toleration-seconds=300
142 Indicates the tolerationSeconds of the toleration for
143 notReady:NoExecute that is added by default to every pod that does not
144 already have such a toleration.
145 --default-unreachable-toleration-seconds=300
148 Indicates the tolerationSeconds of the toleration for unreach‐
149 able:NoExecute that is added by default to every pod that does not
150 already have such a toleration.
151 --docker="unix:///var/run/docker.sock"
154 docker endpoint
155 --docker-tls=false
158 use TLS to connect to docker
159 --docker-tls-ca="ca.pem"
162 path to trusted CA
163 --docker-tls-cert="cert.pem"
166 path to client certificate
167 --docker-tls-key="key.pem"
170 path to private key
171 --docker_env_metadata_whitelist=""
174 a comma-separated list of environment variable keys that needs to
175 be collected for docker containers
176 --docker_only=false
179 Only report docker containers in addition to root stats
180 --docker_root="/var/lib/docker"
183 DEPRECATED: docker root is read from docker info (this is a fall‐
184 back, default: /var/lib/docker)
185 --enable_load_reader=false
188 Whether to enable cpu load reader
189 --event_storage_age_limit="default=24h"
192 Max length of time for which to store events (per type). Value is a
193 comma separated list of key values, where the keys are event types
194 (e.g.: creation, oom) or "default" and the value is a duration. Default
195 is applied to all non-specified event types
196 --event_storage_event_limit="default=100000"
199 Max number of events to store (per type). Value is a comma sepa‐
200 rated list of key values, where the keys are event types (e.g.: cre‐
201 ation, oom) or "default" and the value is an integer. Default is
202 applied to all non-specified event types
203 --global_housekeeping_interval=0
206 Interval between global housekeepings
207 --housekeeping_interval=0
210 Interval between container housekeepings
211 --httptest.serve=""
214 if non-empty, httptest.NewServer serves on this address and blocks
215 --insecure-skip-tls-verify=false
218 If true, the server's certificate will not be checked for validity.
219 This will make your HTTPS connections insecure
220 --kubeconfig=""
223 Path to the kubeconfig file to use for CLI requests.
224 --log-flush-frequency=0
227 Maximum number of seconds between log flushes
228 --log_backtrace_at=:0
231 when logging hits line file:N, emit a stack trace
232 --log_cadvisor_usage=false
235 Whether to log the usage of the cAdvisor container
236 --log_dir=""
239 If non-empty, write log files in this directory
240 --logtostderr=true
243 log to standard error instead of files
244 --machine_id_file="/etc/machine-id,/var/lib/dbus/machine-id"
247 Comma-separated list of files to check for machine-id. Use the
248 first one that exists.
249 --match-server-version=false
252 Require server version to match client version
253 -n, --namespace=""
256 If present, the namespace scope for this CLI request
257 --request-timeout="0"
260 The length of time to wait before giving up on a single server
261 request. Non-zero values should contain a corresponding time unit (e.g.
262 1s, 2m, 3h). A value of zero means don't timeout requests.
263 -s, --server=""
266 The address and port of the Kubernetes API server
267 --stderrthreshold=2
270 logs at or above this threshold go to stderr
271 --storage_driver_buffer_duration=0
274 Writes in the storage driver will be buffered for this duration,
275 and committed to the non memory backends as a single transaction
276 --storage_driver_db="cadvisor"
279 database name
280 --storage_driver_host="localhost:8086"
283 database host:port
284 --storage_driver_password="root"
287 database password
288 --storage_driver_secure=false
291 use secure connection with database
292 --storage_driver_table="stats"
295 table name
296 --storage_driver_user="root"
299 database username
300 --token=""
303 Bearer token for authentication to the API server
304 --user=""
307 The name of the kubeconfig user to use
308 -v, --v=0
311 log level for V logs
312 --version=false
315 Print version information and quit
316 --vmodule=
319 comma-separated list of pattern=N settings for file-filtered log‐
320 ging
321
325 # Run a proxy to the api server on port 8011, serving static content from ./local/www/
326 oc proxy --port=8011 --www=./local/www/
327 # Run a proxy to the api server on an arbitrary local port.
329 # The chosen port for the server will be output to stdout.
330 oc proxy --port=0
331 # Run a proxy to the api server, changing the api prefix to my-api
333 # This makes e.g. the pods api available at localhost:8011/my-api/api/v1/pods/
334 oc proxy --api-prefix=/my-api
335
340 oc(1),
341
345 June 2016, Ported from the Kubernetes man-doc generator
346Openshift Openshift CLI User Manuals OC(1)