1OC ADM(1) June 2016 OC ADM(1)
2
3
4
6 oc adm create-bootstrap-policy-file - Create the default bootstrap pol‐
7 icy
8
9
10
12 oc adm create-bootstrap-policy-file [OPTIONS]
13
14
15
17 Create the default bootstrap policy
18
19
20
22 --filename="openshift.local.config/master/policy.json"
23 The policy template file that will be written with roles and bind‐
24 ings.
25
26
27
29 --allow_verification_with_non_compliant_keys=false
30 Allow a SignatureVerifier to use keys which are technically
31 non-compliant with RFC6962.
32
33
34 --alsologtostderr=false
35 log to standard error as well as files
36
37
38 --application_metrics_count_limit=100
39 Max number of application metrics to store (per container)
40
41
42 --as=""
43 Username to impersonate for the operation
44
45
46 --as-group=[]
47 Group to impersonate for the operation, this flag can be repeated
48 to specify multiple groups.
49
50
51 --azure-container-registry-config=""
52 Path to the file containing Azure container registry configuration
53 information.
54
55
56 --boot_id_file="/proc/sys/kernel/random/boot_id"
57 Comma-separated list of files to check for boot-id. Use the first
58 one that exists.
59
60
61 --cache-dir="/builddir/.kube/http-cache"
62 Default HTTP cache directory
63
64
65 --certificate-authority=""
66 Path to a cert file for the certificate authority
67
68
69 --client-certificate=""
70 Path to a client certificate file for TLS
71
72
73 --client-key=""
74 Path to a client key file for TLS
75
76
77 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
78 CIDRs opened in GCE firewall for LB traffic proxy health checks
79
80
81 --cluster=""
82 The name of the kubeconfig cluster to use
83
84
85 --container_hints="/etc/cadvisor/container_hints.json"
86 location of the container hints file
87
88
89 --containerd="unix:///var/run/containerd.sock"
90 containerd endpoint
91
92
93 --context=""
94 The name of the kubeconfig context to use
95
96
97 --default-not-ready-toleration-seconds=300
98 Indicates the tolerationSeconds of the toleration for
99 notReady:NoExecute that is added by default to every pod that does not
100 already have such a toleration.
101
102
103 --default-unreachable-toleration-seconds=300
104 Indicates the tolerationSeconds of the toleration for unreach‐
105 able:NoExecute that is added by default to every pod that does not
106 already have such a toleration.
107
108
109 --docker="unix:///var/run/docker.sock"
110 docker endpoint
111
112
113 --docker-tls=false
114 use TLS to connect to docker
115
116
117 --docker-tls-ca="ca.pem"
118 path to trusted CA
119
120
121 --docker-tls-cert="cert.pem"
122 path to client certificate
123
124
125 --docker-tls-key="key.pem"
126 path to private key
127
128
129 --docker_env_metadata_whitelist=""
130 a comma-separated list of environment variable keys that needs to
131 be collected for docker containers
132
133
134 --docker_only=false
135 Only report docker containers in addition to root stats
136
137
138 --docker_root="/var/lib/docker"
139 DEPRECATED: docker root is read from docker info (this is a fall‐
140 back, default: /var/lib/docker)
141
142
143 --enable_load_reader=false
144 Whether to enable cpu load reader
145
146
147 --event_storage_age_limit="default=24h"
148 Max length of time for which to store events (per type). Value is a
149 comma separated list of key values, where the keys are event types
150 (e.g.: creation, oom) or "default" and the value is a duration. Default
151 is applied to all non-specified event types
152
153
154 --event_storage_event_limit="default=100000"
155 Max number of events to store (per type). Value is a comma sepa‐
156 rated list of key values, where the keys are event types (e.g.: cre‐
157 ation, oom) or "default" and the value is an integer. Default is
158 applied to all non-specified event types
159
160
161 --global_housekeeping_interval=0
162 Interval between global housekeepings
163
164
165 --housekeeping_interval=0
166 Interval between container housekeepings
167
168
169 --httptest.serve=""
170 if non-empty, httptest.NewServer serves on this address and blocks
171
172
173 --insecure-skip-tls-verify=false
174 If true, the server's certificate will not be checked for validity.
175 This will make your HTTPS connections insecure
176
177
178 --kubeconfig=""
179 Path to the kubeconfig file to use for CLI requests.
180
181
182 --log-flush-frequency=0
183 Maximum number of seconds between log flushes
184
185
186 --log_backtrace_at=:0
187 when logging hits line file:N, emit a stack trace
188
189
190 --log_cadvisor_usage=false
191 Whether to log the usage of the cAdvisor container
192
193
194 --log_dir=""
195 If non-empty, write log files in this directory
196
197
198 --logtostderr=true
199 log to standard error instead of files
200
201
202 --machine_id_file="/etc/machine-id,/var/lib/dbus/machine-id"
203 Comma-separated list of files to check for machine-id. Use the
204 first one that exists.
205
206
207 --match-server-version=false
208 Require server version to match client version
209
210
211 -n, --namespace=""
212 If present, the namespace scope for this CLI request
213
214
215 --request-timeout="0"
216 The length of time to wait before giving up on a single server
217 request. Non-zero values should contain a corresponding time unit (e.g.
218 1s, 2m, 3h). A value of zero means don't timeout requests.
219
220
221 -s, --server=""
222 The address and port of the Kubernetes API server
223
224
225 --stderrthreshold=2
226 logs at or above this threshold go to stderr
227
228
229 --storage_driver_buffer_duration=0
230 Writes in the storage driver will be buffered for this duration,
231 and committed to the non memory backends as a single transaction
232
233
234 --storage_driver_db="cadvisor"
235 database name
236
237
238 --storage_driver_host="localhost:8086"
239 database host:port
240
241
242 --storage_driver_password="root"
243 database password
244
245
246 --storage_driver_secure=false
247 use secure connection with database
248
249
250 --storage_driver_table="stats"
251 table name
252
253
254 --storage_driver_user="root"
255 database username
256
257
258 --token=""
259 Bearer token for authentication to the API server
260
261
262 --user=""
263 The name of the kubeconfig user to use
264
265
266 -v, --v=0
267 log level for V logs
268
269
270 --version=false
271 Print version information and quit
272
273
274 --vmodule=
275 comma-separated list of pattern=N settings for file-filtered log‐
276 ging
277
278
279
281 oc-adm(1),
282
283
284
286 June 2016, Ported from the Kubernetes man-doc generator
287
288
289
290Openshift Openshift CLI User Manuals OC ADM(1)