1OC IMAGE(1)                        June 2016                       OC IMAGE(1)
2
3
4

NAME

6       oc image append - Add layers to images and push them to a registry
7
8
9

SYNOPSIS

11       oc image append [OPTIONS]
12
13
14

DESCRIPTION

16       Add layers to Docker images
17
18
19       Modifies  an  existing image by adding layers or changing configuration
20       and then pushes that image to a remote registry. Any  inherited  layers
21       are  streamed  from  registry to registry without being stored locally.
22       The default docker credentials are used for authenticating to the  reg‐
23       istries.
24
25
26       Layers  may  be provided as arguments to the command and must each be a
27       gzipped tar archive representing a filesystem overlay to the  inherited
28       images.  The  archive  may contain a "whiteout" file (the prefix '.wh.'
29       and the filename) which will hide files in the lower layers.  All  sup‐
30       ported filesystem attributes present in the archive will be used as is.
31
32
33       Metadata  about  the  image  (the configuration passed to the container
34       runtime) may be altered by passing a JSON  string  to  the  --image  or
35       --meta  options.  The  --image  flag changes what the container runtime
36       sees, while the --meta option allows you to change  the  attributes  of
37       the  image used by the runtime. Use --dry-run to see the result of your
38       changes. You may add the --drop-history flag to remove information from
39       the image about the system that built the base image.
40
41
42       Images  in manifest list format will automatically select an image that
43       matches the current operating system and architecture  unless  you  use
44       --filter-by-os  to select a different image. This flag has no effect on
45       regular images.
46
47
48

OPTIONS

50       --created-at=""
51           The creation date for this image, in RFC3339 format or milliseconds
52       from the Unix epoch.
53
54
55       --drop-history=false
56           Fields on the image that relate to the history of how the image was
57       created will be removed.
58
59
60       --dry-run=false
61           Print the actions that would be taken and exit without  writing  to
62       the destination.
63
64
65       --filter-by-os=""
66           A  regular  expression to control which images are mirrored. Images
67       will be passed as '<platform>/<architecture>[/<variant>]'.
68
69
70       --force=false
71           If set, the command will attempt to upload all  layers  instead  of
72       skipping those that are already uploaded.
73
74
75       --from=""
76           The  image  to use as a base. If empty, a new scratch image is cre‐
77       ated.
78
79
80       --image=""
81           A JSON patch that will be used with the output image data.
82
83
84       --insecure=false
85           Allow push and pull operations to registries to be made over HTTP
86
87
88       --max-per-registry=3
89           Number of concurrent requests allowed per registry.
90
91
92       --meta=""
93           A JSON patch that will be used with image base  metadata  (advanced
94       config).
95
96
97       --to=""
98           The Docker repository tag to upload the appended image to.
99
100
101

OPTIONS INHERITED FROM PARENT COMMANDS

103       --allow_verification_with_non_compliant_keys=false
104           Allow  a  SignatureVerifier  to  use  keys  which  are  technically
105       non-compliant with RFC6962.
106
107
108       --alsologtostderr=false
109           log to standard error as well as files
110
111
112       --application_metrics_count_limit=100
113           Max number of application metrics to store (per container)
114
115
116       --as=""
117           Username to impersonate for the operation
118
119
120       --as-group=[]
121           Group to impersonate for the operation, this flag can  be  repeated
122       to specify multiple groups.
123
124
125       --azure-container-registry-config=""
126           Path  to the file containing Azure container registry configuration
127       information.
128
129
130       --boot_id_file="/proc/sys/kernel/random/boot_id"
131           Comma-separated list of files to check for boot-id. Use  the  first
132       one that exists.
133
134
135       --cache-dir="/builddir/.kube/http-cache"
136           Default HTTP cache directory
137
138
139       --certificate-authority=""
140           Path to a cert file for the certificate authority
141
142
143       --client-certificate=""
144           Path to a client certificate file for TLS
145
146
147       --client-key=""
148           Path to a client key file for TLS
149
150
151       --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
152           CIDRs opened in GCE firewall for LB traffic proxy  health checks
153
154
155       --cluster=""
156           The name of the kubeconfig cluster to use
157
158
159       --container_hints="/etc/cadvisor/container_hints.json"
160           location of the container hints file
161
162
163       --containerd="unix:///var/run/containerd.sock"
164           containerd endpoint
165
166
167       --context=""
168           The name of the kubeconfig context to use
169
170
171       --default-not-ready-toleration-seconds=300
172           Indicates   the   tolerationSeconds   of   the    toleration    for
173       notReady:NoExecute  that is added by default to every pod that does not
174       already have such a toleration.
175
176
177       --default-unreachable-toleration-seconds=300
178           Indicates the tolerationSeconds  of  the  toleration  for  unreach‐
179       able:NoExecute  that  is  added  by  default to every pod that does not
180       already have such a toleration.
181
182
183       --docker="unix:///var/run/docker.sock"
184           docker endpoint
185
186
187       --docker-tls=false
188           use TLS to connect to docker
189
190
191       --docker-tls-ca="ca.pem"
192           path to trusted CA
193
194
195       --docker-tls-cert="cert.pem"
196           path to client certificate
197
198
199       --docker-tls-key="key.pem"
200           path to private key
201
202
203       --docker_env_metadata_whitelist=""
204           a comma-separated list of environment variable keys that  needs  to
205       be collected for docker containers
206
207
208       --docker_only=false
209           Only report docker containers in addition to root stats
210
211
212       --docker_root="/var/lib/docker"
213           DEPRECATED:  docker  root is read from docker info (this is a fall‐
214       back, default: /var/lib/docker)
215
216
217       --enable_load_reader=false
218           Whether to enable cpu load reader
219
220
221       --event_storage_age_limit="default=24h"
222           Max length of time for which to store events (per type). Value is a
223       comma  separated  list  of  key  values, where the keys are event types
224       (e.g.: creation, oom) or "default" and the value is a duration. Default
225       is applied to all non-specified event types
226
227
228       --event_storage_event_limit="default=100000"
229           Max  number  of  events to store (per type). Value is a comma sepa‐
230       rated list of key values, where the keys are event  types  (e.g.:  cre‐
231       ation,  oom)  or  "default"  and  the  value  is an integer. Default is
232       applied to all non-specified event types
233
234
235       --global_housekeeping_interval=0
236           Interval between global housekeepings
237
238
239       --housekeeping_interval=0
240           Interval between container housekeepings
241
242
243       --httptest.serve=""
244           if non-empty, httptest.NewServer serves on this address and blocks
245
246
247       --insecure-skip-tls-verify=false
248           If true, the server's certificate will not be checked for validity.
249       This will make your HTTPS connections insecure
250
251
252       --kubeconfig=""
253           Path to the kubeconfig file to use for CLI requests.
254
255
256       --log-flush-frequency=0
257           Maximum number of seconds between log flushes
258
259
260       --log_backtrace_at=:0
261           when logging hits line file:N, emit a stack trace
262
263
264       --log_cadvisor_usage=false
265           Whether to log the usage of the cAdvisor container
266
267
268       --log_dir=""
269           If non-empty, write log files in this directory
270
271
272       --logtostderr=true
273           log to standard error instead of files
274
275
276       --machine_id_file="/etc/machine-id,/var/lib/dbus/machine-id"
277           Comma-separated  list  of  files  to  check for machine-id. Use the
278       first one that exists.
279
280
281       --match-server-version=false
282           Require server version to match client version
283
284
285       -n, --namespace=""
286           If present, the namespace scope for this CLI request
287
288
289       --request-timeout="0"
290           The length of time to wait before giving  up  on  a  single  server
291       request. Non-zero values should contain a corresponding time unit (e.g.
292       1s, 2m, 3h). A value of zero means don't timeout requests.
293
294
295       -s, --server=""
296           The address and port of the Kubernetes API server
297
298
299       --stderrthreshold=2
300           logs at or above this threshold go to stderr
301
302
303       --storage_driver_buffer_duration=0
304           Writes in the storage driver will be buffered  for  this  duration,
305       and committed to the non memory backends as a single transaction
306
307
308       --storage_driver_db="cadvisor"
309           database name
310
311
312       --storage_driver_host="localhost:8086"
313           database host:port
314
315
316       --storage_driver_password="root"
317           database password
318
319
320       --storage_driver_secure=false
321           use secure connection with database
322
323
324       --storage_driver_table="stats"
325           table name
326
327
328       --storage_driver_user="root"
329           database username
330
331
332       --token=""
333           Bearer token for authentication to the API server
334
335
336       --user=""
337           The name of the kubeconfig user to use
338
339
340       -v, --v=0
341           log level for V logs
342
343
344       --version=false
345           Print version information and quit
346
347
348       --vmodule=
349           comma-separated  list  of pattern=N settings for file-filtered log‐
350       ging
351
352
353

EXAMPLE

355                # Remove the entrypoint on the mysql:latest image
356                oc image --from mysql:latest --to myregistry.com/myimage:latest --image {"Entrypoint":null}
357
358                # Add a new layer to the image
359                oc image --from mysql:latest --to myregistry.com/myimage:latest layer.tar.gz
360
361
362
363

SEE ALSO

365       oc-image(1),
366
367
368

HISTORY

370       June 2016, Ported from the Kubernetes man-doc generator
371
372
373
374Openshift                  Openshift CLI User Manuals              OC IMAGE(1)
Impressum