1OC CREATE(1) June 2016 OC CREATE(1)
2
3
4
6 oc create identity - Manually create an identity (only needed if auto‐
7 matic creation is disabled).
8
9
10
12 oc create identity [OPTIONS]
13
14
15
17 This command can be used to create an identity object.
18
19
20 Typically, identities are created automatically during login. If auto‐
21 matic creation is disabled (by using the "lookup" mapping method),
22 identities must be created manually.
23
24
25 Corresponding user and useridentitymapping objects must also be created
26 to allow logging in with the created identity.
27
28
29
31 --allow-missing-template-keys=true
32 If true, ignore any errors in templates when a field or map key is
33 missing in the template. Only applies to golang and jsonpath output
34 formats.
35
36
37 --dry-run=false
38 If true, only print the object that would be sent, without sending
39 it.
40
41
42 -o, --output=""
43 Output format. One of: json|yaml|name|template|go-template|go-tem‐
44 plate-file|templatefile|jsonpath|jsonpath-file.
45
46
47 --template=""
48 Template string or path to template file to use when -o=go-tem‐
49 plate, -o=go-template-file. The template format is golang templates [
50 ⟨http://golang.org/pkg/text/template/#pkg-overview⟩].
51
52
53
55 --allow_verification_with_non_compliant_keys=false
56 Allow a SignatureVerifier to use keys which are technically
57 non-compliant with RFC6962.
58
59
60 --alsologtostderr=false
61 log to standard error as well as files
62
63
64 --application_metrics_count_limit=100
65 Max number of application metrics to store (per container)
66
67
68 --as=""
69 Username to impersonate for the operation
70
71
72 --as-group=[]
73 Group to impersonate for the operation, this flag can be repeated
74 to specify multiple groups.
75
76
77 --azure-container-registry-config=""
78 Path to the file containing Azure container registry configuration
79 information.
80
81
82 --boot_id_file="/proc/sys/kernel/random/boot_id"
83 Comma-separated list of files to check for boot-id. Use the first
84 one that exists.
85
86
87 --cache-dir="/builddir/.kube/http-cache"
88 Default HTTP cache directory
89
90
91 --certificate-authority=""
92 Path to a cert file for the certificate authority
93
94
95 --client-certificate=""
96 Path to a client certificate file for TLS
97
98
99 --client-key=""
100 Path to a client key file for TLS
101
102
103 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
104 CIDRs opened in GCE firewall for LB traffic proxy health checks
105
106
107 --cluster=""
108 The name of the kubeconfig cluster to use
109
110
111 --container_hints="/etc/cadvisor/container_hints.json"
112 location of the container hints file
113
114
115 --containerd="unix:///var/run/containerd.sock"
116 containerd endpoint
117
118
119 --context=""
120 The name of the kubeconfig context to use
121
122
123 --default-not-ready-toleration-seconds=300
124 Indicates the tolerationSeconds of the toleration for
125 notReady:NoExecute that is added by default to every pod that does not
126 already have such a toleration.
127
128
129 --default-unreachable-toleration-seconds=300
130 Indicates the tolerationSeconds of the toleration for unreach‐
131 able:NoExecute that is added by default to every pod that does not
132 already have such a toleration.
133
134
135 --docker="unix:///var/run/docker.sock"
136 docker endpoint
137
138
139 --docker-tls=false
140 use TLS to connect to docker
141
142
143 --docker-tls-ca="ca.pem"
144 path to trusted CA
145
146
147 --docker-tls-cert="cert.pem"
148 path to client certificate
149
150
151 --docker-tls-key="key.pem"
152 path to private key
153
154
155 --docker_env_metadata_whitelist=""
156 a comma-separated list of environment variable keys that needs to
157 be collected for docker containers
158
159
160 --docker_only=false
161 Only report docker containers in addition to root stats
162
163
164 --docker_root="/var/lib/docker"
165 DEPRECATED: docker root is read from docker info (this is a fall‐
166 back, default: /var/lib/docker)
167
168
169 --enable_load_reader=false
170 Whether to enable cpu load reader
171
172
173 --event_storage_age_limit="default=24h"
174 Max length of time for which to store events (per type). Value is a
175 comma separated list of key values, where the keys are event types
176 (e.g.: creation, oom) or "default" and the value is a duration. Default
177 is applied to all non-specified event types
178
179
180 --event_storage_event_limit="default=100000"
181 Max number of events to store (per type). Value is a comma sepa‐
182 rated list of key values, where the keys are event types (e.g.: cre‐
183 ation, oom) or "default" and the value is an integer. Default is
184 applied to all non-specified event types
185
186
187 --global_housekeeping_interval=0
188 Interval between global housekeepings
189
190
191 --housekeeping_interval=0
192 Interval between container housekeepings
193
194
195 --insecure-skip-tls-verify=false
196 If true, the server's certificate will not be checked for validity.
197 This will make your HTTPS connections insecure
198
199
200 --kubeconfig=""
201 Path to the kubeconfig file to use for CLI requests.
202
203
204 --log-flush-frequency=0
205 Maximum number of seconds between log flushes
206
207
208 --log_backtrace_at=:0
209 when logging hits line file:N, emit a stack trace
210
211
212 --log_cadvisor_usage=false
213 Whether to log the usage of the cAdvisor container
214
215
216 --log_dir=""
217 If non-empty, write log files in this directory
218
219
220 --logtostderr=true
221 log to standard error instead of files
222
223
224 --machine_id_file="/etc/machine-id,/var/lib/dbus/machine-id"
225 Comma-separated list of files to check for machine-id. Use the
226 first one that exists.
227
228
229 --match-server-version=false
230 Require server version to match client version
231
232
233 -n, --namespace=""
234 If present, the namespace scope for this CLI request
235
236
237 --request-timeout="0"
238 The length of time to wait before giving up on a single server
239 request. Non-zero values should contain a corresponding time unit (e.g.
240 1s, 2m, 3h). A value of zero means don't timeout requests.
241
242
243 -s, --server=""
244 The address and port of the Kubernetes API server
245
246
247 --stderrthreshold=2
248 logs at or above this threshold go to stderr
249
250
251 --storage_driver_buffer_duration=0
252 Writes in the storage driver will be buffered for this duration,
253 and committed to the non memory backends as a single transaction
254
255
256 --storage_driver_db="cadvisor"
257 database name
258
259
260 --storage_driver_host="localhost:8086"
261 database host:port
262
263
264 --storage_driver_password="root"
265 database password
266
267
268 --storage_driver_secure=false
269 use secure connection with database
270
271
272 --storage_driver_table="stats"
273 table name
274
275
276 --storage_driver_user="root"
277 database username
278
279
280 --token=""
281 Bearer token for authentication to the API server
282
283
284 --user=""
285 The name of the kubeconfig user to use
286
287
288 -v, --v=0
289 log level for V logs
290
291
292 --version=false
293 Print version information and quit
294
295
296 --vmodule=
297 comma-separated list of pattern=N settings for file-filtered log‐
298 ging
299
300
301
303 # Create an identity with identity provider "acme_ldap" and the identity provider username "adamjones"
304 oc create identity acme_ldap:adamjones
305
306
307
308
310 oc-create(1),
311
312
313
315 June 2016, Ported from the Kubernetes man-doc generator
316
317
318
319Openshift Openshift CLI User Manuals OC CREATE(1)