1OC CREATE ROUTE(1) June 2016 OC CREATE ROUTE(1)
2
6 oc create route reencrypt - Create a route that uses reencrypt TLS ter‐
7 mination
8
12 oc create route reencrypt [OPTIONS]
13
17 Create a route that uses reencrypt TLS termination
18 Specify the service (either just its name or using type/name syntax)
21 that the generated route should expose via the --service flag. A desti‐
22 nation CA certificate is needed for reencrypt routes, specify one with
23 the --dest-ca-cert flag.
24
28 --allow-missing-template-keys=true
29 If true, ignore any errors in templates when a field or map key is
30 missing in the template. Only applies to golang and jsonpath output
31 formats.
32 --ca-cert=""
35 Path to a CA certificate file.
36 --cert=""
39 Path to a certificate file.
40 --dest-ca-cert=""
43 Path to a CA certificate file, used for securing the connection
44 from the router to the destination.
45 --dry-run=false
48 If true, only print the object that would be sent, without sending
49 it.
50 --hostname=""
53 Set a hostname for the new route
54 --insecure-policy=""
57 Set an insecure policy for the new route
58 --key=""
61 Path to a key file.
62 -o, --output=""
65 Output format. One of: json|yaml|name|templatefile|template|go-tem‐
66 plate|go-template-file|jsonpath|jsonpath-file.
67 --path=""
70 Path that the router watches to route traffic to the service.
71 --port=""
74 Name of the service port or number of the container port the route
75 will route traffic to
76 --service=""
79 Name of the service that the new route is exposing
80 --template=""
83 Template string or path to template file to use when -o=go-tem‐
84 plate, -o=go-template-file. The template format is golang templates [
85 ⟨http://golang.org/pkg/text/template/#pkg-overview⟩].
86 --validate=false
89 If true, use a schema to validate the input before sending it
90 --wildcard-policy=""
93 Sets the WilcardPolicy for the hostname, the default is "None".
94 valid values are "None" and "Subdomain"
95
99 --allow_verification_with_non_compliant_keys=false
100 Allow a SignatureVerifier to use keys which are technically
101 non-compliant with RFC6962.
102 --alsologtostderr=false
105 log to standard error as well as files
106 --application_metrics_count_limit=100
109 Max number of application metrics to store (per container)
110 --as=""
113 Username to impersonate for the operation
114 --as-group=[]
117 Group to impersonate for the operation, this flag can be repeated
118 to specify multiple groups.
119 --azure-container-registry-config=""
122 Path to the file containing Azure container registry configuration
123 information.
124 --boot_id_file="/proc/sys/kernel/random/boot_id"
127 Comma-separated list of files to check for boot-id. Use the first
128 one that exists.
129 --cache-dir="/builddir/.kube/http-cache"
132 Default HTTP cache directory
133 --certificate-authority=""
136 Path to a cert file for the certificate authority
137 --client-certificate=""
140 Path to a client certificate file for TLS
141 --client-key=""
144 Path to a client key file for TLS
145 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
148 CIDRs opened in GCE firewall for LB traffic proxy health checks
149 --cluster=""
152 The name of the kubeconfig cluster to use
153 --container_hints="/etc/cadvisor/container_hints.json"
156 location of the container hints file
157 --containerd="unix:///var/run/containerd.sock"
160 containerd endpoint
161 --context=""
164 The name of the kubeconfig context to use
165 --default-not-ready-toleration-seconds=300
168 Indicates the tolerationSeconds of the toleration for
169 notReady:NoExecute that is added by default to every pod that does not
170 already have such a toleration.
171 --default-unreachable-toleration-seconds=300
174 Indicates the tolerationSeconds of the toleration for unreach‐
175 able:NoExecute that is added by default to every pod that does not
176 already have such a toleration.
177 --docker="unix:///var/run/docker.sock"
180 docker endpoint
181 --docker-tls=false
184 use TLS to connect to docker
185 --docker-tls-ca="ca.pem"
188 path to trusted CA
189 --docker-tls-cert="cert.pem"
192 path to client certificate
193 --docker-tls-key="key.pem"
196 path to private key
197 --docker_env_metadata_whitelist=""
200 a comma-separated list of environment variable keys that needs to
201 be collected for docker containers
202 --docker_only=false
205 Only report docker containers in addition to root stats
206 --docker_root="/var/lib/docker"
209 DEPRECATED: docker root is read from docker info (this is a fall‐
210 back, default: /var/lib/docker)
211 --enable_load_reader=false
214 Whether to enable cpu load reader
215 --event_storage_age_limit="default=24h"
218 Max length of time for which to store events (per type). Value is a
219 comma separated list of key values, where the keys are event types
220 (e.g.: creation, oom) or "default" and the value is a duration. Default
221 is applied to all non-specified event types
222 --event_storage_event_limit="default=100000"
225 Max number of events to store (per type). Value is a comma sepa‐
226 rated list of key values, where the keys are event types (e.g.: cre‐
227 ation, oom) or "default" and the value is an integer. Default is
228 applied to all non-specified event types
229 --global_housekeeping_interval=0
232 Interval between global housekeepings
233 --housekeeping_interval=0
236 Interval between container housekeepings
237 --insecure-skip-tls-verify=false
240 If true, the server's certificate will not be checked for validity.
241 This will make your HTTPS connections insecure
242 --kubeconfig=""
245 Path to the kubeconfig file to use for CLI requests.
246 --log-flush-frequency=0
249 Maximum number of seconds between log flushes
250 --log_backtrace_at=:0
253 when logging hits line file:N, emit a stack trace
254 --log_cadvisor_usage=false
257 Whether to log the usage of the cAdvisor container
258 --log_dir=""
261 If non-empty, write log files in this directory
262 --logtostderr=true
265 log to standard error instead of files
266 --machine_id_file="/etc/machine-id,/var/lib/dbus/machine-id"
269 Comma-separated list of files to check for machine-id. Use the
270 first one that exists.
271 --match-server-version=false
274 Require server version to match client version
275 -n, --namespace=""
278 If present, the namespace scope for this CLI request
279 --request-timeout="0"
282 The length of time to wait before giving up on a single server
283 request. Non-zero values should contain a corresponding time unit (e.g.
284 1s, 2m, 3h). A value of zero means don't timeout requests.
285 -s, --server=""
288 The address and port of the Kubernetes API server
289 --stderrthreshold=2
292 logs at or above this threshold go to stderr
293 --storage_driver_buffer_duration=0
296 Writes in the storage driver will be buffered for this duration,
297 and committed to the non memory backends as a single transaction
298 --storage_driver_db="cadvisor"
301 database name
302 --storage_driver_host="localhost:8086"
305 database host:port
306 --storage_driver_password="root"
309 database password
310 --storage_driver_secure=false
313 use secure connection with database
314 --storage_driver_table="stats"
317 table name
318 --storage_driver_user="root"
321 database username
322 --token=""
325 Bearer token for authentication to the API server
326 --user=""
329 The name of the kubeconfig user to use
330 -v, --v=0
333 log level for V logs
334 --version=false
337 Print version information and quit
338 --vmodule=
341 comma-separated list of pattern=N settings for file-filtered log‐
342 ging
343
347 # Create a route named "my-route" that exposes the frontend service.
348 oc create route reencrypt my-route --service=frontend --dest-ca-cert cert.cert
349 # Create a reencrypt route that exposes the frontend service and re-use
351 # the service name as the route name.
352 oc create route reencrypt --service=frontend --dest-ca-cert cert.cert
353
358 oc-create-route(1),
359
363 June 2016, Ported from the Kubernetes man-doc generator
364Openshift Openshift CLI User Manuals OC CREATE ROUTE(1)