1KUBERNETES(1) Jan 2015 KUBERNETES(1)
2
3
4
6 kubectl create secret - Create a secret using specified subcommand
7
8
9
11 kubectl create secret [OPTIONS]
12
13
14
16 Create a secret using specified subcommand.
17
18
19
21 --add-dir-header=false
22 If true, adds the file directory to the header
23
24
25 --alsologtostderr=false
26 log to standard error as well as files
27
28
29 --application-metrics-count-limit=100
30 Max number of application metrics to store (per container)
31
32
33 --as=""
34 Username to impersonate for the operation
35
36
37 --as-group=[]
38 Group to impersonate for the operation, this flag can be repeated
39 to specify multiple groups.
40
41
42 --azure-container-registry-config=""
43 Path to the file containing Azure container registry configuration
44 information.
45
46
47 --boot-id-file="/proc/sys/kernel/random/boot_id"
48 Comma-separated list of files to check for boot-id. Use the first
49 one that exists.
50
51
52 --cache-dir="/builddir/.kube/http-cache"
53 Default HTTP cache directory
54
55
56 --certificate-authority=""
57 Path to a cert file for the certificate authority
58
59
60 --client-certificate=""
61 Path to a client certificate file for TLS
62
63
64 --client-key=""
65 Path to a client key file for TLS
66
67
68 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
69 CIDRs opened in GCE firewall for L7 LB traffic proxy health checks
70
71
72 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
73 CIDRs opened in GCE firewall for L4 LB traffic proxy health checks
74
75
76 --cluster=""
77 The name of the kubeconfig cluster to use
78
79
80 --container-hints="/etc/cadvisor/container_hints.json"
81 location of the container hints file
82
83
84 --containerd="/run/containerd/containerd.sock"
85 containerd endpoint
86
87
88 --containerd-namespace="k8s.io"
89 containerd namespace
90
91
92 --context=""
93 The name of the kubeconfig context to use
94
95
96 --default-not-ready-toleration-seconds=300
97 Indicates the tolerationSeconds of the toleration for
98 notReady:NoExecute that is added by default to every pod that does not
99 already have such a toleration.
100
101
102 --default-unreachable-toleration-seconds=300
103 Indicates the tolerationSeconds of the toleration for
104 unreachable:NoExecute that is added by default to every pod that does
105 not already have such a toleration.
106
107
108 --disable-root-cgroup-stats=false
109 Disable collecting root Cgroup stats
110
111
112 --docker="unix:///var/run/docker.sock"
113 docker endpoint
114
115
116 --docker-env-metadata-whitelist=""
117 a comma-separated list of environment variable keys that needs to
118 be collected for docker containers
119
120
121 --docker-only=false
122 Only report docker containers in addition to root stats
123
124
125 --docker-root="/var/lib/docker"
126 DEPRECATED: docker root is read from docker info (this is a
127 fallback, default: /var/lib/docker)
128
129
130 --docker-tls=false
131 use TLS to connect to docker
132
133
134 --docker-tls-ca="ca.pem"
135 path to trusted CA
136
137
138 --docker-tls-cert="cert.pem"
139 path to client certificate
140
141
142 --docker-tls-key="key.pem"
143 path to private key
144
145
146 --enable-load-reader=false
147 Whether to enable cpu load reader
148
149
150 --event-storage-age-limit="default=0"
151 Max length of time for which to store events (per type). Value is a
152 comma separated list of key values, where the keys are event types
153 (e.g.: creation, oom) or "default" and the value is a duration. Default
154 is applied to all non-specified event types
155
156
157 --event-storage-event-limit="default=0"
158 Max number of events to store (per type). Value is a comma
159 separated list of key values, where the keys are event types (e.g.:
160 creation, oom) or "default" and the value is an integer. Default is
161 applied to all non-specified event types
162
163
164 --global-housekeeping-interval=1m0s
165 Interval between global housekeepings
166
167
168 --housekeeping-interval=10s
169 Interval between container housekeepings
170
171
172 --insecure-skip-tls-verify=false
173 If true, the server's certificate will not be checked for validity.
174 This will make your HTTPS connections insecure
175
176
177 --kubeconfig=""
178 Path to the kubeconfig file to use for CLI requests.
179
180
181 --log-backtrace-at=:0
182 when logging hits line file:N, emit a stack trace
183
184
185 --log-cadvisor-usage=false
186 Whether to log the usage of the cAdvisor container
187
188
189 --log-dir=""
190 If non-empty, write log files in this directory
191
192
193 --log-file=""
194 If non-empty, use this log file
195
196
197 --log-file-max-size=1800
198 Defines the maximum size a log file can grow to. Unit is megabytes.
199 If the value is 0, the maximum file size is unlimited.
200
201
202 --log-flush-frequency=5s
203 Maximum number of seconds between log flushes
204
205
206 --logtostderr=true
207 log to standard error instead of files
208
209
210 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
211 Comma-separated list of files to check for machine-id. Use the
212 first one that exists.
213
214
215 --match-server-version=false
216 Require server version to match client version
217
218
219 -n, --namespace=""
220 If present, the namespace scope for this CLI request
221
222
223 --password=""
224 Password for basic authentication to the API server
225
226
227 --profile="none"
228 Name of profile to capture. One of
229 (none|cpu|heap|goroutine|threadcreate|block|mutex)
230
231
232 --profile-output="profile.pprof"
233 Name of the file to write the profile to
234
235
236 --request-timeout="0"
237 The length of time to wait before giving up on a single server
238 request. Non-zero values should contain a corresponding time unit (e.g.
239 1s, 2m, 3h). A value of zero means don't timeout requests.
240
241
242 -s, --server=""
243 The address and port of the Kubernetes API server
244
245
246 --skip-headers=false
247 If true, avoid header prefixes in the log messages
248
249
250 --skip-log-headers=false
251 If true, avoid headers when opening log files
252
253
254 --stderrthreshold=2
255 logs at or above this threshold go to stderr
256
257
258 --storage-driver-buffer-duration=1m0s
259 Writes in the storage driver will be buffered for this duration,
260 and committed to the non memory backends as a single transaction
261
262
263 --storage-driver-db="cadvisor"
264 database name
265
266
267 --storage-driver-host="localhost:8086"
268 database host:port
269
270
271 --storage-driver-password="root"
272 database password
273
274
275 --storage-driver-secure=false
276 use secure connection with database
277
278
279 --storage-driver-table="stats"
280 table name
281
282
283 --storage-driver-user="root"
284 database username
285
286
287 --tls-server-name=""
288 Server name to use for server certificate validation. If it is not
289 provided, the hostname used to contact the server is used
290
291
292 --token=""
293 Bearer token for authentication to the API server
294
295
296 --update-machine-info-interval=5m0s
297 Interval between machine info updates.
298
299
300 --user=""
301 The name of the kubeconfig user to use
302
303
304 --username=""
305 Username for basic authentication to the API server
306
307
308 -v, --v=0
309 number for the log level verbosity
310
311
312 --version=false
313 Print version information and quit
314
315
316 --vmodule=
317 comma-separated list of pattern=N settings for file-filtered
318 logging
319
320
321
323 kubectl-create(1), kubectl-create-secret-docker-registry(1),
324 kubectl-create-secret-generic(1), kubectl-create-secret-tls(1),
325
326
327
329 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
330 com) based on the kubernetes source material, but hopefully they have
331 been automatically generated since!
332
333
334
335Eric Paris kubernetes User Manuals KUBERNETES(1)