1OC CREATE ROUTE(1) June 2016 OC CREATE ROUTE(1)
2
3
4
6 oc create route reencrypt - Create a route that uses reencrypt TLS ter‐
7 mination
8
9
10
12 oc create route reencrypt [OPTIONS]
13
14
15
17 Create a route that uses reencrypt TLS termination
18
19
20 Specify the service (either just its name or using type/name syntax)
21 that the generated route should expose via the --service flag. A desti‐
22 nation CA certificate is needed for reencrypt routes, specify one with
23 the --dest-ca-cert flag.
24
25
26
28 --allow-missing-template-keys=true
29 If true, ignore any errors in templates when a field or map key is
30 missing in the template. Only applies to golang and jsonpath output
31 formats.
32
33
34 --ca-cert=""
35 Path to a CA certificate file.
36
37
38 --cert=""
39 Path to a certificate file.
40
41
42 --dest-ca-cert=""
43 Path to a CA certificate file, used for securing the connection
44 from the router to the destination.
45
46
47 --dry-run=false
48 If true, only print the object that would be sent, without sending
49 it.
50
51
52 --hostname=""
53 Set a hostname for the new route
54
55
56 --insecure-policy=""
57 Set an insecure policy for the new route
58
59
60 --key=""
61 Path to a key file.
62
63
64 -o, --output=""
65 Output format. One of: json|yaml|name|template|go-template|go-tem‐
66 plate-file|templatefile|jsonpath|jsonpath-file.
67
68
69 --path=""
70 Path that the router watches to route traffic to the service.
71
72
73 --port=""
74 Name of the service port or number of the container port the route
75 will route traffic to
76
77
78 --service=""
79 Name of the service that the new route is exposing
80
81
82 --template=""
83 Template string or path to template file to use when -o=go-tem‐
84 plate, -o=go-template-file. The template format is golang templates [
85 ⟨http://golang.org/pkg/text/template/#pkg-overview⟩].
86
87
88 --validate=false
89 If true, use a schema to validate the input before sending it
90
91
92 --wildcard-policy=""
93 Sets the WilcardPolicy for the hostname, the default is "None".
94 valid values are "None" and "Subdomain"
95
96
97
99 --allow_verification_with_non_compliant_keys=false
100 Allow a SignatureVerifier to use keys which are technically
101 non-compliant with RFC6962.
102
103
104 --alsologtostderr=false
105 log to standard error as well as files
106
107
108 --application_metrics_count_limit=100
109 Max number of application metrics to store (per container)
110
111
112 --as=""
113 Username to impersonate for the operation
114
115
116 --as-group=[]
117 Group to impersonate for the operation, this flag can be repeated
118 to specify multiple groups.
119
120
121 --azure-container-registry-config=""
122 Path to the file containing Azure container registry configuration
123 information.
124
125
126 --boot_id_file="/proc/sys/kernel/random/boot_id"
127 Comma-separated list of files to check for boot-id. Use the first
128 one that exists.
129
130
131 --cache-dir="/builddir/.kube/http-cache"
132 Default HTTP cache directory
133
134
135 --certificate-authority=""
136 Path to a cert file for the certificate authority
137
138
139 --client-certificate=""
140 Path to a client certificate file for TLS
141
142
143 --client-key=""
144 Path to a client key file for TLS
145
146
147 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
148 CIDRs opened in GCE firewall for LB traffic proxy health checks
149
150
151 --cluster=""
152 The name of the kubeconfig cluster to use
153
154
155 --container_hints="/etc/cadvisor/container_hints.json"
156 location of the container hints file
157
158
159 --containerd="unix:///var/run/containerd.sock"
160 containerd endpoint
161
162
163 --context=""
164 The name of the kubeconfig context to use
165
166
167 --default-not-ready-toleration-seconds=300
168 Indicates the tolerationSeconds of the toleration for
169 notReady:NoExecute that is added by default to every pod that does not
170 already have such a toleration.
171
172
173 --default-unreachable-toleration-seconds=300
174 Indicates the tolerationSeconds of the toleration for unreach‐
175 able:NoExecute that is added by default to every pod that does not
176 already have such a toleration.
177
178
179 --docker="unix:///var/run/docker.sock"
180 docker endpoint
181
182
183 --docker-tls=false
184 use TLS to connect to docker
185
186
187 --docker-tls-ca="ca.pem"
188 path to trusted CA
189
190
191 --docker-tls-cert="cert.pem"
192 path to client certificate
193
194
195 --docker-tls-key="key.pem"
196 path to private key
197
198
199 --docker_env_metadata_whitelist=""
200 a comma-separated list of environment variable keys that needs to
201 be collected for docker containers
202
203
204 --docker_only=false
205 Only report docker containers in addition to root stats
206
207
208 --docker_root="/var/lib/docker"
209 DEPRECATED: docker root is read from docker info (this is a fall‐
210 back, default: /var/lib/docker)
211
212
213 --enable_load_reader=false
214 Whether to enable cpu load reader
215
216
217 --event_storage_age_limit="default=24h"
218 Max length of time for which to store events (per type). Value is a
219 comma separated list of key values, where the keys are event types
220 (e.g.: creation, oom) or "default" and the value is a duration. Default
221 is applied to all non-specified event types
222
223
224 --event_storage_event_limit="default=100000"
225 Max number of events to store (per type). Value is a comma sepa‐
226 rated list of key values, where the keys are event types (e.g.: cre‐
227 ation, oom) or "default" and the value is an integer. Default is
228 applied to all non-specified event types
229
230
231 --global_housekeeping_interval=0
232 Interval between global housekeepings
233
234
235 --housekeeping_interval=0
236 Interval between container housekeepings
237
238
239 --insecure-skip-tls-verify=false
240 If true, the server's certificate will not be checked for validity.
241 This will make your HTTPS connections insecure
242
243
244 --kubeconfig=""
245 Path to the kubeconfig file to use for CLI requests.
246
247
248 --log-flush-frequency=0
249 Maximum number of seconds between log flushes
250
251
252 --log_backtrace_at=:0
253 when logging hits line file:N, emit a stack trace
254
255
256 --log_cadvisor_usage=false
257 Whether to log the usage of the cAdvisor container
258
259
260 --log_dir=""
261 If non-empty, write log files in this directory
262
263
264 --logtostderr=true
265 log to standard error instead of files
266
267
268 --machine_id_file="/etc/machine-id,/var/lib/dbus/machine-id"
269 Comma-separated list of files to check for machine-id. Use the
270 first one that exists.
271
272
273 --match-server-version=false
274 Require server version to match client version
275
276
277 -n, --namespace=""
278 If present, the namespace scope for this CLI request
279
280
281 --request-timeout="0"
282 The length of time to wait before giving up on a single server
283 request. Non-zero values should contain a corresponding time unit (e.g.
284 1s, 2m, 3h). A value of zero means don't timeout requests.
285
286
287 -s, --server=""
288 The address and port of the Kubernetes API server
289
290
291 --stderrthreshold=2
292 logs at or above this threshold go to stderr
293
294
295 --storage_driver_buffer_duration=0
296 Writes in the storage driver will be buffered for this duration,
297 and committed to the non memory backends as a single transaction
298
299
300 --storage_driver_db="cadvisor"
301 database name
302
303
304 --storage_driver_host="localhost:8086"
305 database host:port
306
307
308 --storage_driver_password="root"
309 database password
310
311
312 --storage_driver_secure=false
313 use secure connection with database
314
315
316 --storage_driver_table="stats"
317 table name
318
319
320 --storage_driver_user="root"
321 database username
322
323
324 --token=""
325 Bearer token for authentication to the API server
326
327
328 --user=""
329 The name of the kubeconfig user to use
330
331
332 -v, --v=0
333 log level for V logs
334
335
336 --version=false
337 Print version information and quit
338
339
340 --vmodule=
341 comma-separated list of pattern=N settings for file-filtered log‐
342 ging
343
344
345
347 # Create a route named "my-route" that exposes the frontend service.
348 oc create route reencrypt my-route --service=frontend --dest-ca-cert cert.cert
349
350 # Create a reencrypt route that exposes the frontend service and re-use
351 # the service name as the route name.
352 oc create route reencrypt --service=frontend --dest-ca-cert cert.cert
353
354
355
356
358 oc-create-route(1),
359
360
361
363 June 2016, Ported from the Kubernetes man-doc generator
364
365
366
367Openshift Openshift CLI User Manuals OC CREATE ROUTE(1)