1KUBERNETES(1)(kubernetes) KUBERNETES(1)(kubernetes)
2Eric Paris Jan 2015
6
9 kubectl create secret - Create a secret using specified subcommand
10
14 kubectl create secret [OPTIONS]
15
19 Create a secret using specified subcommand.
20
24 --add-dir-header=false If true, adds the file directory to the
25 header of the log messages
26 --alsologtostderr=false log to standard error as well as files
29 --application-metrics-count-limit=100 Max number of application
32 metrics to store (per container)
33 --as="" Username to impersonate for the operation
36 --as-group=[] Group to impersonate for the operation, this flag
39 can be repeated to specify multiple groups.
40 --azure-container-registry-config="" Path to the file containing
43 Azure container registry configuration information.
44 --boot-id-file="/proc/sys/kernel/random/boot_id" Comma-separated
47 list of files to check for boot-id. Use the first one that exists.
48 --cache-dir="/builddir/.kube/cache" Default cache directory
51 --certificate-authority="" Path to a cert file for the certificate
54 authority
55 --client-certificate="" Path to a client certificate file for TLS
58 --client-key="" Path to a client key file for TLS
61 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
64 CIDRs opened in GCE firewall for L7 LB traffic proxy health
65 checks
66 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
69 CIDRs opened in GCE firewall for L4 LB traffic proxy health
70 checks
71 --cluster="" The name of the kubeconfig cluster to use
74 --container-hints="/etc/cadvisor/container_hints.json" location of
77 the container hints file
78 --containerd="/run/containerd/containerd.sock" containerd endpoint
81 --containerd-namespace="k8s.io" containerd namespace
84 --context="" The name of the kubeconfig context to use
87 --default-not-ready-toleration-seconds=300 Indicates the tolera‐
90 tionSeconds of the toleration for notReady:NoExecute that is added by
91 default to every pod that does not already have such a toleration.
92 --default-unreachable-toleration-seconds=300 Indicates the tolera‐
95 tionSeconds of the toleration for unreachable:NoExecute that is added
96 by default to every pod that does not already have such a toleration.
97 --disable-root-cgroup-stats=false Disable collecting root Cgroup
100 stats
101 --docker="unix:///var/run/docker.sock" docker endpoint
104 --docker-env-metadata-whitelist="" a comma-separated list of envi‐
107 ronment variable keys matched with specified prefix that needs to be
108 collected for docker containers
109 --docker-only=false Only report docker containers in addition to
112 root stats
113 --docker-root="/var/lib/docker" DEPRECATED: docker root is read
116 from docker info (this is a fallback, default: /var/lib/docker)
117 --docker-tls=false use TLS to connect to docker
120 --docker-tls-ca="ca.pem" path to trusted CA
123 --docker-tls-cert="cert.pem" path to client certificate
126 --docker-tls-key="key.pem" path to private key
129 --enable-load-reader=false Whether to enable cpu load reader
132 --event-storage-age-limit="default=0" Max length of time for which
135 to store events (per type). Value is a comma separated list of key val‐
136 ues, where the keys are event types (e.g.: creation, oom) or "default"
137 and the value is a duration. Default is applied to all non-specified
138 event types
139 --event-storage-event-limit="default=0" Max number of events to
142 store (per type). Value is a comma separated list of key values, where
143 the keys are event types (e.g.: creation, oom) or "default" and the
144 value is an integer. Default is applied to all non-specified event
145 types
146 --global-housekeeping-interval=1m0s Interval between global house‐
149 keepings
150 --housekeeping-interval=10s Interval between container housekeep‐
153 ings
154 --insecure-skip-tls-verify=false If true, the server's certificate
157 will not be checked for validity. This will make your HTTPS connections
158 insecure
159 --kubeconfig="" Path to the kubeconfig file to use for CLI re‐
162 quests.
163 --log-backtrace-at=:0 when logging hits line file:N, emit a stack
166 trace
167 --log-cadvisor-usage=false Whether to log the usage of the cAdvi‐
170 sor container
171 --log-dir="" If non-empty, write log files in this directory
174 --log-file="" If non-empty, use this log file
177 --log-file-max-size=1800 Defines the maximum size a log file can
180 grow to. Unit is megabytes. If the value is 0, the maximum file size is
181 unlimited.
182 --log-flush-frequency=5s Maximum number of seconds between log
185 flushes
186 --logtostderr=true log to standard error instead of files
189 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
192 Comma-separated list of files to check for machine-id. Use the
193 first one that exists.
194 --match-server-version=false Require server version to match
197 client version
198 -n, --namespace="" If present, the namespace scope for this CLI
201 request
202 --one-output=false If true, only write logs to their native sever‐
205 ity level (vs also writing to each lower severity level
206 --password="" Password for basic authentication to the API server
209 --profile="none" Name of profile to capture. One of
212 (none|cpu|heap|goroutine|threadcreate|block|mutex)
213 --profile-output="profile.pprof" Name of the file to write the
216 profile to
217 --referenced-reset-interval=0 Reset interval for referenced bytes
220 (container_referenced_bytes metric), number of measurement cycles after
221 which referenced bytes are cleared, if set to 0 referenced bytes are
222 never cleared (default: 0)
223 --request-timeout="0" The length of time to wait before giving up
226 on a single server request. Non-zero values should contain a corre‐
227 sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
228 out requests.
229 -s, --server="" The address and port of the Kubernetes API server
232 --skip-headers=false If true, avoid header prefixes in the log
235 messages
236 --skip-log-headers=false If true, avoid headers when opening log
239 files
240 --stderrthreshold=2 logs at or above this threshold go to stderr
243 --storage-driver-buffer-duration=1m0s Writes in the storage driver
246 will be buffered for this duration, and committed to the non memory
247 backends as a single transaction
248 --storage-driver-db="cadvisor" database name
251 --storage-driver-host="localhost:8086" database host:port
254 --storage-driver-password="root" database password
257 --storage-driver-secure=false use secure connection with database
260 --storage-driver-table="stats" table name
263 --storage-driver-user="root" database username
266 --tls-server-name="" Server name to use for server certificate
269 validation. If it is not provided, the hostname used to contact the
270 server is used
271 --token="" Bearer token for authentication to the API server
274 --update-machine-info-interval=5m0s Interval between machine info
277 updates.
278 --user="" The name of the kubeconfig user to use
281 --username="" Username for basic authentication to the API server
284 -v, --v=0 number for the log level verbosity
287 --version=false Print version information and quit
290 --vmodule= comma-separated list of pattern=N settings for
293 file-filtered logging
294 --warnings-as-errors=false Treat warnings received from the server
297 as errors and exit with a non-zero exit code
298
302 kubectl-create(1), kubectl-create-secret-docker-registry(1),
303 kubectl-create-secret-generic(1), kubectl-create-secret-tls(1),
304
308 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
309 com) based on the kubernetes source material, but hopefully they have
310 been automatically generated since!
311Manuals User KUBERNETES(1)(kubernetes)