1KUBERNETES(1)(kubernetes) KUBERNETES(1)(kubernetes)
2
3
4
5Eric Paris Jan 2015
6
7
9 kubectl expose - Take a replication controller, service, deployment or
10 pod and expose it as a new Kubernetes Service
11
12
13
15 kubectl expose [OPTIONS]
16
17
18
20 Expose a resource as a new Kubernetes service.
21
22
23 Looks up a deployment, service, replica set, replication controller or
24 pod by name and uses the selector for that resource as the selector for
25 a new service on the specified port. A deployment or replica set will
26 be exposed as a service only if its selector is convertible to a selec‐
27 tor that service supports, i.e. when the selector contains only the
28 matchLabels component. Note that if no port is specified via --port and
29 the exposed resource has multiple ports, all will be re-used by the new
30 service. Also if no labels are specified, the new service will re-use
31 the labels from the resource it exposes.
32
33
34 Possible resources include (case insensitive):
35
36
37 pod (po), service (svc), replicationcontroller (rc), deployment (de‐
38 ploy), replicaset (rs)
39
40
41
43 --allow-missing-template-keys=true If true, ignore any errors in
44 templates when a field or map key is missing in the template. Only ap‐
45 plies to golang and jsonpath output formats.
46
47
48 --cluster-ip="" ClusterIP to be assigned to the service. Leave
49 empty to auto-allocate, or set to 'None' to create a headless service.
50
51
52 --container-port="" Synonym for --target-port
53
54
55 --dry-run="none" Must be "none", "server", or "client". If client
56 strategy, only print the object that would be sent, without sending it.
57 If server strategy, submit server-side request without persisting the
58 resource.
59
60
61 --external-ip="" Additional external IP address (not managed by
62 Kubernetes) to accept for the service. If this IP is routed to a node,
63 the service can be accessed by this IP in addition to its generated
64 service IP.
65
66
67 --field-manager="kubectl-expose" Name of the manager used to track
68 field ownership.
69
70
71 -f, --filename=[] Filename, directory, or URL to files identifying
72 the resource to expose a service
73
74
75 --generator="service/v2" The name of the API generator to use.
76 There are 2 generators: 'service/v1' and 'service/v2'. The only differ‐
77 ence between them is that service port in v1 is named 'default', while
78 it is left unnamed in v2. Default is 'service/v2'.
79
80
81 -k, --kustomize="" Process the kustomization directory. This flag
82 can't be used together with -f or -R.
83
84
85 -l, --labels="" Labels to apply to the service created by this
86 call.
87
88
89 --load-balancer-ip="" IP to assign to the LoadBalancer. If empty,
90 an ephemeral IP will be created and used (cloud-provider specific).
91
92
93 --name="" The name for the newly created object.
94
95
96 -o, --output="" Output format. One of: json|yaml|name|go-tem‐
97 plate|go-template-file|template|templatefile|jsonpath|json‐
98 path-as-json|jsonpath-file.
99
100
101 --overrides="" An inline JSON override for the generated object.
102 If this is non-empty, it is used to override the generated object. Re‐
103 quires that the object supply a valid apiVersion field.
104
105
106 --port="" The port that the service should serve on. Copied from
107 the resource being exposed, if unspecified
108
109
110 --protocol="" The network protocol for the service to be created.
111 Default is 'TCP'.
112
113
114 --record=false Record current kubectl command in the resource an‐
115 notation. If set to false, do not record the command. If set to true,
116 record the command. If not set, default to updating the existing anno‐
117 tation value only if one already exists.
118
119
120 -R, --recursive=false Process the directory used in -f, --filename
121 recursively. Useful when you want to manage related manifests organized
122 within the same directory.
123
124
125 --save-config=false If true, the configuration of current object
126 will be saved in its annotation. Otherwise, the annotation will be un‐
127 changed. This flag is useful when you want to perform kubectl apply on
128 this object in the future.
129
130
131 --selector="" A label selector to use for this service. Only
132 equality-based selector requirements are supported. If empty (the de‐
133 fault) infer the selector from the replication controller or replica
134 set.)
135
136
137 --session-affinity="" If non-empty, set the session affinity for
138 the service to this; legal values: 'None', 'ClientIP'
139
140
141 --target-port="" Name or number for the port on the container that
142 the service should direct traffic to. Optional.
143
144
145 --template="" Template string or path to template file to use when
146 -o=go-template, -o=go-template-file. The template format is golang tem‐
147 plates [http://golang.org/pkg/text/template/#pkg-overview].
148
149
150 --type="" Type for this service: ClusterIP, NodePort, LoadBal‐
151 ancer, or ExternalName. Default is 'ClusterIP'.
152
153
154
156 --add-dir-header=false If true, adds the file directory to the
157 header of the log messages
158
159
160 --alsologtostderr=false log to standard error as well as files
161
162
163 --application-metrics-count-limit=100 Max number of application
164 metrics to store (per container)
165
166
167 --as="" Username to impersonate for the operation
168
169
170 --as-group=[] Group to impersonate for the operation, this flag
171 can be repeated to specify multiple groups.
172
173
174 --azure-container-registry-config="" Path to the file containing
175 Azure container registry configuration information.
176
177
178 --boot-id-file="/proc/sys/kernel/random/boot_id" Comma-separated
179 list of files to check for boot-id. Use the first one that exists.
180
181
182 --cache-dir="/builddir/.kube/cache" Default cache directory
183
184
185 --certificate-authority="" Path to a cert file for the certificate
186 authority
187
188
189 --client-certificate="" Path to a client certificate file for TLS
190
191
192 --client-key="" Path to a client key file for TLS
193
194
195 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
196 CIDRs opened in GCE firewall for L7 LB traffic proxy health
197 checks
198
199
200 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
201 CIDRs opened in GCE firewall for L4 LB traffic proxy health
202 checks
203
204
205 --cluster="" The name of the kubeconfig cluster to use
206
207
208 --container-hints="/etc/cadvisor/container_hints.json" location of
209 the container hints file
210
211
212 --containerd="/run/containerd/containerd.sock" containerd endpoint
213
214
215 --containerd-namespace="k8s.io" containerd namespace
216
217
218 --context="" The name of the kubeconfig context to use
219
220
221 --default-not-ready-toleration-seconds=300 Indicates the tolera‐
222 tionSeconds of the toleration for notReady:NoExecute that is added by
223 default to every pod that does not already have such a toleration.
224
225
226 --default-unreachable-toleration-seconds=300 Indicates the tolera‐
227 tionSeconds of the toleration for unreachable:NoExecute that is added
228 by default to every pod that does not already have such a toleration.
229
230
231 --disable-root-cgroup-stats=false Disable collecting root Cgroup
232 stats
233
234
235 --docker="unix:///var/run/docker.sock" docker endpoint
236
237
238 --docker-env-metadata-whitelist="" a comma-separated list of envi‐
239 ronment variable keys matched with specified prefix that needs to be
240 collected for docker containers
241
242
243 --docker-only=false Only report docker containers in addition to
244 root stats
245
246
247 --docker-root="/var/lib/docker" DEPRECATED: docker root is read
248 from docker info (this is a fallback, default: /var/lib/docker)
249
250
251 --docker-tls=false use TLS to connect to docker
252
253
254 --docker-tls-ca="ca.pem" path to trusted CA
255
256
257 --docker-tls-cert="cert.pem" path to client certificate
258
259
260 --docker-tls-key="key.pem" path to private key
261
262
263 --enable-load-reader=false Whether to enable cpu load reader
264
265
266 --event-storage-age-limit="default=0" Max length of time for which
267 to store events (per type). Value is a comma separated list of key val‐
268 ues, where the keys are event types (e.g.: creation, oom) or "default"
269 and the value is a duration. Default is applied to all non-specified
270 event types
271
272
273 --event-storage-event-limit="default=0" Max number of events to
274 store (per type). Value is a comma separated list of key values, where
275 the keys are event types (e.g.: creation, oom) or "default" and the
276 value is an integer. Default is applied to all non-specified event
277 types
278
279
280 --global-housekeeping-interval=1m0s Interval between global house‐
281 keepings
282
283
284 --housekeeping-interval=10s Interval between container housekeep‐
285 ings
286
287
288 --insecure-skip-tls-verify=false If true, the server's certificate
289 will not be checked for validity. This will make your HTTPS connections
290 insecure
291
292
293 --kubeconfig="" Path to the kubeconfig file to use for CLI re‐
294 quests.
295
296
297 --log-backtrace-at=:0 when logging hits line file:N, emit a stack
298 trace
299
300
301 --log-cadvisor-usage=false Whether to log the usage of the cAdvi‐
302 sor container
303
304
305 --log-dir="" If non-empty, write log files in this directory
306
307
308 --log-file="" If non-empty, use this log file
309
310
311 --log-file-max-size=1800 Defines the maximum size a log file can
312 grow to. Unit is megabytes. If the value is 0, the maximum file size is
313 unlimited.
314
315
316 --log-flush-frequency=5s Maximum number of seconds between log
317 flushes
318
319
320 --logtostderr=true log to standard error instead of files
321
322
323 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
324 Comma-separated list of files to check for machine-id. Use the
325 first one that exists.
326
327
328 --match-server-version=false Require server version to match
329 client version
330
331
332 -n, --namespace="" If present, the namespace scope for this CLI
333 request
334
335
336 --one-output=false If true, only write logs to their native sever‐
337 ity level (vs also writing to each lower severity level
338
339
340 --password="" Password for basic authentication to the API server
341
342
343 --profile="none" Name of profile to capture. One of
344 (none|cpu|heap|goroutine|threadcreate|block|mutex)
345
346
347 --profile-output="profile.pprof" Name of the file to write the
348 profile to
349
350
351 --referenced-reset-interval=0 Reset interval for referenced bytes
352 (container_referenced_bytes metric), number of measurement cycles after
353 which referenced bytes are cleared, if set to 0 referenced bytes are
354 never cleared (default: 0)
355
356
357 --request-timeout="0" The length of time to wait before giving up
358 on a single server request. Non-zero values should contain a corre‐
359 sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
360 out requests.
361
362
363 -s, --server="" The address and port of the Kubernetes API server
364
365
366 --skip-headers=false If true, avoid header prefixes in the log
367 messages
368
369
370 --skip-log-headers=false If true, avoid headers when opening log
371 files
372
373
374 --stderrthreshold=2 logs at or above this threshold go to stderr
375
376
377 --storage-driver-buffer-duration=1m0s Writes in the storage driver
378 will be buffered for this duration, and committed to the non memory
379 backends as a single transaction
380
381
382 --storage-driver-db="cadvisor" database name
383
384
385 --storage-driver-host="localhost:8086" database host:port
386
387
388 --storage-driver-password="root" database password
389
390
391 --storage-driver-secure=false use secure connection with database
392
393
394 --storage-driver-table="stats" table name
395
396
397 --storage-driver-user="root" database username
398
399
400 --tls-server-name="" Server name to use for server certificate
401 validation. If it is not provided, the hostname used to contact the
402 server is used
403
404
405 --token="" Bearer token for authentication to the API server
406
407
408 --update-machine-info-interval=5m0s Interval between machine info
409 updates.
410
411
412 --user="" The name of the kubeconfig user to use
413
414
415 --username="" Username for basic authentication to the API server
416
417
418 -v, --v=0 number for the log level verbosity
419
420
421 --version=false Print version information and quit
422
423
424 --vmodule= comma-separated list of pattern=N settings for
425 file-filtered logging
426
427
428 --warnings-as-errors=false Treat warnings received from the server
429 as errors and exit with a non-zero exit code
430
431
432
434 # Create a service for a replicated nginx, which serves on port 80 and connects to the containers on port 8000.
435 kubectl expose rc nginx --port=80 --target-port=8000
436
437 # Create a service for a replication controller identified by type and name specified in "nginx-controller.yaml", which serves on port 80 and connects to the containers on port 8000.
438 kubectl expose -f nginx-controller.yaml --port=80 --target-port=8000
439
440 # Create a service for a pod valid-pod, which serves on port 444 with the name "frontend"
441 kubectl expose pod valid-pod --port=444 --name=frontend
442
443 # Create a second service based on the above service, exposing the container port 8443 as port 443 with the name "nginx-https"
444 kubectl expose service nginx --port=443 --target-port=8443 --name=nginx-https
445
446 # Create a service for a replicated streaming application on port 4100 balancing UDP traffic and named 'video-stream'.
447 kubectl expose rc streamer --port=4100 --protocol=UDP --name=video-stream
448
449 # Create a service for a replicated nginx using replica set, which serves on port 80 and connects to the containers on port 8000.
450 kubectl expose rs nginx --port=80 --target-port=8000
451
452 # Create a service for an nginx deployment, which serves on port 80 and connects to the containers on port 8000.
453 kubectl expose deployment nginx --port=80 --target-port=8000
454
455
456
457
459 kubectl(1),
460
461
462
464 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
465 com) based on the kubernetes source material, but hopefully they have
466 been automatically generated since!
467
468
469
470Manuals User KUBERNETES(1)(kubernetes)