1KUBERNETES(1)(kubernetes)                            KUBERNETES(1)(kubernetes)
2
3
4
5Eric Paris Jan 2015
6
7

NAME

9       kubectl port-forward - Forward one or more local ports to a pod
10
11
12

SYNOPSIS

14       kubectl port-forward [OPTIONS]
15
16
17

DESCRIPTION

19       Forward  one  or  more  local ports to a pod. This command requires the
20       node to have 'socat' installed.
21
22
23       Use resource type/name such as deployment/mydeployment to select a pod.
24       Resource type defaults to 'pod' if omitted.
25
26
27       If  there  are  multiple  pods matching the criteria, a pod will be se‐
28       lected automatically. The forwarding session ends when the selected pod
29       terminates, and rerun of the command is needed to resume forwarding.
30
31
32

OPTIONS

34       --address=[localhost]       Addresses  to  listen on (comma separated).
35       Only accepts IP addresses or localhost as a value.  When  localhost  is
36       supplied,  kubectl  will try to bind on both 127.0.0.1 and ::1 and will
37       fail if neither of these addresses are available to bind.
38
39
40       --pod-running-timeout=1m0s      The length of time (like 5s, 2m, or 3h,
41       higher than zero) to wait until at least one pod is running
42
43
44

OPTIONS INHERITED FROM PARENT COMMANDS

46       --add-dir-header=false       If  true,  adds  the file directory to the
47       header of the log messages
48
49
50       --alsologtostderr=false      log to standard error as well as files
51
52
53       --application-metrics-count-limit=100      Max  number  of  application
54       metrics to store (per container)
55
56
57       --as=""      Username to impersonate for the operation
58
59
60       --as-group=[]       Group  to  impersonate for the operation, this flag
61       can be repeated to specify multiple groups.
62
63
64       --azure-container-registry-config=""      Path to the  file  containing
65       Azure container registry configuration information.
66
67
68       --boot-id-file="/proc/sys/kernel/random/boot_id"        Comma-separated
69       list of files to check for boot-id. Use the first one that exists.
70
71
72       --cache-dir="/builddir/.kube/cache"      Default cache directory
73
74
75       --certificate-authority=""      Path to a cert file for the certificate
76       authority
77
78
79       --client-certificate=""      Path to a client certificate file for TLS
80
81
82       --client-key=""      Path to a client key file for TLS
83
84
85       --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
86            CIDRs opened in GCE firewall for  L7  LB  traffic  proxy    health
87       checks
88
89
90       --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
91            CIDRs opened in GCE firewall for  L4  LB  traffic  proxy    health
92       checks
93
94
95       --cluster=""      The name of the kubeconfig cluster to use
96
97
98       --container-hints="/etc/cadvisor/container_hints.json"      location of
99       the container hints file
100
101
102       --containerd="/run/containerd/containerd.sock"      containerd endpoint
103
104
105       --containerd-namespace="k8s.io"      containerd namespace
106
107
108       --context=""      The name of the kubeconfig context to use
109
110
111       --default-not-ready-toleration-seconds=300      Indicates  the  tolera‐
112       tionSeconds  of  the toleration for notReady:NoExecute that is added by
113       default to every pod that does not already have such a toleration.
114
115
116       --default-unreachable-toleration-seconds=300      Indicates the tolera‐
117       tionSeconds  of  the toleration for unreachable:NoExecute that is added
118       by default to every pod that does not already have such a toleration.
119
120
121       --disable-root-cgroup-stats=false      Disable collecting  root  Cgroup
122       stats
123
124
125       --docker="unix:///var/run/docker.sock"      docker endpoint
126
127
128       --docker-env-metadata-whitelist=""      a comma-separated list of envi‐
129       ronment variable keys matched with specified prefix that  needs  to  be
130       collected for docker containers
131
132
133       --docker-only=false       Only  report docker containers in addition to
134       root stats
135
136
137       --docker-root="/var/lib/docker"      DEPRECATED: docker  root  is  read
138       from docker info (this is a fallback, default: /var/lib/docker)
139
140
141       --docker-tls=false      use TLS to connect to docker
142
143
144       --docker-tls-ca="ca.pem"      path to trusted CA
145
146
147       --docker-tls-cert="cert.pem"      path to client certificate
148
149
150       --docker-tls-key="key.pem"      path to private key
151
152
153       --enable-load-reader=false      Whether to enable cpu load reader
154
155
156       --event-storage-age-limit="default=0"      Max length of time for which
157       to store events (per type). Value is a comma separated list of key val‐
158       ues,  where the keys are event types (e.g.: creation, oom) or "default"
159       and the value is a duration. Default is applied  to  all  non-specified
160       event types
161
162
163       --event-storage-event-limit="default=0"       Max  number  of events to
164       store (per type). Value is a comma separated list of key values,  where
165       the  keys  are  event  types (e.g.: creation, oom) or "default" and the
166       value is an integer. Default is  applied  to  all  non-specified  event
167       types
168
169
170       --global-housekeeping-interval=1m0s      Interval between global house‐
171       keepings
172
173
174       --housekeeping-interval=10s      Interval between container  housekeep‐
175       ings
176
177
178       --insecure-skip-tls-verify=false      If true, the server's certificate
179       will not be checked for validity. This will make your HTTPS connections
180       insecure
181
182
183       --kubeconfig=""       Path  to  the  kubeconfig file to use for CLI re‐
184       quests.
185
186
187       --log-backtrace-at=:0      when logging hits line file:N, emit a  stack
188       trace
189
190
191       --log-cadvisor-usage=false       Whether to log the usage of the cAdvi‐
192       sor container
193
194
195       --log-dir=""      If non-empty, write log files in this directory
196
197
198       --log-file=""      If non-empty, use this log file
199
200
201       --log-file-max-size=1800      Defines the maximum size a log  file  can
202       grow to. Unit is megabytes. If the value is 0, the maximum file size is
203       unlimited.
204
205
206       --log-flush-frequency=5s      Maximum number  of  seconds  between  log
207       flushes
208
209
210       --logtostderr=true      log to standard error instead of files
211
212
213       --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
214            Comma-separated list of files to check  for  machine-id.  Use  the
215       first one that exists.
216
217
218       --match-server-version=false        Require  server  version  to  match
219       client version
220
221
222       -n, --namespace=""      If present, the namespace scope  for  this  CLI
223       request
224
225
226       --one-output=false      If true, only write logs to their native sever‐
227       ity level (vs also writing to each lower severity level
228
229
230       --password=""      Password for basic authentication to the API server
231
232
233       --profile="none"        Name   of   profile   to   capture.   One    of
234       (none|cpu|heap|goroutine|threadcreate|block|mutex)
235
236
237       --profile-output="profile.pprof"       Name  of  the  file to write the
238       profile to
239
240
241       --referenced-reset-interval=0      Reset interval for referenced  bytes
242       (container_referenced_bytes metric), number of measurement cycles after
243       which referenced bytes are cleared, if set to 0  referenced  bytes  are
244       never cleared (default: 0)
245
246
247       --request-timeout="0"       The length of time to wait before giving up
248       on a single server request. Non-zero values  should  contain  a  corre‐
249       sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
250       out requests.
251
252
253       -s, --server=""      The address and port of the Kubernetes API server
254
255
256       --skip-headers=false      If true, avoid header  prefixes  in  the  log
257       messages
258
259
260       --skip-log-headers=false       If  true, avoid headers when opening log
261       files
262
263
264       --stderrthreshold=2      logs at or above this threshold go to stderr
265
266
267       --storage-driver-buffer-duration=1m0s      Writes in the storage driver
268       will  be  buffered  for  this duration, and committed to the non memory
269       backends as a single transaction
270
271
272       --storage-driver-db="cadvisor"      database name
273
274
275       --storage-driver-host="localhost:8086"      database host:port
276
277
278       --storage-driver-password="root"      database password
279
280
281       --storage-driver-secure=false      use secure connection with database
282
283
284       --storage-driver-table="stats"      table name
285
286
287       --storage-driver-user="root"      database username
288
289
290       --tls-server-name=""      Server name to  use  for  server  certificate
291       validation.  If  it  is  not provided, the hostname used to contact the
292       server is used
293
294
295       --token=""      Bearer token for authentication to the API server
296
297
298       --update-machine-info-interval=5m0s      Interval between machine  info
299       updates.
300
301
302       --user=""      The name of the kubeconfig user to use
303
304
305       --username=""      Username for basic authentication to the API server
306
307
308       -v, --v=0      number for the log level verbosity
309
310
311       --version=false      Print version information and quit
312
313
314       --vmodule=        comma-separated   list   of  pattern=N  settings  for
315       file-filtered logging
316
317
318       --warnings-as-errors=false      Treat warnings received from the server
319       as errors and exit with a non-zero exit code
320
321
322

EXAMPLE

324                # Listen on ports 5000 and 6000 locally, forwarding data to/from ports 5000 and 6000 in the pod
325                kubectl port-forward pod/mypod 5000 6000
326
327                # Listen on ports 5000 and 6000 locally, forwarding data to/from ports 5000 and 6000 in a pod selected by the deployment
328                kubectl port-forward deployment/mydeployment 5000 6000
329
330                # Listen on port 8443 locally, forwarding to the targetPort of the service's port named "https" in a pod selected by the service
331                kubectl port-forward service/myservice 8443:https
332
333                # Listen on port 8888 locally, forwarding to 5000 in the pod
334                kubectl port-forward pod/mypod 8888:5000
335
336                # Listen on port 8888 on all addresses, forwarding to 5000 in the pod
337                kubectl port-forward --address 0.0.0.0 pod/mypod 8888:5000
338
339                # Listen on port 8888 on localhost and selected IP, forwarding to 5000 in the pod
340                kubectl port-forward --address localhost,10.19.21.23 pod/mypod 8888:5000
341
342                # Listen on a random port locally, forwarding to 5000 in the pod
343                kubectl port-forward pod/mypod :5000
344
345
346
347

SEE ALSO

349       kubectl(1),
350
351
352

HISTORY

354       January  2015,  Originally compiled by Eric Paris (eparis at redhat dot
355       com) based on the kubernetes source material, but hopefully  they  have
356       been automatically generated since!
357
358
359
360Manuals                              User            KUBERNETES(1)(kubernetes)
Impressum