1KUBERNETES(1)(kubernetes) KUBERNETES(1)(kubernetes)
2Eric Paris Jan 2015
6
9 kubectl port-forward - Forward one or more local ports to a pod
10
14 kubectl port-forward [OPTIONS]
15
19 Forward one or more local ports to a pod. This command requires the
20 node to have 'socat' installed.
21 Use resource type/name such as deployment/mydeployment to select a pod.
24 Resource type defaults to 'pod' if omitted.
25 If there are multiple pods matching the criteria, a pod will be se‐
28 lected automatically. The forwarding session ends when the selected pod
29 terminates, and rerun of the command is needed to resume forwarding.
30
34 --address=[localhost] Addresses to listen on (comma separated).
35 Only accepts IP addresses or localhost as a value. When localhost is
36 supplied, kubectl will try to bind on both 127.0.0.1 and ::1 and will
37 fail if neither of these addresses are available to bind.
38 --pod-running-timeout=1m0s The length of time (like 5s, 2m, or 3h,
41 higher than zero) to wait until at least one pod is running
42
46 --add-dir-header=false If true, adds the file directory to the
47 header of the log messages
48 --alsologtostderr=false log to standard error as well as files
51 --application-metrics-count-limit=100 Max number of application
54 metrics to store (per container)
55 --as="" Username to impersonate for the operation
58 --as-group=[] Group to impersonate for the operation, this flag
61 can be repeated to specify multiple groups.
62 --azure-container-registry-config="" Path to the file containing
65 Azure container registry configuration information.
66 --boot-id-file="/proc/sys/kernel/random/boot_id" Comma-separated
69 list of files to check for boot-id. Use the first one that exists.
70 --cache-dir="/builddir/.kube/cache" Default cache directory
73 --certificate-authority="" Path to a cert file for the certificate
76 authority
77 --client-certificate="" Path to a client certificate file for TLS
80 --client-key="" Path to a client key file for TLS
83 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
86 CIDRs opened in GCE firewall for L7 LB traffic proxy health
87 checks
88 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
91 CIDRs opened in GCE firewall for L4 LB traffic proxy health
92 checks
93 --cluster="" The name of the kubeconfig cluster to use
96 --container-hints="/etc/cadvisor/container_hints.json" location of
99 the container hints file
100 --containerd="/run/containerd/containerd.sock" containerd endpoint
103 --containerd-namespace="k8s.io" containerd namespace
106 --context="" The name of the kubeconfig context to use
109 --default-not-ready-toleration-seconds=300 Indicates the tolera‐
112 tionSeconds of the toleration for notReady:NoExecute that is added by
113 default to every pod that does not already have such a toleration.
114 --default-unreachable-toleration-seconds=300 Indicates the tolera‐
117 tionSeconds of the toleration for unreachable:NoExecute that is added
118 by default to every pod that does not already have such a toleration.
119 --disable-root-cgroup-stats=false Disable collecting root Cgroup
122 stats
123 --docker="unix:///var/run/docker.sock" docker endpoint
126 --docker-env-metadata-whitelist="" a comma-separated list of envi‐
129 ronment variable keys matched with specified prefix that needs to be
130 collected for docker containers
131 --docker-only=false Only report docker containers in addition to
134 root stats
135 --docker-root="/var/lib/docker" DEPRECATED: docker root is read
138 from docker info (this is a fallback, default: /var/lib/docker)
139 --docker-tls=false use TLS to connect to docker
142 --docker-tls-ca="ca.pem" path to trusted CA
145 --docker-tls-cert="cert.pem" path to client certificate
148 --docker-tls-key="key.pem" path to private key
151 --enable-load-reader=false Whether to enable cpu load reader
154 --event-storage-age-limit="default=0" Max length of time for which
157 to store events (per type). Value is a comma separated list of key val‐
158 ues, where the keys are event types (e.g.: creation, oom) or "default"
159 and the value is a duration. Default is applied to all non-specified
160 event types
161 --event-storage-event-limit="default=0" Max number of events to
164 store (per type). Value is a comma separated list of key values, where
165 the keys are event types (e.g.: creation, oom) or "default" and the
166 value is an integer. Default is applied to all non-specified event
167 types
168 --global-housekeeping-interval=1m0s Interval between global house‐
171 keepings
172 --housekeeping-interval=10s Interval between container housekeep‐
175 ings
176 --insecure-skip-tls-verify=false If true, the server's certificate
179 will not be checked for validity. This will make your HTTPS connections
180 insecure
181 --kubeconfig="" Path to the kubeconfig file to use for CLI re‐
184 quests.
185 --log-backtrace-at=:0 when logging hits line file:N, emit a stack
188 trace
189 --log-cadvisor-usage=false Whether to log the usage of the cAdvi‐
192 sor container
193 --log-dir="" If non-empty, write log files in this directory
196 --log-file="" If non-empty, use this log file
199 --log-file-max-size=1800 Defines the maximum size a log file can
202 grow to. Unit is megabytes. If the value is 0, the maximum file size is
203 unlimited.
204 --log-flush-frequency=5s Maximum number of seconds between log
207 flushes
208 --logtostderr=true log to standard error instead of files
211 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
214 Comma-separated list of files to check for machine-id. Use the
215 first one that exists.
216 --match-server-version=false Require server version to match
219 client version
220 -n, --namespace="" If present, the namespace scope for this CLI
223 request
224 --one-output=false If true, only write logs to their native sever‐
227 ity level (vs also writing to each lower severity level
228 --password="" Password for basic authentication to the API server
231 --profile="none" Name of profile to capture. One of
234 (none|cpu|heap|goroutine|threadcreate|block|mutex)
235 --profile-output="profile.pprof" Name of the file to write the
238 profile to
239 --referenced-reset-interval=0 Reset interval for referenced bytes
242 (container_referenced_bytes metric), number of measurement cycles after
243 which referenced bytes are cleared, if set to 0 referenced bytes are
244 never cleared (default: 0)
245 --request-timeout="0" The length of time to wait before giving up
248 on a single server request. Non-zero values should contain a corre‐
249 sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
250 out requests.
251 -s, --server="" The address and port of the Kubernetes API server
254 --skip-headers=false If true, avoid header prefixes in the log
257 messages
258 --skip-log-headers=false If true, avoid headers when opening log
261 files
262 --stderrthreshold=2 logs at or above this threshold go to stderr
265 --storage-driver-buffer-duration=1m0s Writes in the storage driver
268 will be buffered for this duration, and committed to the non memory
269 backends as a single transaction
270 --storage-driver-db="cadvisor" database name
273 --storage-driver-host="localhost:8086" database host:port
276 --storage-driver-password="root" database password
279 --storage-driver-secure=false use secure connection with database
282 --storage-driver-table="stats" table name
285 --storage-driver-user="root" database username
288 --tls-server-name="" Server name to use for server certificate
291 validation. If it is not provided, the hostname used to contact the
292 server is used
293 --token="" Bearer token for authentication to the API server
296 --update-machine-info-interval=5m0s Interval between machine info
299 updates.
300 --user="" The name of the kubeconfig user to use
303 --username="" Username for basic authentication to the API server
306 -v, --v=0 number for the log level verbosity
309 --version=false Print version information and quit
312 --vmodule= comma-separated list of pattern=N settings for
315 file-filtered logging
316 --warnings-as-errors=false Treat warnings received from the server
319 as errors and exit with a non-zero exit code
320
324 # Listen on ports 5000 and 6000 locally, forwarding data to/from ports 5000 and 6000 in the pod
325 kubectl port-forward pod/mypod 5000 6000
326 # Listen on ports 5000 and 6000 locally, forwarding data to/from ports 5000 and 6000 in a pod selected by the deployment
328 kubectl port-forward deployment/mydeployment 5000 6000
329 # Listen on port 8443 locally, forwarding to the targetPort of the service's port named "https" in a pod selected by the service
331 kubectl port-forward service/myservice 8443:https
332 # Listen on port 8888 locally, forwarding to 5000 in the pod
334 kubectl port-forward pod/mypod 8888:5000
335 # Listen on port 8888 on all addresses, forwarding to 5000 in the pod
337 kubectl port-forward --address 0.0.0.0 pod/mypod 8888:5000
338 # Listen on port 8888 on localhost and selected IP, forwarding to 5000 in the pod
340 kubectl port-forward --address localhost,10.19.21.23 pod/mypod 8888:5000
341 # Listen on a random port locally, forwarding to 5000 in the pod
343 kubectl port-forward pod/mypod :5000
344
349 kubectl(1),
350
354 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
355 com) based on the kubernetes source material, but hopefully they have
356 been automatically generated since!
357Manuals User KUBERNETES(1)(kubernetes)