1KUBERNETES(1)(kubernetes) KUBERNETES(1)(kubernetes)
2
3
4
5Eric Paris Jan 2015
6
7
9 kubectl run - Run a particular image on the cluster
10
11
12
14 kubectl run [OPTIONS]
15
16
17
19 Create and run a particular image in a pod.
20
21
22
24 --allow-missing-template-keys=true If true, ignore any errors in
25 templates when a field or map key is missing in the template. Only ap‐
26 plies to golang and jsonpath output formats.
27
28
29 --annotations=[] Annotations to apply to the pod.
30
31
32 --attach=false If true, wait for the Pod to start running, and
33 then attach to the Pod as if 'kubectl attach ...' were called. Default
34 false, unless '-i/--stdin' is set, in which case the default is true.
35 With '--restart=Never' the exit code of the container process is re‐
36 turned.
37
38
39 --cascade="background" Must be "background", "orphan", or "fore‐
40 ground". Selects the deletion cascading strategy for the dependents
41 (e.g. Pods created by a ReplicationController). Defaults to background.
42
43
44 --command=false If true and extra arguments are present, use them
45 as the 'command' field in the container, rather than the 'args' field
46 which is the default.
47
48
49 --dry-run="none" Must be "none", "server", or "client". If client
50 strategy, only print the object that would be sent, without sending it.
51 If server strategy, submit server-side request without persisting the
52 resource.
53
54
55 --env=[] Environment variables to set in the container.
56
57
58 --expose=false If true, service is created for the container(s)
59 which are run
60
61
62 --field-manager="kubectl-run" Name of the manager used to track
63 field ownership.
64
65
66 -f, --filename=[] to use to replace the resource.
67
68
69 --force=false If true, immediately remove resources from API and
70 bypass graceful deletion. Note that immediate deletion of some re‐
71 sources may result in inconsistency or data loss and requires confirma‐
72 tion.
73
74
75 --generator="run-pod/v1" The name of the API generator to use, see
76 http://kubernetes.io/docs/user-guide/kubectl-conventions/#generators
77 for a list.
78
79
80 --grace-period=-1 Period of time in seconds given to the resource
81 to terminate gracefully. Ignored if negative. Set to 1 for immediate
82 shutdown. Can only be set to 0 when --force is true (force deletion).
83
84
85 --hostport=-1 The host port mapping for the container port. To
86 demonstrate a single-machine container.
87
88
89 --image="" The image for the container to run.
90
91
92 --image-pull-policy="" The image pull policy for the container. If
93 left empty, this value will not be specified by the client and de‐
94 faulted by the server
95
96
97 -k, --kustomize="" Process a kustomization directory. This flag
98 can't be used together with -f or -R.
99
100
101 -l, --labels="" Comma separated labels to apply to the pod(s).
102 Will override previous values.
103
104
105 --leave-stdin-open=false If the pod is started in interactive mode
106 or with stdin, leave stdin open after the first attach completes. By
107 default, stdin will be closed after the first attach completes.
108
109
110 --limits="" The resource requirement limits for this container.
111 For example, 'cpu=200m,memory=512Mi'. Note that server side components
112 may assign limits depending on the server configuration, such as limit
113 ranges.
114
115
116 -o, --output="" Output format. One of: json|yaml|name|go-tem‐
117 plate|go-template-file|template|templatefile|jsonpath|json‐
118 path-as-json|jsonpath-file.
119
120
121 --overrides="" An inline JSON override for the generated object.
122 If this is non-empty, it is used to override the generated object. Re‐
123 quires that the object supply a valid apiVersion field.
124
125
126 --pod-running-timeout=1m0s The length of time (like 5s, 2m, or 3h,
127 higher than zero) to wait until at least one pod is running
128
129
130 --port="" The port that this container exposes.
131
132
133 --privileged=false If true, run the container in privileged mode.
134
135
136 --quiet=false If true, suppress prompt messages.
137
138
139 --record=false Record current kubectl command in the resource an‐
140 notation. If set to false, do not record the command. If set to true,
141 record the command. If not set, default to updating the existing anno‐
142 tation value only if one already exists.
143
144
145 -R, --recursive=false Process the directory used in -f, --filename
146 recursively. Useful when you want to manage related manifests organized
147 within the same directory.
148
149
150 -r, --replicas=1 Number of replicas to create for this container.
151 Default is 1.
152
153
154 --requests="" The resource requirement requests for this con‐
155 tainer. For example, 'cpu=100m,memory=256Mi'. Note that server side
156 components may assign requests depending on the server configuration,
157 such as limit ranges.
158
159
160 --restart="Always" The restart policy for this Pod. Legal values
161 [Always, OnFailure, Never].
162
163
164 --rm=false If true, delete resources created in this command for
165 attached containers.
166
167
168 --save-config=false If true, the configuration of current object
169 will be saved in its annotation. Otherwise, the annotation will be un‐
170 changed. This flag is useful when you want to perform kubectl apply on
171 this object in the future.
172
173
174 --schedule="" A schedule in the Cron format the job should be run
175 with.
176
177
178 --service-generator="service/v2" The name of the generator to use
179 for creating a service. Only used if --expose is true
180
181
182 --service-overrides="" An inline JSON override for the generated
183 service object. If this is non-empty, it is used to override the gener‐
184 ated object. Requires that the object supply a valid apiVersion field.
185 Only used if --expose is true.
186
187
188 --serviceaccount="" Service account to set in the pod spec.
189
190
191 -i, --stdin=false Keep stdin open on the container(s) in the pod,
192 even if nothing is attached.
193
194
195 --template="" Template string or path to template file to use when
196 -o=go-template, -o=go-template-file. The template format is golang tem‐
197 plates [http://golang.org/pkg/text/template/#pkg-overview].
198
199
200 --timeout=0s The length of time to wait before giving up on a
201 delete, zero means determine a timeout from the size of the object
202
203
204 -t, --tty=false Allocated a TTY for each container in the pod.
205
206
207 --wait=false If true, wait for resources to be gone before return‐
208 ing. This waits for finalizers.
209
210
211
213 --add-dir-header=false If true, adds the file directory to the
214 header of the log messages
215
216
217 --alsologtostderr=false log to standard error as well as files
218
219
220 --application-metrics-count-limit=100 Max number of application
221 metrics to store (per container)
222
223
224 --as="" Username to impersonate for the operation
225
226
227 --as-group=[] Group to impersonate for the operation, this flag
228 can be repeated to specify multiple groups.
229
230
231 --azure-container-registry-config="" Path to the file containing
232 Azure container registry configuration information.
233
234
235 --boot-id-file="/proc/sys/kernel/random/boot_id" Comma-separated
236 list of files to check for boot-id. Use the first one that exists.
237
238
239 --cache-dir="/builddir/.kube/cache" Default cache directory
240
241
242 --certificate-authority="" Path to a cert file for the certificate
243 authority
244
245
246 --client-certificate="" Path to a client certificate file for TLS
247
248
249 --client-key="" Path to a client key file for TLS
250
251
252 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
253 CIDRs opened in GCE firewall for L7 LB traffic proxy health
254 checks
255
256
257 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
258 CIDRs opened in GCE firewall for L4 LB traffic proxy health
259 checks
260
261
262 --cluster="" The name of the kubeconfig cluster to use
263
264
265 --container-hints="/etc/cadvisor/container_hints.json" location of
266 the container hints file
267
268
269 --containerd="/run/containerd/containerd.sock" containerd endpoint
270
271
272 --containerd-namespace="k8s.io" containerd namespace
273
274
275 --context="" The name of the kubeconfig context to use
276
277
278 --default-not-ready-toleration-seconds=300 Indicates the tolera‐
279 tionSeconds of the toleration for notReady:NoExecute that is added by
280 default to every pod that does not already have such a toleration.
281
282
283 --default-unreachable-toleration-seconds=300 Indicates the tolera‐
284 tionSeconds of the toleration for unreachable:NoExecute that is added
285 by default to every pod that does not already have such a toleration.
286
287
288 --disable-root-cgroup-stats=false Disable collecting root Cgroup
289 stats
290
291
292 --docker="unix:///var/run/docker.sock" docker endpoint
293
294
295 --docker-env-metadata-whitelist="" a comma-separated list of envi‐
296 ronment variable keys matched with specified prefix that needs to be
297 collected for docker containers
298
299
300 --docker-only=false Only report docker containers in addition to
301 root stats
302
303
304 --docker-root="/var/lib/docker" DEPRECATED: docker root is read
305 from docker info (this is a fallback, default: /var/lib/docker)
306
307
308 --docker-tls=false use TLS to connect to docker
309
310
311 --docker-tls-ca="ca.pem" path to trusted CA
312
313
314 --docker-tls-cert="cert.pem" path to client certificate
315
316
317 --docker-tls-key="key.pem" path to private key
318
319
320 --enable-load-reader=false Whether to enable cpu load reader
321
322
323 --event-storage-age-limit="default=0" Max length of time for which
324 to store events (per type). Value is a comma separated list of key val‐
325 ues, where the keys are event types (e.g.: creation, oom) or "default"
326 and the value is a duration. Default is applied to all non-specified
327 event types
328
329
330 --event-storage-event-limit="default=0" Max number of events to
331 store (per type). Value is a comma separated list of key values, where
332 the keys are event types (e.g.: creation, oom) or "default" and the
333 value is an integer. Default is applied to all non-specified event
334 types
335
336
337 --global-housekeeping-interval=1m0s Interval between global house‐
338 keepings
339
340
341 --housekeeping-interval=10s Interval between container housekeep‐
342 ings
343
344
345 --insecure-skip-tls-verify=false If true, the server's certificate
346 will not be checked for validity. This will make your HTTPS connections
347 insecure
348
349
350 --kubeconfig="" Path to the kubeconfig file to use for CLI re‐
351 quests.
352
353
354 --log-backtrace-at=:0 when logging hits line file:N, emit a stack
355 trace
356
357
358 --log-cadvisor-usage=false Whether to log the usage of the cAdvi‐
359 sor container
360
361
362 --log-dir="" If non-empty, write log files in this directory
363
364
365 --log-file="" If non-empty, use this log file
366
367
368 --log-file-max-size=1800 Defines the maximum size a log file can
369 grow to. Unit is megabytes. If the value is 0, the maximum file size is
370 unlimited.
371
372
373 --log-flush-frequency=5s Maximum number of seconds between log
374 flushes
375
376
377 --logtostderr=true log to standard error instead of files
378
379
380 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
381 Comma-separated list of files to check for machine-id. Use the
382 first one that exists.
383
384
385 --match-server-version=false Require server version to match
386 client version
387
388
389 -n, --namespace="" If present, the namespace scope for this CLI
390 request
391
392
393 --one-output=false If true, only write logs to their native sever‐
394 ity level (vs also writing to each lower severity level
395
396
397 --password="" Password for basic authentication to the API server
398
399
400 --profile="none" Name of profile to capture. One of
401 (none|cpu|heap|goroutine|threadcreate|block|mutex)
402
403
404 --profile-output="profile.pprof" Name of the file to write the
405 profile to
406
407
408 --referenced-reset-interval=0 Reset interval for referenced bytes
409 (container_referenced_bytes metric), number of measurement cycles after
410 which referenced bytes are cleared, if set to 0 referenced bytes are
411 never cleared (default: 0)
412
413
414 --request-timeout="0" The length of time to wait before giving up
415 on a single server request. Non-zero values should contain a corre‐
416 sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
417 out requests.
418
419
420 -s, --server="" The address and port of the Kubernetes API server
421
422
423 --skip-headers=false If true, avoid header prefixes in the log
424 messages
425
426
427 --skip-log-headers=false If true, avoid headers when opening log
428 files
429
430
431 --stderrthreshold=2 logs at or above this threshold go to stderr
432
433
434 --storage-driver-buffer-duration=1m0s Writes in the storage driver
435 will be buffered for this duration, and committed to the non memory
436 backends as a single transaction
437
438
439 --storage-driver-db="cadvisor" database name
440
441
442 --storage-driver-host="localhost:8086" database host:port
443
444
445 --storage-driver-password="root" database password
446
447
448 --storage-driver-secure=false use secure connection with database
449
450
451 --storage-driver-table="stats" table name
452
453
454 --storage-driver-user="root" database username
455
456
457 --tls-server-name="" Server name to use for server certificate
458 validation. If it is not provided, the hostname used to contact the
459 server is used
460
461
462 --token="" Bearer token for authentication to the API server
463
464
465 --update-machine-info-interval=5m0s Interval between machine info
466 updates.
467
468
469 --user="" The name of the kubeconfig user to use
470
471
472 --username="" Username for basic authentication to the API server
473
474
475 -v, --v=0 number for the log level verbosity
476
477
478 --version=false Print version information and quit
479
480
481 --vmodule= comma-separated list of pattern=N settings for
482 file-filtered logging
483
484
485 --warnings-as-errors=false Treat warnings received from the server
486 as errors and exit with a non-zero exit code
487
488
489
491 # Start a nginx pod.
492 kubectl run nginx --image=nginx
493
494 # Start a hazelcast pod and let the container expose port 5701.
495 kubectl run hazelcast --image=hazelcast/hazelcast --port=5701
496
497 # Start a hazelcast pod and set environment variables "DNS_DOMAIN=cluster" and "POD_NAMESPACE=default" in the container.
498 kubectl run hazelcast --image=hazelcast/hazelcast --env="DNS_DOMAIN=cluster" --env="POD_NAMESPACE=default"
499
500 # Start a hazelcast pod and set labels "app=hazelcast" and "env=prod" in the container.
501 kubectl run hazelcast --image=hazelcast/hazelcast --labels="app=hazelcast,env=prod"
502
503 # Dry run. Print the corresponding API objects without creating them.
504 kubectl run nginx --image=nginx --dry-run=client
505
506 # Start a nginx pod, but overload the spec with a partial set of values parsed from JSON.
507 kubectl run nginx --image=nginx --overrides='{ "apiVersion": "v1", "spec": { ... } }'
508
509 # Start a busybox pod and keep it in the foreground, don't restart it if it exits.
510 kubectl run -i -t busybox --image=busybox --restart=Never
511
512 # Start the nginx pod using the default command, but use custom arguments (arg1 .. argN) for that command.
513 kubectl run nginx --image=nginx -- <arg1> <arg2> ... <argN>
514
515 # Start the nginx pod using a different command and custom arguments.
516 kubectl run nginx --image=nginx --command -- <cmd> <arg1> ... <argN>
517
518
519
520
522 kubectl(1),
523
524
525
527 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
528 com) based on the kubernetes source material, but hopefully they have
529 been automatically generated since!
530
531
532
533Manuals User KUBERNETES(1)(kubernetes)