1KUBERNETES(1)(kubernetes) KUBERNETES(1)(kubernetes)
2
3
4
5Eric Paris Jan 2015
6
7
9 kubectl config - Modify kubeconfig files
10
11
12
14 kubectl config [OPTIONS]
15
16
17
19 Modify kubeconfig files using subcommands like "kubectl config set cur‐
20 rent-context my-context"
21
22
23 The loading order follows these rules:
24
25
26 1. If the --kubeconfig flag is set, then only that file is
27 loaded. The flag may only be set once and no merging takes
28 place.
29
30 2. If $KUBECONFIG environment variable is set, then it is used
31 as a list of paths (normal path delimiting rules for your
32 system). These paths are merged. When a value is modified,
33 it is modified in the file that defines the stanza. When a
34 value is created, it is created in the first file that ex‐
35 ists. If no files in the chain exist, then it creates the
36 last file in the list.
37
38 3. Otherwise, ${HOME}/.kube/config is used and no merging
39 takes place.
40
41
42
43
45 --add-dir-header=false If true, adds the file directory to the
46 header of the log messages
47
48
49 --alsologtostderr=false log to standard error as well as files
50
51
52 --application-metrics-count-limit=100 Max number of application
53 metrics to store (per container)
54
55
56 --as="" Username to impersonate for the operation
57
58
59 --as-group=[] Group to impersonate for the operation, this flag
60 can be repeated to specify multiple groups.
61
62
63 --azure-container-registry-config="" Path to the file containing
64 Azure container registry configuration information.
65
66
67 --boot-id-file="/proc/sys/kernel/random/boot_id" Comma-separated
68 list of files to check for boot-id. Use the first one that exists.
69
70
71 --cache-dir="/builddir/.kube/cache" Default cache directory
72
73
74 --certificate-authority="" Path to a cert file for the certificate
75 authority
76
77
78 --client-certificate="" Path to a client certificate file for TLS
79
80
81 --client-key="" Path to a client key file for TLS
82
83
84 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
85 CIDRs opened in GCE firewall for L7 LB traffic proxy health
86 checks
87
88
89 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
90 CIDRs opened in GCE firewall for L4 LB traffic proxy health
91 checks
92
93
94 --cluster="" The name of the kubeconfig cluster to use
95
96
97 --container-hints="/etc/cadvisor/container_hints.json" location of
98 the container hints file
99
100
101 --containerd="/run/containerd/containerd.sock" containerd endpoint
102
103
104 --containerd-namespace="k8s.io" containerd namespace
105
106
107 --context="" The name of the kubeconfig context to use
108
109
110 --default-not-ready-toleration-seconds=300 Indicates the tolera‐
111 tionSeconds of the toleration for notReady:NoExecute that is added by
112 default to every pod that does not already have such a toleration.
113
114
115 --default-unreachable-toleration-seconds=300 Indicates the tolera‐
116 tionSeconds of the toleration for unreachable:NoExecute that is added
117 by default to every pod that does not already have such a toleration.
118
119
120 --disable-root-cgroup-stats=false Disable collecting root Cgroup
121 stats
122
123
124 --docker="unix:///var/run/docker.sock" docker endpoint
125
126
127 --docker-env-metadata-whitelist="" a comma-separated list of envi‐
128 ronment variable keys matched with specified prefix that needs to be
129 collected for docker containers
130
131
132 --docker-only=false Only report docker containers in addition to
133 root stats
134
135
136 --docker-root="/var/lib/docker" DEPRECATED: docker root is read
137 from docker info (this is a fallback, default: /var/lib/docker)
138
139
140 --docker-tls=false use TLS to connect to docker
141
142
143 --docker-tls-ca="ca.pem" path to trusted CA
144
145
146 --docker-tls-cert="cert.pem" path to client certificate
147
148
149 --docker-tls-key="key.pem" path to private key
150
151
152 --enable-load-reader=false Whether to enable cpu load reader
153
154
155 --event-storage-age-limit="default=0" Max length of time for which
156 to store events (per type). Value is a comma separated list of key val‐
157 ues, where the keys are event types (e.g.: creation, oom) or "default"
158 and the value is a duration. Default is applied to all non-specified
159 event types
160
161
162 --event-storage-event-limit="default=0" Max number of events to
163 store (per type). Value is a comma separated list of key values, where
164 the keys are event types (e.g.: creation, oom) or "default" and the
165 value is an integer. Default is applied to all non-specified event
166 types
167
168
169 --global-housekeeping-interval=1m0s Interval between global house‐
170 keepings
171
172
173 --housekeeping-interval=10s Interval between container housekeep‐
174 ings
175
176
177 --insecure-skip-tls-verify=false If true, the server's certificate
178 will not be checked for validity. This will make your HTTPS connections
179 insecure
180
181
182 --kubeconfig="" Path to the kubeconfig file to use for CLI re‐
183 quests.
184
185
186 --log-backtrace-at=:0 when logging hits line file:N, emit a stack
187 trace
188
189
190 --log-cadvisor-usage=false Whether to log the usage of the cAdvi‐
191 sor container
192
193
194 --log-dir="" If non-empty, write log files in this directory
195
196
197 --log-file="" If non-empty, use this log file
198
199
200 --log-file-max-size=1800 Defines the maximum size a log file can
201 grow to. Unit is megabytes. If the value is 0, the maximum file size is
202 unlimited.
203
204
205 --log-flush-frequency=5s Maximum number of seconds between log
206 flushes
207
208
209 --logtostderr=true log to standard error instead of files
210
211
212 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
213 Comma-separated list of files to check for machine-id. Use the
214 first one that exists.
215
216
217 --match-server-version=false Require server version to match
218 client version
219
220
221 -n, --namespace="" If present, the namespace scope for this CLI
222 request
223
224
225 --one-output=false If true, only write logs to their native sever‐
226 ity level (vs also writing to each lower severity level
227
228
229 --password="" Password for basic authentication to the API server
230
231
232 --profile="none" Name of profile to capture. One of
233 (none|cpu|heap|goroutine|threadcreate|block|mutex)
234
235
236 --profile-output="profile.pprof" Name of the file to write the
237 profile to
238
239
240 --referenced-reset-interval=0 Reset interval for referenced bytes
241 (container_referenced_bytes metric), number of measurement cycles after
242 which referenced bytes are cleared, if set to 0 referenced bytes are
243 never cleared (default: 0)
244
245
246 --request-timeout="0" The length of time to wait before giving up
247 on a single server request. Non-zero values should contain a corre‐
248 sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
249 out requests.
250
251
252 -s, --server="" The address and port of the Kubernetes API server
253
254
255 --skip-headers=false If true, avoid header prefixes in the log
256 messages
257
258
259 --skip-log-headers=false If true, avoid headers when opening log
260 files
261
262
263 --stderrthreshold=2 logs at or above this threshold go to stderr
264
265
266 --storage-driver-buffer-duration=1m0s Writes in the storage driver
267 will be buffered for this duration, and committed to the non memory
268 backends as a single transaction
269
270
271 --storage-driver-db="cadvisor" database name
272
273
274 --storage-driver-host="localhost:8086" database host:port
275
276
277 --storage-driver-password="root" database password
278
279
280 --storage-driver-secure=false use secure connection with database
281
282
283 --storage-driver-table="stats" table name
284
285
286 --storage-driver-user="root" database username
287
288
289 --tls-server-name="" Server name to use for server certificate
290 validation. If it is not provided, the hostname used to contact the
291 server is used
292
293
294 --token="" Bearer token for authentication to the API server
295
296
297 --update-machine-info-interval=5m0s Interval between machine info
298 updates.
299
300
301 --user="" The name of the kubeconfig user to use
302
303
304 --username="" Username for basic authentication to the API server
305
306
307 -v, --v=0 number for the log level verbosity
308
309
310 --version=false Print version information and quit
311
312
313 --vmodule= comma-separated list of pattern=N settings for
314 file-filtered logging
315
316
317 --warnings-as-errors=false Treat warnings received from the server
318 as errors and exit with a non-zero exit code
319
320
321
323 kubectl(1), kubectl-config-current-context(1), kubectl-con‐
324 fig-delete-cluster(1), kubectl-config-delete-context(1), kubectl-con‐
325 fig-delete-user(1), kubectl-config-get-clusters(1), kubectl-con‐
326 fig-get-contexts(1), kubectl-config-get-users(1), kubectl-config-re‐
327 name-context(1), kubectl-config-set(1), kubectl-config-set-cluster(1),
328 kubectl-config-set-context(1), kubectl-config-set-credentials(1),
329 kubectl-config-unset(1), kubectl-config-use-context(1), kubectl-con‐
330 fig-view(1),
331
332
333
335 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
336 com) based on the kubernetes source material, but hopefully they have
337 been automatically generated since!
338
339
340
341Manuals User KUBERNETES(1)(kubernetes)