1KUBERNETES(1)(kubernetes) KUBERNETES(1)(kubernetes)
2
3
4
5Eric Paris Jan 2015
6
7
9 kubectl config set - Sets an individual value in a kubeconfig file
10
11
12
14 kubectl config set [OPTIONS]
15
16
17
19 Sets an individual value in a kubeconfig file
20
21
22 PROPERTY_NAME is a dot delimited name where each token represents ei‐
23 ther an attribute name or a map key. Map keys may not contain dots.
24
25
26 PROPERTY_VALUE is the new value you wish to set. Binary fields such as
27 'certificate-authority-data' expect a base64 encoded string unless the
28 --set-raw-bytes flag is used.
29
30
31 Specifying a attribute name that already exists will merge new fields
32 on top of existing values.
33
34
35
37 --set-raw-bytes=false When writing a []byte PROPERTY_VALUE, write
38 the given string directly without base64 decoding.
39
40
41
43 --add-dir-header=false If true, adds the file directory to the
44 header of the log messages
45
46
47 --alsologtostderr=false log to standard error as well as files
48
49
50 --application-metrics-count-limit=100 Max number of application
51 metrics to store (per container)
52
53
54 --as="" Username to impersonate for the operation
55
56
57 --as-group=[] Group to impersonate for the operation, this flag
58 can be repeated to specify multiple groups.
59
60
61 --azure-container-registry-config="" Path to the file containing
62 Azure container registry configuration information.
63
64
65 --boot-id-file="/proc/sys/kernel/random/boot_id" Comma-separated
66 list of files to check for boot-id. Use the first one that exists.
67
68
69 --cache-dir="/builddir/.kube/cache" Default cache directory
70
71
72 --certificate-authority="" Path to a cert file for the certificate
73 authority
74
75
76 --client-certificate="" Path to a client certificate file for TLS
77
78
79 --client-key="" Path to a client key file for TLS
80
81
82 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
83 CIDRs opened in GCE firewall for L7 LB traffic proxy health
84 checks
85
86
87 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
88 CIDRs opened in GCE firewall for L4 LB traffic proxy health
89 checks
90
91
92 --cluster="" The name of the kubeconfig cluster to use
93
94
95 --container-hints="/etc/cadvisor/container_hints.json" location of
96 the container hints file
97
98
99 --containerd="/run/containerd/containerd.sock" containerd endpoint
100
101
102 --containerd-namespace="k8s.io" containerd namespace
103
104
105 --context="" The name of the kubeconfig context to use
106
107
108 --default-not-ready-toleration-seconds=300 Indicates the tolera‐
109 tionSeconds of the toleration for notReady:NoExecute that is added by
110 default to every pod that does not already have such a toleration.
111
112
113 --default-unreachable-toleration-seconds=300 Indicates the tolera‐
114 tionSeconds of the toleration for unreachable:NoExecute that is added
115 by default to every pod that does not already have such a toleration.
116
117
118 --disable-root-cgroup-stats=false Disable collecting root Cgroup
119 stats
120
121
122 --docker="unix:///var/run/docker.sock" docker endpoint
123
124
125 --docker-env-metadata-whitelist="" a comma-separated list of envi‐
126 ronment variable keys matched with specified prefix that needs to be
127 collected for docker containers
128
129
130 --docker-only=false Only report docker containers in addition to
131 root stats
132
133
134 --docker-root="/var/lib/docker" DEPRECATED: docker root is read
135 from docker info (this is a fallback, default: /var/lib/docker)
136
137
138 --docker-tls=false use TLS to connect to docker
139
140
141 --docker-tls-ca="ca.pem" path to trusted CA
142
143
144 --docker-tls-cert="cert.pem" path to client certificate
145
146
147 --docker-tls-key="key.pem" path to private key
148
149
150 --enable-load-reader=false Whether to enable cpu load reader
151
152
153 --event-storage-age-limit="default=0" Max length of time for which
154 to store events (per type). Value is a comma separated list of key val‐
155 ues, where the keys are event types (e.g.: creation, oom) or "default"
156 and the value is a duration. Default is applied to all non-specified
157 event types
158
159
160 --event-storage-event-limit="default=0" Max number of events to
161 store (per type). Value is a comma separated list of key values, where
162 the keys are event types (e.g.: creation, oom) or "default" and the
163 value is an integer. Default is applied to all non-specified event
164 types
165
166
167 --global-housekeeping-interval=1m0s Interval between global house‐
168 keepings
169
170
171 --housekeeping-interval=10s Interval between container housekeep‐
172 ings
173
174
175 --insecure-skip-tls-verify=false If true, the server's certificate
176 will not be checked for validity. This will make your HTTPS connections
177 insecure
178
179
180 --kubeconfig="" use a particular kubeconfig file
181
182
183 --log-backtrace-at=:0 when logging hits line file:N, emit a stack
184 trace
185
186
187 --log-cadvisor-usage=false Whether to log the usage of the cAdvi‐
188 sor container
189
190
191 --log-dir="" If non-empty, write log files in this directory
192
193
194 --log-file="" If non-empty, use this log file
195
196
197 --log-file-max-size=1800 Defines the maximum size a log file can
198 grow to. Unit is megabytes. If the value is 0, the maximum file size is
199 unlimited.
200
201
202 --log-flush-frequency=5s Maximum number of seconds between log
203 flushes
204
205
206 --logtostderr=true log to standard error instead of files
207
208
209 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
210 Comma-separated list of files to check for machine-id. Use the
211 first one that exists.
212
213
214 --match-server-version=false Require server version to match
215 client version
216
217
218 -n, --namespace="" If present, the namespace scope for this CLI
219 request
220
221
222 --one-output=false If true, only write logs to their native sever‐
223 ity level (vs also writing to each lower severity level
224
225
226 --password="" Password for basic authentication to the API server
227
228
229 --profile="none" Name of profile to capture. One of
230 (none|cpu|heap|goroutine|threadcreate|block|mutex)
231
232
233 --profile-output="profile.pprof" Name of the file to write the
234 profile to
235
236
237 --referenced-reset-interval=0 Reset interval for referenced bytes
238 (container_referenced_bytes metric), number of measurement cycles after
239 which referenced bytes are cleared, if set to 0 referenced bytes are
240 never cleared (default: 0)
241
242
243 --request-timeout="0" The length of time to wait before giving up
244 on a single server request. Non-zero values should contain a corre‐
245 sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
246 out requests.
247
248
249 -s, --server="" The address and port of the Kubernetes API server
250
251
252 --skip-headers=false If true, avoid header prefixes in the log
253 messages
254
255
256 --skip-log-headers=false If true, avoid headers when opening log
257 files
258
259
260 --stderrthreshold=2 logs at or above this threshold go to stderr
261
262
263 --storage-driver-buffer-duration=1m0s Writes in the storage driver
264 will be buffered for this duration, and committed to the non memory
265 backends as a single transaction
266
267
268 --storage-driver-db="cadvisor" database name
269
270
271 --storage-driver-host="localhost:8086" database host:port
272
273
274 --storage-driver-password="root" database password
275
276
277 --storage-driver-secure=false use secure connection with database
278
279
280 --storage-driver-table="stats" table name
281
282
283 --storage-driver-user="root" database username
284
285
286 --tls-server-name="" Server name to use for server certificate
287 validation. If it is not provided, the hostname used to contact the
288 server is used
289
290
291 --token="" Bearer token for authentication to the API server
292
293
294 --update-machine-info-interval=5m0s Interval between machine info
295 updates.
296
297
298 --user="" The name of the kubeconfig user to use
299
300
301 --username="" Username for basic authentication to the API server
302
303
304 -v, --v=0 number for the log level verbosity
305
306
307 --version=false Print version information and quit
308
309
310 --vmodule= comma-separated list of pattern=N settings for
311 file-filtered logging
312
313
314 --warnings-as-errors=false Treat warnings received from the server
315 as errors and exit with a non-zero exit code
316
317
318
320 # Set server field on the my-cluster cluster to https://1.2.3.4
321 kubectl config set clusters.my-cluster.server https://1.2.3.4
322
323 # Set certificate-authority-data field on the my-cluster cluster.
324 kubectl config set clusters.my-cluster.certificate-authority-data $(echo "cert_data_here" | base64 -i -)
325
326 # Set cluster field in the my-context context to my-cluster.
327 kubectl config set contexts.my-context.cluster my-cluster
328
329 # Set client-key-data field in the cluster-admin user using --set-raw-bytes option.
330 kubectl config set users.cluster-admin.client-key-data cert_data_here --set-raw-bytes=true
331
332
333
334
336 kubectl-config(1),
337
338
339
341 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
342 com) based on the kubernetes source material, but hopefully they have
343 been automatically generated since!
344
345
346
347Manuals User KUBERNETES(1)(kubernetes)