1KUBERNETES(1)(kubernetes)                            KUBERNETES(1)(kubernetes)
2
3
4
5Eric Paris Jan 2015
6
7

NAME

9       kubectl config set - Sets an individual value in a kubeconfig file
10
11
12

SYNOPSIS

14       kubectl config set [OPTIONS]
15
16
17

DESCRIPTION

19       Sets an individual value in a kubeconfig file
20
21
22       PROPERTY_NAME  is  a dot delimited name where each token represents ei‐
23       ther an attribute name or a map key.  Map keys may not contain dots.
24
25
26       PROPERTY_VALUE is the new value you wish to set. Binary fields such  as
27       'certificate-authority-data'  expect a base64 encoded string unless the
28       --set-raw-bytes flag is used.
29
30
31       Specifying a attribute name that already exists will merge  new  fields
32       on top of existing values.
33
34
35

OPTIONS

37       --set-raw-bytes=false       When writing a []byte PROPERTY_VALUE, write
38       the given string directly without base64 decoding.
39
40
41

OPTIONS INHERITED FROM PARENT COMMANDS

43       --add-dir-header=false      If true, adds the  file  directory  to  the
44       header of the log messages
45
46
47       --alsologtostderr=false      log to standard error as well as files
48
49
50       --application-metrics-count-limit=100       Max  number  of application
51       metrics to store (per container)
52
53
54       --as=""      Username to impersonate for the operation
55
56
57       --as-group=[]      Group to impersonate for the  operation,  this  flag
58       can be repeated to specify multiple groups.
59
60
61       --azure-container-registry-config=""       Path  to the file containing
62       Azure container registry configuration information.
63
64
65       --boot-id-file="/proc/sys/kernel/random/boot_id"        Comma-separated
66       list of files to check for boot-id. Use the first one that exists.
67
68
69       --cache-dir="/builddir/.kube/cache"      Default cache directory
70
71
72       --certificate-authority=""      Path to a cert file for the certificate
73       authority
74
75
76       --client-certificate=""      Path to a client certificate file for TLS
77
78
79       --client-key=""      Path to a client key file for TLS
80
81
82       --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
83            CIDRs  opened  in  GCE  firewall  for  L7 LB traffic proxy  health
84       checks
85
86
87       --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
88            CIDRs  opened  in  GCE  firewall  for  L4 LB traffic proxy  health
89       checks
90
91
92       --cluster=""      The name of the kubeconfig cluster to use
93
94
95       --container-hints="/etc/cadvisor/container_hints.json"      location of
96       the container hints file
97
98
99       --containerd="/run/containerd/containerd.sock"      containerd endpoint
100
101
102       --containerd-namespace="k8s.io"      containerd namespace
103
104
105       --context=""      The name of the kubeconfig context to use
106
107
108       --default-not-ready-toleration-seconds=300       Indicates  the tolera‐
109       tionSeconds of the toleration for notReady:NoExecute that is  added  by
110       default to every pod that does not already have such a toleration.
111
112
113       --default-unreachable-toleration-seconds=300      Indicates the tolera‐
114       tionSeconds of the toleration for unreachable:NoExecute that  is  added
115       by default to every pod that does not already have such a toleration.
116
117
118       --disable-root-cgroup-stats=false       Disable  collecting root Cgroup
119       stats
120
121
122       --docker="unix:///var/run/docker.sock"      docker endpoint
123
124
125       --docker-env-metadata-whitelist=""      a comma-separated list of envi‐
126       ronment  variable  keys  matched with specified prefix that needs to be
127       collected for docker containers
128
129
130       --docker-only=false      Only report docker containers in  addition  to
131       root stats
132
133
134       --docker-root="/var/lib/docker"       DEPRECATED:  docker  root is read
135       from docker info (this is a fallback, default: /var/lib/docker)
136
137
138       --docker-tls=false      use TLS to connect to docker
139
140
141       --docker-tls-ca="ca.pem"      path to trusted CA
142
143
144       --docker-tls-cert="cert.pem"      path to client certificate
145
146
147       --docker-tls-key="key.pem"      path to private key
148
149
150       --enable-load-reader=false      Whether to enable cpu load reader
151
152
153       --event-storage-age-limit="default=0"      Max length of time for which
154       to store events (per type). Value is a comma separated list of key val‐
155       ues, where the keys are event types (e.g.: creation, oom) or  "default"
156       and  the  value  is a duration. Default is applied to all non-specified
157       event types
158
159
160       --event-storage-event-limit="default=0"      Max number  of  events  to
161       store  (per type). Value is a comma separated list of key values, where
162       the keys are event types (e.g.: creation, oom)  or  "default"  and  the
163       value  is  an  integer.  Default  is applied to all non-specified event
164       types
165
166
167       --global-housekeeping-interval=1m0s      Interval between global house‐
168       keepings
169
170
171       --housekeeping-interval=10s       Interval between container housekeep‐
172       ings
173
174
175       --insecure-skip-tls-verify=false      If true, the server's certificate
176       will not be checked for validity. This will make your HTTPS connections
177       insecure
178
179
180       --kubeconfig=""      use a particular kubeconfig file
181
182
183       --log-backtrace-at=:0      when logging hits line file:N, emit a  stack
184       trace
185
186
187       --log-cadvisor-usage=false       Whether to log the usage of the cAdvi‐
188       sor container
189
190
191       --log-dir=""      If non-empty, write log files in this directory
192
193
194       --log-file=""      If non-empty, use this log file
195
196
197       --log-file-max-size=1800      Defines the maximum size a log  file  can
198       grow to. Unit is megabytes. If the value is 0, the maximum file size is
199       unlimited.
200
201
202       --log-flush-frequency=5s      Maximum number  of  seconds  between  log
203       flushes
204
205
206       --logtostderr=true      log to standard error instead of files
207
208
209       --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
210            Comma-separated list of files to check  for  machine-id.  Use  the
211       first one that exists.
212
213
214       --match-server-version=false        Require  server  version  to  match
215       client version
216
217
218       -n, --namespace=""      If present, the namespace scope  for  this  CLI
219       request
220
221
222       --one-output=false      If true, only write logs to their native sever‐
223       ity level (vs also writing to each lower severity level
224
225
226       --password=""      Password for basic authentication to the API server
227
228
229       --profile="none"        Name   of   profile   to   capture.   One    of
230       (none|cpu|heap|goroutine|threadcreate|block|mutex)
231
232
233       --profile-output="profile.pprof"       Name  of  the  file to write the
234       profile to
235
236
237       --referenced-reset-interval=0      Reset interval for referenced  bytes
238       (container_referenced_bytes metric), number of measurement cycles after
239       which referenced bytes are cleared, if set to 0  referenced  bytes  are
240       never cleared (default: 0)
241
242
243       --request-timeout="0"       The length of time to wait before giving up
244       on a single server request. Non-zero values  should  contain  a  corre‐
245       sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
246       out requests.
247
248
249       -s, --server=""      The address and port of the Kubernetes API server
250
251
252       --skip-headers=false      If true, avoid header  prefixes  in  the  log
253       messages
254
255
256       --skip-log-headers=false       If  true, avoid headers when opening log
257       files
258
259
260       --stderrthreshold=2      logs at or above this threshold go to stderr
261
262
263       --storage-driver-buffer-duration=1m0s      Writes in the storage driver
264       will  be  buffered  for  this duration, and committed to the non memory
265       backends as a single transaction
266
267
268       --storage-driver-db="cadvisor"      database name
269
270
271       --storage-driver-host="localhost:8086"      database host:port
272
273
274       --storage-driver-password="root"      database password
275
276
277       --storage-driver-secure=false      use secure connection with database
278
279
280       --storage-driver-table="stats"      table name
281
282
283       --storage-driver-user="root"      database username
284
285
286       --tls-server-name=""      Server name to  use  for  server  certificate
287       validation.  If  it  is  not provided, the hostname used to contact the
288       server is used
289
290
291       --token=""      Bearer token for authentication to the API server
292
293
294       --update-machine-info-interval=5m0s      Interval between machine  info
295       updates.
296
297
298       --user=""      The name of the kubeconfig user to use
299
300
301       --username=""      Username for basic authentication to the API server
302
303
304       -v, --v=0      number for the log level verbosity
305
306
307       --version=false      Print version information and quit
308
309
310       --vmodule=        comma-separated   list   of  pattern=N  settings  for
311       file-filtered logging
312
313
314       --warnings-as-errors=false      Treat warnings received from the server
315       as errors and exit with a non-zero exit code
316
317
318

EXAMPLE

320                # Set server field on the my-cluster cluster to https://1.2.3.4
321                kubectl config set clusters.my-cluster.server https://1.2.3.4
322
323                # Set certificate-authority-data field on the my-cluster cluster.
324                kubectl config set clusters.my-cluster.certificate-authority-data $(echo "cert_data_here" | base64 -i -)
325
326                # Set cluster field in the my-context context to my-cluster.
327                kubectl config set contexts.my-context.cluster my-cluster
328
329                # Set client-key-data field in the cluster-admin user using --set-raw-bytes option.
330                kubectl config set users.cluster-admin.client-key-data cert_data_here --set-raw-bytes=true
331
332
333
334

SEE ALSO

336       kubectl-config(1),
337
338
339

HISTORY

341       January  2015,  Originally compiled by Eric Paris (eparis at redhat dot
342       com) based on the kubernetes source material, but hopefully  they  have
343       been automatically generated since!
344
345
346
347Manuals                              User            KUBERNETES(1)(kubernetes)
Impressum