1KUBERNETES(1)(kubernetes) KUBERNETES(1)(kubernetes)
2Eric Paris Jan 2015
6
9 kubectl config set - Sets an individual value in a kubeconfig file
10
14 kubectl config set [OPTIONS]
15
19 Sets an individual value in a kubeconfig file
20 PROPERTY_NAME is a dot delimited name where each token represents ei‐
23 ther an attribute name or a map key. Map keys may not contain dots.
24 PROPERTY_VALUE is the new value you wish to set. Binary fields such as
27 'certificate-authority-data' expect a base64 encoded string unless the
28 --set-raw-bytes flag is used.
29 Specifying a attribute name that already exists will merge new fields
32 on top of existing values.
33
37 --set-raw-bytes=false When writing a []byte PROPERTY_VALUE, write
38 the given string directly without base64 decoding.
39
43 --add-dir-header=false If true, adds the file directory to the
44 header of the log messages
45 --alsologtostderr=false log to standard error as well as files
48 --application-metrics-count-limit=100 Max number of application
51 metrics to store (per container)
52 --as="" Username to impersonate for the operation
55 --as-group=[] Group to impersonate for the operation, this flag
58 can be repeated to specify multiple groups.
59 --azure-container-registry-config="" Path to the file containing
62 Azure container registry configuration information.
63 --boot-id-file="/proc/sys/kernel/random/boot_id" Comma-separated
66 list of files to check for boot-id. Use the first one that exists.
67 --cache-dir="/builddir/.kube/cache" Default cache directory
70 --certificate-authority="" Path to a cert file for the certificate
73 authority
74 --client-certificate="" Path to a client certificate file for TLS
77 --client-key="" Path to a client key file for TLS
80 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
83 CIDRs opened in GCE firewall for L7 LB traffic proxy health
84 checks
85 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
88 CIDRs opened in GCE firewall for L4 LB traffic proxy health
89 checks
90 --cluster="" The name of the kubeconfig cluster to use
93 --container-hints="/etc/cadvisor/container_hints.json" location of
96 the container hints file
97 --containerd="/run/containerd/containerd.sock" containerd endpoint
100 --containerd-namespace="k8s.io" containerd namespace
103 --context="" The name of the kubeconfig context to use
106 --default-not-ready-toleration-seconds=300 Indicates the tolera‐
109 tionSeconds of the toleration for notReady:NoExecute that is added by
110 default to every pod that does not already have such a toleration.
111 --default-unreachable-toleration-seconds=300 Indicates the tolera‐
114 tionSeconds of the toleration for unreachable:NoExecute that is added
115 by default to every pod that does not already have such a toleration.
116 --disable-root-cgroup-stats=false Disable collecting root Cgroup
119 stats
120 --docker="unix:///var/run/docker.sock" docker endpoint
123 --docker-env-metadata-whitelist="" a comma-separated list of envi‐
126 ronment variable keys matched with specified prefix that needs to be
127 collected for docker containers
128 --docker-only=false Only report docker containers in addition to
131 root stats
132 --docker-root="/var/lib/docker" DEPRECATED: docker root is read
135 from docker info (this is a fallback, default: /var/lib/docker)
136 --docker-tls=false use TLS to connect to docker
139 --docker-tls-ca="ca.pem" path to trusted CA
142 --docker-tls-cert="cert.pem" path to client certificate
145 --docker-tls-key="key.pem" path to private key
148 --enable-load-reader=false Whether to enable cpu load reader
151 --event-storage-age-limit="default=0" Max length of time for which
154 to store events (per type). Value is a comma separated list of key val‐
155 ues, where the keys are event types (e.g.: creation, oom) or "default"
156 and the value is a duration. Default is applied to all non-specified
157 event types
158 --event-storage-event-limit="default=0" Max number of events to
161 store (per type). Value is a comma separated list of key values, where
162 the keys are event types (e.g.: creation, oom) or "default" and the
163 value is an integer. Default is applied to all non-specified event
164 types
165 --global-housekeeping-interval=1m0s Interval between global house‐
168 keepings
169 --housekeeping-interval=10s Interval between container housekeep‐
172 ings
173 --insecure-skip-tls-verify=false If true, the server's certificate
176 will not be checked for validity. This will make your HTTPS connections
177 insecure
178 --kubeconfig="" use a particular kubeconfig file
181 --log-backtrace-at=:0 when logging hits line file:N, emit a stack
184 trace
185 --log-cadvisor-usage=false Whether to log the usage of the cAdvi‐
188 sor container
189 --log-dir="" If non-empty, write log files in this directory
192 --log-file="" If non-empty, use this log file
195 --log-file-max-size=1800 Defines the maximum size a log file can
198 grow to. Unit is megabytes. If the value is 0, the maximum file size is
199 unlimited.
200 --log-flush-frequency=5s Maximum number of seconds between log
203 flushes
204 --logtostderr=true log to standard error instead of files
207 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
210 Comma-separated list of files to check for machine-id. Use the
211 first one that exists.
212 --match-server-version=false Require server version to match
215 client version
216 -n, --namespace="" If present, the namespace scope for this CLI
219 request
220 --one-output=false If true, only write logs to their native sever‐
223 ity level (vs also writing to each lower severity level)
224 --password="" Password for basic authentication to the API server
227 --profile="none" Name of profile to capture. One of
230 (none|cpu|heap|goroutine|threadcreate|block|mutex)
231 --profile-output="profile.pprof" Name of the file to write the
234 profile to
235 --referenced-reset-interval=0 Reset interval for referenced bytes
238 (container_referenced_bytes metric), number of measurement cycles after
239 which referenced bytes are cleared, if set to 0 referenced bytes are
240 never cleared (default: 0)
241 --request-timeout="0" The length of time to wait before giving up
244 on a single server request. Non-zero values should contain a corre‐
245 sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
246 out requests.
247 -s, --server="" The address and port of the Kubernetes API server
250 --skip-headers=false If true, avoid header prefixes in the log
253 messages
254 --skip-log-headers=false If true, avoid headers when opening log
257 files
258 --stderrthreshold=2 logs at or above this threshold go to stderr
261 --storage-driver-buffer-duration=1m0s Writes in the storage driver
264 will be buffered for this duration, and committed to the non memory
265 backends as a single transaction
266 --storage-driver-db="cadvisor" database name
269 --storage-driver-host="localhost:8086" database host:port
272 --storage-driver-password="root" database password
275 --storage-driver-secure=false use secure connection with database
278 --storage-driver-table="stats" table name
281 --storage-driver-user="root" database username
284 --tls-server-name="" Server name to use for server certificate
287 validation. If it is not provided, the hostname used to contact the
288 server is used
289 --token="" Bearer token for authentication to the API server
292 --update-machine-info-interval=5m0s Interval between machine info
295 updates.
296 --user="" The name of the kubeconfig user to use
299 --username="" Username for basic authentication to the API server
302 -v, --v=0 number for the log level verbosity
305 --version=false Print version information and quit
308 --vmodule= comma-separated list of pattern=N settings for
311 file-filtered logging
312 --warnings-as-errors=false Treat warnings received from the server
315 as errors and exit with a non-zero exit code
316
320 # Set server field on the my-cluster cluster to https://1.2.3.4
321 kubectl config set clusters.my-cluster.server https://1.2.3.4
322 # Set certificate-authority-data field on the my-cluster cluster.
324 kubectl config set clusters.my-cluster.certificate-authority-data $(echo "cert_data_here" | base64 -i -)
325 # Set cluster field in the my-context context to my-cluster.
327 kubectl config set contexts.my-context.cluster my-cluster
328 # Set client-key-data field in the cluster-admin user using --set-raw-bytes option.
330 kubectl config set users.cluster-admin.client-key-data cert_data_here --set-raw-bytes=true
331
336 kubectl-config(1),
337
341 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
342 com) based on the kubernetes source material, but hopefully they have
343 been automatically generated since!
344Manuals User KUBERNETES(1)(kubernetes)