1KUBERNETES(1)(kubernetes)                            KUBERNETES(1)(kubernetes)
2
3
4
5Eric Paris Jan 2015
6
7

NAME

9       kubectl create serviceaccount - Create a service account with the spec‐
10       ified name
11
12
13

SYNOPSIS

15       kubectl create serviceaccount [OPTIONS]
16
17
18

DESCRIPTION

20       Create a service account with the specified name.
21
22
23

OPTIONS

25       --allow-missing-template-keys=true      If true, ignore any  errors  in
26       templates  when a field or map key is missing in the template. Only ap‐
27       plies to golang and jsonpath output formats.
28
29
30       --dry-run="none"      Must be "none", "server", or "client". If  client
31       strategy, only print the object that would be sent, without sending it.
32       If server strategy, submit server-side request without  persisting  the
33       resource.
34
35
36       --field-manager="kubectl-create"      Name of the manager used to track
37       field ownership.
38
39
40       -o, --output=""       Output  format.  One  of:  json|yaml|name|go-tem‐
41       plate|go-template-file|template|templatefile|jsonpath|json‐
42       path-as-json|jsonpath-file.
43
44
45       --save-config=false      If true, the configuration of  current  object
46       will  be saved in its annotation. Otherwise, the annotation will be un‐
47       changed. This flag is useful when you want to perform kubectl apply  on
48       this object in the future.
49
50
51       --show-managed-fields=false       If  true, keep the managedFields when
52       printing objects in JSON or YAML format.
53
54
55       --template=""      Template string or path to template file to use when
56       -o=go-template, -o=go-template-file. The template format is golang tem‐
57       plates [http://golang.org/pkg/text/template/#pkg-overview].
58
59
60       --validate=true      If true, use a schema to validate the input before
61       sending it
62
63
64

OPTIONS INHERITED FROM PARENT COMMANDS

66       --add-dir-header=false       If  true,  adds  the file directory to the
67       header of the log messages
68
69
70       --alsologtostderr=false      log to standard error as well as files
71
72
73       --application-metrics-count-limit=100      Max  number  of  application
74       metrics to store (per container)
75
76
77       --as=""      Username to impersonate for the operation
78
79
80       --as-group=[]       Group  to  impersonate for the operation, this flag
81       can be repeated to specify multiple groups.
82
83
84       --azure-container-registry-config=""      Path to the  file  containing
85       Azure container registry configuration information.
86
87
88       --boot-id-file="/proc/sys/kernel/random/boot_id"        Comma-separated
89       list of files to check for boot-id. Use the first one that exists.
90
91
92       --cache-dir="/builddir/.kube/cache"      Default cache directory
93
94
95       --certificate-authority=""      Path to a cert file for the certificate
96       authority
97
98
99       --client-certificate=""      Path to a client certificate file for TLS
100
101
102       --client-key=""      Path to a client key file for TLS
103
104
105       --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
106            CIDRs opened in GCE firewall for  L7  LB  traffic  proxy    health
107       checks
108
109
110       --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
111            CIDRs opened in GCE firewall for  L4  LB  traffic  proxy    health
112       checks
113
114
115       --cluster=""      The name of the kubeconfig cluster to use
116
117
118       --container-hints="/etc/cadvisor/container_hints.json"      location of
119       the container hints file
120
121
122       --containerd="/run/containerd/containerd.sock"      containerd endpoint
123
124
125       --containerd-namespace="k8s.io"      containerd namespace
126
127
128       --context=""      The name of the kubeconfig context to use
129
130
131       --default-not-ready-toleration-seconds=300      Indicates  the  tolera‐
132       tionSeconds  of  the toleration for notReady:NoExecute that is added by
133       default to every pod that does not already have such a toleration.
134
135
136       --default-unreachable-toleration-seconds=300      Indicates the tolera‐
137       tionSeconds  of  the toleration for unreachable:NoExecute that is added
138       by default to every pod that does not already have such a toleration.
139
140
141       --disable-root-cgroup-stats=false      Disable collecting  root  Cgroup
142       stats
143
144
145       --docker="unix:///var/run/docker.sock"      docker endpoint
146
147
148       --docker-env-metadata-whitelist=""      a comma-separated list of envi‐
149       ronment variable keys matched with specified prefix that  needs  to  be
150       collected for docker containers
151
152
153       --docker-only=false       Only  report docker containers in addition to
154       root stats
155
156
157       --docker-root="/var/lib/docker"      DEPRECATED: docker  root  is  read
158       from docker info (this is a fallback, default: /var/lib/docker)
159
160
161       --docker-tls=false      use TLS to connect to docker
162
163
164       --docker-tls-ca="ca.pem"      path to trusted CA
165
166
167       --docker-tls-cert="cert.pem"      path to client certificate
168
169
170       --docker-tls-key="key.pem"      path to private key
171
172
173       --enable-load-reader=false      Whether to enable cpu load reader
174
175
176       --event-storage-age-limit="default=0"      Max length of time for which
177       to store events (per type). Value is a comma separated list of key val‐
178       ues,  where the keys are event types (e.g.: creation, oom) or "default"
179       and the value is a duration. Default is applied  to  all  non-specified
180       event types
181
182
183       --event-storage-event-limit="default=0"       Max  number  of events to
184       store (per type). Value is a comma separated list of key values,  where
185       the  keys  are  event  types (e.g.: creation, oom) or "default" and the
186       value is an integer. Default is  applied  to  all  non-specified  event
187       types
188
189
190       --global-housekeeping-interval=1m0s      Interval between global house‐
191       keepings
192
193
194       --housekeeping-interval=10s      Interval between container  housekeep‐
195       ings
196
197
198       --insecure-skip-tls-verify=false      If true, the server's certificate
199       will not be checked for validity. This will make your HTTPS connections
200       insecure
201
202
203       --kubeconfig=""       Path  to  the  kubeconfig file to use for CLI re‐
204       quests.
205
206
207       --log-backtrace-at=:0      when logging hits line file:N, emit a  stack
208       trace
209
210
211       --log-cadvisor-usage=false       Whether to log the usage of the cAdvi‐
212       sor container
213
214
215       --log-dir=""      If non-empty, write log files in this directory
216
217
218       --log-file=""      If non-empty, use this log file
219
220
221       --log-file-max-size=1800      Defines the maximum size a log  file  can
222       grow to. Unit is megabytes. If the value is 0, the maximum file size is
223       unlimited.
224
225
226       --log-flush-frequency=5s      Maximum number  of  seconds  between  log
227       flushes
228
229
230       --logtostderr=true      log to standard error instead of files
231
232
233       --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
234            Comma-separated list of files to check  for  machine-id.  Use  the
235       first one that exists.
236
237
238       --match-server-version=false        Require  server  version  to  match
239       client version
240
241
242       -n, --namespace=""      If present, the namespace scope  for  this  CLI
243       request
244
245
246       --one-output=false      If true, only write logs to their native sever‐
247       ity level (vs also writing to each lower severity level)
248
249
250       --password=""      Password for basic authentication to the API server
251
252
253       --profile="none"        Name   of   profile   to   capture.   One    of
254       (none|cpu|heap|goroutine|threadcreate|block|mutex)
255
256
257       --profile-output="profile.pprof"       Name  of  the  file to write the
258       profile to
259
260
261       --referenced-reset-interval=0      Reset interval for referenced  bytes
262       (container_referenced_bytes metric), number of measurement cycles after
263       which referenced bytes are cleared, if set to 0  referenced  bytes  are
264       never cleared (default: 0)
265
266
267       --request-timeout="0"       The length of time to wait before giving up
268       on a single server request. Non-zero values  should  contain  a  corre‐
269       sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
270       out requests.
271
272
273       -s, --server=""      The address and port of the Kubernetes API server
274
275
276       --skip-headers=false      If true, avoid header  prefixes  in  the  log
277       messages
278
279
280       --skip-log-headers=false       If  true, avoid headers when opening log
281       files
282
283
284       --stderrthreshold=2      logs at or above this threshold go to stderr
285
286
287       --storage-driver-buffer-duration=1m0s      Writes in the storage driver
288       will  be  buffered  for  this duration, and committed to the non memory
289       backends as a single transaction
290
291
292       --storage-driver-db="cadvisor"      database name
293
294
295       --storage-driver-host="localhost:8086"      database host:port
296
297
298       --storage-driver-password="root"      database password
299
300
301       --storage-driver-secure=false      use secure connection with database
302
303
304       --storage-driver-table="stats"      table name
305
306
307       --storage-driver-user="root"      database username
308
309
310       --tls-server-name=""      Server name to  use  for  server  certificate
311       validation.  If  it  is  not provided, the hostname used to contact the
312       server is used
313
314
315       --token=""      Bearer token for authentication to the API server
316
317
318       --update-machine-info-interval=5m0s      Interval between machine  info
319       updates.
320
321
322       --user=""      The name of the kubeconfig user to use
323
324
325       --username=""      Username for basic authentication to the API server
326
327
328       -v, --v=0      number for the log level verbosity
329
330
331       --version=false      Print version information and quit
332
333
334       --vmodule=        comma-separated   list   of  pattern=N  settings  for
335       file-filtered logging
336
337
338       --warnings-as-errors=false      Treat warnings received from the server
339       as errors and exit with a non-zero exit code
340
341
342

EXAMPLE

344                # Create a new service account named my-service-account
345                kubectl create serviceaccount my-service-account
346
347
348
349

SEE ALSO

351       kubectl-create(1),
352
353
354

HISTORY

356       January  2015,  Originally compiled by Eric Paris (eparis at redhat dot
357       com) based on the kubernetes source material, but hopefully  they  have
358       been automatically generated since!
359
360
361
362Manuals                              User            KUBERNETES(1)(kubernetes)
Impressum