1KUBERNETES(1)(kubernetes) KUBERNETES(1)(kubernetes)
2Eric Paris Jan 2015
6
9 kubectl diff - Diff live version against would-be applied version
10
14 kubectl diff [OPTIONS]
15
19 Diff configurations specified by filename or stdin between the current
20 online configuration, and the configuration as it would be if applied.
21 Output is always YAML.
24 KUBECTL_EXTERNAL_DIFF environment variable can be used to select your
27 own diff command. Users can use external commands with params too, ex‐
28 ample: KUBECTL_EXTERNAL_DIFF="colordiff -N -u"
29 By default, the "diff" command available in your path will be run with
32 "-u" (unified diff) and "-N" (treat absent files as empty) options.
33 Exit status: 0 No differences were found. 1 Differences were found. >1
36 Kubectl or diff failed with an error.
37 Note: KUBECTL_EXTERNAL_DIFF, if used, is expected to follow that con‐
40 vention.
41
45 --field-manager="kubectl-client-side-apply" Name of the manager
46 used to track field ownership.
47 -f, --filename=[] Filename, directory, or URL to files contains
50 the configuration to diff
51 --force-conflicts=false If true, server-side apply will force the
54 changes against conflicts.
55 -k, --kustomize="" Process the kustomization directory. This flag
58 can't be used together with -f or -R.
59 -R, --recursive=false Process the directory used in -f, --filename
62 recursively. Useful when you want to manage related manifests organized
63 within the same directory.
64 -l, --selector="" Selector (label query) to filter on, supports
67 '=', '==', and '!='.(e.g. -l key1=value1,key2=value2)
68 --server-side=false If true, apply runs in the server instead of
71 the client.
72
76 --add-dir-header=false If true, adds the file directory to the
77 header of the log messages
78 --alsologtostderr=false log to standard error as well as files
81 --application-metrics-count-limit=100 Max number of application
84 metrics to store (per container)
85 --as="" Username to impersonate for the operation
88 --as-group=[] Group to impersonate for the operation, this flag
91 can be repeated to specify multiple groups.
92 --azure-container-registry-config="" Path to the file containing
95 Azure container registry configuration information.
96 --boot-id-file="/proc/sys/kernel/random/boot_id" Comma-separated
99 list of files to check for boot-id. Use the first one that exists.
100 --cache-dir="/builddir/.kube/cache" Default cache directory
103 --certificate-authority="" Path to a cert file for the certificate
106 authority
107 --client-certificate="" Path to a client certificate file for TLS
110 --client-key="" Path to a client key file for TLS
113 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
116 CIDRs opened in GCE firewall for L7 LB traffic proxy health
117 checks
118 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
121 CIDRs opened in GCE firewall for L4 LB traffic proxy health
122 checks
123 --cluster="" The name of the kubeconfig cluster to use
126 --container-hints="/etc/cadvisor/container_hints.json" location of
129 the container hints file
130 --containerd="/run/containerd/containerd.sock" containerd endpoint
133 --containerd-namespace="k8s.io" containerd namespace
136 --context="" The name of the kubeconfig context to use
139 --default-not-ready-toleration-seconds=300 Indicates the tolera‐
142 tionSeconds of the toleration for notReady:NoExecute that is added by
143 default to every pod that does not already have such a toleration.
144 --default-unreachable-toleration-seconds=300 Indicates the tolera‐
147 tionSeconds of the toleration for unreachable:NoExecute that is added
148 by default to every pod that does not already have such a toleration.
149 --disable-root-cgroup-stats=false Disable collecting root Cgroup
152 stats
153 --docker="unix:///var/run/docker.sock" docker endpoint
156 --docker-env-metadata-whitelist="" a comma-separated list of envi‐
159 ronment variable keys matched with specified prefix that needs to be
160 collected for docker containers
161 --docker-only=false Only report docker containers in addition to
164 root stats
165 --docker-root="/var/lib/docker" DEPRECATED: docker root is read
168 from docker info (this is a fallback, default: /var/lib/docker)
169 --docker-tls=false use TLS to connect to docker
172 --docker-tls-ca="ca.pem" path to trusted CA
175 --docker-tls-cert="cert.pem" path to client certificate
178 --docker-tls-key="key.pem" path to private key
181 --enable-load-reader=false Whether to enable cpu load reader
184 --event-storage-age-limit="default=0" Max length of time for which
187 to store events (per type). Value is a comma separated list of key val‐
188 ues, where the keys are event types (e.g.: creation, oom) or "default"
189 and the value is a duration. Default is applied to all non-specified
190 event types
191 --event-storage-event-limit="default=0" Max number of events to
194 store (per type). Value is a comma separated list of key values, where
195 the keys are event types (e.g.: creation, oom) or "default" and the
196 value is an integer. Default is applied to all non-specified event
197 types
198 --global-housekeeping-interval=1m0s Interval between global house‐
201 keepings
202 --housekeeping-interval=10s Interval between container housekeep‐
205 ings
206 --insecure-skip-tls-verify=false If true, the server's certificate
209 will not be checked for validity. This will make your HTTPS connections
210 insecure
211 --kubeconfig="" Path to the kubeconfig file to use for CLI re‐
214 quests.
215 --log-backtrace-at=:0 when logging hits line file:N, emit a stack
218 trace
219 --log-cadvisor-usage=false Whether to log the usage of the cAdvi‐
222 sor container
223 --log-dir="" If non-empty, write log files in this directory
226 --log-file="" If non-empty, use this log file
229 --log-file-max-size=1800 Defines the maximum size a log file can
232 grow to. Unit is megabytes. If the value is 0, the maximum file size is
233 unlimited.
234 --log-flush-frequency=5s Maximum number of seconds between log
237 flushes
238 --logtostderr=true log to standard error instead of files
241 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
244 Comma-separated list of files to check for machine-id. Use the
245 first one that exists.
246 --match-server-version=false Require server version to match
249 client version
250 -n, --namespace="" If present, the namespace scope for this CLI
253 request
254 --one-output=false If true, only write logs to their native sever‐
257 ity level (vs also writing to each lower severity level)
258 --password="" Password for basic authentication to the API server
261 --profile="none" Name of profile to capture. One of
264 (none|cpu|heap|goroutine|threadcreate|block|mutex)
265 --profile-output="profile.pprof" Name of the file to write the
268 profile to
269 --referenced-reset-interval=0 Reset interval for referenced bytes
272 (container_referenced_bytes metric), number of measurement cycles after
273 which referenced bytes are cleared, if set to 0 referenced bytes are
274 never cleared (default: 0)
275 --request-timeout="0" The length of time to wait before giving up
278 on a single server request. Non-zero values should contain a corre‐
279 sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
280 out requests.
281 -s, --server="" The address and port of the Kubernetes API server
284 --skip-headers=false If true, avoid header prefixes in the log
287 messages
288 --skip-log-headers=false If true, avoid headers when opening log
291 files
292 --stderrthreshold=2 logs at or above this threshold go to stderr
295 --storage-driver-buffer-duration=1m0s Writes in the storage driver
298 will be buffered for this duration, and committed to the non memory
299 backends as a single transaction
300 --storage-driver-db="cadvisor" database name
303 --storage-driver-host="localhost:8086" database host:port
306 --storage-driver-password="root" database password
309 --storage-driver-secure=false use secure connection with database
312 --storage-driver-table="stats" table name
315 --storage-driver-user="root" database username
318 --tls-server-name="" Server name to use for server certificate
321 validation. If it is not provided, the hostname used to contact the
322 server is used
323 --token="" Bearer token for authentication to the API server
326 --update-machine-info-interval=5m0s Interval between machine info
329 updates.
330 --user="" The name of the kubeconfig user to use
333 --username="" Username for basic authentication to the API server
336 -v, --v=0 number for the log level verbosity
339 --version=false Print version information and quit
342 --vmodule= comma-separated list of pattern=N settings for
345 file-filtered logging
346 --warnings-as-errors=false Treat warnings received from the server
349 as errors and exit with a non-zero exit code
350
354 # Diff resources included in pod.json.
355 kubectl diff -f pod.json
356 # Diff file read from stdin
358 cat service.yaml | kubectl diff -f -
359
364 kubectl(1),
365
369 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
370 com) based on the kubernetes source material, but hopefully they have
371 been automatically generated since!
372Manuals User KUBERNETES(1)(kubernetes)