1KUBERNETES(1)(kubernetes) KUBERNETES(1)(kubernetes)
2Eric Paris Jan 2015
6
9 kubectl exec - Execute a command in a container
10
14 kubectl exec [OPTIONS]
15
19 Execute a command in a container.
20
24 -c, --container="" Container name. If omitted, use the kubectl.ku‐
25 bernetes.io/default-container annotation for selecting the container to
26 be attached or the first container in the pod will be chosen
27 -f, --filename=[] to use to exec into the resource
30 --pod-running-timeout=1m0s The length of time (like 5s, 2m, or 3h,
33 higher than zero) to wait until at least one pod is running
34 -q, --quiet=false Only print output from the remote session
37 -i, --stdin=false Pass stdin to the container
40 -t, --tty=false Stdin is a TTY
43
47 --add-dir-header=false If true, adds the file directory to the
48 header of the log messages
49 --alsologtostderr=false log to standard error as well as files
52 --application-metrics-count-limit=100 Max number of application
55 metrics to store (per container)
56 --as="" Username to impersonate for the operation
59 --as-group=[] Group to impersonate for the operation, this flag
62 can be repeated to specify multiple groups.
63 --azure-container-registry-config="" Path to the file containing
66 Azure container registry configuration information.
67 --boot-id-file="/proc/sys/kernel/random/boot_id" Comma-separated
70 list of files to check for boot-id. Use the first one that exists.
71 --cache-dir="/builddir/.kube/cache" Default cache directory
74 --certificate-authority="" Path to a cert file for the certificate
77 authority
78 --client-certificate="" Path to a client certificate file for TLS
81 --client-key="" Path to a client key file for TLS
84 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
87 CIDRs opened in GCE firewall for L7 LB traffic proxy health
88 checks
89 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
92 CIDRs opened in GCE firewall for L4 LB traffic proxy health
93 checks
94 --cluster="" The name of the kubeconfig cluster to use
97 --container-hints="/etc/cadvisor/container_hints.json" location of
100 the container hints file
101 --containerd="/run/containerd/containerd.sock" containerd endpoint
104 --containerd-namespace="k8s.io" containerd namespace
107 --context="" The name of the kubeconfig context to use
110 --default-not-ready-toleration-seconds=300 Indicates the tolera‐
113 tionSeconds of the toleration for notReady:NoExecute that is added by
114 default to every pod that does not already have such a toleration.
115 --default-unreachable-toleration-seconds=300 Indicates the tolera‐
118 tionSeconds of the toleration for unreachable:NoExecute that is added
119 by default to every pod that does not already have such a toleration.
120 --disable-root-cgroup-stats=false Disable collecting root Cgroup
123 stats
124 --docker="unix:///var/run/docker.sock" docker endpoint
127 --docker-env-metadata-whitelist="" a comma-separated list of envi‐
130 ronment variable keys matched with specified prefix that needs to be
131 collected for docker containers
132 --docker-only=false Only report docker containers in addition to
135 root stats
136 --docker-root="/var/lib/docker" DEPRECATED: docker root is read
139 from docker info (this is a fallback, default: /var/lib/docker)
140 --docker-tls=false use TLS to connect to docker
143 --docker-tls-ca="ca.pem" path to trusted CA
146 --docker-tls-cert="cert.pem" path to client certificate
149 --docker-tls-key="key.pem" path to private key
152 --enable-load-reader=false Whether to enable cpu load reader
155 --event-storage-age-limit="default=0" Max length of time for which
158 to store events (per type). Value is a comma separated list of key val‐
159 ues, where the keys are event types (e.g.: creation, oom) or "default"
160 and the value is a duration. Default is applied to all non-specified
161 event types
162 --event-storage-event-limit="default=0" Max number of events to
165 store (per type). Value is a comma separated list of key values, where
166 the keys are event types (e.g.: creation, oom) or "default" and the
167 value is an integer. Default is applied to all non-specified event
168 types
169 --global-housekeeping-interval=1m0s Interval between global house‐
172 keepings
173 --housekeeping-interval=10s Interval between container housekeep‐
176 ings
177 --insecure-skip-tls-verify=false If true, the server's certificate
180 will not be checked for validity. This will make your HTTPS connections
181 insecure
182 --kubeconfig="" Path to the kubeconfig file to use for CLI re‐
185 quests.
186 --log-backtrace-at=:0 when logging hits line file:N, emit a stack
189 trace
190 --log-cadvisor-usage=false Whether to log the usage of the cAdvi‐
193 sor container
194 --log-dir="" If non-empty, write log files in this directory
197 --log-file="" If non-empty, use this log file
200 --log-file-max-size=1800 Defines the maximum size a log file can
203 grow to. Unit is megabytes. If the value is 0, the maximum file size is
204 unlimited.
205 --log-flush-frequency=5s Maximum number of seconds between log
208 flushes
209 --logtostderr=true log to standard error instead of files
212 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
215 Comma-separated list of files to check for machine-id. Use the
216 first one that exists.
217 --match-server-version=false Require server version to match
220 client version
221 -n, --namespace="" If present, the namespace scope for this CLI
224 request
225 --one-output=false If true, only write logs to their native sever‐
228 ity level (vs also writing to each lower severity level)
229 --password="" Password for basic authentication to the API server
232 --profile="none" Name of profile to capture. One of
235 (none|cpu|heap|goroutine|threadcreate|block|mutex)
236 --profile-output="profile.pprof" Name of the file to write the
239 profile to
240 --referenced-reset-interval=0 Reset interval for referenced bytes
243 (container_referenced_bytes metric), number of measurement cycles after
244 which referenced bytes are cleared, if set to 0 referenced bytes are
245 never cleared (default: 0)
246 --request-timeout="0" The length of time to wait before giving up
249 on a single server request. Non-zero values should contain a corre‐
250 sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
251 out requests.
252 -s, --server="" The address and port of the Kubernetes API server
255 --skip-headers=false If true, avoid header prefixes in the log
258 messages
259 --skip-log-headers=false If true, avoid headers when opening log
262 files
263 --stderrthreshold=2 logs at or above this threshold go to stderr
266 --storage-driver-buffer-duration=1m0s Writes in the storage driver
269 will be buffered for this duration, and committed to the non memory
270 backends as a single transaction
271 --storage-driver-db="cadvisor" database name
274 --storage-driver-host="localhost:8086" database host:port
277 --storage-driver-password="root" database password
280 --storage-driver-secure=false use secure connection with database
283 --storage-driver-table="stats" table name
286 --storage-driver-user="root" database username
289 --tls-server-name="" Server name to use for server certificate
292 validation. If it is not provided, the hostname used to contact the
293 server is used
294 --token="" Bearer token for authentication to the API server
297 --update-machine-info-interval=5m0s Interval between machine info
300 updates.
301 --user="" The name of the kubeconfig user to use
304 --username="" Username for basic authentication to the API server
307 -v, --v=0 number for the log level verbosity
310 --version=false Print version information and quit
313 --vmodule= comma-separated list of pattern=N settings for
316 file-filtered logging
317 --warnings-as-errors=false Treat warnings received from the server
320 as errors and exit with a non-zero exit code
321
325 # Get output from running 'date' command from pod mypod, using the first container by default
326 kubectl exec mypod -- date
327 # Get output from running 'date' command in ruby-container from pod mypod
329 kubectl exec mypod -c ruby-container -- date
330 # Switch to raw terminal mode, sends stdin to 'bash' in ruby-container from pod mypod
332 # and sends stdout/stderr from 'bash' back to the client
333 kubectl exec mypod -c ruby-container -i -t -- bash -il
334 # List contents of /usr from the first container of pod mypod and sort by modification time.
336 # If the command you want to execute in the pod has any flags in common (e.g. -i),
337 # you must use two dashes (--) to separate your command's flags/arguments.
338 # Also note, do not surround your command and its flags/arguments with quotes
339 # unless that is how you would execute it normally (i.e., do ls -t /usr, not "ls -t /usr").
340 kubectl exec mypod -i -t -- ls -t /usr
341 # Get output from running 'date' command from the first pod of the deployment mydeployment, using the first container by default
343 kubectl exec deploy/mydeployment -- date
344 # Get output from running 'date' command from the first pod of the service myservice, using the first container by default
346 kubectl exec svc/myservice -- date
347
352 kubectl(1),
353
357 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
358 com) based on the kubernetes source material, but hopefully they have
359 been automatically generated since!
360Manuals User KUBERNETES(1)(kubernetes)