1KUBERNETES(1)(kubernetes)                            KUBERNETES(1)(kubernetes)
2
3
4
5Eric Paris Jan 2015
6
7

NAME

9       kubectl  expose - Take a replication controller, service, deployment or
10       pod and expose it as a new Kubernetes Service
11
12
13

SYNOPSIS

15       kubectl expose [OPTIONS]
16
17
18

DESCRIPTION

20       Expose a resource as a new Kubernetes service.
21
22
23       Looks up a deployment, service, replica set, replication controller  or
24       pod by name and uses the selector for that resource as the selector for
25       a new service on the specified port. A deployment or replica  set  will
26       be exposed as a service only if its selector is convertible to a selec‐
27       tor that service supports, i.e. when the  selector  contains  only  the
28       matchLabels component. Note that if no port is specified via --port and
29       the exposed resource has multiple ports, all will be re-used by the new
30       service.  Also  if no labels are specified, the new service will re-use
31       the labels from the resource it exposes.
32
33
34       Possible resources include (case insensitive):
35
36
37       pod (po), service (svc), replicationcontroller  (rc),  deployment  (de‐
38       ploy), replicaset (rs)
39
40
41

OPTIONS

43       --allow-missing-template-keys=true       If  true, ignore any errors in
44       templates when a field or map key is missing in the template. Only  ap‐
45       plies to golang and jsonpath output formats.
46
47
48       --cluster-ip=""       ClusterIP  to  be  assigned to the service. Leave
49       empty to auto-allocate, or set to 'None' to create a headless service.
50
51
52       --container-port=""      Synonym for --target-port
53
54
55       --dry-run="none"      Must be "none", "server", or "client". If  client
56       strategy, only print the object that would be sent, without sending it.
57       If server strategy, submit server-side request without  persisting  the
58       resource.
59
60
61       --external-ip=""       Additional  external  IP address (not managed by
62       Kubernetes) to accept for the service. If this IP is routed to a  node,
63       the  service  can  be  accessed by this IP in addition to its generated
64       service IP.
65
66
67       --field-manager="kubectl-expose"      Name of the manager used to track
68       field ownership.
69
70
71       -f, --filename=[]      Filename, directory, or URL to files identifying
72       the resource to expose a service
73
74
75       --generator="service/v2"      The name of the  API  generator  to  use.
76       There are 2 generators: 'service/v1' and 'service/v2'. The only differ‐
77       ence between them is that service port in v1 is named 'default',  while
78       it is left unnamed in v2. Default is 'service/v2'.
79
80
81       -k,  --kustomize=""      Process the kustomization directory. This flag
82       can't be used together with -f or -R.
83
84
85       -l, --labels=""      Labels to apply to the  service  created  by  this
86       call.
87
88
89       --load-balancer-ip=""       IP to assign to the LoadBalancer. If empty,
90       an ephemeral IP will be created and used (cloud-provider specific).
91
92
93       --name=""      The name for the newly created object.
94
95
96       -o, --output=""       Output  format.  One  of:  json|yaml|name|go-tem‐
97       plate|go-template-file|template|templatefile|jsonpath|json‐
98       path-as-json|jsonpath-file.
99
100
101       --overrides=""      An inline JSON override for the  generated  object.
102       If  this is non-empty, it is used to override the generated object. Re‐
103       quires that the object supply a valid apiVersion field.
104
105
106       --port=""      The port that the service should serve on.  Copied  from
107       the resource being exposed, if unspecified
108
109
110       --protocol=""       The network protocol for the service to be created.
111       Default is 'TCP'.
112
113
114       --record=false      Record current kubectl command in the resource  an‐
115       notation.  If  set to false, do not record the command. If set to true,
116       record the command. If not set, default to updating the existing  anno‐
117       tation value only if one already exists.
118
119
120       -R, --recursive=false      Process the directory used in -f, --filename
121       recursively. Useful when you want to manage related manifests organized
122       within the same directory.
123
124
125       --save-config=false       If  true, the configuration of current object
126       will be saved in its annotation. Otherwise, the annotation will be  un‐
127       changed.  This flag is useful when you want to perform kubectl apply on
128       this object in the future.
129
130
131       --selector=""      A label selector  to  use  for  this  service.  Only
132       equality-based  selector  requirements are supported. If empty (the de‐
133       fault) infer the selector from the replication  controller  or  replica
134       set.)
135
136
137       --session-affinity=""       If  non-empty, set the session affinity for
138       the service to this; legal values: 'None', 'ClientIP'
139
140
141       --show-managed-fields=false      If true, keep the  managedFields  when
142       printing objects in JSON or YAML format.
143
144
145       --target-port=""      Name or number for the port on the container that
146       the service should direct traffic to. Optional.
147
148
149       --template=""      Template string or path to template file to use when
150       -o=go-template, -o=go-template-file. The template format is golang tem‐
151       plates [http://golang.org/pkg/text/template/#pkg-overview].
152
153
154       --type=""      Type for this  service:  ClusterIP,  NodePort,  LoadBal‐
155       ancer, or ExternalName. Default is 'ClusterIP'.
156
157
158

OPTIONS INHERITED FROM PARENT COMMANDS

160       --add-dir-header=false       If  true,  adds  the file directory to the
161       header of the log messages
162
163
164       --alsologtostderr=false      log to standard error as well as files
165
166
167       --application-metrics-count-limit=100      Max  number  of  application
168       metrics to store (per container)
169
170
171       --as=""      Username to impersonate for the operation
172
173
174       --as-group=[]       Group  to  impersonate for the operation, this flag
175       can be repeated to specify multiple groups.
176
177
178       --azure-container-registry-config=""      Path to the  file  containing
179       Azure container registry configuration information.
180
181
182       --boot-id-file="/proc/sys/kernel/random/boot_id"        Comma-separated
183       list of files to check for boot-id. Use the first one that exists.
184
185
186       --cache-dir="/builddir/.kube/cache"      Default cache directory
187
188
189       --certificate-authority=""      Path to a cert file for the certificate
190       authority
191
192
193       --client-certificate=""      Path to a client certificate file for TLS
194
195
196       --client-key=""      Path to a client key file for TLS
197
198
199       --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
200            CIDRs opened in GCE firewall for  L7  LB  traffic  proxy    health
201       checks
202
203
204       --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
205            CIDRs opened in GCE firewall for  L4  LB  traffic  proxy    health
206       checks
207
208
209       --cluster=""      The name of the kubeconfig cluster to use
210
211
212       --container-hints="/etc/cadvisor/container_hints.json"      location of
213       the container hints file
214
215
216       --containerd="/run/containerd/containerd.sock"      containerd endpoint
217
218
219       --containerd-namespace="k8s.io"      containerd namespace
220
221
222       --context=""      The name of the kubeconfig context to use
223
224
225       --default-not-ready-toleration-seconds=300      Indicates  the  tolera‐
226       tionSeconds  of  the toleration for notReady:NoExecute that is added by
227       default to every pod that does not already have such a toleration.
228
229
230       --default-unreachable-toleration-seconds=300      Indicates the tolera‐
231       tionSeconds  of  the toleration for unreachable:NoExecute that is added
232       by default to every pod that does not already have such a toleration.
233
234
235       --disable-root-cgroup-stats=false      Disable collecting  root  Cgroup
236       stats
237
238
239       --docker="unix:///var/run/docker.sock"      docker endpoint
240
241
242       --docker-env-metadata-whitelist=""      a comma-separated list of envi‐
243       ronment variable keys matched with specified prefix that  needs  to  be
244       collected for docker containers
245
246
247       --docker-only=false       Only  report docker containers in addition to
248       root stats
249
250
251       --docker-root="/var/lib/docker"      DEPRECATED: docker  root  is  read
252       from docker info (this is a fallback, default: /var/lib/docker)
253
254
255       --docker-tls=false      use TLS to connect to docker
256
257
258       --docker-tls-ca="ca.pem"      path to trusted CA
259
260
261       --docker-tls-cert="cert.pem"      path to client certificate
262
263
264       --docker-tls-key="key.pem"      path to private key
265
266
267       --enable-load-reader=false      Whether to enable cpu load reader
268
269
270       --event-storage-age-limit="default=0"      Max length of time for which
271       to store events (per type). Value is a comma separated list of key val‐
272       ues,  where the keys are event types (e.g.: creation, oom) or "default"
273       and the value is a duration. Default is applied  to  all  non-specified
274       event types
275
276
277       --event-storage-event-limit="default=0"       Max  number  of events to
278       store (per type). Value is a comma separated list of key values,  where
279       the  keys  are  event  types (e.g.: creation, oom) or "default" and the
280       value is an integer. Default is  applied  to  all  non-specified  event
281       types
282
283
284       --global-housekeeping-interval=1m0s      Interval between global house‐
285       keepings
286
287
288       --housekeeping-interval=10s      Interval between container  housekeep‐
289       ings
290
291
292       --insecure-skip-tls-verify=false      If true, the server's certificate
293       will not be checked for validity. This will make your HTTPS connections
294       insecure
295
296
297       --kubeconfig=""       Path  to  the  kubeconfig file to use for CLI re‐
298       quests.
299
300
301       --log-backtrace-at=:0      when logging hits line file:N, emit a  stack
302       trace
303
304
305       --log-cadvisor-usage=false       Whether to log the usage of the cAdvi‐
306       sor container
307
308
309       --log-dir=""      If non-empty, write log files in this directory
310
311
312       --log-file=""      If non-empty, use this log file
313
314
315       --log-file-max-size=1800      Defines the maximum size a log  file  can
316       grow to. Unit is megabytes. If the value is 0, the maximum file size is
317       unlimited.
318
319
320       --log-flush-frequency=5s      Maximum number  of  seconds  between  log
321       flushes
322
323
324       --logtostderr=true      log to standard error instead of files
325
326
327       --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
328            Comma-separated list of files to check  for  machine-id.  Use  the
329       first one that exists.
330
331
332       --match-server-version=false        Require  server  version  to  match
333       client version
334
335
336       -n, --namespace=""      If present, the namespace scope  for  this  CLI
337       request
338
339
340       --one-output=false      If true, only write logs to their native sever‐
341       ity level (vs also writing to each lower severity level)
342
343
344       --password=""      Password for basic authentication to the API server
345
346
347       --profile="none"        Name   of   profile   to   capture.   One    of
348       (none|cpu|heap|goroutine|threadcreate|block|mutex)
349
350
351       --profile-output="profile.pprof"       Name  of  the  file to write the
352       profile to
353
354
355       --referenced-reset-interval=0      Reset interval for referenced  bytes
356       (container_referenced_bytes metric), number of measurement cycles after
357       which referenced bytes are cleared, if set to 0  referenced  bytes  are
358       never cleared (default: 0)
359
360
361       --request-timeout="0"       The length of time to wait before giving up
362       on a single server request. Non-zero values  should  contain  a  corre‐
363       sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
364       out requests.
365
366
367       -s, --server=""      The address and port of the Kubernetes API server
368
369
370       --skip-headers=false      If true, avoid header  prefixes  in  the  log
371       messages
372
373
374       --skip-log-headers=false       If  true, avoid headers when opening log
375       files
376
377
378       --stderrthreshold=2      logs at or above this threshold go to stderr
379
380
381       --storage-driver-buffer-duration=1m0s      Writes in the storage driver
382       will  be  buffered  for  this duration, and committed to the non memory
383       backends as a single transaction
384
385
386       --storage-driver-db="cadvisor"      database name
387
388
389       --storage-driver-host="localhost:8086"      database host:port
390
391
392       --storage-driver-password="root"      database password
393
394
395       --storage-driver-secure=false      use secure connection with database
396
397
398       --storage-driver-table="stats"      table name
399
400
401       --storage-driver-user="root"      database username
402
403
404       --tls-server-name=""      Server name to  use  for  server  certificate
405       validation.  If  it  is  not provided, the hostname used to contact the
406       server is used
407
408
409       --token=""      Bearer token for authentication to the API server
410
411
412       --update-machine-info-interval=5m0s      Interval between machine  info
413       updates.
414
415
416       --user=""      The name of the kubeconfig user to use
417
418
419       --username=""      Username for basic authentication to the API server
420
421
422       -v, --v=0      number for the log level verbosity
423
424
425       --version=false      Print version information and quit
426
427
428       --vmodule=        comma-separated   list   of  pattern=N  settings  for
429       file-filtered logging
430
431
432       --warnings-as-errors=false      Treat warnings received from the server
433       as errors and exit with a non-zero exit code
434
435
436

EXAMPLE

438                # Create a service for a replicated nginx, which serves on port 80 and connects to the containers on port 8000.
439                kubectl expose rc nginx --port=80 --target-port=8000
440
441                # Create a service for a replication controller identified by type and name specified in "nginx-controller.yaml", which serves on port 80 and connects to the containers on port 8000.
442                kubectl expose -f nginx-controller.yaml --port=80 --target-port=8000
443
444                # Create a service for a pod valid-pod, which serves on port 444 with the name "frontend"
445                kubectl expose pod valid-pod --port=444 --name=frontend
446
447                # Create a second service based on the above service, exposing the container port 8443 as port 443 with the name "nginx-https"
448                kubectl expose service nginx --port=443 --target-port=8443 --name=nginx-https
449
450                # Create a service for a replicated streaming application on port 4100 balancing UDP traffic and named 'video-stream'.
451                kubectl expose rc streamer --port=4100 --protocol=UDP --name=video-stream
452
453                # Create a service for a replicated nginx using replica set, which serves on port 80 and connects to the containers on port 8000.
454                kubectl expose rs nginx --port=80 --target-port=8000
455
456                # Create a service for an nginx deployment, which serves on port 80 and connects to the containers on port 8000.
457                kubectl expose deployment nginx --port=80 --target-port=8000
458
459
460
461

SEE ALSO

463       kubectl(1),
464
465
466

HISTORY

468       January  2015,  Originally compiled by Eric Paris (eparis at redhat dot
469       com) based on the kubernetes source material, but hopefully  they  have
470       been automatically generated since!
471
472
473
474Manuals                              User            KUBERNETES(1)(kubernetes)
Impressum