1KUBERNETES(1)(kubernetes) KUBERNETES(1)(kubernetes)
2Eric Paris Jan 2015
6
9 kubectl patch - Update field(s) of a resource
10
14 kubectl patch [OPTIONS]
15
19 Update field(s) of a resource using strategic merge patch, a JSON merge
20 patch, or a JSON patch.
21 JSON and YAML formats are accepted.
24
28 --allow-missing-template-keys=true If true, ignore any errors in
29 templates when a field or map key is missing in the template. Only ap‐
30 plies to golang and jsonpath output formats.
31 --dry-run="none" Must be "none", "server", or "client". If client
34 strategy, only print the object that would be sent, without sending it.
35 If server strategy, submit server-side request without persisting the
36 resource.
37 --field-manager="kubectl-patch" Name of the manager used to track
40 field ownership.
41 -f, --filename=[] Filename, directory, or URL to files identifying
44 the resource to update
45 -k, --kustomize="" Process the kustomization directory. This flag
48 can't be used together with -f or -R.
49 --local=false If true, patch will operate on the content of the
52 file, not the server-side resource.
53 -o, --output="" Output format. One of: json|yaml|name|go-tem‐
56 plate|go-template-file|template|templatefile|jsonpath|json‐
57 path-as-json|jsonpath-file.
58 -p, --patch="" The patch to be applied to the resource JSON file.
61 --patch-file="" A file containing a patch to be applied to the re‐
64 source.
65 --record=false Record current kubectl command in the resource an‐
68 notation. If set to false, do not record the command. If set to true,
69 record the command. If not set, default to updating the existing anno‐
70 tation value only if one already exists.
71 -R, --recursive=false Process the directory used in -f, --filename
74 recursively. Useful when you want to manage related manifests organized
75 within the same directory.
76 --show-managed-fields=false If true, keep the managedFields when
79 printing objects in JSON or YAML format.
80 --template="" Template string or path to template file to use when
83 -o=go-template, -o=go-template-file. The template format is golang tem‐
84 plates [http://golang.org/pkg/text/template/#pkg-overview].
85 --type="strategic" The type of patch being provided; one of [json
88 merge strategic]
89
93 --add-dir-header=false If true, adds the file directory to the
94 header of the log messages
95 --alsologtostderr=false log to standard error as well as files
98 --application-metrics-count-limit=100 Max number of application
101 metrics to store (per container)
102 --as="" Username to impersonate for the operation
105 --as-group=[] Group to impersonate for the operation, this flag
108 can be repeated to specify multiple groups.
109 --azure-container-registry-config="" Path to the file containing
112 Azure container registry configuration information.
113 --boot-id-file="/proc/sys/kernel/random/boot_id" Comma-separated
116 list of files to check for boot-id. Use the first one that exists.
117 --cache-dir="/builddir/.kube/cache" Default cache directory
120 --certificate-authority="" Path to a cert file for the certificate
123 authority
124 --client-certificate="" Path to a client certificate file for TLS
127 --client-key="" Path to a client key file for TLS
130 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
133 CIDRs opened in GCE firewall for L7 LB traffic proxy health
134 checks
135 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
138 CIDRs opened in GCE firewall for L4 LB traffic proxy health
139 checks
140 --cluster="" The name of the kubeconfig cluster to use
143 --container-hints="/etc/cadvisor/container_hints.json" location of
146 the container hints file
147 --containerd="/run/containerd/containerd.sock" containerd endpoint
150 --containerd-namespace="k8s.io" containerd namespace
153 --context="" The name of the kubeconfig context to use
156 --default-not-ready-toleration-seconds=300 Indicates the tolera‐
159 tionSeconds of the toleration for notReady:NoExecute that is added by
160 default to every pod that does not already have such a toleration.
161 --default-unreachable-toleration-seconds=300 Indicates the tolera‐
164 tionSeconds of the toleration for unreachable:NoExecute that is added
165 by default to every pod that does not already have such a toleration.
166 --disable-root-cgroup-stats=false Disable collecting root Cgroup
169 stats
170 --docker="unix:///var/run/docker.sock" docker endpoint
173 --docker-env-metadata-whitelist="" a comma-separated list of envi‐
176 ronment variable keys matched with specified prefix that needs to be
177 collected for docker containers
178 --docker-only=false Only report docker containers in addition to
181 root stats
182 --docker-root="/var/lib/docker" DEPRECATED: docker root is read
185 from docker info (this is a fallback, default: /var/lib/docker)
186 --docker-tls=false use TLS to connect to docker
189 --docker-tls-ca="ca.pem" path to trusted CA
192 --docker-tls-cert="cert.pem" path to client certificate
195 --docker-tls-key="key.pem" path to private key
198 --enable-load-reader=false Whether to enable cpu load reader
201 --event-storage-age-limit="default=0" Max length of time for which
204 to store events (per type). Value is a comma separated list of key val‐
205 ues, where the keys are event types (e.g.: creation, oom) or "default"
206 and the value is a duration. Default is applied to all non-specified
207 event types
208 --event-storage-event-limit="default=0" Max number of events to
211 store (per type). Value is a comma separated list of key values, where
212 the keys are event types (e.g.: creation, oom) or "default" and the
213 value is an integer. Default is applied to all non-specified event
214 types
215 --global-housekeeping-interval=1m0s Interval between global house‐
218 keepings
219 --housekeeping-interval=10s Interval between container housekeep‐
222 ings
223 --insecure-skip-tls-verify=false If true, the server's certificate
226 will not be checked for validity. This will make your HTTPS connections
227 insecure
228 --kubeconfig="" Path to the kubeconfig file to use for CLI re‐
231 quests.
232 --log-backtrace-at=:0 when logging hits line file:N, emit a stack
235 trace
236 --log-cadvisor-usage=false Whether to log the usage of the cAdvi‐
239 sor container
240 --log-dir="" If non-empty, write log files in this directory
243 --log-file="" If non-empty, use this log file
246 --log-file-max-size=1800 Defines the maximum size a log file can
249 grow to. Unit is megabytes. If the value is 0, the maximum file size is
250 unlimited.
251 --log-flush-frequency=5s Maximum number of seconds between log
254 flushes
255 --logtostderr=true log to standard error instead of files
258 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
261 Comma-separated list of files to check for machine-id. Use the
262 first one that exists.
263 --match-server-version=false Require server version to match
266 client version
267 -n, --namespace="" If present, the namespace scope for this CLI
270 request
271 --one-output=false If true, only write logs to their native sever‐
274 ity level (vs also writing to each lower severity level)
275 --password="" Password for basic authentication to the API server
278 --profile="none" Name of profile to capture. One of
281 (none|cpu|heap|goroutine|threadcreate|block|mutex)
282 --profile-output="profile.pprof" Name of the file to write the
285 profile to
286 --referenced-reset-interval=0 Reset interval for referenced bytes
289 (container_referenced_bytes metric), number of measurement cycles after
290 which referenced bytes are cleared, if set to 0 referenced bytes are
291 never cleared (default: 0)
292 --request-timeout="0" The length of time to wait before giving up
295 on a single server request. Non-zero values should contain a corre‐
296 sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
297 out requests.
298 -s, --server="" The address and port of the Kubernetes API server
301 --skip-headers=false If true, avoid header prefixes in the log
304 messages
305 --skip-log-headers=false If true, avoid headers when opening log
308 files
309 --stderrthreshold=2 logs at or above this threshold go to stderr
312 --storage-driver-buffer-duration=1m0s Writes in the storage driver
315 will be buffered for this duration, and committed to the non memory
316 backends as a single transaction
317 --storage-driver-db="cadvisor" database name
320 --storage-driver-host="localhost:8086" database host:port
323 --storage-driver-password="root" database password
326 --storage-driver-secure=false use secure connection with database
329 --storage-driver-table="stats" table name
332 --storage-driver-user="root" database username
335 --tls-server-name="" Server name to use for server certificate
338 validation. If it is not provided, the hostname used to contact the
339 server is used
340 --token="" Bearer token for authentication to the API server
343 --update-machine-info-interval=5m0s Interval between machine info
346 updates.
347 --user="" The name of the kubeconfig user to use
350 --username="" Username for basic authentication to the API server
353 -v, --v=0 number for the log level verbosity
356 --version=false Print version information and quit
359 --vmodule= comma-separated list of pattern=N settings for
362 file-filtered logging
363 --warnings-as-errors=false Treat warnings received from the server
366 as errors and exit with a non-zero exit code
367
371 # Partially update a node using a strategic merge patch. Specify the patch as JSON.
372 kubectl patch node k8s-node-1 -p '{"spec":{"unschedulable":true}}'
373 # Partially update a node using a strategic merge patch. Specify the patch as YAML.
375 kubectl patch node k8s-node-1 -p $'spec:\n unschedulable: true'
376 # Partially update a node identified by the type and name specified in "node.json" using strategic merge patch.
378 kubectl patch -f node.json -p '{"spec":{"unschedulable":true}}'
379 # Update a container's image; spec.containers[*].name is required because it's a merge key.
381 kubectl patch pod valid-pod -p '{"spec":{"containers":[{"name":"kubernetes-serve-hostname","image":"new image"}]}}'
382 # Update a container's image using a json patch with positional arrays.
384 kubectl patch pod valid-pod --type='json' -p='[{"op": "replace", "path": "/spec/containers/0/image", "value":"new image"}]'
385
390 kubectl(1),
391
395 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
396 com) based on the kubernetes source material, but hopefully they have
397 been automatically generated since!
398Manuals User KUBERNETES(1)(kubernetes)