1KUBERNETES(1)(kubernetes) KUBERNETES(1)(kubernetes)
2
3
4
5Eric Paris Jan 2015
6
7
9 kubectl run - Run a particular image on the cluster
10
11
12
14 kubectl run [OPTIONS]
15
16
17
19 Create and run a particular image in a pod.
20
21
22
24 --allow-missing-template-keys=true If true, ignore any errors in
25 templates when a field or map key is missing in the template. Only ap‐
26 plies to golang and jsonpath output formats.
27
28
29 --annotations=[] Annotations to apply to the pod.
30
31
32 --attach=false If true, wait for the Pod to start running, and
33 then attach to the Pod as if 'kubectl attach ...' were called. Default
34 false, unless '-i/--stdin' is set, in which case the default is true.
35 With '--restart=Never' the exit code of the container process is re‐
36 turned.
37
38
39 --cascade="background" Must be "background", "orphan", or "fore‐
40 ground". Selects the deletion cascading strategy for the dependents
41 (e.g. Pods created by a ReplicationController). Defaults to background.
42
43
44 --command=false If true and extra arguments are present, use them
45 as the 'command' field in the container, rather than the 'args' field
46 which is the default.
47
48
49 --dry-run="none" Must be "none", "server", or "client". If client
50 strategy, only print the object that would be sent, without sending it.
51 If server strategy, submit server-side request without persisting the
52 resource.
53
54
55 --env=[] Environment variables to set in the container.
56
57
58 --expose=false If true, service is created for the container(s)
59 which are run
60
61
62 --field-manager="kubectl-run" Name of the manager used to track
63 field ownership.
64
65
66 -f, --filename=[] to use to replace the resource.
67
68
69 --force=false If true, immediately remove resources from API and
70 bypass graceful deletion. Note that immediate deletion of some re‐
71 sources may result in inconsistency or data loss and requires confirma‐
72 tion.
73
74
75 --grace-period=-1 Period of time in seconds given to the resource
76 to terminate gracefully. Ignored if negative. Set to 1 for immediate
77 shutdown. Can only be set to 0 when --force is true (force deletion).
78
79
80 --hostport=-1 The host port mapping for the container port. To
81 demonstrate a single-machine container.
82
83
84 --image="" The image for the container to run.
85
86
87 --image-pull-policy="" The image pull policy for the container. If
88 left empty, this value will not be specified by the client and de‐
89 faulted by the server
90
91
92 -k, --kustomize="" Process a kustomization directory. This flag
93 can't be used together with -f or -R.
94
95
96 -l, --labels="" Comma separated labels to apply to the pod(s).
97 Will override previous values.
98
99
100 --leave-stdin-open=false If the pod is started in interactive mode
101 or with stdin, leave stdin open after the first attach completes. By
102 default, stdin will be closed after the first attach completes.
103
104
105 --limits="" The resource requirement limits for this container.
106 For example, 'cpu=200m,memory=512Mi'. Note that server side components
107 may assign limits depending on the server configuration, such as limit
108 ranges.
109
110
111 -o, --output="" Output format. One of: json|yaml|name|go-tem‐
112 plate|go-template-file|template|templatefile|jsonpath|json‐
113 path-as-json|jsonpath-file.
114
115
116 --overrides="" An inline JSON override for the generated object.
117 If this is non-empty, it is used to override the generated object. Re‐
118 quires that the object supply a valid apiVersion field.
119
120
121 --pod-running-timeout=1m0s The length of time (like 5s, 2m, or 3h,
122 higher than zero) to wait until at least one pod is running
123
124
125 --port="" The port that this container exposes.
126
127
128 --privileged=false If true, run the container in privileged mode.
129
130
131 -q, --quiet=false If true, suppress prompt messages.
132
133
134 --record=false Record current kubectl command in the resource an‐
135 notation. If set to false, do not record the command. If set to true,
136 record the command. If not set, default to updating the existing anno‐
137 tation value only if one already exists.
138
139
140 -R, --recursive=false Process the directory used in -f, --filename
141 recursively. Useful when you want to manage related manifests organized
142 within the same directory.
143
144
145 --requests="" The resource requirement requests for this con‐
146 tainer. For example, 'cpu=100m,memory=256Mi'. Note that server side
147 components may assign requests depending on the server configuration,
148 such as limit ranges.
149
150
151 --restart="Always" The restart policy for this Pod. Legal values
152 [Always, OnFailure, Never].
153
154
155 --rm=false If true, delete resources created in this command for
156 attached containers.
157
158
159 --save-config=false If true, the configuration of current object
160 will be saved in its annotation. Otherwise, the annotation will be un‐
161 changed. This flag is useful when you want to perform kubectl apply on
162 this object in the future.
163
164
165 --serviceaccount="" Service account to set in the pod spec.
166
167
168 --show-managed-fields=false If true, keep the managedFields when
169 printing objects in JSON or YAML format.
170
171
172 -i, --stdin=false Keep stdin open on the container(s) in the pod,
173 even if nothing is attached.
174
175
176 --template="" Template string or path to template file to use when
177 -o=go-template, -o=go-template-file. The template format is golang tem‐
178 plates [http://golang.org/pkg/text/template/#pkg-overview].
179
180
181 --timeout=0s The length of time to wait before giving up on a
182 delete, zero means determine a timeout from the size of the object
183
184
185 -t, --tty=false Allocated a TTY for each container in the pod.
186
187
188 --wait=false If true, wait for resources to be gone before return‐
189 ing. This waits for finalizers.
190
191
192
194 --add-dir-header=false If true, adds the file directory to the
195 header of the log messages
196
197
198 --alsologtostderr=false log to standard error as well as files
199
200
201 --application-metrics-count-limit=100 Max number of application
202 metrics to store (per container)
203
204
205 --as="" Username to impersonate for the operation
206
207
208 --as-group=[] Group to impersonate for the operation, this flag
209 can be repeated to specify multiple groups.
210
211
212 --azure-container-registry-config="" Path to the file containing
213 Azure container registry configuration information.
214
215
216 --boot-id-file="/proc/sys/kernel/random/boot_id" Comma-separated
217 list of files to check for boot-id. Use the first one that exists.
218
219
220 --cache-dir="/builddir/.kube/cache" Default cache directory
221
222
223 --certificate-authority="" Path to a cert file for the certificate
224 authority
225
226
227 --client-certificate="" Path to a client certificate file for TLS
228
229
230 --client-key="" Path to a client key file for TLS
231
232
233 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
234 CIDRs opened in GCE firewall for L7 LB traffic proxy health
235 checks
236
237
238 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
239 CIDRs opened in GCE firewall for L4 LB traffic proxy health
240 checks
241
242
243 --cluster="" The name of the kubeconfig cluster to use
244
245
246 --container-hints="/etc/cadvisor/container_hints.json" location of
247 the container hints file
248
249
250 --containerd="/run/containerd/containerd.sock" containerd endpoint
251
252
253 --containerd-namespace="k8s.io" containerd namespace
254
255
256 --context="" The name of the kubeconfig context to use
257
258
259 --default-not-ready-toleration-seconds=300 Indicates the tolera‐
260 tionSeconds of the toleration for notReady:NoExecute that is added by
261 default to every pod that does not already have such a toleration.
262
263
264 --default-unreachable-toleration-seconds=300 Indicates the tolera‐
265 tionSeconds of the toleration for unreachable:NoExecute that is added
266 by default to every pod that does not already have such a toleration.
267
268
269 --disable-root-cgroup-stats=false Disable collecting root Cgroup
270 stats
271
272
273 --docker="unix:///var/run/docker.sock" docker endpoint
274
275
276 --docker-env-metadata-whitelist="" a comma-separated list of envi‐
277 ronment variable keys matched with specified prefix that needs to be
278 collected for docker containers
279
280
281 --docker-only=false Only report docker containers in addition to
282 root stats
283
284
285 --docker-root="/var/lib/docker" DEPRECATED: docker root is read
286 from docker info (this is a fallback, default: /var/lib/docker)
287
288
289 --docker-tls=false use TLS to connect to docker
290
291
292 --docker-tls-ca="ca.pem" path to trusted CA
293
294
295 --docker-tls-cert="cert.pem" path to client certificate
296
297
298 --docker-tls-key="key.pem" path to private key
299
300
301 --enable-load-reader=false Whether to enable cpu load reader
302
303
304 --event-storage-age-limit="default=0" Max length of time for which
305 to store events (per type). Value is a comma separated list of key val‐
306 ues, where the keys are event types (e.g.: creation, oom) or "default"
307 and the value is a duration. Default is applied to all non-specified
308 event types
309
310
311 --event-storage-event-limit="default=0" Max number of events to
312 store (per type). Value is a comma separated list of key values, where
313 the keys are event types (e.g.: creation, oom) or "default" and the
314 value is an integer. Default is applied to all non-specified event
315 types
316
317
318 --global-housekeeping-interval=1m0s Interval between global house‐
319 keepings
320
321
322 --housekeeping-interval=10s Interval between container housekeep‐
323 ings
324
325
326 --insecure-skip-tls-verify=false If true, the server's certificate
327 will not be checked for validity. This will make your HTTPS connections
328 insecure
329
330
331 --kubeconfig="" Path to the kubeconfig file to use for CLI re‐
332 quests.
333
334
335 --log-backtrace-at=:0 when logging hits line file:N, emit a stack
336 trace
337
338
339 --log-cadvisor-usage=false Whether to log the usage of the cAdvi‐
340 sor container
341
342
343 --log-dir="" If non-empty, write log files in this directory
344
345
346 --log-file="" If non-empty, use this log file
347
348
349 --log-file-max-size=1800 Defines the maximum size a log file can
350 grow to. Unit is megabytes. If the value is 0, the maximum file size is
351 unlimited.
352
353
354 --log-flush-frequency=5s Maximum number of seconds between log
355 flushes
356
357
358 --logtostderr=true log to standard error instead of files
359
360
361 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
362 Comma-separated list of files to check for machine-id. Use the
363 first one that exists.
364
365
366 --match-server-version=false Require server version to match
367 client version
368
369
370 -n, --namespace="" If present, the namespace scope for this CLI
371 request
372
373
374 --one-output=false If true, only write logs to their native sever‐
375 ity level (vs also writing to each lower severity level)
376
377
378 --password="" Password for basic authentication to the API server
379
380
381 --profile="none" Name of profile to capture. One of
382 (none|cpu|heap|goroutine|threadcreate|block|mutex)
383
384
385 --profile-output="profile.pprof" Name of the file to write the
386 profile to
387
388
389 --referenced-reset-interval=0 Reset interval for referenced bytes
390 (container_referenced_bytes metric), number of measurement cycles after
391 which referenced bytes are cleared, if set to 0 referenced bytes are
392 never cleared (default: 0)
393
394
395 --request-timeout="0" The length of time to wait before giving up
396 on a single server request. Non-zero values should contain a corre‐
397 sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
398 out requests.
399
400
401 -s, --server="" The address and port of the Kubernetes API server
402
403
404 --skip-headers=false If true, avoid header prefixes in the log
405 messages
406
407
408 --skip-log-headers=false If true, avoid headers when opening log
409 files
410
411
412 --stderrthreshold=2 logs at or above this threshold go to stderr
413
414
415 --storage-driver-buffer-duration=1m0s Writes in the storage driver
416 will be buffered for this duration, and committed to the non memory
417 backends as a single transaction
418
419
420 --storage-driver-db="cadvisor" database name
421
422
423 --storage-driver-host="localhost:8086" database host:port
424
425
426 --storage-driver-password="root" database password
427
428
429 --storage-driver-secure=false use secure connection with database
430
431
432 --storage-driver-table="stats" table name
433
434
435 --storage-driver-user="root" database username
436
437
438 --tls-server-name="" Server name to use for server certificate
439 validation. If it is not provided, the hostname used to contact the
440 server is used
441
442
443 --token="" Bearer token for authentication to the API server
444
445
446 --update-machine-info-interval=5m0s Interval between machine info
447 updates.
448
449
450 --user="" The name of the kubeconfig user to use
451
452
453 --username="" Username for basic authentication to the API server
454
455
456 -v, --v=0 number for the log level verbosity
457
458
459 --version=false Print version information and quit
460
461
462 --vmodule= comma-separated list of pattern=N settings for
463 file-filtered logging
464
465
466 --warnings-as-errors=false Treat warnings received from the server
467 as errors and exit with a non-zero exit code
468
469
470
472 # Start a nginx pod.
473 kubectl run nginx --image=nginx
474
475 # Start a hazelcast pod and let the container expose port 5701.
476 kubectl run hazelcast --image=hazelcast/hazelcast --port=5701
477
478 # Start a hazelcast pod and set environment variables "DNS_DOMAIN=cluster" and "POD_NAMESPACE=default" in the container.
479 kubectl run hazelcast --image=hazelcast/hazelcast --env="DNS_DOMAIN=cluster" --env="POD_NAMESPACE=default"
480
481 # Start a hazelcast pod and set labels "app=hazelcast" and "env=prod" in the container.
482 kubectl run hazelcast --image=hazelcast/hazelcast --labels="app=hazelcast,env=prod"
483
484 # Dry run. Print the corresponding API objects without creating them.
485 kubectl run nginx --image=nginx --dry-run=client
486
487 # Start a nginx pod, but overload the spec with a partial set of values parsed from JSON.
488 kubectl run nginx --image=nginx --overrides='{ "apiVersion": "v1", "spec": { ... } }'
489
490 # Start a busybox pod and keep it in the foreground, don't restart it if it exits.
491 kubectl run -i -t busybox --image=busybox --restart=Never
492
493 # Start the nginx pod using the default command, but use custom arguments (arg1 .. argN) for that command.
494 kubectl run nginx --image=nginx -- <arg1> <arg2> ... <argN>
495
496 # Start the nginx pod using a different command and custom arguments.
497 kubectl run nginx --image=nginx --command -- <cmd> <arg1> ... <argN>
498
499
500
501
503 kubectl(1),
504
505
506
508 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
509 com) based on the kubernetes source material, but hopefully they have
510 been automatically generated since!
511
512
513
514Manuals User KUBERNETES(1)(kubernetes)