1KUBERNETES(1)(kubernetes) KUBERNETES(1)(kubernetes)
2Eric Paris Jan 2015
6
9 kubectl run - Run a particular image on the cluster
10
14 kubectl run [OPTIONS]
15
19 Create and run a particular image in a pod.
20
24 --allow-missing-template-keys=true If true, ignore any errors in
25 templates when a field or map key is missing in the template. Only ap‐
26 plies to golang and jsonpath output formats.
27 --annotations=[] Annotations to apply to the pod.
30 --attach=false If true, wait for the Pod to start running, and
33 then attach to the Pod as if 'kubectl attach ...' were called. Default
34 false, unless '-i/--stdin' is set, in which case the default is true.
35 With '--restart=Never' the exit code of the container process is re‐
36 turned.
37 --cascade="background" Must be "background", "orphan", or "fore‐
40 ground". Selects the deletion cascading strategy for the dependents
41 (e.g. Pods created by a ReplicationController). Defaults to background.
42 --command=false If true and extra arguments are present, use them
45 as the 'command' field in the container, rather than the 'args' field
46 which is the default.
47 --dry-run="none" Must be "none", "server", or "client". If client
50 strategy, only print the object that would be sent, without sending it.
51 If server strategy, submit server-side request without persisting the
52 resource.
53 --env=[] Environment variables to set in the container.
56 --expose=false If true, service is created for the container(s)
59 which are run
60 --field-manager="kubectl-run" Name of the manager used to track
63 field ownership.
64 -f, --filename=[] to use to replace the resource.
67 --force=false If true, immediately remove resources from API and
70 bypass graceful deletion. Note that immediate deletion of some re‐
71 sources may result in inconsistency or data loss and requires confirma‐
72 tion.
73 --grace-period=-1 Period of time in seconds given to the resource
76 to terminate gracefully. Ignored if negative. Set to 1 for immediate
77 shutdown. Can only be set to 0 when --force is true (force deletion).
78 --hostport=-1 The host port mapping for the container port. To
81 demonstrate a single-machine container.
82 --image="" The image for the container to run.
85 --image-pull-policy="" The image pull policy for the container. If
88 left empty, this value will not be specified by the client and de‐
89 faulted by the server
90 -k, --kustomize="" Process a kustomization directory. This flag
93 can't be used together with -f or -R.
94 -l, --labels="" Comma separated labels to apply to the pod(s).
97 Will override previous values.
98 --leave-stdin-open=false If the pod is started in interactive mode
101 or with stdin, leave stdin open after the first attach completes. By
102 default, stdin will be closed after the first attach completes.
103 --limits="" The resource requirement limits for this container.
106 For example, 'cpu=200m,memory=512Mi'. Note that server side components
107 may assign limits depending on the server configuration, such as limit
108 ranges.
109 -o, --output="" Output format. One of: json|yaml|name|go-tem‐
112 plate|go-template-file|template|templatefile|jsonpath|json‐
113 path-as-json|jsonpath-file.
114 --overrides="" An inline JSON override for the generated object.
117 If this is non-empty, it is used to override the generated object. Re‐
118 quires that the object supply a valid apiVersion field.
119 --pod-running-timeout=1m0s The length of time (like 5s, 2m, or 3h,
122 higher than zero) to wait until at least one pod is running
123 --port="" The port that this container exposes.
126 --privileged=false If true, run the container in privileged mode.
129 -q, --quiet=false If true, suppress prompt messages.
132 --record=false Record current kubectl command in the resource an‐
135 notation. If set to false, do not record the command. If set to true,
136 record the command. If not set, default to updating the existing anno‐
137 tation value only if one already exists.
138 -R, --recursive=false Process the directory used in -f, --filename
141 recursively. Useful when you want to manage related manifests organized
142 within the same directory.
143 --requests="" The resource requirement requests for this con‐
146 tainer. For example, 'cpu=100m,memory=256Mi'. Note that server side
147 components may assign requests depending on the server configuration,
148 such as limit ranges.
149 --restart="Always" The restart policy for this Pod. Legal values
152 [Always, OnFailure, Never].
153 --rm=false If true, delete resources created in this command for
156 attached containers.
157 --save-config=false If true, the configuration of current object
160 will be saved in its annotation. Otherwise, the annotation will be un‐
161 changed. This flag is useful when you want to perform kubectl apply on
162 this object in the future.
163 --serviceaccount="" Service account to set in the pod spec.
166 --show-managed-fields=false If true, keep the managedFields when
169 printing objects in JSON or YAML format.
170 -i, --stdin=false Keep stdin open on the container(s) in the pod,
173 even if nothing is attached.
174 --template="" Template string or path to template file to use when
177 -o=go-template, -o=go-template-file. The template format is golang tem‐
178 plates [http://golang.org/pkg/text/template/#pkg-overview].
179 --timeout=0s The length of time to wait before giving up on a
182 delete, zero means determine a timeout from the size of the object
183 -t, --tty=false Allocated a TTY for each container in the pod.
186 --wait=false If true, wait for resources to be gone before return‐
189 ing. This waits for finalizers.
190
194 --add-dir-header=false If true, adds the file directory to the
195 header of the log messages
196 --alsologtostderr=false log to standard error as well as files
199 --application-metrics-count-limit=100 Max number of application
202 metrics to store (per container)
203 --as="" Username to impersonate for the operation
206 --as-group=[] Group to impersonate for the operation, this flag
209 can be repeated to specify multiple groups.
210 --azure-container-registry-config="" Path to the file containing
213 Azure container registry configuration information.
214 --boot-id-file="/proc/sys/kernel/random/boot_id" Comma-separated
217 list of files to check for boot-id. Use the first one that exists.
218 --cache-dir="/builddir/.kube/cache" Default cache directory
221 --certificate-authority="" Path to a cert file for the certificate
224 authority
225 --client-certificate="" Path to a client certificate file for TLS
228 --client-key="" Path to a client key file for TLS
231 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
234 CIDRs opened in GCE firewall for L7 LB traffic proxy health
235 checks
236 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
239 CIDRs opened in GCE firewall for L4 LB traffic proxy health
240 checks
241 --cluster="" The name of the kubeconfig cluster to use
244 --container-hints="/etc/cadvisor/container_hints.json" location of
247 the container hints file
248 --containerd="/run/containerd/containerd.sock" containerd endpoint
251 --containerd-namespace="k8s.io" containerd namespace
254 --context="" The name of the kubeconfig context to use
257 --default-not-ready-toleration-seconds=300 Indicates the tolera‐
260 tionSeconds of the toleration for notReady:NoExecute that is added by
261 default to every pod that does not already have such a toleration.
262 --default-unreachable-toleration-seconds=300 Indicates the tolera‐
265 tionSeconds of the toleration for unreachable:NoExecute that is added
266 by default to every pod that does not already have such a toleration.
267 --disable-root-cgroup-stats=false Disable collecting root Cgroup
270 stats
271 --docker="unix:///var/run/docker.sock" docker endpoint
274 --docker-env-metadata-whitelist="" a comma-separated list of envi‐
277 ronment variable keys matched with specified prefix that needs to be
278 collected for docker containers
279 --docker-only=false Only report docker containers in addition to
282 root stats
283 --docker-root="/var/lib/docker" DEPRECATED: docker root is read
286 from docker info (this is a fallback, default: /var/lib/docker)
287 --docker-tls=false use TLS to connect to docker
290 --docker-tls-ca="ca.pem" path to trusted CA
293 --docker-tls-cert="cert.pem" path to client certificate
296 --docker-tls-key="key.pem" path to private key
299 --enable-load-reader=false Whether to enable cpu load reader
302 --event-storage-age-limit="default=0" Max length of time for which
305 to store events (per type). Value is a comma separated list of key val‐
306 ues, where the keys are event types (e.g.: creation, oom) or "default"
307 and the value is a duration. Default is applied to all non-specified
308 event types
309 --event-storage-event-limit="default=0" Max number of events to
312 store (per type). Value is a comma separated list of key values, where
313 the keys are event types (e.g.: creation, oom) or "default" and the
314 value is an integer. Default is applied to all non-specified event
315 types
316 --global-housekeeping-interval=1m0s Interval between global house‐
319 keepings
320 --housekeeping-interval=10s Interval between container housekeep‐
323 ings
324 --insecure-skip-tls-verify=false If true, the server's certificate
327 will not be checked for validity. This will make your HTTPS connections
328 insecure
329 --kubeconfig="" Path to the kubeconfig file to use for CLI re‐
332 quests.
333 --log-backtrace-at=:0 when logging hits line file:N, emit a stack
336 trace
337 --log-cadvisor-usage=false Whether to log the usage of the cAdvi‐
340 sor container
341 --log-dir="" If non-empty, write log files in this directory
344 --log-file="" If non-empty, use this log file
347 --log-file-max-size=1800 Defines the maximum size a log file can
350 grow to. Unit is megabytes. If the value is 0, the maximum file size is
351 unlimited.
352 --log-flush-frequency=5s Maximum number of seconds between log
355 flushes
356 --logtostderr=true log to standard error instead of files
359 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
362 Comma-separated list of files to check for machine-id. Use the
363 first one that exists.
364 --match-server-version=false Require server version to match
367 client version
368 -n, --namespace="" If present, the namespace scope for this CLI
371 request
372 --one-output=false If true, only write logs to their native sever‐
375 ity level (vs also writing to each lower severity level)
376 --password="" Password for basic authentication to the API server
379 --profile="none" Name of profile to capture. One of
382 (none|cpu|heap|goroutine|threadcreate|block|mutex)
383 --profile-output="profile.pprof" Name of the file to write the
386 profile to
387 --referenced-reset-interval=0 Reset interval for referenced bytes
390 (container_referenced_bytes metric), number of measurement cycles after
391 which referenced bytes are cleared, if set to 0 referenced bytes are
392 never cleared (default: 0)
393 --request-timeout="0" The length of time to wait before giving up
396 on a single server request. Non-zero values should contain a corre‐
397 sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
398 out requests.
399 -s, --server="" The address and port of the Kubernetes API server
402 --skip-headers=false If true, avoid header prefixes in the log
405 messages
406 --skip-log-headers=false If true, avoid headers when opening log
409 files
410 --stderrthreshold=2 logs at or above this threshold go to stderr
413 --storage-driver-buffer-duration=1m0s Writes in the storage driver
416 will be buffered for this duration, and committed to the non memory
417 backends as a single transaction
418 --storage-driver-db="cadvisor" database name
421 --storage-driver-host="localhost:8086" database host:port
424 --storage-driver-password="root" database password
427 --storage-driver-secure=false use secure connection with database
430 --storage-driver-table="stats" table name
433 --storage-driver-user="root" database username
436 --tls-server-name="" Server name to use for server certificate
439 validation. If it is not provided, the hostname used to contact the
440 server is used
441 --token="" Bearer token for authentication to the API server
444 --update-machine-info-interval=5m0s Interval between machine info
447 updates.
448 --user="" The name of the kubeconfig user to use
451 --username="" Username for basic authentication to the API server
454 -v, --v=0 number for the log level verbosity
457 --version=false Print version information and quit
460 --vmodule= comma-separated list of pattern=N settings for
463 file-filtered logging
464 --warnings-as-errors=false Treat warnings received from the server
467 as errors and exit with a non-zero exit code
468
472 # Start a nginx pod.
473 kubectl run nginx --image=nginx
474 # Start a hazelcast pod and let the container expose port 5701.
476 kubectl run hazelcast --image=hazelcast/hazelcast --port=5701
477 # Start a hazelcast pod and set environment variables "DNS_DOMAIN=cluster" and "POD_NAMESPACE=default" in the container.
479 kubectl run hazelcast --image=hazelcast/hazelcast --env="DNS_DOMAIN=cluster" --env="POD_NAMESPACE=default"
480 # Start a hazelcast pod and set labels "app=hazelcast" and "env=prod" in the container.
482 kubectl run hazelcast --image=hazelcast/hazelcast --labels="app=hazelcast,env=prod"
483 # Dry run. Print the corresponding API objects without creating them.
485 kubectl run nginx --image=nginx --dry-run=client
486 # Start a nginx pod, but overload the spec with a partial set of values parsed from JSON.
488 kubectl run nginx --image=nginx --overrides='{ "apiVersion": "v1", "spec": { ... } }'
489 # Start a busybox pod and keep it in the foreground, don't restart it if it exits.
491 kubectl run -i -t busybox --image=busybox --restart=Never
492 # Start the nginx pod using the default command, but use custom arguments (arg1 .. argN) for that command.
494 kubectl run nginx --image=nginx -- <arg1> <arg2> ... <argN>
495 # Start the nginx pod using a different command and custom arguments.
497 kubectl run nginx --image=nginx --command -- <cmd> <arg1> ... <argN>
498
503 kubectl(1),
504
508 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
509 com) based on the kubernetes source material, but hopefully they have
510 been automatically generated since!
511Manuals User KUBERNETES(1)(kubernetes)