1KUBERNETES(1)(kubernetes) KUBERNETES(1)(kubernetes)
2Eric Paris Jan 2015
6
9 kubectl apply - Apply a configuration to a resource by filename or
10 stdin
11
15 kubectl apply [OPTIONS]
16
20 Apply a configuration to a resource by filename or stdin. The resource
21 name must be specified. This resource will be created if it doesn't ex‐
22 ist yet. To use 'apply', always create the resource initially with ei‐
23 ther 'apply' or 'create --save-config'.
24 JSON and YAML formats are accepted.
27 Alpha Disclaimer: the --prune functionality is not yet complete. Do not
30 use unless you are aware of what the current state is. See https://is‐
31 sues.k8s.io/34274.
32
36 --all=false Select all resources in the namespace of the specified
37 resource types.
38 --allow-missing-template-keys=true If true, ignore any errors in
41 templates when a field or map key is missing in the template. Only ap‐
42 plies to golang and jsonpath output formats.
43 --cascade="background" Must be "background", "orphan", or "fore‐
46 ground". Selects the deletion cascading strategy for the dependents
47 (e.g. Pods created by a ReplicationController). Defaults to background.
48 --dry-run="none" Must be "none", "server", or "client". If client
51 strategy, only print the object that would be sent, without sending it.
52 If server strategy, submit server-side request without persisting the
53 resource.
54 --field-manager="kubectl-client-side-apply" Name of the manager
57 used to track field ownership.
58 -f, --filename=[] that contains the configuration to apply
61 --force=false If true, immediately remove resources from API and
64 bypass graceful deletion. Note that immediate deletion of some re‐
65 sources may result in inconsistency or data loss and requires confirma‐
66 tion.
67 --force-conflicts=false If true, server-side apply will force the
70 changes against conflicts.
71 --grace-period=-1 Period of time in seconds given to the resource
74 to terminate gracefully. Ignored if negative. Set to 1 for immediate
75 shutdown. Can only be set to 0 when --force is true (force deletion).
76 -k, --kustomize="" Process a kustomization directory. This flag
79 can't be used together with -f or -R.
80 --openapi-patch=true If true, use openapi to calculate diff when
83 the openapi presents and the resource can be found in the openapi spec.
84 Otherwise, fall back to use baked-in types.
85 -o, --output="" Output format. One of: json|yaml|name|go-tem‐
88 plate|go-template-file|template|templatefile|jsonpath|json‐
89 path-as-json|jsonpath-file.
90 --overwrite=true Automatically resolve conflicts between the modi‐
93 fied and live configuration by using values from the modified configu‐
94 ration
95 --prune=false Automatically delete resource objects, including the
98 uninitialized ones, that do not appear in the configs and are created
99 by either apply or create --save-config. Should be used with either -l
100 or --all.
101 --prune-whitelist=[] Overwrite the default whitelist with for
104 --prune
105 --record=false Record current kubectl command in the resource an‐
108 notation. If set to false, do not record the command. If set to true,
109 record the command. If not set, default to updating the existing anno‐
110 tation value only if one already exists.
111 -R, --recursive=false Process the directory used in -f, --filename
114 recursively. Useful when you want to manage related manifests organized
115 within the same directory.
116 -l, --selector="" Selector (label query) to filter on, supports
119 '=', '==', and '!='.(e.g. -l key1=value1,key2=value2)
120 --server-side=false If true, apply runs in the server instead of
123 the client.
124 --show-managed-fields=false If true, keep the managedFields when
127 printing objects in JSON or YAML format.
128 --template="" Template string or path to template file to use when
131 -o=go-template, -o=go-template-file. The template format is golang tem‐
132 plates [http://golang.org/pkg/text/template/#pkg-overview].
133 --timeout=0s The length of time to wait before giving up on a
136 delete, zero means determine a timeout from the size of the object
137 --validate=true If true, use a schema to validate the input before
140 sending it
141 --wait=false If true, wait for resources to be gone before return‐
144 ing. This waits for finalizers.
145
149 --add-dir-header=false If true, adds the file directory to the
150 header of the log messages
151 --alsologtostderr=false log to standard error as well as files
154 --application-metrics-count-limit=100 Max number of application
157 metrics to store (per container)
158 --as="" Username to impersonate for the operation
161 --as-group=[] Group to impersonate for the operation, this flag
164 can be repeated to specify multiple groups.
165 --azure-container-registry-config="" Path to the file containing
168 Azure container registry configuration information.
169 --boot-id-file="/proc/sys/kernel/random/boot_id" Comma-separated
172 list of files to check for boot-id. Use the first one that exists.
173 --cache-dir="/builddir/.kube/cache" Default cache directory
176 --certificate-authority="" Path to a cert file for the certificate
179 authority
180 --client-certificate="" Path to a client certificate file for TLS
183 --client-key="" Path to a client key file for TLS
186 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
189 CIDRs opened in GCE firewall for L7 LB traffic proxy health
190 checks
191 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
194 CIDRs opened in GCE firewall for L4 LB traffic proxy health
195 checks
196 --cluster="" The name of the kubeconfig cluster to use
199 --container-hints="/etc/cadvisor/container_hints.json" location of
202 the container hints file
203 --containerd="/run/containerd/containerd.sock" containerd endpoint
206 --containerd-namespace="k8s.io" containerd namespace
209 --context="" The name of the kubeconfig context to use
212 --default-not-ready-toleration-seconds=300 Indicates the tolera‐
215 tionSeconds of the toleration for notReady:NoExecute that is added by
216 default to every pod that does not already have such a toleration.
217 --default-unreachable-toleration-seconds=300 Indicates the tolera‐
220 tionSeconds of the toleration for unreachable:NoExecute that is added
221 by default to every pod that does not already have such a toleration.
222 --disable-root-cgroup-stats=false Disable collecting root Cgroup
225 stats
226 --docker="unix:///var/run/docker.sock" docker endpoint
229 --docker-env-metadata-whitelist="" a comma-separated list of envi‐
232 ronment variable keys matched with specified prefix that needs to be
233 collected for docker containers
234 --docker-only=false Only report docker containers in addition to
237 root stats
238 --docker-root="/var/lib/docker" DEPRECATED: docker root is read
241 from docker info (this is a fallback, default: /var/lib/docker)
242 --docker-tls=false use TLS to connect to docker
245 --docker-tls-ca="ca.pem" path to trusted CA
248 --docker-tls-cert="cert.pem" path to client certificate
251 --docker-tls-key="key.pem" path to private key
254 --enable-load-reader=false Whether to enable cpu load reader
257 --event-storage-age-limit="default=0" Max length of time for which
260 to store events (per type). Value is a comma separated list of key val‐
261 ues, where the keys are event types (e.g.: creation, oom) or "default"
262 and the value is a duration. Default is applied to all non-specified
263 event types
264 --event-storage-event-limit="default=0" Max number of events to
267 store (per type). Value is a comma separated list of key values, where
268 the keys are event types (e.g.: creation, oom) or "default" and the
269 value is an integer. Default is applied to all non-specified event
270 types
271 --global-housekeeping-interval=1m0s Interval between global house‐
274 keepings
275 --housekeeping-interval=10s Interval between container housekeep‐
278 ings
279 --insecure-skip-tls-verify=false If true, the server's certificate
282 will not be checked for validity. This will make your HTTPS connections
283 insecure
284 --kubeconfig="" Path to the kubeconfig file to use for CLI re‐
287 quests.
288 --log-backtrace-at=:0 when logging hits line file:N, emit a stack
291 trace
292 --log-cadvisor-usage=false Whether to log the usage of the cAdvi‐
295 sor container
296 --log-dir="" If non-empty, write log files in this directory
299 --log-file="" If non-empty, use this log file
302 --log-file-max-size=1800 Defines the maximum size a log file can
305 grow to. Unit is megabytes. If the value is 0, the maximum file size is
306 unlimited.
307 --log-flush-frequency=5s Maximum number of seconds between log
310 flushes
311 --logtostderr=true log to standard error instead of files
314 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
317 Comma-separated list of files to check for machine-id. Use the
318 first one that exists.
319 --match-server-version=false Require server version to match
322 client version
323 -n, --namespace="" If present, the namespace scope for this CLI
326 request
327 --one-output=false If true, only write logs to their native sever‐
330 ity level (vs also writing to each lower severity level)
331 --password="" Password for basic authentication to the API server
334 --profile="none" Name of profile to capture. One of
337 (none|cpu|heap|goroutine|threadcreate|block|mutex)
338 --profile-output="profile.pprof" Name of the file to write the
341 profile to
342 --referenced-reset-interval=0 Reset interval for referenced bytes
345 (container_referenced_bytes metric), number of measurement cycles after
346 which referenced bytes are cleared, if set to 0 referenced bytes are
347 never cleared (default: 0)
348 --request-timeout="0" The length of time to wait before giving up
351 on a single server request. Non-zero values should contain a corre‐
352 sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
353 out requests.
354 -s, --server="" The address and port of the Kubernetes API server
357 --skip-headers=false If true, avoid header prefixes in the log
360 messages
361 --skip-log-headers=false If true, avoid headers when opening log
364 files
365 --stderrthreshold=2 logs at or above this threshold go to stderr
368 --storage-driver-buffer-duration=1m0s Writes in the storage driver
371 will be buffered for this duration, and committed to the non memory
372 backends as a single transaction
373 --storage-driver-db="cadvisor" database name
376 --storage-driver-host="localhost:8086" database host:port
379 --storage-driver-password="root" database password
382 --storage-driver-secure=false use secure connection with database
385 --storage-driver-table="stats" table name
388 --storage-driver-user="root" database username
391 --tls-server-name="" Server name to use for server certificate
394 validation. If it is not provided, the hostname used to contact the
395 server is used
396 --token="" Bearer token for authentication to the API server
399 --update-machine-info-interval=5m0s Interval between machine info
402 updates.
403 --user="" The name of the kubeconfig user to use
406 --username="" Username for basic authentication to the API server
409 -v, --v=0 number for the log level verbosity
412 --version=false Print version information and quit
415 --vmodule= comma-separated list of pattern=N settings for
418 file-filtered logging
419 --warnings-as-errors=false Treat warnings received from the server
422 as errors and exit with a non-zero exit code
423
427 # Apply the configuration in pod.json to a pod.
428 kubectl apply -f ./pod.json
429 # Apply resources from a directory containing kustomization.yaml - e.g. dir/kustomization.yaml.
431 kubectl apply -k dir/
432 # Apply the JSON passed into stdin to a pod.
434 cat pod.json | kubectl apply -f -
435 # Note: --prune is still in Alpha
437 # Apply the configuration in manifest.yaml that matches label app=nginx and delete all the other resources that are not in the file and match label app=nginx.
438 kubectl apply --prune -f manifest.yaml -l app=nginx
439 # Apply the configuration in manifest.yaml and delete all the other configmaps that are not in the file.
441 kubectl apply --prune -f manifest.yaml --all --prune-whitelist=core/v1/ConfigMap
442
447 kubectl(1), kubectl-apply-edit-last-applied(1), kubectl-ap‐
448 ply-set-last-applied(1), kubectl-apply-view-last-applied(1),
449
453 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
454 com) based on the kubernetes source material, but hopefully they have
455 been automatically generated since!
456Manuals User KUBERNETES(1)(kubernetes)