1OC(1)                              June 2016                             OC(1)
2
3
4

NAME

6       oc secrets - Manage secrets
7
8
9

SYNOPSIS

11       oc secrets [OPTIONS]
12
13
14

DESCRIPTION

16       Manage secrets in your project
17
18
19       Secrets  are  used to store confidential information that should not be
20       contained inside of an image. They are commonly  used  to  hold  things
21       like keys for authentication to other internal systems like Docker reg‐
22       istries.
23
24
25

OPTIONS INHERITED FROM PARENT COMMANDS

27       --allow_verification_with_non_compliant_keys=false
28           Allow  a  SignatureVerifier  to  use  keys  which  are  technically
29       non-compliant with RFC6962.
30
31
32       --alsologtostderr=false
33           log to standard error as well as files
34
35
36       --application_metrics_count_limit=100
37           Max number of application metrics to store (per container)
38
39
40       --as=""
41           Username to impersonate for the operation
42
43
44       --as-group=[]
45           Group  to  impersonate for the operation, this flag can be repeated
46       to specify multiple groups.
47
48
49       --azure-container-registry-config=""
50           Path to the file containing Azure container registry  configuration
51       information.
52
53
54       --boot_id_file="/proc/sys/kernel/random/boot_id"
55           Comma-separated  list  of files to check for boot-id. Use the first
56       one that exists.
57
58
59       --cache-dir="/builddir/.kube/http-cache"
60           Default HTTP cache directory
61
62
63       --certificate-authority=""
64           Path to a cert file for the certificate authority
65
66
67       --client-certificate=""
68           Path to a client certificate file for TLS
69
70
71       --client-key=""
72           Path to a client key file for TLS
73
74
75       --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
76           CIDRs opened in GCE firewall for LB traffic proxy  health checks
77
78
79       --cluster=""
80           The name of the kubeconfig cluster to use
81
82
83       --container_hints="/etc/cadvisor/container_hints.json"
84           location of the container hints file
85
86
87       --containerd="unix:///var/run/containerd.sock"
88           containerd endpoint
89
90
91       --context=""
92           The name of the kubeconfig context to use
93
94
95       --default-not-ready-toleration-seconds=300
96           Indicates    the    tolerationSeconds   of   the   toleration   for
97       notReady:NoExecute that is added by default to every pod that does  not
98       already have such a toleration.
99
100
101       --default-unreachable-toleration-seconds=300
102           Indicates  the  tolerationSeconds  of  the  toleration for unreach‐
103       able:NoExecute that is added by default to  every  pod  that  does  not
104       already have such a toleration.
105
106
107       --docker="unix:///var/run/docker.sock"
108           docker endpoint
109
110
111       --docker-tls=false
112           use TLS to connect to docker
113
114
115       --docker-tls-ca="ca.pem"
116           path to trusted CA
117
118
119       --docker-tls-cert="cert.pem"
120           path to client certificate
121
122
123       --docker-tls-key="key.pem"
124           path to private key
125
126
127       --docker_env_metadata_whitelist=""
128           a  comma-separated  list of environment variable keys that needs to
129       be collected for docker containers
130
131
132       --docker_only=false
133           Only report docker containers in addition to root stats
134
135
136       --docker_root="/var/lib/docker"
137           DEPRECATED: docker root is read from docker info (this is  a  fall‐
138       back, default: /var/lib/docker)
139
140
141       --enable_load_reader=false
142           Whether to enable cpu load reader
143
144
145       --event_storage_age_limit="default=24h"
146           Max length of time for which to store events (per type). Value is a
147       comma separated list of key values, where  the  keys  are  event  types
148       (e.g.: creation, oom) or "default" and the value is a duration. Default
149       is applied to all non-specified event types
150
151
152       --event_storage_event_limit="default=100000"
153           Max number of events to store (per type). Value is  a  comma  sepa‐
154       rated  list  of  key values, where the keys are event types (e.g.: cre‐
155       ation, oom) or "default" and  the  value  is  an  integer.  Default  is
156       applied to all non-specified event types
157
158
159       --global_housekeeping_interval=0
160           Interval between global housekeepings
161
162
163       --housekeeping_interval=0
164           Interval between container housekeepings
165
166
167       --insecure-skip-tls-verify=false
168           If true, the server's certificate will not be checked for validity.
169       This will make your HTTPS connections insecure
170
171
172       --kubeconfig=""
173           Path to the kubeconfig file to use for CLI requests.
174
175
176       --log-flush-frequency=0
177           Maximum number of seconds between log flushes
178
179
180       --log_backtrace_at=:0
181           when logging hits line file:N, emit a stack trace
182
183
184       --log_cadvisor_usage=false
185           Whether to log the usage of the cAdvisor container
186
187
188       --log_dir=""
189           If non-empty, write log files in this directory
190
191
192       --logtostderr=true
193           log to standard error instead of files
194
195
196       --machine_id_file="/etc/machine-id,/var/lib/dbus/machine-id"
197           Comma-separated list of files to  check  for  machine-id.  Use  the
198       first one that exists.
199
200
201       --match-server-version=false
202           Require server version to match client version
203
204
205       -n, --namespace=""
206           If present, the namespace scope for this CLI request
207
208
209       --request-timeout="0"
210           The  length  of  time  to  wait before giving up on a single server
211       request. Non-zero values should contain a corresponding time unit (e.g.
212       1s, 2m, 3h). A value of zero means don't timeout requests.
213
214
215       -s, --server=""
216           The address and port of the Kubernetes API server
217
218
219       --stderrthreshold=2
220           logs at or above this threshold go to stderr
221
222
223       --storage_driver_buffer_duration=0
224           Writes  in  the  storage driver will be buffered for this duration,
225       and committed to the non memory backends as a single transaction
226
227
228       --storage_driver_db="cadvisor"
229           database name
230
231
232       --storage_driver_host="localhost:8086"
233           database host:port
234
235
236       --storage_driver_password="root"
237           database password
238
239
240       --storage_driver_secure=false
241           use secure connection with database
242
243
244       --storage_driver_table="stats"
245           table name
246
247
248       --storage_driver_user="root"
249           database username
250
251
252       --token=""
253           Bearer token for authentication to the API server
254
255
256       --user=""
257           The name of the kubeconfig user to use
258
259
260       -v, --v=0
261           log level for V logs
262
263
264       --version=false
265           Print version information and quit
266
267
268       --vmodule=
269           comma-separated list of pattern=N settings for  file-filtered  log‐
270       ging
271
272
273

SEE ALSO

275       oc(1),    oc-secrets-add(1),   oc-secrets-link(1),   oc-secrets-new(1),
276       oc-secrets-new-basicauth(1),               oc-secrets-new-dockercfg(1),
277       oc-secrets-new-sshauth(1), oc-secrets-unlink(1),
278
279
280

HISTORY

282       June 2016, Ported from the Kubernetes man-doc generator
283
284
285
286Openshift                  Openshift CLI User Manuals                    OC(1)
Impressum