kubectl-create-secret-docker-registry(1)

1KUBERNETES(1)(kubernetes)                            KUBERNETES(1)(kubernetes)
2
3
4
5Eric Paris Jan 2015
6
7

NAME

9       kubectl  create secret docker-registry - Create a secret for use with a
10       Docker registry
11
12
13

SYNOPSIS

15       kubectl create secret docker-registry [OPTIONS]
16
17
18

DESCRIPTION

20       Create a new secret for use with Docker registries.
21
22
23       Dockercfg secrets are used to authenticate against Docker registries.
24
25
26       When using the Docker command line to push images, you can authenticate
27       to a given registry by running:
28         '$ docker login DOCKER_REGISTRY_SERVER --username=DOCKER_USER --pass‐
29       word=DOCKER_PASSWORD --email=DOCKER_EMAIL'.
30
31
32       That produces a ~/.dockercfg file that is used  by  subsequent  'docker
33       push'  and  'docker pull' commands to authenticate to the registry. The
34       email address is optional.
35
36
37       When creating applications, you may have a  Docker  registry  that  re‐
38       quires authentication.  In order for the
39         nodes  to pull images on your behalf, they must have the credentials.
40       You can provide this information
41         by creating a dockercfg secret and attaching it to your  service  ac‐
42       count.
43
44
45

OPTIONS

47       --allow-missing-template-keys=true       If  true, ignore any errors in
48       templates when a field or map key is missing in the template. Only  ap‐
49       plies to golang and jsonpath output formats.
50
51
52       --append-hash=false      Append a hash of the secret to its name.
53
54
55       --docker-email=""      Email for Docker registry
56
57
58       --docker-password=""      Password for Docker registry authentication
59
60
61       --docker-server="https://index.docker.io/v1/"       Server location for
62       Docker registry
63
64
65       --docker-username=""      Username for Docker registry authentication
66
67
68       --dry-run="none"      Must be "none", "server", or "client". If  client
69       strategy, only print the object that would be sent, without sending it.
70       If server strategy, submit server-side request without  persisting  the
71       resource.
72
73
74       --field-manager="kubectl-create"      Name of the manager used to track
75       field ownership.
76
77
78       --from-file=[]      Key files can be specified using their  file  path,
79       in  which case a default name will be given to them, or optionally with
80       a name and file path, in which case the given name will be used.  Spec‐
81       ifying  a  directory will iterate each named file in the directory that
82       is a valid secret key.
83
84
85       -o, --output=""      Output format. One of: (json, yaml, name,  go-tem‐
86       plate, go-template-file, template, templatefile, jsonpath, jsonpath-as-
87       json, jsonpath-file).
88
89
90       --save-config=false      If true, the configuration of  current  object
91       will  be saved in its annotation. Otherwise, the annotation will be un‐
92       changed. This flag is useful when you want to perform kubectl apply  on
93       this object in the future.
94
95
96       --show-managed-fields=false       If  true, keep the managedFields when
97       printing objects in JSON or YAML format.
98
99
100       --template=""      Template string or path to template file to use when
101       -o=go-template, -o=go-template-file. The template format is golang tem‐
102       plates [http://golang.org/pkg/text/template/#pkg-overview].
103
104
105       --validate="strict"      Must be one of: strict (or true), warn, ignore
106       (or false).            "true" or "strict" will use a schema to validate
107       the input and fail the request if invalid. It will perform server  side
108       validation  if  ServerSideFieldValidation is enabled on the api-server,
109       but will fall back to less  reliable  client-side  validation  if  not.
110                 "warn"  will  warn  about unknown or duplicate fields without
111       blocking the request if server-side field validation is enabled on  the
112       API  server,  and  behave  as "ignore" otherwise.            "false" or
113       "ignore" will not perform any schema validation, silently dropping  any
114       unknown or duplicate fields.
115
116
117

OPTIONS INHERITED FROM PARENT COMMANDS

119       --as=""      Username to impersonate for the operation. User could be a
120       regular user or a service account in a namespace.
121
122
123       --as-group=[]      Group to impersonate for the  operation,  this  flag
124       can be repeated to specify multiple groups.
125
126
127       --as-uid=""      UID to impersonate for the operation.
128
129
130       --azure-container-registry-config=""       Path  to the file containing
131       Azure container registry configuration information.
132
133
134       --cache-dir="/builddir/.kube/cache"      Default cache directory
135
136
137       --certificate-authority=""      Path to a cert file for the certificate
138       authority
139
140
141       --client-certificate=""      Path to a client certificate file for TLS
142
143
144       --client-key=""      Path to a client key file for TLS
145
146
147       --cluster=""      The name of the kubeconfig cluster to use
148
149
150       --context=""      The name of the kubeconfig context to use
151
152
153       --disable-compression=false       If true, opt-out of response compres‐
154       sion for all requests to the server
155
156
157       --insecure-skip-tls-verify=false      If true, the server's certificate
158       will not be checked for validity. This will make your HTTPS connections
159       insecure
160
161
162       --kubeconfig=""      Path to the kubeconfig file to  use  for  CLI  re‐
163       quests.
164
165
166       --match-server-version=false        Require  server  version  to  match
167       client version
168
169
170       -n, --namespace=""      If present, the namespace scope  for  this  CLI
171       request
172
173
174       --password=""      Password for basic authentication to the API server
175
176
177       --profile="none"         Name   of   profile   to   capture.   One   of
178       (none|cpu|heap|goroutine|threadcreate|block|mutex)
179
180
181       --profile-output="profile.pprof"      Name of the  file  to  write  the
182       profile to
183
184
185       --request-timeout="0"       The length of time to wait before giving up
186       on a single server request. Non-zero values  should  contain  a  corre‐
187       sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
188       out requests.
189
190
191       -s, --server=""      The address and port of the Kubernetes API server
192
193
194       --tls-server-name=""      Server name to  use  for  server  certificate
195       validation.  If  it  is  not provided, the hostname used to contact the
196       server is used
197
198
199       --token=""      Bearer token for authentication to the API server
200
201
202       --user=""      The name of the kubeconfig user to use
203
204
205       --username=""      Username for basic authentication to the API server
206
207
208       --version=false      Print version information and quit
209
210
211       --warnings-as-errors=false      Treat warnings received from the server
212       as errors and exit with a non-zero exit code
213
214
215

EXAMPLE

217                # If you don't already have a .dockercfg file, you can create a dockercfg secret directly by using:
218                kubectl create secret docker-registry my-secret --docker-server=DOCKER_REGISTRY_SERVER --docker-username=DOCKER_USER --docker-password=DOCKER_PASSWORD --docker-email=DOCKER_EMAIL
219
220                # Create a new secret named my-secret from ~/.docker/config.json
221                kubectl create secret docker-registry my-secret --from-file=.dockerconfigjson=path/to/.docker/config.json
222
223
224
225

HISTORY

232       January  2015,  Originally compiled by Eric Paris (eparis at redhat dot
233       com) based on the kubernetes source material, but hopefully  they  have
234       been automatically generated since!
235
236
237
238Manuals                              User            KUBERNETES(1)(kubernetes)