kubectl config
Synopsis
Modify kubeconfig files using subcommands like "kubectl config set current-context my-context".
The loading order follows these rules:
- If the --kubeconfig flag is set, then only that file is loaded. The flag may only be set once and no merging takes place.
- If $KUBECONFIG environment variable is set, then it is used as a list of paths (normal path delimiting rules for your system). These paths are merged. When a value is modified, it is modified in the file that defines the stanza. When a value is created, it is created in the first file that exists. If no files in the chain exist, then it creates the last file in the list.
- Otherwise, ${HOME}/.kube/config is used and no merging takes place.
kubectl config SUBCOMMAND
Options
| -h, --help |
| help for config |
| --kubeconfig string |
| use a particular kubeconfig file |
| --as string |
| Username to impersonate for the operation. User could be a regular user or a service account in a namespace. |
| --as-group strings |
| Group to impersonate for the operation, this flag can be repeated to specify multiple groups. |
| --as-uid string |
| UID to impersonate for the operation. |
| --cache-dir string Default: "$HOME/.kube/cache" |
| Default cache directory |
| --certificate-authority string |
| Path to a cert file for the certificate authority |
| --client-certificate string |
| Path to a client certificate file for TLS |
| --client-key string |
| Path to a client key file for TLS |
| --cluster string |
| The name of the kubeconfig cluster to use |
| --context string |
| The name of the kubeconfig context to use |
| --default-not-ready-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --default-unreachable-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --disable-compression |
| If true, opt-out of response compression for all requests to the server |
| --insecure-skip-tls-verify |
| If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure |
| --match-server-version |
| Require server version to match client version |
| -n, --namespace string |
| If present, the namespace scope for this CLI request |
| --password string |
| Password for basic authentication to the API server |
| --profile string Default: "none" |
| Name of profile to capture. One of (none|cpu|heap|goroutine|threadcreate|block|mutex) |
| --profile-output string Default: "profile.pprof" |
| Name of the file to write the profile to |
| --request-timeout string Default: "0" |
| The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. |
| -s, --server string |
| The address and port of the Kubernetes API server |
| --storage-driver-buffer-duration duration Default: 1m0s |
| Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction |
| --storage-driver-db string Default: "cadvisor" |
| database name |
| --storage-driver-host string Default: "localhost:8086" |
| database host:port |
| --storage-driver-password string Default: "root" |
| database password |
| --storage-driver-secure |
| use secure connection with database |
| --storage-driver-table string Default: "stats" |
| table name |
| --storage-driver-user string Default: "root" |
| database username |
| --tls-server-name string |
| Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used |
| --token string |
| Bearer token for authentication to the API server |
| --user string |
| The name of the kubeconfig user to use |
| --username string |
| Username for basic authentication to the API server |
| --version version[=true] |
| --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version |
| --warnings-as-errors |
| Treat warnings received from the server as errors and exit with a non-zero exit code |
See Also
1 - kubectl config current-context
Synopsis
Display the current-context.
kubectl config current-context [flags]
Examples
# Display the current-context
kubectl config current-context
Options
| -h, --help |
| help for current-context |
| --as string |
| Username to impersonate for the operation. User could be a regular user or a service account in a namespace. |
| --as-group strings |
| Group to impersonate for the operation, this flag can be repeated to specify multiple groups. |
| --as-uid string |
| UID to impersonate for the operation. |
| --cache-dir string Default: "$HOME/.kube/cache" |
| Default cache directory |
| --certificate-authority string |
| Path to a cert file for the certificate authority |
| --client-certificate string |
| Path to a client certificate file for TLS |
| --client-key string |
| Path to a client key file for TLS |
| --cluster string |
| The name of the kubeconfig cluster to use |
| --context string |
| The name of the kubeconfig context to use |
| --default-not-ready-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --default-unreachable-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --disable-compression |
| If true, opt-out of response compression for all requests to the server |
| --insecure-skip-tls-verify |
| If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure |
| --kubeconfig string |
| use a particular kubeconfig file |
| --match-server-version |
| Require server version to match client version |
| -n, --namespace string |
| If present, the namespace scope for this CLI request |
| --password string |
| Password for basic authentication to the API server |
| --profile string Default: "none" |
| Name of profile to capture. One of (none|cpu|heap|goroutine|threadcreate|block|mutex) |
| --profile-output string Default: "profile.pprof" |
| Name of the file to write the profile to |
| --request-timeout string Default: "0" |
| The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. |
| -s, --server string |
| The address and port of the Kubernetes API server |
| --storage-driver-buffer-duration duration Default: 1m0s |
| Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction |
| --storage-driver-db string Default: "cadvisor" |
| database name |
| --storage-driver-host string Default: "localhost:8086" |
| database host:port |
| --storage-driver-password string Default: "root" |
| database password |
| --storage-driver-secure |
| use secure connection with database |
| --storage-driver-table string Default: "stats" |
| table name |
| --storage-driver-user string Default: "root" |
| database username |
| --tls-server-name string |
| Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used |
| --token string |
| Bearer token for authentication to the API server |
| --user string |
| The name of the kubeconfig user to use |
| --username string |
| Username for basic authentication to the API server |
| --version version[=true] |
| --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version |
| --warnings-as-errors |
| Treat warnings received from the server as errors and exit with a non-zero exit code |
See Also
2 - kubectl config delete-cluster
Synopsis
Delete the specified cluster from the kubeconfig.
kubectl config delete-cluster NAME
Examples
# Delete the minikube cluster
kubectl config delete-cluster minikube
Options
| -h, --help |
| help for delete-cluster |
| --as string |
| Username to impersonate for the operation. User could be a regular user or a service account in a namespace. |
| --as-group strings |
| Group to impersonate for the operation, this flag can be repeated to specify multiple groups. |
| --as-uid string |
| UID to impersonate for the operation. |
| --cache-dir string Default: "$HOME/.kube/cache" |
| Default cache directory |
| --certificate-authority string |
| Path to a cert file for the certificate authority |
| --client-certificate string |
| Path to a client certificate file for TLS |
| --client-key string |
| Path to a client key file for TLS |
| --cluster string |
| The name of the kubeconfig cluster to use |
| --context string |
| The name of the kubeconfig context to use |
| --default-not-ready-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --default-unreachable-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --disable-compression |
| If true, opt-out of response compression for all requests to the server |
| --insecure-skip-tls-verify |
| If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure |
| --kubeconfig string |
| use a particular kubeconfig file |
| --match-server-version |
| Require server version to match client version |
| -n, --namespace string |
| If present, the namespace scope for this CLI request |
| --password string |
| Password for basic authentication to the API server |
| --profile string Default: "none" |
| Name of profile to capture. One of (none|cpu|heap|goroutine|threadcreate|block|mutex) |
| --profile-output string Default: "profile.pprof" |
| Name of the file to write the profile to |
| --request-timeout string Default: "0" |
| The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. |
| -s, --server string |
| The address and port of the Kubernetes API server |
| --storage-driver-buffer-duration duration Default: 1m0s |
| Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction |
| --storage-driver-db string Default: "cadvisor" |
| database name |
| --storage-driver-host string Default: "localhost:8086" |
| database host:port |
| --storage-driver-password string Default: "root" |
| database password |
| --storage-driver-secure |
| use secure connection with database |
| --storage-driver-table string Default: "stats" |
| table name |
| --storage-driver-user string Default: "root" |
| database username |
| --tls-server-name string |
| Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used |
| --token string |
| Bearer token for authentication to the API server |
| --user string |
| The name of the kubeconfig user to use |
| --username string |
| Username for basic authentication to the API server |
| --version version[=true] |
| --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version |
| --warnings-as-errors |
| Treat warnings received from the server as errors and exit with a non-zero exit code |
See Also
3 - kubectl config delete-context
Synopsis
Delete the specified context from the kubeconfig.
kubectl config delete-context NAME
Examples
# Delete the context for the minikube cluster
kubectl config delete-context minikube
Options
| -h, --help |
| help for delete-context |
| --as string |
| Username to impersonate for the operation. User could be a regular user or a service account in a namespace. |
| --as-group strings |
| Group to impersonate for the operation, this flag can be repeated to specify multiple groups. |
| --as-uid string |
| UID to impersonate for the operation. |
| --cache-dir string Default: "$HOME/.kube/cache" |
| Default cache directory |
| --certificate-authority string |
| Path to a cert file for the certificate authority |
| --client-certificate string |
| Path to a client certificate file for TLS |
| --client-key string |
| Path to a client key file for TLS |
| --cluster string |
| The name of the kubeconfig cluster to use |
| --context string |
| The name of the kubeconfig context to use |
| --default-not-ready-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --default-unreachable-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --disable-compression |
| If true, opt-out of response compression for all requests to the server |
| --insecure-skip-tls-verify |
| If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure |
| --kubeconfig string |
| use a particular kubeconfig file |
| --match-server-version |
| Require server version to match client version |
| -n, --namespace string |
| If present, the namespace scope for this CLI request |
| --password string |
| Password for basic authentication to the API server |
| --profile string Default: "none" |
| Name of profile to capture. One of (none|cpu|heap|goroutine|threadcreate|block|mutex) |
| --profile-output string Default: "profile.pprof" |
| Name of the file to write the profile to |
| --request-timeout string Default: "0" |
| The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. |
| -s, --server string |
| The address and port of the Kubernetes API server |
| --storage-driver-buffer-duration duration Default: 1m0s |
| Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction |
| --storage-driver-db string Default: "cadvisor" |
| database name |
| --storage-driver-host string Default: "localhost:8086" |
| database host:port |
| --storage-driver-password string Default: "root" |
| database password |
| --storage-driver-secure |
| use secure connection with database |
| --storage-driver-table string Default: "stats" |
| table name |
| --storage-driver-user string Default: "root" |
| database username |
| --tls-server-name string |
| Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used |
| --token string |
| Bearer token for authentication to the API server |
| --user string |
| The name of the kubeconfig user to use |
| --username string |
| Username for basic authentication to the API server |
| --version version[=true] |
| --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version |
| --warnings-as-errors |
| Treat warnings received from the server as errors and exit with a non-zero exit code |
See Also
4 - kubectl config delete-user
Synopsis
Delete the specified user from the kubeconfig.
kubectl config delete-user NAME
Examples
# Delete the minikube user
kubectl config delete-user minikube
Options
| -h, --help |
| help for delete-user |
| --as string |
| Username to impersonate for the operation. User could be a regular user or a service account in a namespace. |
| --as-group strings |
| Group to impersonate for the operation, this flag can be repeated to specify multiple groups. |
| --as-uid string |
| UID to impersonate for the operation. |
| --cache-dir string Default: "$HOME/.kube/cache" |
| Default cache directory |
| --certificate-authority string |
| Path to a cert file for the certificate authority |
| --client-certificate string |
| Path to a client certificate file for TLS |
| --client-key string |
| Path to a client key file for TLS |
| --cluster string |
| The name of the kubeconfig cluster to use |
| --context string |
| The name of the kubeconfig context to use |
| --default-not-ready-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --default-unreachable-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --disable-compression |
| If true, opt-out of response compression for all requests to the server |
| --insecure-skip-tls-verify |
| If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure |
| --kubeconfig string |
| use a particular kubeconfig file |
| --match-server-version |
| Require server version to match client version |
| -n, --namespace string |
| If present, the namespace scope for this CLI request |
| --password string |
| Password for basic authentication to the API server |
| --profile string Default: "none" |
| Name of profile to capture. One of (none|cpu|heap|goroutine|threadcreate|block|mutex) |
| --profile-output string Default: "profile.pprof" |
| Name of the file to write the profile to |
| --request-timeout string Default: "0" |
| The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. |
| -s, --server string |
| The address and port of the Kubernetes API server |
| --storage-driver-buffer-duration duration Default: 1m0s |
| Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction |
| --storage-driver-db string Default: "cadvisor" |
| database name |
| --storage-driver-host string Default: "localhost:8086" |
| database host:port |
| --storage-driver-password string Default: "root" |
| database password |
| --storage-driver-secure |
| use secure connection with database |
| --storage-driver-table string Default: "stats" |
| table name |
| --storage-driver-user string Default: "root" |
| database username |
| --tls-server-name string |
| Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used |
| --token string |
| Bearer token for authentication to the API server |
| --user string |
| The name of the kubeconfig user to use |
| --username string |
| Username for basic authentication to the API server |
| --version version[=true] |
| --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version |
| --warnings-as-errors |
| Treat warnings received from the server as errors and exit with a non-zero exit code |
See Also
5 - kubectl config get-clusters
Synopsis
Display clusters defined in the kubeconfig.
kubectl config get-clusters [flags]
Examples
# List the clusters that kubectl knows about
kubectl config get-clusters
Options
| -h, --help |
| help for get-clusters |
| --as string |
| Username to impersonate for the operation. User could be a regular user or a service account in a namespace. |
| --as-group strings |
| Group to impersonate for the operation, this flag can be repeated to specify multiple groups. |
| --as-uid string |
| UID to impersonate for the operation. |
| --cache-dir string Default: "$HOME/.kube/cache" |
| Default cache directory |
| --certificate-authority string |
| Path to a cert file for the certificate authority |
| --client-certificate string |
| Path to a client certificate file for TLS |
| --client-key string |
| Path to a client key file for TLS |
| --cluster string |
| The name of the kubeconfig cluster to use |
| --context string |
| The name of the kubeconfig context to use |
| --default-not-ready-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --default-unreachable-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --disable-compression |
| If true, opt-out of response compression for all requests to the server |
| --insecure-skip-tls-verify |
| If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure |
| --kubeconfig string |
| use a particular kubeconfig file |
| --match-server-version |
| Require server version to match client version |
| -n, --namespace string |
| If present, the namespace scope for this CLI request |
| --password string |
| Password for basic authentication to the API server |
| --profile string Default: "none" |
| Name of profile to capture. One of (none|cpu|heap|goroutine|threadcreate|block|mutex) |
| --profile-output string Default: "profile.pprof" |
| Name of the file to write the profile to |
| --request-timeout string Default: "0" |
| The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. |
| -s, --server string |
| The address and port of the Kubernetes API server |
| --storage-driver-buffer-duration duration Default: 1m0s |
| Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction |
| --storage-driver-db string Default: "cadvisor" |
| database name |
| --storage-driver-host string Default: "localhost:8086" |
| database host:port |
| --storage-driver-password string Default: "root" |
| database password |
| --storage-driver-secure |
| use secure connection with database |
| --storage-driver-table string Default: "stats" |
| table name |
| --storage-driver-user string Default: "root" |
| database username |
| --tls-server-name string |
| Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used |
| --token string |
| Bearer token for authentication to the API server |
| --user string |
| The name of the kubeconfig user to use |
| --username string |
| Username for basic authentication to the API server |
| --version version[=true] |
| --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version |
| --warnings-as-errors |
| Treat warnings received from the server as errors and exit with a non-zero exit code |
See Also
6 - kubectl config get-contexts
Synopsis
Display one or many contexts from the kubeconfig file.
kubectl config get-contexts [(-o|--output=)name)]
Examples
# List all the contexts in your kubeconfig file
kubectl config get-contexts
# Describe one context in your kubeconfig file
kubectl config get-contexts my-context
Options
| -h, --help |
| help for get-contexts |
| --no-headers |
| When using the default or custom-column output format, don't print headers (default print headers). |
| -o, --output string |
| Output format. One of: (name). |
| --as string |
| Username to impersonate for the operation. User could be a regular user or a service account in a namespace. |
| --as-group strings |
| Group to impersonate for the operation, this flag can be repeated to specify multiple groups. |
| --as-uid string |
| UID to impersonate for the operation. |
| --cache-dir string Default: "$HOME/.kube/cache" |
| Default cache directory |
| --certificate-authority string |
| Path to a cert file for the certificate authority |
| --client-certificate string |
| Path to a client certificate file for TLS |
| --client-key string |
| Path to a client key file for TLS |
| --cluster string |
| The name of the kubeconfig cluster to use |
| --context string |
| The name of the kubeconfig context to use |
| --default-not-ready-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --default-unreachable-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --disable-compression |
| If true, opt-out of response compression for all requests to the server |
| --insecure-skip-tls-verify |
| If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure |
| --kubeconfig string |
| use a particular kubeconfig file |
| --match-server-version |
| Require server version to match client version |
| -n, --namespace string |
| If present, the namespace scope for this CLI request |
| --password string |
| Password for basic authentication to the API server |
| --profile string Default: "none" |
| Name of profile to capture. One of (none|cpu|heap|goroutine|threadcreate|block|mutex) |
| --profile-output string Default: "profile.pprof" |
| Name of the file to write the profile to |
| --request-timeout string Default: "0" |
| The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. |
| -s, --server string |
| The address and port of the Kubernetes API server |
| --storage-driver-buffer-duration duration Default: 1m0s |
| Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction |
| --storage-driver-db string Default: "cadvisor" |
| database name |
| --storage-driver-host string Default: "localhost:8086" |
| database host:port |
| --storage-driver-password string Default: "root" |
| database password |
| --storage-driver-secure |
| use secure connection with database |
| --storage-driver-table string Default: "stats" |
| table name |
| --storage-driver-user string Default: "root" |
| database username |
| --tls-server-name string |
| Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used |
| --token string |
| Bearer token for authentication to the API server |
| --user string |
| The name of the kubeconfig user to use |
| --username string |
| Username for basic authentication to the API server |
| --version version[=true] |
| --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version |
| --warnings-as-errors |
| Treat warnings received from the server as errors and exit with a non-zero exit code |
See Also
7 - kubectl config get-users
Synopsis
Display users defined in the kubeconfig.
kubectl config get-users [flags]
Examples
# List the users that kubectl knows about
kubectl config get-users
Options
| -h, --help |
| help for get-users |
| --as string |
| Username to impersonate for the operation. User could be a regular user or a service account in a namespace. |
| --as-group strings |
| Group to impersonate for the operation, this flag can be repeated to specify multiple groups. |
| --as-uid string |
| UID to impersonate for the operation. |
| --cache-dir string Default: "$HOME/.kube/cache" |
| Default cache directory |
| --certificate-authority string |
| Path to a cert file for the certificate authority |
| --client-certificate string |
| Path to a client certificate file for TLS |
| --client-key string |
| Path to a client key file for TLS |
| --cluster string |
| The name of the kubeconfig cluster to use |
| --context string |
| The name of the kubeconfig context to use |
| --default-not-ready-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --default-unreachable-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --disable-compression |
| If true, opt-out of response compression for all requests to the server |
| --insecure-skip-tls-verify |
| If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure |
| --kubeconfig string |
| use a particular kubeconfig file |
| --match-server-version |
| Require server version to match client version |
| -n, --namespace string |
| If present, the namespace scope for this CLI request |
| --password string |
| Password for basic authentication to the API server |
| --profile string Default: "none" |
| Name of profile to capture. One of (none|cpu|heap|goroutine|threadcreate|block|mutex) |
| --profile-output string Default: "profile.pprof" |
| Name of the file to write the profile to |
| --request-timeout string Default: "0" |
| The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. |
| -s, --server string |
| The address and port of the Kubernetes API server |
| --storage-driver-buffer-duration duration Default: 1m0s |
| Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction |
| --storage-driver-db string Default: "cadvisor" |
| database name |
| --storage-driver-host string Default: "localhost:8086" |
| database host:port |
| --storage-driver-password string Default: "root" |
| database password |
| --storage-driver-secure |
| use secure connection with database |
| --storage-driver-table string Default: "stats" |
| table name |
| --storage-driver-user string Default: "root" |
| database username |
| --tls-server-name string |
| Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used |
| --token string |
| Bearer token for authentication to the API server |
| --user string |
| The name of the kubeconfig user to use |
| --username string |
| Username for basic authentication to the API server |
| --version version[=true] |
| --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version |
| --warnings-as-errors |
| Treat warnings received from the server as errors and exit with a non-zero exit code |
See Also
8 - kubectl config rename-context
Synopsis
Renames a context from the kubeconfig file.
CONTEXT_NAME is the context name that you want to change.
NEW_NAME is the new name you want to set.
Note: If the context being renamed is the 'current-context', this field will also be updated.
kubectl config rename-context CONTEXT_NAME NEW_NAME
Examples
# Rename the context 'old-name' to 'new-name' in your kubeconfig file
kubectl config rename-context old-name new-name
Options
| -h, --help |
| help for rename-context |
| --as string |
| Username to impersonate for the operation. User could be a regular user or a service account in a namespace. |
| --as-group strings |
| Group to impersonate for the operation, this flag can be repeated to specify multiple groups. |
| --as-uid string |
| UID to impersonate for the operation. |
| --cache-dir string Default: "$HOME/.kube/cache" |
| Default cache directory |
| --certificate-authority string |
| Path to a cert file for the certificate authority |
| --client-certificate string |
| Path to a client certificate file for TLS |
| --client-key string |
| Path to a client key file for TLS |
| --cluster string |
| The name of the kubeconfig cluster to use |
| --context string |
| The name of the kubeconfig context to use |
| --default-not-ready-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --default-unreachable-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --disable-compression |
| If true, opt-out of response compression for all requests to the server |
| --insecure-skip-tls-verify |
| If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure |
| --kubeconfig string |
| use a particular kubeconfig file |
| --match-server-version |
| Require server version to match client version |
| -n, --namespace string |
| If present, the namespace scope for this CLI request |
| --password string |
| Password for basic authentication to the API server |
| --profile string Default: "none" |
| Name of profile to capture. One of (none|cpu|heap|goroutine|threadcreate|block|mutex) |
| --profile-output string Default: "profile.pprof" |
| Name of the file to write the profile to |
| --request-timeout string Default: "0" |
| The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. |
| -s, --server string |
| The address and port of the Kubernetes API server |
| --storage-driver-buffer-duration duration Default: 1m0s |
| Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction |
| --storage-driver-db string Default: "cadvisor" |
| database name |
| --storage-driver-host string Default: "localhost:8086" |
| database host:port |
| --storage-driver-password string Default: "root" |
| database password |
| --storage-driver-secure |
| use secure connection with database |
| --storage-driver-table string Default: "stats" |
| table name |
| --storage-driver-user string Default: "root" |
| database username |
| --tls-server-name string |
| Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used |
| --token string |
| Bearer token for authentication to the API server |
| --user string |
| The name of the kubeconfig user to use |
| --username string |
| Username for basic authentication to the API server |
| --version version[=true] |
| --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version |
| --warnings-as-errors |
| Treat warnings received from the server as errors and exit with a non-zero exit code |
See Also
9 - kubectl config set
Synopsis
Set an individual value in a kubeconfig file.
PROPERTY_NAME is a dot delimited name where each token represents either an attribute name or a map key. Map keys may not contain dots.
PROPERTY_VALUE is the new value you want to set. Binary fields such as 'certificate-authority-data' expect a base64 encoded string unless the --set-raw-bytes flag is used.
Specifying an attribute name that already exists will merge new fields on top of existing values.
kubectl config set PROPERTY_NAME PROPERTY_VALUE
Examples
# Set the server field on the my-cluster cluster to https://1.2.3.4
kubectl config set clusters.my-cluster.server https://1.2.3.4
# Set the certificate-authority-data field on the my-cluster cluster
kubectl config set clusters.my-cluster.certificate-authority-data $(echo "cert_data_here" | base64 -i -)
# Set the cluster field in the my-context context to my-cluster
kubectl config set contexts.my-context.cluster my-cluster
# Set the client-key-data field in the cluster-admin user using --set-raw-bytes option
kubectl config set users.cluster-admin.client-key-data cert_data_here --set-raw-bytes=true
Options
| -h, --help |
| help for set |
| --set-raw-bytes tristate[=true] |
| When writing a []byte PROPERTY_VALUE, write the given string directly without base64 decoding. |
| --as string |
| Username to impersonate for the operation. User could be a regular user or a service account in a namespace. |
| --as-group strings |
| Group to impersonate for the operation, this flag can be repeated to specify multiple groups. |
| --as-uid string |
| UID to impersonate for the operation. |
| --cache-dir string Default: "$HOME/.kube/cache" |
| Default cache directory |
| --certificate-authority string |
| Path to a cert file for the certificate authority |
| --client-certificate string |
| Path to a client certificate file for TLS |
| --client-key string |
| Path to a client key file for TLS |
| --cluster string |
| The name of the kubeconfig cluster to use |
| --context string |
| The name of the kubeconfig context to use |
| --default-not-ready-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --default-unreachable-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --disable-compression |
| If true, opt-out of response compression for all requests to the server |
| --insecure-skip-tls-verify |
| If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure |
| --kubeconfig string |
| use a particular kubeconfig file |
| --match-server-version |
| Require server version to match client version |
| -n, --namespace string |
| If present, the namespace scope for this CLI request |
| --password string |
| Password for basic authentication to the API server |
| --profile string Default: "none" |
| Name of profile to capture. One of (none|cpu|heap|goroutine|threadcreate|block|mutex) |
| --profile-output string Default: "profile.pprof" |
| Name of the file to write the profile to |
| --request-timeout string Default: "0" |
| The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. |
| -s, --server string |
| The address and port of the Kubernetes API server |
| --storage-driver-buffer-duration duration Default: 1m0s |
| Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction |
| --storage-driver-db string Default: "cadvisor" |
| database name |
| --storage-driver-host string Default: "localhost:8086" |
| database host:port |
| --storage-driver-password string Default: "root" |
| database password |
| --storage-driver-secure |
| use secure connection with database |
| --storage-driver-table string Default: "stats" |
| table name |
| --storage-driver-user string Default: "root" |
| database username |
| --tls-server-name string |
| Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used |
| --token string |
| Bearer token for authentication to the API server |
| --user string |
| The name of the kubeconfig user to use |
| --username string |
| Username for basic authentication to the API server |
| --version version[=true] |
| --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version |
| --warnings-as-errors |
| Treat warnings received from the server as errors and exit with a non-zero exit code |
See Also
10 - kubectl config set-cluster
Synopsis
Set a cluster entry in kubeconfig.
Specifying a name that already exists will merge new fields on top of existing values for those fields.
kubectl config set-cluster NAME [--server=server] [--certificate-authority=path/to/certificate/authority] [--insecure-skip-tls-verify=true] [--tls-server-name=example.com]
Examples
# Set only the server field on the e2e cluster entry without touching other values
kubectl config set-cluster e2e --server=https://1.2.3.4
# Embed certificate authority data for the e2e cluster entry
kubectl config set-cluster e2e --embed-certs --certificate-authority=~/.kube/e2e/kubernetes.ca.crt
# Disable cert checking for the e2e cluster entry
kubectl config set-cluster e2e --insecure-skip-tls-verify=true
# Set the custom TLS server name to use for validation for the e2e cluster entry
kubectl config set-cluster e2e --tls-server-name=my-cluster-name
# Set the proxy URL for the e2e cluster entry
kubectl config set-cluster e2e --proxy-url=https://1.2.3.4
Options
| --certificate-authority string |
| Path to certificate-authority file for the cluster entry in kubeconfig |
| --embed-certs tristate[=true] |
| embed-certs for the cluster entry in kubeconfig |
| -h, --help |
| help for set-cluster |
| --insecure-skip-tls-verify tristate[=true] |
| insecure-skip-tls-verify for the cluster entry in kubeconfig |
| --proxy-url string |
| proxy-url for the cluster entry in kubeconfig |
| --server string |
| server for the cluster entry in kubeconfig |
| --tls-server-name string |
| tls-server-name for the cluster entry in kubeconfig |
| --as string |
| Username to impersonate for the operation. User could be a regular user or a service account in a namespace. |
| --as-group strings |
| Group to impersonate for the operation, this flag can be repeated to specify multiple groups. |
| --as-uid string |
| UID to impersonate for the operation. |
| --cache-dir string Default: "$HOME/.kube/cache" |
| Default cache directory |
| --client-certificate string |
| Path to a client certificate file for TLS |
| --client-key string |
| Path to a client key file for TLS |
| --cluster string |
| The name of the kubeconfig cluster to use |
| --context string |
| The name of the kubeconfig context to use |
| --default-not-ready-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --default-unreachable-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --disable-compression |
| If true, opt-out of response compression for all requests to the server |
| --kubeconfig string |
| use a particular kubeconfig file |
| --match-server-version |
| Require server version to match client version |
| -n, --namespace string |
| If present, the namespace scope for this CLI request |
| --password string |
| Password for basic authentication to the API server |
| --profile string Default: "none" |
| Name of profile to capture. One of (none|cpu|heap|goroutine|threadcreate|block|mutex) |
| --profile-output string Default: "profile.pprof" |
| Name of the file to write the profile to |
| --request-timeout string Default: "0" |
| The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. |
| --storage-driver-buffer-duration duration Default: 1m0s |
| Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction |
| --storage-driver-db string Default: "cadvisor" |
| database name |
| --storage-driver-host string Default: "localhost:8086" |
| database host:port |
| --storage-driver-password string Default: "root" |
| database password |
| --storage-driver-secure |
| use secure connection with database |
| --storage-driver-table string Default: "stats" |
| table name |
| --storage-driver-user string Default: "root" |
| database username |
| --token string |
| Bearer token for authentication to the API server |
| --user string |
| The name of the kubeconfig user to use |
| --username string |
| Username for basic authentication to the API server |
| --version version[=true] |
| --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version |
| --warnings-as-errors |
| Treat warnings received from the server as errors and exit with a non-zero exit code |
See Also
11 - kubectl config set-context
Synopsis
Set a context entry in kubeconfig.
Specifying a name that already exists will merge new fields on top of existing values for those fields.
kubectl config set-context [NAME | --current] [--cluster=cluster_nickname] [--user=user_nickname] [--namespace=namespace]
Examples
# Set the user field on the gce context entry without touching other values
kubectl config set-context gce --user=cluster-admin
Options
| --cluster string |
| cluster for the context entry in kubeconfig |
| --current |
| Modify the current context |
| -h, --help |
| help for set-context |
| --namespace string |
| namespace for the context entry in kubeconfig |
| --user string |
| user for the context entry in kubeconfig |
| --as string |
| Username to impersonate for the operation. User could be a regular user or a service account in a namespace. |
| --as-group strings |
| Group to impersonate for the operation, this flag can be repeated to specify multiple groups. |
| --as-uid string |
| UID to impersonate for the operation. |
| --cache-dir string Default: "$HOME/.kube/cache" |
| Default cache directory |
| --certificate-authority string |
| Path to a cert file for the certificate authority |
| --client-certificate string |
| Path to a client certificate file for TLS |
| --client-key string |
| Path to a client key file for TLS |
| --context string |
| The name of the kubeconfig context to use |
| --default-not-ready-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --default-unreachable-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --disable-compression |
| If true, opt-out of response compression for all requests to the server |
| --insecure-skip-tls-verify |
| If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure |
| --kubeconfig string |
| use a particular kubeconfig file |
| --match-server-version |
| Require server version to match client version |
| --password string |
| Password for basic authentication to the API server |
| --profile string Default: "none" |
| Name of profile to capture. One of (none|cpu|heap|goroutine|threadcreate|block|mutex) |
| --profile-output string Default: "profile.pprof" |
| Name of the file to write the profile to |
| --request-timeout string Default: "0" |
| The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. |
| -s, --server string |
| The address and port of the Kubernetes API server |
| --storage-driver-buffer-duration duration Default: 1m0s |
| Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction |
| --storage-driver-db string Default: "cadvisor" |
| database name |
| --storage-driver-host string Default: "localhost:8086" |
| database host:port |
| --storage-driver-password string Default: "root" |
| database password |
| --storage-driver-secure |
| use secure connection with database |
| --storage-driver-table string Default: "stats" |
| table name |
| --storage-driver-user string Default: "root" |
| database username |
| --tls-server-name string |
| Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used |
| --token string |
| Bearer token for authentication to the API server |
| --username string |
| Username for basic authentication to the API server |
| --version version[=true] |
| --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version |
| --warnings-as-errors |
| Treat warnings received from the server as errors and exit with a non-zero exit code |
See Also
12 - kubectl config set-credentials
Synopsis
Set a user entry in kubeconfig.
Specifying a name that already exists will merge new fields on top of existing values.
Client-certificate flags:
--client-certificate=certfile --client-key=keyfile
Bearer token flags:
--token=bearer_token
Basic auth flags:
--username=basic_user --password=basic_password
Bearer token and basic auth are mutually exclusive.
kubectl config set-credentials NAME [--client-certificate=path/to/certfile] [--client-key=path/to/keyfile] [--token=bearer_token] [--username=basic_user] [--password=basic_password] [--auth-provider=provider_name] [--auth-provider-arg=key=value] [--exec-command=exec_command] [--exec-api-version=exec_api_version] [--exec-arg=arg] [--exec-env=key=value]
Examples
# Set only the "client-key" field on the "cluster-admin"
# entry, without touching other values
kubectl config set-credentials cluster-admin --client-key=~/.kube/admin.key
# Set basic auth for the "cluster-admin" entry
kubectl config set-credentials cluster-admin --username=admin --password=uXFGweU9l35qcif
# Embed client certificate data in the "cluster-admin" entry
kubectl config set-credentials cluster-admin --client-certificate=~/.kube/admin.crt --embed-certs=true
# Enable the Google Compute Platform auth provider for the "cluster-admin" entry
kubectl config set-credentials cluster-admin --auth-provider=gcp
# Enable the OpenID Connect auth provider for the "cluster-admin" entry with additional arguments
kubectl config set-credentials cluster-admin --auth-provider=oidc --auth-provider-arg=client-id=foo --auth-provider-arg=client-secret=bar
# Remove the "client-secret" config value for the OpenID Connect auth provider for the "cluster-admin" entry
kubectl config set-credentials cluster-admin --auth-provider=oidc --auth-provider-arg=client-secret-
# Enable new exec auth plugin for the "cluster-admin" entry
kubectl config set-credentials cluster-admin --exec-command=/path/to/the/executable --exec-api-version=client.authentication.k8s.io/v1beta1
# Enable new exec auth plugin for the "cluster-admin" entry with interactive mode
kubectl config set-credentials cluster-admin --exec-command=/path/to/the/executable --exec-api-version=client.authentication.k8s.io/v1beta1 --exec-interactive-mode=Never
# Define new exec auth plugin arguments for the "cluster-admin" entry
kubectl config set-credentials cluster-admin --exec-arg=arg1 --exec-arg=arg2
# Create or update exec auth plugin environment variables for the "cluster-admin" entry
kubectl config set-credentials cluster-admin --exec-env=key1=val1 --exec-env=key2=val2
# Remove exec auth plugin environment variables for the "cluster-admin" entry
kubectl config set-credentials cluster-admin --exec-env=var-to-remove-
Options
| --auth-provider string |
| Auth provider for the user entry in kubeconfig |
| --auth-provider-arg strings |
| 'key=value' arguments for the auth provider |
| --client-certificate string |
| Path to client-certificate file for the user entry in kubeconfig |
| --client-key string |
| Path to client-key file for the user entry in kubeconfig |
| --embed-certs tristate[=true] |
| Embed client cert/key for the user entry in kubeconfig |
| --exec-api-version string |
| API version of the exec credential plugin for the user entry in kubeconfig |
| --exec-arg strings |
| New arguments for the exec credential plugin command for the user entry in kubeconfig |
| --exec-command string |
| Command for the exec credential plugin for the user entry in kubeconfig |
| --exec-env strings |
| 'key=value' environment values for the exec credential plugin |
| --exec-interactive-mode string |
| InteractiveMode of the exec credentials plugin for the user entry in kubeconfig |
| --exec-provide-cluster-info tristate[=true] |
| ProvideClusterInfo of the exec credentials plugin for the user entry in kubeconfig |
| -h, --help |
| help for set-credentials |
| --password string |
| password for the user entry in kubeconfig |
| --token string |
| token for the user entry in kubeconfig |
| --username string |
| username for the user entry in kubeconfig |
| --as string |
| Username to impersonate for the operation. User could be a regular user or a service account in a namespace. |
| --as-group strings |
| Group to impersonate for the operation, this flag can be repeated to specify multiple groups. |
| --as-uid string |
| UID to impersonate for the operation. |
| --cache-dir string Default: "$HOME/.kube/cache" |
| Default cache directory |
| --certificate-authority string |
| Path to a cert file for the certificate authority |
| --cluster string |
| The name of the kubeconfig cluster to use |
| --context string |
| The name of the kubeconfig context to use |
| --default-not-ready-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --default-unreachable-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --disable-compression |
| If true, opt-out of response compression for all requests to the server |
| --insecure-skip-tls-verify |
| If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure |
| --kubeconfig string |
| use a particular kubeconfig file |
| --match-server-version |
| Require server version to match client version |
| -n, --namespace string |
| If present, the namespace scope for this CLI request |
| --profile string Default: "none" |
| Name of profile to capture. One of (none|cpu|heap|goroutine|threadcreate|block|mutex) |
| --profile-output string Default: "profile.pprof" |
| Name of the file to write the profile to |
| --request-timeout string Default: "0" |
| The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. |
| -s, --server string |
| The address and port of the Kubernetes API server |
| --storage-driver-buffer-duration duration Default: 1m0s |
| Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction |
| --storage-driver-db string Default: "cadvisor" |
| database name |
| --storage-driver-host string Default: "localhost:8086" |
| database host:port |
| --storage-driver-password string Default: "root" |
| database password |
| --storage-driver-secure |
| use secure connection with database |
| --storage-driver-table string Default: "stats" |
| table name |
| --storage-driver-user string Default: "root" |
| database username |
| --tls-server-name string |
| Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used |
| --user string |
| The name of the kubeconfig user to use |
| --version version[=true] |
| --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version |
| --warnings-as-errors |
| Treat warnings received from the server as errors and exit with a non-zero exit code |
See Also
13 - kubectl config unset
Synopsis
Unset an individual value in a kubeconfig file.
PROPERTY_NAME is a dot delimited name where each token represents either an attribute name or a map key. Map keys may not contain dots.
kubectl config unset PROPERTY_NAME
Examples
# Unset the current-context
kubectl config unset current-context
# Unset namespace in foo context
kubectl config unset contexts.foo.namespace
Options
| --as string |
| Username to impersonate for the operation. User could be a regular user or a service account in a namespace. |
| --as-group strings |
| Group to impersonate for the operation, this flag can be repeated to specify multiple groups. |
| --as-uid string |
| UID to impersonate for the operation. |
| --cache-dir string Default: "$HOME/.kube/cache" |
| Default cache directory |
| --certificate-authority string |
| Path to a cert file for the certificate authority |
| --client-certificate string |
| Path to a client certificate file for TLS |
| --client-key string |
| Path to a client key file for TLS |
| --cluster string |
| The name of the kubeconfig cluster to use |
| --context string |
| The name of the kubeconfig context to use |
| --default-not-ready-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --default-unreachable-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --disable-compression |
| If true, opt-out of response compression for all requests to the server |
| --insecure-skip-tls-verify |
| If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure |
| --kubeconfig string |
| use a particular kubeconfig file |
| --match-server-version |
| Require server version to match client version |
| -n, --namespace string |
| If present, the namespace scope for this CLI request |
| --password string |
| Password for basic authentication to the API server |
| --profile string Default: "none" |
| Name of profile to capture. One of (none|cpu|heap|goroutine|threadcreate|block|mutex) |
| --profile-output string Default: "profile.pprof" |
| Name of the file to write the profile to |
| --request-timeout string Default: "0" |
| The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. |
| -s, --server string |
| The address and port of the Kubernetes API server |
| --storage-driver-buffer-duration duration Default: 1m0s |
| Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction |
| --storage-driver-db string Default: "cadvisor" |
| database name |
| --storage-driver-host string Default: "localhost:8086" |
| database host:port |
| --storage-driver-password string Default: "root" |
| database password |
| --storage-driver-secure |
| use secure connection with database |
| --storage-driver-table string Default: "stats" |
| table name |
| --storage-driver-user string Default: "root" |
| database username |
| --tls-server-name string |
| Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used |
| --token string |
| Bearer token for authentication to the API server |
| --user string |
| The name of the kubeconfig user to use |
| --username string |
| Username for basic authentication to the API server |
| --version version[=true] |
| --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version |
| --warnings-as-errors |
| Treat warnings received from the server as errors and exit with a non-zero exit code |
See Also
14 - kubectl config use-context
Synopsis
Set the current-context in a kubeconfig file.
kubectl config use-context CONTEXT_NAME
Examples
# Use the context for the minikube cluster
kubectl config use-context minikube
Options
| -h, --help |
| help for use-context |
| --as string |
| Username to impersonate for the operation. User could be a regular user or a service account in a namespace. |
| --as-group strings |
| Group to impersonate for the operation, this flag can be repeated to specify multiple groups. |
| --as-uid string |
| UID to impersonate for the operation. |
| --cache-dir string Default: "$HOME/.kube/cache" |
| Default cache directory |
| --certificate-authority string |
| Path to a cert file for the certificate authority |
| --client-certificate string |
| Path to a client certificate file for TLS |
| --client-key string |
| Path to a client key file for TLS |
| --cluster string |
| The name of the kubeconfig cluster to use |
| --context string |
| The name of the kubeconfig context to use |
| --default-not-ready-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --default-unreachable-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --disable-compression |
| If true, opt-out of response compression for all requests to the server |
| --insecure-skip-tls-verify |
| If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure |
| --kubeconfig string |
| use a particular kubeconfig file |
| --match-server-version |
| Require server version to match client version |
| -n, --namespace string |
| If present, the namespace scope for this CLI request |
| --password string |
| Password for basic authentication to the API server |
| --profile string Default: "none" |
| Name of profile to capture. One of (none|cpu|heap|goroutine|threadcreate|block|mutex) |
| --profile-output string Default: "profile.pprof" |
| Name of the file to write the profile to |
| --request-timeout string Default: "0" |
| The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. |
| -s, --server string |
| The address and port of the Kubernetes API server |
| --storage-driver-buffer-duration duration Default: 1m0s |
| Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction |
| --storage-driver-db string Default: "cadvisor" |
| database name |
| --storage-driver-host string Default: "localhost:8086" |
| database host:port |
| --storage-driver-password string Default: "root" |
| database password |
| --storage-driver-secure |
| use secure connection with database |
| --storage-driver-table string Default: "stats" |
| table name |
| --storage-driver-user string Default: "root" |
| database username |
| --tls-server-name string |
| Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used |
| --token string |
| Bearer token for authentication to the API server |
| --user string |
| The name of the kubeconfig user to use |
| --username string |
| Username for basic authentication to the API server |
| --version version[=true] |
| --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version |
| --warnings-as-errors |
| Treat warnings received from the server as errors and exit with a non-zero exit code |
See Also
15 - kubectl config view
Synopsis
Display merged kubeconfig settings or a specified kubeconfig file.
You can use --output jsonpath={...} to extract specific values using a jsonpath expression.
kubectl config view [flags]
Examples
# Show merged kubeconfig settings
kubectl config view
# Show merged kubeconfig settings, raw certificate data, and exposed secrets
kubectl config view --raw
# Get the password for the e2e user
kubectl config view -o jsonpath='{.users[?(@.name == "e2e")].user.password}'
Options
| --allow-missing-template-keys Default: true |
| If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. |
| --flatten |
| Flatten the resulting kubeconfig file into self-contained output (useful for creating portable kubeconfig files) |
| -h, --help |
| help for view |
| --merge tristate[=true] Default: true |
| Merge the full hierarchy of kubeconfig files |
| --minify |
| Remove all information not used by current-context from the output |
| -o, --output string Default: "yaml" |
| Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). |
| --raw |
| Display raw byte data and sensitive data |
| --show-managed-fields |
| If true, keep the managedFields when printing objects in JSON or YAML format. |
| --template string |
| Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview]. |
| --as string |
| Username to impersonate for the operation. User could be a regular user or a service account in a namespace. |
| --as-group strings |
| Group to impersonate for the operation, this flag can be repeated to specify multiple groups. |
| --as-uid string |
| UID to impersonate for the operation. |
| --cache-dir string Default: "$HOME/.kube/cache" |
| Default cache directory |
| --certificate-authority string |
| Path to a cert file for the certificate authority |
| --client-certificate string |
| Path to a client certificate file for TLS |
| --client-key string |
| Path to a client key file for TLS |
| --cluster string |
| The name of the kubeconfig cluster to use |
| --context string |
| The name of the kubeconfig context to use |
| --default-not-ready-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --default-unreachable-toleration-seconds int Default: 300 |
| Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration. |
| --disable-compression |
| If true, opt-out of response compression for all requests to the server |
| --insecure-skip-tls-verify |
| If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure |
| --kubeconfig string |
| use a particular kubeconfig file |
| --match-server-version |
| Require server version to match client version |
| -n, --namespace string |
| If present, the namespace scope for this CLI request |
| --password string |
| Password for basic authentication to the API server |
| --profile string Default: "none" |
| Name of profile to capture. One of (none|cpu|heap|goroutine|threadcreate|block|mutex) |
| --profile-output string Default: "profile.pprof" |
| Name of the file to write the profile to |
| --request-timeout string Default: "0" |
| The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. |
| -s, --server string |
| The address and port of the Kubernetes API server |
| --storage-driver-buffer-duration duration Default: 1m0s |
| Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction |
| --storage-driver-db string Default: "cadvisor" |
| database name |
| --storage-driver-host string Default: "localhost:8086" |
| database host:port |
| --storage-driver-password string Default: "root" |
| database password |
| --storage-driver-secure |
| use secure connection with database |
| --storage-driver-table string Default: "stats" |
| table name |
| --storage-driver-user string Default: "root" |
| database username |
| --tls-server-name string |
| Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used |
| --token string |
| Bearer token for authentication to the API server |
| --user string |
| The name of the kubeconfig user to use |
| --username string |
| Username for basic authentication to the API server |
| --version version[=true] |
| --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version |
| --warnings-as-errors |
| Treat warnings received from the server as errors and exit with a non-zero exit code |
See Also