diff --git a/.gitignore b/.gitignore
index de345e5f59..c54db9289e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,4 @@ _site/**
.sass-cache/**
CNAME
.travis.yml
+.idea/
diff --git a/404.md b/404.md
index 3d32e81bcf..8354c87820 100644
--- a/404.md
+++ b/404.md
@@ -3,6 +3,7 @@ layout: docwithnav
title: 404 Error!
permalink: /404.html
no_canonical: true
+sitemap: false
---
diff --git a/Gemfile b/Gemfile
index e29e26cdc8..3828560a73 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,20 +1,4 @@
source "https://rubygems.org"
-gem "jekyll", "3.2.1"
-gem "jekyll-sass-converter", "1.3.0"
-gem "minima", "1.1.0"
-gem "kramdown", "1.11.1"
-gem "liquid", "3.0.6"
-gem "rouge", "1.11.1"
-gem "jemoji", "0.7.0"
-gem "jekyll-mentions", "1.2.0"
-gem "jekyll-redirect-from", "0.11.0"
-gem "jekyll-sitemap", "0.10.0"
-gem "jekyll-feed", "0.5.1"
-gem "jekyll-gist", "1.4.0"
-gem "jekyll-paginate", "1.1.0"
-gem "jekyll-coffeescript", "1.0.1"
-gem "jekyll-seo-tag", "2.0.0"
-gem "jekyll-github-metadata", "2.0.2"
-gem "listen", "3.0.6"
-gem "activesupport", "4.2.7"
+gem "github-pages", group: :jekyll_plugins
+gem "jekyll-include-cache", "~> 0.1"
diff --git a/Gemfile.lock b/Gemfile.lock
index ee385b958b..1ae07067d8 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -7,23 +7,75 @@ GEM
minitest (~> 5.1)
thread_safe (~> 0.3, >= 0.3.4)
tzinfo (~> 1.1)
- addressable (2.4.0)
+ addressable (2.5.0)
+ public_suffix (~> 2.0, >= 2.0.2)
coffee-script (2.4.1)
coffee-script-source
execjs
- coffee-script-source (1.10.0)
+ coffee-script-source (1.12.2)
colorator (1.1.0)
+ ethon (0.10.1)
+ ffi (>= 1.3.0)
execjs (2.7.0)
- faraday (0.9.2)
+ faraday (0.10.0)
multipart-post (>= 1.2, < 3)
ffi (1.9.14)
forwardable-extended (2.6.0)
gemoji (2.1.0)
+ github-pages (112)
+ activesupport (= 4.2.7)
+ github-pages-health-check (= 1.3.0)
+ jekyll (= 3.3.1)
+ jekyll-avatar (= 0.4.2)
+ jekyll-coffeescript (= 1.0.1)
+ jekyll-default-layout (= 0.1.4)
+ jekyll-feed (= 0.8.0)
+ jekyll-gist (= 1.4.0)
+ jekyll-github-metadata (= 2.2.0)
+ jekyll-mentions (= 1.2.0)
+ jekyll-optional-front-matter (= 0.1.2)
+ jekyll-paginate (= 1.1.0)
+ jekyll-readme-index (= 0.0.3)
+ jekyll-redirect-from (= 0.11.0)
+ jekyll-relative-links (= 0.2.1)
+ jekyll-sass-converter (= 1.3.0)
+ jekyll-seo-tag (= 2.1.0)
+ jekyll-sitemap (= 0.12.0)
+ jekyll-swiss (= 0.4.0)
+ jekyll-theme-architect (= 0.0.3)
+ jekyll-theme-cayman (= 0.0.3)
+ jekyll-theme-dinky (= 0.0.3)
+ jekyll-theme-hacker (= 0.0.3)
+ jekyll-theme-leap-day (= 0.0.3)
+ jekyll-theme-merlot (= 0.0.3)
+ jekyll-theme-midnight (= 0.0.3)
+ jekyll-theme-minimal (= 0.0.3)
+ jekyll-theme-modernist (= 0.0.3)
+ jekyll-theme-primer (= 0.1.5)
+ jekyll-theme-slate (= 0.0.3)
+ jekyll-theme-tactile (= 0.0.3)
+ jekyll-theme-time-machine (= 0.0.3)
+ jekyll-titles-from-headings (= 0.1.3)
+ jemoji (= 0.7.0)
+ kramdown (= 1.11.1)
+ liquid (= 3.0.6)
+ listen (= 3.0.6)
+ mercenary (~> 0.3)
+ minima (= 2.0.0)
+ rouge (= 1.11.1)
+ terminal-table (~> 1.4)
+ github-pages-health-check (1.3.0)
+ addressable (~> 2.3)
+ net-dns (~> 0.8)
+ octokit (~> 4.0)
+ public_suffix (~> 2.0)
+ typhoeus (~> 0.7)
html-pipeline (2.4.2)
activesupport (>= 2)
nokogiri (>= 1.4)
i18n (0.7.0)
- jekyll (3.2.1)
+ jekyll (3.3.1)
+ addressable (~> 2.4)
colorator (~> 1.0)
jekyll-sass-converter (~> 1.0)
jekyll-watch (~> 1.1)
@@ -33,26 +85,69 @@ GEM
pathutil (~> 0.9)
rouge (~> 1.7)
safe_yaml (~> 1.0)
+ jekyll-avatar (0.4.2)
+ jekyll (~> 3.0)
jekyll-coffeescript (1.0.1)
coffee-script (~> 2.2)
- jekyll-feed (0.5.1)
+ jekyll-default-layout (0.1.4)
+ jekyll (~> 3.0)
+ jekyll-feed (0.8.0)
+ jekyll (~> 3.3)
jekyll-gist (1.4.0)
octokit (~> 4.2)
- jekyll-github-metadata (2.0.2)
+ jekyll-github-metadata (2.2.0)
jekyll (~> 3.1)
- octokit (~> 4.0)
+ octokit (~> 4.0, != 4.4.0)
+ jekyll-include-cache (0.1.0)
+ jekyll (~> 3.3)
jekyll-mentions (1.2.0)
activesupport (~> 4.0)
html-pipeline (~> 2.3)
jekyll (~> 3.0)
+ jekyll-optional-front-matter (0.1.2)
+ jekyll (~> 3.0)
jekyll-paginate (1.1.0)
+ jekyll-readme-index (0.0.3)
+ jekyll (~> 3.0)
jekyll-redirect-from (0.11.0)
jekyll (>= 2.0)
+ jekyll-relative-links (0.2.1)
+ jekyll (~> 3.3)
jekyll-sass-converter (1.3.0)
sass (~> 3.2)
- jekyll-seo-tag (2.0.0)
- jekyll (~> 3.1)
- jekyll-sitemap (0.10.0)
+ jekyll-seo-tag (2.1.0)
+ jekyll (~> 3.3)
+ jekyll-sitemap (0.12.0)
+ jekyll (~> 3.3)
+ jekyll-swiss (0.4.0)
+ jekyll-theme-architect (0.0.3)
+ jekyll (~> 3.3)
+ jekyll-theme-cayman (0.0.3)
+ jekyll (~> 3.3)
+ jekyll-theme-dinky (0.0.3)
+ jekyll (~> 3.3)
+ jekyll-theme-hacker (0.0.3)
+ jekyll (~> 3.3)
+ jekyll-theme-leap-day (0.0.3)
+ jekyll (~> 3.3)
+ jekyll-theme-merlot (0.0.3)
+ jekyll (~> 3.3)
+ jekyll-theme-midnight (0.0.3)
+ jekyll (~> 3.3)
+ jekyll-theme-minimal (0.0.3)
+ jekyll (~> 3.3)
+ jekyll-theme-modernist (0.0.3)
+ jekyll (~> 3.3)
+ jekyll-theme-primer (0.1.5)
+ jekyll (~> 3.3)
+ jekyll-theme-slate (0.0.3)
+ jekyll (~> 3.3)
+ jekyll-theme-tactile (0.0.3)
+ jekyll (~> 3.3)
+ jekyll-theme-time-machine (0.0.3)
+ jekyll (~> 3.3)
+ jekyll-titles-from-headings (0.1.3)
+ jekyll (~> 3.3)
jekyll-watch (1.5.0)
listen (~> 3.0, < 3.1)
jemoji (0.7.0)
@@ -68,52 +163,41 @@ GEM
rb-inotify (>= 0.9.7)
mercenary (0.3.6)
mini_portile2 (2.1.0)
- minima (1.1.0)
- minitest (5.9.0)
+ minima (2.0.0)
+ minitest (5.10.1)
multipart-post (2.0.0)
- nokogiri (1.6.8)
+ net-dns (0.8.0)
+ nokogiri (1.6.8.1)
mini_portile2 (~> 2.1.0)
- pkg-config (~> 1.1.7)
- octokit (4.3.0)
- sawyer (~> 0.7.0, >= 0.5.3)
+ octokit (4.6.2)
+ sawyer (~> 0.8.0, >= 0.5.3)
pathutil (0.14.0)
forwardable-extended (~> 2.6)
- pkg-config (1.1.7)
- rb-fsevent (0.9.7)
+ public_suffix (2.0.4)
+ rb-fsevent (0.9.8)
rb-inotify (0.9.7)
ffi (>= 0.5.0)
rouge (1.11.1)
safe_yaml (1.0.4)
- sass (3.4.22)
- sawyer (0.7.0)
- addressable (>= 2.3.5, < 2.5)
- faraday (~> 0.8, < 0.10)
+ sass (3.4.23)
+ sawyer (0.8.1)
+ addressable (>= 2.3.5, < 2.6)
+ faraday (~> 0.8, < 1.0)
+ terminal-table (1.7.3)
+ unicode-display_width (~> 1.1.1)
thread_safe (0.3.5)
+ typhoeus (0.8.0)
+ ethon (>= 0.8.0)
tzinfo (1.2.2)
thread_safe (~> 0.1)
+ unicode-display_width (1.1.2)
PLATFORMS
ruby
DEPENDENCIES
- activesupport (= 4.2.7)
- jekyll (= 3.2.1)
- jekyll-coffeescript (= 1.0.1)
- jekyll-feed (= 0.5.1)
- jekyll-gist (= 1.4.0)
- jekyll-github-metadata (= 2.0.2)
- jekyll-mentions (= 1.2.0)
- jekyll-paginate (= 1.1.0)
- jekyll-redirect-from (= 0.11.0)
- jekyll-sass-converter (= 1.3.0)
- jekyll-seo-tag (= 2.0.0)
- jekyll-sitemap (= 0.10.0)
- jemoji (= 0.7.0)
- kramdown (= 1.11.1)
- liquid (= 3.0.6)
- listen (= 3.0.6)
- minima (= 1.1.0)
- rouge (= 1.11.1)
+ github-pages
+ jekyll-include-cache (~> 0.1)
BUNDLED WITH
- 1.11.2
+ 1.13.6
diff --git a/README.md b/README.md
index 2801eaead0..845b56b29e 100644
--- a/README.md
+++ b/README.md
@@ -1,182 +1,19 @@
-## Instructions for Contributing to the Docs/Website
+## Instructions for Contributing to the Kubernetes Documentation
-Welcome! We are very pleased you want to contribute to the documentation and/or website for Kubernetes.
+Welcome! We are very pleased you want to contribute to the Kubernetes documentation.
-You can click the "Fork" button in the upper-right area of the screen to create a copy of our site on your GitHub account called a "fork." Make any changes you want in your fork, and when you are ready to send those changes to us, go to the index page for your fork and click "New Pull Request" to let us know about it.
+You can click the **Fork** button in the upper-right area of the screen to create a copy of this repository in your GitHub account called a *fork*. Make any changes you want in your fork, and when you are ready to send those changes to us, go to your fork and create a new pull request to let us know about it.
For more information about contributing to the Kubernetes documentation, see:
+* [Contributing to the kubernetes Documentation](http://kubernetes.io/editdocs/)
* [Creating a Documentation Pull Request](http://kubernetes.io/docs/contribute/create-pull-request/)
* [Writing a New Topic](http://kubernetes.io/docs/contribute/write-new-topic/)
* [Staging Your Documentation Changes](http://kubernetes.io/docs/contribute/stage-documentation-changes/)
* [Using Page Templates](http://kubernetes.io/docs/contribute/page-templates/)
-
-## Automatic Staging for Pull Requests
-
-When you create a pull request (either against master or the upcoming release), your changes are staged in a custom subdomain on Netlify so that you can see your changes in rendered form before the PR is merged. You can use this to verify that everything is correct before the PR gets merged. To view your changes:
-
-- Scroll down to the PR's list of Automated Checks
-- Click "Show All Checks"
-- Look for "deploy/netlify"; you'll see "Deploy Preview Ready!" if staging was successful
-- Click "Details" to bring up the staged site and navigate to your changes
-
-## Branch structure and staging
-
-The current version of the website is served out of the `master` branch. To make changes to the live docs, such as bug fixes, broken links, typos, etc, **target your pull request to the master branch**
-
-The `release-1.x` branch stores changes for **upcoming releases of Kubernetes**. For example, the `release-1.5` branch has changes for the 1.5 release. These changes target branches (and *not* master) to avoid publishing documentation updates prior to the release for which they're relevant. If you have a change for an upcoming release of Kubernetes, **target your pull request to the appropriate release branch**.
-
-The staging site for the next upcoming Kubernetes release is here: [http://kubernetes-io-vnext-staging.netlify.com/](http://kubernetes-io-vnext-staging.netlify.com/). The staging site reflects the current state of what's been merged in the release branch, or in other words, what the docs will look like for the next upcoming release. It's automatically updated as new PRs get merged.
-
-## Staging the site locally (using Docker)
-
-Don't like installing stuff? Download and run a local staging server with a single `docker run` command.
-
- git clone https://github.com/kubernetes/kubernetes.github.io.git
- cd kubernetes.github.io
- docker run -ti --rm -v "$PWD":/k8sdocs -p 4000:4000 gcr.io/google-samples/k8sdocs:1.0
-
-Then visit [http://localhost:4000](http://localhost:4000) to see our site. Any changes you make on your local machine will be automatically staged.
-
-If you're interested you can view [the Dockerfile for this image](https://github.com/kubernetes/kubernetes.github.io/blob/master/staging-container/Dockerfile).
-
-## Staging the site locally (from scratch setup)
-
-The below commands to setup your environment for running GitHub pages locally. Then, any edits you make will be viewable
-on a lightweight webserver that runs on your local machine.
-
-This will typically be the fastest way (by far) to iterate on docs changes and see them staged, once you get this set up, but it does involve several install steps that take awhile to complete, and makes system-wide modifications.
-
-Install Ruby 2.2 or higher. If you're on Linux, run these commands:
-
- apt-get install software-properties-common
- apt-add-repository ppa:brightbox/ruby-ng
- apt-get install ruby2.2
- apt-get install ruby2.2-dev
-
-* If you're on a Mac, follow [these instructions](https://gorails.com/setup/osx/).
-* If you're on a Windows machine you can use the [Ruby Installer](http://rubyinstaller.org/downloads/). During the installation make sure to check the option for *Add Ruby executables to your PATH*.
-
-The remainder of the steps should work the same across operating systems.
-
-To confirm you've installed Ruby correctly, at the command prompt run `gem --version` and you should get a response with your version number. Likewise you can confirm you have Git installed properly by running `git --version`, which will respond with your version of Git.
-
-Install the GitHub Pages package, which includes Jekyll:
-
- gem install github-pages
-
-Clone our site:
-
- git clone https://github.com/kubernetes/kubernetes.github.io.git
-
-Make any changes you want. Then, to see your changes locally:
-
- cd kubernetes.github.io
- jekyll serve
-
-Your copy of the site will then be viewable at: [http://localhost:4000](http://localhost:4000)
-(or wherever Jekyll tells you).
-
-## GitHub help
-
-If you're a bit rusty with git/GitHub, you might want to read
-[this](http://readwrite.com/2013/10/02/github-for-beginners-part-2) for a refresher.
-
-## Common Tasks
-
-### Edit Page Titles or Change the Left Navigation
-
-Edit the yaml files in `/_data/` for the Guides, Reference, Samples, or Support areas.
-
-You may have to exit and `jekyll clean` before restarting the `jekyll serve` to
-get changes to files in `/_data/` to show up.
-
-### Add Images
-
-Put the new image in `/images/docs/` if it's for the documentation, and just `/images/` if it's for the website.
-
-**For diagrams, we greatly prefer SVG files!**
-
-### Include code from another file
-
-To include a file that is hosted on this GitHub repo, insert this code:
-
-
{% include code.html language="<LEXERVALUE>" file="<RELATIVEPATH>" ghlink="<PATHFROMROOT>" %}
-
-* `LEXERVALUE`: The language in which the file was written; must be [a value supported by Rouge](https://github.com/jneen/rouge/wiki/list-of-supported-languages-and-lexers).
-* `RELATIVEPATH`: The path to the file you're including, relative to the current file.
-* `PATHFROMROOT`: The path to the file relative to root, e.g. `/docs/admin/foo.yaml`
-
-To include a file that is hosted in the external, main Kubernetes repo, make sure it's added to [/update-imported-docs.sh](https://github.com/kubernetes/kubernetes.github.io/blob/master/update-imported-docs.sh), and run it so that the file gets downloaded, then enter:
-
-
{% include code.html language="<LEXERVALUE>" file="<RELATIVEPATH>" k8slink="<PATHFROMK8SROOT>" %}
-
-* `PATHFROMK8SROOT`: The path to the file relative to the root of [the Kubernetes repo](https://github.com/kubernetes/kubernetes/tree/release-1.2), e.g. `/examples/rbd/foo.yaml`
-
-## Using tabs for multi-language examples
-
-By specifying some inline CSV in a varable called `tabspec`, you can include a file
-called `tabs.html` that generates tabs showing code examples in multiple langauges.
-
-
-
-In English, this would read: "Create a set of tabs with the alias `servicesample`,
-and have tabs visually labeled "JSON" and "YAML" that use `json` and `yaml` Rouge syntax highlighting, which display the contents of
-`service-sample.{extension}` on the page, and link to the file in GitHub at (full path)."
-
-Example file: [Pods: Multi-Container](http://kubernetes.io/docs/user-guide/pods/multi-container/).
-
-## Use a global variable
-
-The `/_config.yml` file defines some useful variables you can use when editing docs.
-
-* `page.githubbranch`: The name of the GitHub branch on the Kubernetes repo that is associated with this branch of the docs. e.g. `release-1.2`
-* `page.version` The version of Kubernetes associated with this branch of the docs. e.g. `v1.2`
-* `page.docsbranch` The name of the GitHub branch on the Docs/Website repo that you are currently using. e.g. `release-1.1` or `master`
-
-This keeps the docs you're editing aligned with the Kubernetes version you're talking about. For example, if you define a link like so, you'll never have to worry about it going stale in future doc branches:
-
-
View the README [here](http://releases.k8s.io/{{page.githubbranch}}/cluster/addons/README.md).
-
-That, of course, will send users to:
-
-[http://releases.k8s.io/release-1.2/cluster/addons/README.md](http://releases.k8s.io/release-1.2/cluster/addons/README.md)
-
-(Or whatever Kubernetes release that docs branch is associated with.)
-
-## Config yaml guidelines
-
-Guidelines for config yamls that are included in the site docs. These
-are the yaml or json files that contain Kubernetes object
-configuration to be used with `kubectl create -f` Config yamls should
-be:
-
-* Separate deployable files, not embedded in the document, unless very
- small variations of a full config.
-* Included in the doc with the include code
- [above.](#include-code-from-another-file)
-* In the same directory as the doc that they are being used in
- * If you are re-using a yaml from another doc, that is OK, just
- leave it there, don't move it up to a higher level directory.
-* Tested in
- [test/examples_test.go](https://github.com/kubernetes/kubernetes.github.io/blob/master/test/examples_test.go)
-* Follows
- [best practices.](http://kubernetes.io/docs/user-guide/config-best-practices/)
-
-Don't assume the reader has this repository checked out, use `kubectl
-create -f https://github...` in example commands. For Docker images
-used in config yamls, try to use an image from an existing Kubernetes
-example. If creating an image for a doc, follow the
-[example guidelines](https://github.com/kubernetes/kubernetes/blob/master/examples/guidelines.md#throughout)
-section on "Docker images" from the Kubernetes repository.
-
-## Partners
-Kubernetes partners refers to the companies who contribute to the Kubernetes core codebase, extend their platform to support Kubernetes or provide managed services to users centered around the Kubernetes platform. Partners can get their services and offerings added to the [partner page](https://k8s.io/partners) by completing and submitting the [partner request form](https://goo.gl/qcSnZF). Once the information and assets are verified, the partner product/services will be listed in the partner page. This would typically take 7-10 days.
+* [Documentation Style Guide](http://kubernetes.io/docs/contribute/style-guide/)
## Thank you!
-Kubernetes thrives on community participation and we really appreciate your
+Kubernetes thrives on community participation, and we really appreciate your
contributions to our site and our documentation!
diff --git a/_config.yml b/_config.yml
index 5b7f442fd8..60e67c9cde 100644
--- a/_config.yml
+++ b/_config.yml
@@ -1,11 +1,12 @@
name: Kubernetes
+title: Kubernetes
+description: Production-Grade Container Orchestration
markdown: kramdown
kramdown:
input: GFM
html_to_native: true
hard_wrap: false
syntax_highlighter: rouge
-baseurl: /
incremental: true
safe: false
@@ -16,7 +17,7 @@ defaults:
scope:
path: ""
values:
- version: "v1.3"
+ version: "v1.5.1"
githubbranch: "master"
docsbranch: "master"
-
@@ -30,3 +31,24 @@ permalink: pretty
gems:
- jekyll-redirect-from
+ - jekyll-feed
+ - jekyll-sitemap
+ - jekyll-seo-tag
+ - jekyll-include-cache
+
+# SEO
+logo: /images/favicon.png
+twitter:
+ username: kubernetesio
+
+# Tables of contents, stored in the _data folder, that control the sidebar nav
+tocs:
+ - docs-home
+ - guides
+ - tutorials
+ - tasks
+ - concepts
+ - reference
+ - tools
+ - samples
+ - support
diff --git a/_data/concepts.yml b/_data/concepts.yml
index f9422daa98..a9a7c3eb29 100644
--- a/_data/concepts.yml
+++ b/_data/concepts.yml
@@ -1,9 +1,10 @@
bigheader: "Concepts"
abstract: "Detailed explanations of Kubernetes system concepts and abstractions."
toc:
-- title: Concepts
- path: /docs/concepts/
+- docs/concepts/index.md
- title: Object Metadata
section:
- - title: Annotations
- path: /docs/concepts/object-metadata/annotations/
+ - docs/concepts/object-metadata/annotations.md
+- title: Controllers
+ section:
+ - docs/concepts/abstractions/controllers/statefulsets.md
diff --git a/_data/docs-home.yml b/_data/docs-home.yml
index 1cb8c9b05a..b80c025d5e 100644
--- a/_data/docs-home.yml
+++ b/_data/docs-home.yml
@@ -1,5 +1,4 @@
bigheader: "Kubernetes Documentation"
abstract: "Documentation for using and learning about Kubernetes."
toc:
-- title: Kubernetes Documentation
- path: /docs/
+- docs/index.md
diff --git a/_data/guides.yml b/_data/guides.yml
index 0c1a785720..bd7518d4fd 100644
--- a/_data/guides.yml
+++ b/_data/guides.yml
@@ -1,304 +1,188 @@
bigheader: "Guides"
abstract: "How to get started, and accomplish tasks, using Kubernetes."
toc:
-- title: Guides
- path: /docs/user-guide/
+- docs/user-guide/index.md
- title: Getting Started
section:
- - title: What is Kubernetes?
- path: /docs/whatisk8s/
- - title: Installing Kubernetes on Linux with kubeadm
- path: /docs/getting-started-guides/kubeadm/
- - title: Installing Kubernetes on AWS with kops
- path: /docs/getting-started-guides/kops/
- - title: Hello World on Google Container Engine
- path: /docs/hellonode/
- - title: Installing kubectl
- path: /docs/getting-started-guides/kubectl/
- - title: Downloading or Building Kubernetes
- path: /docs/getting-started-guides/binary_release/
+ - docs/whatisk8s.md
+ - docs/getting-started-guides/kubeadm.md
+ - docs/getting-started-guides/kops.md
+ - docs/hellonode.md
+ - docs/getting-started-guides/kubectl.md
+ - docs/getting-started-guides/binary_release.md
- title: Online Training Course
path: https://www.udacity.com/course/scalable-microservices-with-kubernetes--ud615
- title: Accessing the Cluster
section:
- - title: Installing and Setting up kubectl
- path: /docs/user-guide/prereqs/
- - title: Accessing Clusters
- path: /docs/user-guide/accessing-the-cluster/
- - title: Sharing Cluster Access with kubeconfig
- path: /docs/user-guide/sharing-clusters/
- - title: Authenticating Across Clusters with kubeconfig
- path: /docs/user-guide/kubeconfig-file/
+ - docs/user-guide/prereqs.md
+ - docs/user-guide/accessing-the-cluster.md
+ - docs/user-guide/sharing-clusters.md
+ - docs/user-guide/kubeconfig-file.md
-- title: User Guide
- path: /docs/user-guide/
+- docs/user-guide/index.md
-- title: Web UI (Dashboard)
- path: /docs/user-guide/ui/
+- docs/user-guide/ui.md
- title: Workload Deployment and Management
section:
- - title: Launching, Exposing, and Killing Applications
- path: /docs/user-guide/quick-start/
- - title: Deploying Applications
- path: /docs/user-guide/deploying-applications/
- - title: Managing Resources
- path: /docs/user-guide/managing-deployments/
- - title: Replication Controller Operations
- path: /docs/user-guide/replication-controller/operations/
- - title: Resizing a Replication Controller
- path: /docs/user-guide/resizing-a-replication-controller/
- - title: Rolling Updates
- path: /docs/user-guide/rolling-updates/
- - title: Rolling Update Demo
- path: /docs/user-guide/update-demo/
- - title: Secrets Walkthrough
- path: /docs/user-guide/secrets/walkthrough/
- - title: Using ConfigMap
- path: /docs/user-guide/configmap/
- - title: Horizontal Pod Autoscaling
- path: /docs/user-guide/horizontal-pod-autoscaling/walkthrough/
- - title: Best Practices for Configuration
- path: /docs/user-guide/config-best-practices/
- - title: Using kubectl to Manage Resources
- path: /docs/user-guide/working-with-resources/
- - title: Garbage Collection (Beta)
- path: /docs/user-guide/garbage-collection/
+ - docs/user-guide/quick-start.md
+ - docs/user-guide/deploying-applications.md
+ - docs/user-guide/managing-deployments.md
+ - docs/user-guide/replication-controller/operations.md
+ - docs/user-guide/resizing-a-replication-controller.md
+ - docs/user-guide/rolling-updates.md
+ - docs/user-guide/update-demo/index.md
+ - docs/user-guide/secrets/walkthrough.md
+ - docs/user-guide/configmap/index.md
+ - docs/user-guide/horizontal-pod-autoscaling/walkthrough.md
+ - docs/user-guide/config-best-practices.md
+ - docs/user-guide/working-with-resources.md
+ - docs/user-guide/garbage-collection.md
- title: Using NetworkPolicy
section:
- - title: Example Walkthrough
- path: /docs/getting-started-guides/network-policy/walkthrough/
- - title: Using Calico for NetworkPolicy
- path: /docs/getting-started-guides/network-policy/calico/
- - title: Using Romana for NetworkPolicy
- path: /docs/getting-started-guides/network-policy/romana/
+ - docs/getting-started-guides/network-policy/walkthrough.md
+ - docs/getting-started-guides/network-policy/calico.md
+ - docs/getting-started-guides/network-policy/romana.md
- title: Batch Jobs
section:
- - title: Jobs
- path: /docs/user-guide/jobs/
- - title: Parallel Processing using Expansions
- path: /docs/user-guide/jobs/expansions/
- - title: Coarse Parallel Processing using a Work Queue
- path: /docs/user-guide/jobs/work-queue-1/
- - title: Fine Parallel Processing using a Work Queue
- path: /docs/user-guide/jobs/work-queue-2/
- - title: Cron Jobs
- path: /docs/user-guide/cron-jobs/
+ - docs/user-guide/jobs.md
+ - docs/user-guide/jobs/expansions/index.md
+ - docs/user-guide/jobs/work-queue-1/index.md
+ - docs/user-guide/jobs/work-queue-2/index.md
+ - docs/user-guide/cron-jobs.md
- title: Service Discovery and Load Balancing
section:
- - title: Connecting Applications with Services
- path: /docs/user-guide/connecting-applications/
- - title: Service Operations
- path: /docs/user-guide/services/operations/
- - title: Creating an External Load Balancer
- path: /docs/user-guide/load-balancer/
- - title: Configuring Your Cloud Provider's Firewalls
- path: /docs/user-guide/services-firewalls/
- - title: Cross-cluster Service Discovery using Federated Services
- path: /docs/user-guide/federation/federated-services/
+ - docs/user-guide/connecting-applications.md
+ - docs/user-guide/services/operations.md
+ - docs/user-guide/load-balancer.md
+ - docs/user-guide/services-firewalls.md
+ - docs/user-guide/federation/federated-services.md
- title: Containers and Pods
section:
- - title: Running Your First Containers
- path: /docs/user-guide/simple-nginx/
- - title: Creating Single-Container Pods
- path: /docs/user-guide/pods/single-container/
- - title: Creating Multi-Container Pods
- path: /docs/user-guide/pods/multi-container/
- - title: Configuring Containers
- path: /docs/user-guide/configuring-containers/
- - title: Working with Containers in Production
- path: /docs/user-guide/production-pods/
- - title: Commands and Capabilities
- path: /docs/user-guide/containers/
- - title: Using Environment Variables
- path: /docs/user-guide/environment-guide/
- - title: Managing Compute Resources
- path: /docs/user-guide/compute-resources/
- - title: The Lifecycle of a Pod
- path: /docs/user-guide/pod-states/
- - title: Checking Pod Health
- path: /docs/user-guide/liveness/
- - title: Container Lifecycle Hooks
- path: /docs/user-guide/container-environment/
- - title: Assigning Pods to Nodes
- path: /docs/user-guide/node-selection/
- - title: Using the Downward API to Convey Pod Properties
- path: /docs/user-guide/downward-api/
- - title: Downward API Volumes
- path: /docs/user-guide/downward-api/volume
- - title: Persistent Volumes Walkthrough
- path: /docs/user-guide/persistent-volumes/walkthrough/
- - title: Bootstrapping Pet Sets
- path: /docs/user-guide/petset/bootstrapping/
+ - docs/user-guide/simple-nginx.md
+ - docs/user-guide/pods/single-container.md
+ - docs/user-guide/pods/multi-container.md
+ - docs/user-guide/configuring-containers.md
+ - docs/user-guide/production-pods.md
+ - docs/user-guide/containers.md
+ - docs/user-guide/environment-guide/index.md
+ - docs/user-guide/compute-resources.md
+ - docs/user-guide/pod-states.md
+ - docs/user-guide/liveness/index.md
+ - docs/user-guide/container-environment.md
+ - docs/user-guide/node-selection/index.md
+ - docs/user-guide/downward-api/index.md
+ - docs/user-guide/downward-api/volume/index.md
+ - docs/user-guide/persistent-volumes/walkthrough.md
+ - docs/user-guide/petset/bootstrapping/index.md
- title: Monitoring, Logging, and Debugging Containers
section:
- - title: Resource Usage Monitoring
- path: /docs/user-guide/monitoring/
- - title: Logging
- path: /docs/getting-started-guides/logging/
- - title: Logging with Elasticsearch and Kibana
- path: /docs/getting-started-guides/logging-elasticsearch/
- - title: Running Commands in a Container with kubectl exec
- path: /docs/user-guide/getting-into-containers/
- - title: Connect with Proxies
- path: /docs/user-guide/connecting-to-applications-proxy/
- - title: Connect with Port Forwarding
- path: /docs/user-guide/connecting-to-applications-port-forward/
+ - docs/user-guide/monitoring.md
+ - docs/getting-started-guides/logging.md
+ - docs/getting-started-guides/logging-elasticsearch.md
+ - docs/user-guide/getting-into-containers.md
+ - docs/user-guide/connecting-to-applications-proxy.md
+ - docs/user-guide/connecting-to-applications-port-forward.md
- title: Using Explorer to Examine the Runtime Environment
path: https://github.com/kubernetes/kubernetes/tree/release-1.3/examples/explorer
- title: Creating a Cluster
section:
- - title: Picking the Right Solution
- path: /docs/getting-started-guides/
+ - docs/getting-started-guides/index.md
- title: Running Kubernetes on Your Local Machine
section:
- - title: Running Kubernetes Locally via Minikube
- path: /docs/getting-started-guides/minikube/
- - title: Deprecated Alternatives
- path: /docs/getting-started-guides/alternatives/
+ - docs/getting-started-guides/minikube.md
+ - docs/getting-started-guides/alternatives.md
- title: Running Kubernetes on Turn-key Cloud Solutions
section:
- title: Running Kubernetes on Google Container Engine
path: https://cloud.google.com/container-engine/docs/before-you-begin/
- - title: Running Kubernetes on Google Compute Engine
- path: /docs/getting-started-guides/gce/
- - title: Running Kubernetes on AWS EC2
- path: /docs/getting-started-guides/aws/
- - title: Running Kubernetes on Azure
- path: /docs/getting-started-guides/azure/
- - title: Running Kubernetes on Azure (Weave-based)
- path: /docs/getting-started-guides/coreos/azure/
- - title: Running Kubernetes on CenturyLink Cloud
- path: /docs/getting-started-guides/clc/
+ - docs/getting-started-guides/gce.md
+ - docs/getting-started-guides/aws.md
+ - title: Running Kubernetes on Azure Container Service
+ path: https://docs.microsoft.com/en-us/azure/container-service/container-service-kubernetes-walkthrough
+ - docs/getting-started-guides/azure.md
+ - docs/getting-started-guides/clc.md
- title: Running Kubernetes on IBM SoftLayer
path: https://github.com/patrocinio/kubernetes-softlayer
- title: Running Kubernetes on Custom Solutions
section:
- - title: Creating a Custom Cluster from Scratch
- path: /docs/getting-started-guides/scratch/
+ - docs/getting-started-guides/scratch.md
- title: Custom Cloud Solutions
section:
- - title: CoreOS on AWS or GCE
- path: /docs/getting-started-guides/coreos/
- - title: Ubuntu on AWS or Joyent
- path: /docs/getting-started-guides/juju/
- - title: CoreOS on Rackspace
- path: /docs/getting-started-guides/rackspace/
+ - docs/getting-started-guides/coreos/index.md
+ - /docs/getting-started-guides/juju/
+ - docs/getting-started-guides/rackspace.md
- title: On-Premise VMs
section:
- - title: CoreOS on Vagrant
- path: /docs/getting-started-guides/coreos/
- - title: Cloudstack
- path: /docs/getting-started-guides/cloudstack/
- - title: VMware vSphere
- path: /docs/getting-started-guides/vsphere/
- - title: VMware Photon Controller
- path: /docs/getting-started-guides/photon-controller/
- - title: Juju
- path: /docs/getting-started-guides/juju/
- - title: DCOS
- path: /docs/getting-started-guides/dcos/
- - title: CoreOS on libvirt
- path: /docs/getting-started-guides/libvirt-coreos/
- - title: oVirt
- path: /docs/getting-started-guides/ovirt/
- - title: OpenStack Heat
- path: /docs/getting-started-guides/openstack-heat/
+ - docs/getting-started-guides/coreos/index.md
+ - docs/getting-started-guides/cloudstack.md
+ - docs/getting-started-guides/vsphere.md
+ - docs/getting-started-guides/photon-controller.md
+ - /docs/getting-started-guides/juju/
+ - docs/getting-started-guides/dcos.md
+ - docs/getting-started-guides/libvirt-coreos.md
+ - docs/getting-started-guides/ovirt.md
+ - docs/getting-started-guides/openstack-heat.md
- title: rkt
section:
- - title: Running Kubernetes with rkt
- path: /docs/getting-started-guides/rkt/
- - title: Known Issues when Using rkt
- path: /docs/getting-started-guides/rkt/notes/
- - title: Kubernetes on Mesos
- path: /docs/getting-started-guides/mesos/
- - title: Kubernetes on Mesos on Docker
- path: /docs/getting-started-guides/mesos-docker/
+ - docs/getting-started-guides/rkt/index.md
+ - docs/getting-started-guides/rkt/notes.md
+ - docs/getting-started-guides/mesos/index.md
+ - docs/getting-started-guides/mesos-docker.md
- title: Bare Metal
section:
- - title: Offline
- path: /docs/getting-started-guides/coreos/bare_metal_offline/
- - title: Fedora via Ansible
- path: /docs/getting-started-guides/fedora/fedora_ansible_config/
- - title: Fedora (Single Node)
- path: /docs/getting-started-guides/fedora/fedora_manual_config/
- - title: Fedora (Multi Node)
- path: /docs/getting-started-guides/fedora/flannel_multi_node_cluster/
- - title: CentOS
- path: /docs/getting-started-guides/centos/centos_manual_config/
- - title: CoreOS
- path: /docs/getting-started-guides/coreos
- - title: Ubuntu
- path: /docs/getting-started-guides/ubuntu/
- - title: Validate Node Setup
- path: /docs/admin/node-conformance
- - title: Portable Multi-Node Cluster
- path: /docs/getting-started-guides/docker-multinode/
- - title: Building Large Clusters
- path: /docs/admin/cluster-large/
- - title: Running in Multiple Zones
- path: /docs/admin/multiple-zones/
- - title: Building High-Availability Clusters
- path: /docs/admin/high-availability/
+ - docs/getting-started-guides/coreos/bare_metal_offline.md
+ - docs/getting-started-guides/fedora/fedora_ansible_config.md
+ - docs/getting-started-guides/fedora/fedora_manual_config.md
+ - docs/getting-started-guides/fedora/flannel_multi_node_cluster.md
+ - docs/getting-started-guides/centos/centos_manual_config.md
+ - docs/getting-started-guides/coreos/index.md
+ - /docs/getting-started-guides/ubuntu/
+ - docs/getting-started-guides/windows/index.md
+ - docs/admin/node-conformance.md
+ - docs/getting-started-guides/docker-multinode.md
+ - docs/admin/cluster-large.md
+ - docs/admin/multiple-zones.md
+ - docs/admin/high-availability/index.md
- title: Administering Clusters
section:
- - title: Admin Guide
- path: /docs/admin/
- - title: Cluster Management Guide
- path: /docs/admin/cluster-management/
- - title: kubeadm reference
- path: /docs/admin/kubeadm/
- - title: Installing Addons
- path: /docs/admin/addons/
- - title: Sharing a Cluster with Namespaces
- path: /docs/admin/namespaces/
- - title: Namespaces Walkthrough
- path: /docs/admin/namespaces/walkthrough/
- - title: Setting Pod CPU and Memory Limits
- path: /docs/admin/limitrange/
- - title: Understanding Resource Quotas
- path: /docs/admin/resourcequota/
- - title: Applying Resource Quotas and Limits
- path: /docs/admin/resourcequota/walkthrough/
- - title: Kubernetes Components
- path: /docs/admin/cluster-components/
- - title: Configuring Kubernetes Use of etcd
- path: /docs/admin/etcd/
- - title: Federating Clusters
- path: /docs/admin/federation/
- - title: Using Multiple Clusters
- path: /docs/admin/multi-cluster/
+ - docs/admin/index.md
+ - docs/admin/cluster-management.md
+ - docs/admin/kubeadm.md
+ - docs/admin/addons.md
+ - docs/admin/namespaces/index.md
+ - docs/admin/namespaces/walkthrough.md
+ - docs/admin/limitrange/index.md
+ - docs/admin/resourcequota/index.md
+ - docs/admin/resourcequota/walkthrough.md
+ - docs/admin/cluster-components.md
+ - docs/admin/etcd.md
+ - docs/admin/multi-cluster.md
- title: Changing Cluster Size
path: https://github.com/kubernetes/kubernetes/wiki/User-FAQ#how-do-i-change-the-size-of-my-cluster/
- - title: Configuring Multiple Schedulers
- path: /docs/admin/multiple-schedulers/
- - title: Networking in Kubernetes
- path: /docs/admin/networking/
- - title: Using DNS Pods and Services
- path: /docs/admin/dns/
+ - docs/admin/multiple-schedulers.md
+ - docs/admin/networking.md
+ - docs/admin/dns.md
- title: Setting Up and Configuring DNS
path: https://github.com/kubernetes/kubernetes/tree/release-1.3/examples/cluster-dns
- - title: Master <-> Node Communication
- path: /docs/admin/master-node-communication/
- - title: Network Plugins
- path: /docs/admin/network-plugins/
- - title: Static Pods
- path: /docs/admin/static-pods/
- - title: Configuring kubelet Garbage Collection
- path: /docs/admin/garbage-collection/
- - title: Configuring Out Of Resource Handling
- path: /docs/admin/out-of-resource/
- - title: Configuring Kubernetes with Salt
- path: /docs/admin/salt/
- - title: Monitoring Node Health
- path: /docs/admin/node-problem/
- - title: AppArmor
- path: /docs/admin/apparmor/
+ - docs/admin/master-node-communication.md
+ - docs/admin/network-plugins.md
+ - docs/admin/static-pods.md
+ - docs/admin/garbage-collection.md
+ - docs/admin/out-of-resource.md
+ - docs/admin/salt.md
+ - docs/admin/node-problem.md
+ - docs/admin/apparmor/index.md
+
+- title: Administering Federation
+ section:
+ - /docs/admin/federation/kubfed/
+ - docs/admin/federation/index.md
diff --git a/_data/overrides.yml b/_data/overrides.yml
index d38226e61b..31f60a2a8a 100644
--- a/_data/overrides.yml
+++ b/_data/overrides.yml
@@ -8,12 +8,10 @@ overrides:
- path: docs/admin/kube-proxy.md
- path: docs/admin/kube-scheduler.md
- path: docs/admin/kubelet.md
-- changedpath: docs/api-reference/extensions/v1beta1/definitions.html _includes/v1.4/extensions-v1beta1-definitions.html
-- changedpath: docs/api-reference/extensions/v1beta1/operations.html _includes/v1.4/extensions-v1beta1-operations.html
-- changedpath: docs/api-reference/v1/definitions.html _includes/v1.4/v1-definitions.html
-- changedpath: docs/api-reference/v1/operations.html _includes/v1.4/v1-operations.html
+- changedpath: docs/api-reference/extensions/v1beta1/definitions.html _includes/v1.5/extensions-v1beta1-definitions.html
+- changedpath: docs/api-reference/extensions/v1beta1/operations.html _includes/v1.5/extensions-v1beta1-operations.html
+- changedpath: docs/api-reference/v1/definitions.html _includes/v1.5/v1-definitions.html
+- changedpath: docs/api-reference/v1/operations.html _includes/v1.5/v1-operations.html
- copypath: k8s/federation/docs/api-reference/ docs/federation/
- copypath: k8s/cluster/saltbase/salt/fluentd-gcp/fluentd-gcp.yaml docs/getting-started-guides/fluentd-gcp.yaml
-- copypath: k8s/examples/blog-logging/counter-pod.yaml docs/getting-started-guides/counter-pod.yaml
-- copypath: k8s/examples/blog-logging/counter-pod.yaml docs/user-guide/counter-pod.yaml
diff --git a/_data/reference.yml b/_data/reference.yml
index 6f71d1677c..dd095d623e 100644
--- a/_data/reference.yml
+++ b/_data/reference.yml
@@ -1,239 +1,148 @@
bigheader: "Reference Documentation"
abstract: "Design docs, concept definitions, and references for APIs and CLIs."
toc:
-- title: Reference Documentation
- path: /docs/reference/
+- docs/reference.md
- title: Kubernetes API
section:
- - title: Kubernetes API Overview
- path: /docs/api/
+ - docs/api.md
- title: Accessing the API
section:
- - title: Overview
- path: /docs/admin/accessing-the-api/
- - title: Authenticating
- path: /docs/admin/authentication/
- - title: Using Authorization Plugins
- path: /docs/admin/authorization/
- - title: Using Admission Controllers
- path: /docs/admin/admission-controllers/
- - title: Managing Service Accounts
- path: /docs/admin/service-accounts-admin/
- - title: Kubernetes API Operations
- path: /docs/api-reference/v1/operations/
- - title: Kubernetes API Definitions
- path: /docs/api-reference/v1/definitions/
- - title: Kubernetes API Swagger Spec
- path: /kubernetes/third_party/swagger-ui/
+ - docs/admin/accessing-the-api.md
+ - docs/admin/authentication.md
+ - docs/admin/authorization.md
+ - docs/admin/admission-controllers.md
+ - docs/admin/service-accounts-admin.md
+ - docs/api-reference/v1/operations.html
+ - docs/api-reference/v1/definitions.html
+ - kubernetes/third_party/swagger-ui/index.md
- title: Autoscaling API
section:
- - title: Autoscaling API Operations
- path: /docs/api-reference/autoscaling/v1/operations/
- - title: Autoscaling API Definitions
- path: /docs/api-reference/autoscaling/v1/definitions/
+ - docs/api-reference/autoscaling/v1/operations.html
+ - docs/api-reference/autoscaling/v1/definitions.html
- title: Batch API
section:
- - title: Batch API Operations
- path: /docs/api-reference/batch/v1/operations/
- - title: Batch API Definitions
- path: /docs/api-reference/batch/v1/definitions/
+ - docs/api-reference/batch/v1/operations.html
+ - docs/api-reference/batch/v1/definitions.html
+
+- title: Apps API
+ section:
+ - title: Apps API Operations
+ path: /docs/api-reference/apps/v1beta1/operations/
+ - title: Apps API Definitions
+ path: /docs/api-reference/apps/v1beta1/definitions/
- title: Extensions API
section:
- - title: Extensions API Operations
- path: /docs/api-reference/extensions/v1beta1/operations/
- - title: Extensions API Definitions
- path: /docs/api-reference/extensions/v1beta1/definitions/
+ - docs/api-reference/extensions/v1beta1/operations.html
+ - docs/api-reference/extensions/v1beta1/definitions.html
- title: kubectl CLI
section:
- - title: kubectl Overview
- path: /docs/user-guide/kubectl-overview/
- - title: kubectl for Docker Users
- path: /docs/user-guide/docker-cli-to-kubectl/
- - title: kubectl Usage Conventions
- path: /docs/user-guide/kubectl-conventions/
- - title: JSONpath Support
- path: /docs/user-guide/jsonpath/
- - title: kubectl Cheat Sheet
- path: /docs/user-guide/kubectl-cheatsheet/
+ - docs/user-guide/kubectl-overview.md
+ - docs/user-guide/docker-cli-to-kubectl.md
+ - docs/user-guide/kubectl-conventions.md
+ - docs/user-guide/jsonpath.md
+ - docs/user-guide/kubectl-cheatsheet.md
- title: kubectl Commands
section:
- - title: kubectl
- path: /docs/user-guide/kubectl/
- - title: kubectl annotate
- path: /docs/user-guide/kubectl/kubectl_annotate/
- - title: kubectl api-versions
- path: /docs/user-guide/kubectl/kubectl_api-versions/
- - title: kubectl apply
- path: /docs/user-guide/kubectl/kubectl_apply/
- - title: kubectl attach
- path: /docs/user-guide/kubectl/kubectl_attach/
- - title: kubectl autoscale
- path: /docs/user-guide/kubectl/kubectl_autoscale/
- - title: kubectl cluster-info
- path: /docs/user-guide/kubectl/kubectl_cluster-info/
- - title: kubectl config
- path: /docs/user-guide/kubectl/kubectl_config/
- - title: kubectl config current-context
- path: /docs/user-guide/kubectl/kubectl_config_current-context/
- - title: kubectl config set-cluster
- path: /docs/user-guide/kubectl/kubectl_config_set-cluster/
- - title: kubectl config set-context
- path: /docs/user-guide/kubectl/kubectl_config_set-context/
- - title: kubectl config set-credentials
- path: /docs/user-guide/kubectl/kubectl_config_set-credentials/
- - title: kubectl config set
- path: /docs/user-guide/kubectl/kubectl_config_set/
- - title: kubectl config unset
- path: /docs/user-guide/kubectl/kubectl_config_unset/
- - title: kubectl config use-context
- path: /docs/user-guide/kubectl/kubectl_config_use-context/
- - title: kubectl config view
- path: /docs/user-guide/kubectl/kubectl_config_view/
- - title: kubectl convert
- path: /docs/user-guide/kubectl/kubectl_convert/
- - title: kubectl cordon
- path: /docs/user-guide/kubectl/kubectl_cordon/
- - title: kubectl create
- path: /docs/user-guide/kubectl/kubectl_create/
- - title: kubectl create configmap
- path: /docs/user-guide/kubectl/kubectl_create_configmap/
- - title: kubectl create namespace
- path: /docs/user-guide/kubectl/kubectl_create_namespace/
- - title: kubectl create secret docker-registry
- path: /docs/user-guide/kubectl/kubectl_create_secret_docker-registry/
- - title: kubectl create secret
- path: /docs/user-guide/kubectl/kubectl_create_secret/
- - title: kubectl create secret generic
- path: /docs/user-guide/kubectl/kubectl_create_secret_generic/
- - title: kubectl create serviceaccount
- path: /docs/user-guide/kubectl/kubectl_create_serviceaccount/
- - title: kubectl delete
- path: /docs/user-guide/kubectl/kubectl_delete/
- - title: kubectl describe
- path: /docs/user-guide/kubectl/kubectl_describe/
- - title: kubectl drain
- path: /docs/user-guide/kubectl/kubectl_drain/
- - title: kubectl edit
- path: /docs/user-guide/kubectl/kubectl_edit/
- - title: kubectl exec
- path: /docs/user-guide/kubectl/kubectl_exec/
- - title: kubectl explain
- path: /docs/user-guide/kubectl/kubectl_explain/
- - title: kubectl expose
- path: /docs/user-guide/kubectl/kubectl_expose/
- - title: kubectl get
- path: /docs/user-guide/kubectl/kubectl_get/
- - title: kubectl label
- path: /docs/user-guide/kubectl/kubectl_label/
- - title: kubectl logs
- path: /docs/user-guide/kubectl/kubectl_logs/
- - title: kubectl patch
- path: /docs/user-guide/kubectl/kubectl_patch/
- - title: kubectl port-forward
- path: /docs/user-guide/kubectl/kubectl_port-forward/
- - title: kubectl proxy
- path: /docs/user-guide/kubectl/kubectl_proxy/
- - title: kubectl replace
- path: /docs/user-guide/kubectl/kubectl_replace/
- - title: kubectl rolling-update
- path: /docs/user-guide/kubectl/kubectl_rolling-update/
- - title: kubectl rollout
- path: /docs/user-guide/kubectl/kubectl_rollout/
- - title: kubectl rollout history
- path: /docs/user-guide/kubectl/kubectl_rollout_history/
- - title: kubectl rollout pause
- path: /docs/user-guide/kubectl/kubectl_rollout_pause/
- - title: kubectl rollout resume
- path: /docs/user-guide/kubectl/kubectl_rollout_resume/
- - title: kubectl rollout undo
- path: /docs/user-guide/kubectl/kubectl_rollout_undo/
- - title: kubectl run
- path: /docs/user-guide/kubectl/kubectl_run/
- - title: kubectl scale
- path: /docs/user-guide/kubectl/kubectl_scale/
- - title: kubectl uncordon
- path: /docs/user-guide/kubectl/kubectl_uncordon/
- - title: kubectl version
- path: /docs/user-guide/kubectl/kubectl_version/
+ - docs/user-guide/kubectl/index.md
+ - docs/user-guide/kubectl/kubectl_annotate.md
+ - docs/user-guide/kubectl/kubectl_api-versions.md
+ - docs/user-guide/kubectl/kubectl_apply.md
+ - docs/user-guide/kubectl/kubectl_attach.md
+ - docs/user-guide/kubectl/kubectl_autoscale.md
+ - docs/user-guide/kubectl/kubectl_cluster-info.md
+ - docs/user-guide/kubectl/kubectl_config.md
+ - docs/user-guide/kubectl/kubectl_config_current-context.md
+ - docs/user-guide/kubectl/kubectl_config_set-cluster.md
+ - docs/user-guide/kubectl/kubectl_config_set-context.md
+ - docs/user-guide/kubectl/kubectl_config_set-credentials.md
+ - docs/user-guide/kubectl/kubectl_config_set.md
+ - docs/user-guide/kubectl/kubectl_config_unset.md
+ - docs/user-guide/kubectl/kubectl_config_use-context.md
+ - docs/user-guide/kubectl/kubectl_config_view.md
+ - docs/user-guide/kubectl/kubectl_convert.md
+ - docs/user-guide/kubectl/kubectl_cordon.md
+ - docs/user-guide/kubectl/kubectl_create.md
+ - docs/user-guide/kubectl/kubectl_create_configmap.md
+ - docs/user-guide/kubectl/kubectl_create_namespace.md
+ - docs/user-guide/kubectl/kubectl_create_secret_docker-registry.md
+ - docs/user-guide/kubectl/kubectl_create_secret.md
+ - docs/user-guide/kubectl/kubectl_create_secret_generic.md
+ - docs/user-guide/kubectl/kubectl_create_serviceaccount.md
+ - docs/user-guide/kubectl/kubectl_delete.md
+ - docs/user-guide/kubectl/kubectl_describe.md
+ - docs/user-guide/kubectl/kubectl_drain.md
+ - docs/user-guide/kubectl/kubectl_edit.md
+ - docs/user-guide/kubectl/kubectl_exec.md
+ - docs/user-guide/kubectl/kubectl_explain.md
+ - docs/user-guide/kubectl/kubectl_expose.md
+ - docs/user-guide/kubectl/kubectl_get.md
+ - docs/user-guide/kubectl/kubectl_label.md
+ - docs/user-guide/kubectl/kubectl_logs.md
+ - docs/user-guide/kubectl/kubectl_patch.md
+ - docs/user-guide/kubectl/kubectl_port-forward.md
+ - docs/user-guide/kubectl/kubectl_proxy.md
+ - docs/user-guide/kubectl/kubectl_replace.md
+ - docs/user-guide/kubectl/kubectl_rolling-update.md
+ - docs/user-guide/kubectl/kubectl_rollout.md
+ - docs/user-guide/kubectl/kubectl_rollout_history.md
+ - docs/user-guide/kubectl/kubectl_rollout_pause.md
+ - docs/user-guide/kubectl/kubectl_rollout_resume.md
+ - docs/user-guide/kubectl/kubectl_rollout_undo.md
+ - docs/user-guide/kubectl/kubectl_run.md
+ - docs/user-guide/kubectl/kubectl_scale.md
+ - docs/user-guide/kubectl/kubectl_uncordon.md
+ - docs/user-guide/kubectl/kubectl_version.md
- title: Superseded and Deprecated Commands
section:
- - title: kubectl namespace
- path: /docs/user-guide/kubectl/kubectl_namespace/
- - title: kubectl stop
- path: /docs/user-guide/kubectl/kubectl_stop/
+ - /docs/user-guide/kubectl/kubectl_namespace/
+ - docs/user-guide/kubectl/kubectl_stop.md
- title: Kubernetes Components
section:
- - title: kube-apiserver
- path: /docs/admin/kube-apiserver/
- - title: kube-controller-manager
- path: /docs/admin/kube-controller-manager/
- - title: kube-proxy
- path: /docs/admin/kube-proxy/
- - title: kube-scheduler
- path: /docs/admin/kube-scheduler/
+ - docs/admin/kube-apiserver.md
+ - docs/admin/kube-controller-manager.md
+ - docs/admin/kube-proxy.md
+ - docs/admin/kube-scheduler.md
- title: kubelet
- path: /docs/admin/kubelet/
+ section:
+ - docs/admin/kubelet.md
+ - docs/admin/master-node-communication.md
+ - docs/admin/kubelet-tls-bootstrapping.md
+ - docs/admin/kubelet-authentication-authorization.md
- title: Glossary
section:
- - title: Annotations
- path: /docs/user-guide/annotations/
- - title: Daemon Sets
- path: /docs/admin/daemons/
- - title: Deployments
- path: /docs/user-guide/deployments/
- - title: Horizontal Pod Autoscaling
- path: /docs/user-guide/horizontal-pod-autoscaling/
- - title: Images
- path: /docs/user-guide/images/
- - title: Ingress Resources
- path: /docs/user-guide/ingress/
- - title: Jobs
- path: /docs/user-guide/jobs/
- - title: Labels and Selectors
- path: /docs/user-guide/labels/
- - title: Names
- path: /docs/user-guide/identifiers/
- - title: Namespaces
- path: /docs/user-guide/namespaces/
- - title: Network Policies
- path: /docs/user-guide/networkpolicies/
- - title: Nodes
- path: /docs/admin/node/
- - title: Persistent Volumes
- path: /docs/user-guide/persistent-volumes/
- - title: Pet Sets
- path: /docs/user-guide/petset/
- - title: Pods
- path: /docs/user-guide/pods/
- - title: Pod Security Policies
- path: /docs/user-guide/pod-security-policy/
- - title: Replica Sets
- path: /docs/user-guide/replicasets/
- - title: Replication Controller
- path: /docs/user-guide/replication-controller/
- - title: Resource Quotas
- path: /docs/admin/resourcequota/
- - title: Cron Jobs
- path: /docs/user-guide/cron-jobs/
- - title: Secrets
- path: /docs/user-guide/secrets/
- - title: Security Context
- path: /docs/user-guide/security-context/
- - title: Services
- path: /docs/user-guide/services/
- - title: Service Accounts
- path: /docs/user-guide/service-accounts/
- - title: Third Party Resources
- path: /docs/user-guide/thirdpartyresources/
- - title: Volumes
- path: /docs/user-guide/volumes/
+ - docs/user-guide/annotations.md
+ - docs/admin/daemons.md
+ - docs/user-guide/deployments.md
+ - docs/user-guide/horizontal-pod-autoscaling/index.md
+ - docs/user-guide/images.md
+ - docs/user-guide/ingress.md
+ - docs/user-guide/jobs.md
+ - docs/user-guide/labels.md
+ - docs/user-guide/identifiers.md
+ - docs/user-guide/namespaces.md
+ - docs/user-guide/networkpolicies.md
+ - docs/admin/node.md
+ - docs/user-guide/persistent-volumes/index.md
+ - docs/user-guide/petset.md
+ - docs/user-guide/pods/index.md
+ - docs/user-guide/pod-security-policy/index.md
+ - docs/user-guide/replicasets.md
+ - docs/user-guide/replication-controller/index.md
+ - docs/admin/resourcequota/index.md
+ - docs/user-guide/cron-jobs.md
+ - docs/user-guide/secrets/index.md
+ - docs/user-guide/security-context.md
+ - docs/user-guide/services/index.md
+ - docs/user-guide/service-accounts.md
+ - docs/user-guide/thirdpartyresources.md
+ - docs/user-guide/volumes.md
- title: Kubernetes Design Docs
section:
@@ -243,8 +152,7 @@ toc:
path: https://github.com/kubernetes/kubernetes/blob/release-1.3/docs/design/
- title: Kubernetes Identity and Access Management
path: https://github.com/kubernetes/kubernetes/blob/release-1.3/docs/design/access.md
- - title: Kubernetes OpenVSwitch GRE/VxLAN networking
- path: /docs/admin/ovs-networking/
+ - docs/admin/ovs-networking.md
- title: Security Contexts
path: https://github.com/kubernetes/kubernetes/blob/release-1.3/docs/design/security_context.md
- title: Security in Kubernetes
@@ -252,23 +160,18 @@ toc:
- title: Federation
section:
- - title: Federation User Guide
- path: /docs/user-guide/federation/
- - title: Federated Events
- path: /docs/user-guide/federation/events/
- - title: Federated Ingress
- path: /docs/user-guide/federation/federated-ingress/
- - title: Federated Namespaces
- path: /docs/user-guide/federation/namespaces/
- - title: Federated ReplicaSets
- path: /docs/user-guide/federation/replicasets/
- - title: Federated Secrets
- path: /docs/user-guide/federation/secrets/
- - title: Federation API
- path: /docs/federation/api-reference/README/
+ - docs/user-guide/federation/index.md
+ - docs/user-guide/federation/configmap.md
+ - docs/user-guide/federation/daemonsets.md
+ - docs/user-guide/federation/deployment.md
+ - docs/user-guide/federation/events.md
+ - docs/user-guide/federation/federated-ingress.md
+ - docs/user-guide/federation/namespaces.md
+ - docs/user-guide/federation/replicasets.md
+ - docs/user-guide/federation/secrets.md
+ - docs/federation/api-reference/README.md
- title: Federation Components
section:
- - title: federation-apiserver
- path: /docs/admin/federation-apiserver
+ - docs/admin/federation-apiserver.md
- title : federation-controller-mananger
path: /docs/admin/federation-controller-manager
diff --git a/_data/samples.yml b/_data/samples.yml
index 3a9f0bcf28..e94f2b3223 100644
--- a/_data/samples.yml
+++ b/_data/samples.yml
@@ -1,8 +1,7 @@
bigheader: "Samples"
abstract: "A collection of example applications that show how to use Kubernetes."
toc:
-- title: Samples
- path: /docs/samples/
+- docs/samples.md
- title: Storage / Database / KV
section:
@@ -67,8 +66,7 @@ toc:
path: https://github.com/kubernetes/kubernetes/tree/release-1.3/examples/guestbook-go/
- title: GuestBook - PHP Server
path: https://github.com/kubernetes/kubernetes/tree/release-1.3/examples/guestbook/
- - title: MEAN stack on Google Cloud Platform
- path: /docs/getting-started-guides/meanstack/
+ - docs/getting-started-guides/meanstack.md
- title: MySQL + Wordpress
path: https://github.com/kubernetes/kubernetes/tree/release-1.3/examples/mysql-wordpress-pd/
- title: MySQL + Phabricator Server
diff --git a/_data/support.yml b/_data/support.yml
index 3e9ec08ee4..efb049ccb1 100644
--- a/_data/support.yml
+++ b/_data/support.yml
@@ -1,36 +1,25 @@
bigheader: "Support"
abstract: "Troubleshooting resources, frequently asked questions, and community support channels."
toc:
-- title: Support
- path: /docs/troubleshooting/
+- docs/troubleshooting.md
- title: Contributing to the Kubernetes Docs
section:
- - title: Creating a Documentation Pull Request
- path: /docs/contribute/create-pull-request/
- - title: Writing a New Topic
- path: /docs/contribute/write-new-topic/
- - title: Staging Your Documentation Changes
- path: /docs/contribute/stage-documentation-changes/
- - title: Using Page Templates
- path: /docs/contribute/page-templates/
- - title: Documentation Style Guide
- path: /docs/contribute/style-guide/
+ - editdocs.md
+ - docs/contribute/create-pull-request.md
+ - docs/contribute/write-new-topic.md
+ - docs/contribute/stage-documentation-changes.md
+ - docs/contribute/page-templates.md
+ - docs/contribute/style-guide.md
- title: Troubleshooting
section:
- - title: Debugging Pods and Replication Controllers
- path: /docs/user-guide/debugging-pods-and-replication-controllers/
- - title: Application Introspection and Debugging
- path: /docs/user-guide/introspection-and-debugging/
- - title: Retrieving Logs
- path: /docs/user-guide/logging/
- - title: Troubleshooting Applications
- path: /docs/user-guide/application-troubleshooting/
- - title: Troubleshooting Clusters
- path: /docs/admin/cluster-troubleshooting/
- - title: Debugging Services
- path: /docs/user-guide/debugging-services/
+ - docs/user-guide/debugging-pods-and-replication-controllers.md
+ - docs/user-guide/introspection-and-debugging.md
+ - docs/user-guide/logging.md
+ - docs/user-guide/application-troubleshooting.md
+ - docs/admin/cluster-troubleshooting.md
+ - docs/user-guide/debugging-services.md
- title: Frequently Asked Questions
section:
@@ -45,11 +34,8 @@ toc:
section:
- title: Kubernetes Issue Tracker on GitHub
path: https://github.com/kubernetes/kubernetes/issues/
- - title: Report a Security Vulnerability
- path: /docs/reporting-security-issues/
+ - docs/reporting-security-issues.md
- title: Release Notes
path: https://github.com/kubernetes/kubernetes/releases/
- title: Release Roadmap
path: https://github.com/kubernetes/kubernetes/milestones/
- - title: Contributing to Kubernetes Documentation
- path: /editdocs/
diff --git a/_data/tasks.yml b/_data/tasks.yml
index 9898fae32f..05a880637a 100644
--- a/_data/tasks.yml
+++ b/_data/tasks.yml
@@ -1,34 +1,44 @@
bigheader: "Tasks"
abstract: "Step-by-step instructions for performing operations with Kuberentes."
toc:
-- title: Tasks
- path: /docs/tasks/
+- docs/tasks/index.md
+
- title: Configuring Pods and Containers
section:
- - title: Defining Environment Variables for a Container
- path: /docs/tasks/configure-pod-container/define-environment-variable-container/
- - title: Defining a Command and Arguments for a Container
- path: /docs/tasks/configure-pod-container/define-command-argument-container/
- - title: Assigning CPU and RAM Resources to a Container
- path: /docs/tasks/configure-pod-container/assign-cpu-ram-container/
+ - docs/tasks/configure-pod-container/define-environment-variable-container.md
+ - docs/tasks/configure-pod-container/define-command-argument-container.md
+ - docs/tasks/configure-pod-container/assign-cpu-ram-container.md
+ - docs/tasks/configure-pod-container/configure-volume-storage.md
+ - docs/tasks/configure-pod-container/distribute-credentials-secure.md
+
- title: Accessing Applications in a Cluster
section:
- - title: Using Port Forwarding to Access Applications in a Cluster
- path: /docs/tasks/access-application-cluster/port-forward-access-application-cluster/
-
+ - docs/tasks/access-application-cluster/port-forward-access-application-cluster.md
- title: Debugging Applications in a Cluster
section:
- - title: Determining the Reason for Pod Failure
- path: /docs/tasks/debug-application-cluster/determine-reason-pod-failure/
-
+ - docs/tasks/debug-application-cluster/determine-reason-pod-failure.md
- title: Accessing the Kubernetes API
section:
- - title: Using an HTTP Proxy to Access the Kubernetes API
- path: /docs/tasks/access-kubernetes-api/http-proxy-access-api/
+ - docs/tasks/access-kubernetes-api/http-proxy-access-api.md
+
- title: Administering a Cluster
section:
- - title: Assigning Pods to Nodes
- path: /docs/tasks/administer-cluster/assign-pods-nodes/
+ - docs/tasks/administer-cluster/assign-pods-nodes.md
+ - docs/tasks/administer-cluster/dns-horizontal-autoscaling.md
+ - docs/tasks/administer-cluster/safely-drain-node.md
+
+- title: Managing Stateful Applications
+ section:
+ - docs/tasks/manage-stateful-set/upgrade-pet-set-to-stateful-set.md
+ - docs/tasks/manage-stateful-set/scale-stateful-set.md
+ - docs/tasks/manage-stateful-set/deleting-a-statefulset.md
+ - docs/tasks/manage-stateful-set/debugging-a-statefulset.md
+ - docs/tasks/manage-stateful-set/delete-pods.md
+
+- title: Troubleshooting
+ section:
+ - docs/tasks/troubleshoot/debug-init-containers.md
+ - /docs/tasks/administer-cluster/access-control-identity-management/
diff --git a/_data/tools.yml b/_data/tools.yml
index cf2afca34c..6b743c2e95 100644
--- a/_data/tools.yml
+++ b/_data/tools.yml
@@ -1,5 +1,4 @@
bigheader: "Tools"
abstract: "Tools to help you use and enhance Kubernetes."
toc:
-- title: Tools
- path: /docs/tools/
+- docs/tools/index.md
diff --git a/_data/tutorials.yml b/_data/tutorials.yml
index 61555427d1..a4ff243bfb 100644
--- a/_data/tutorials.yml
+++ b/_data/tutorials.yml
@@ -1,57 +1,42 @@
bigheader: "Tutorials"
abstract: "Detailed walkthroughs of common Kubernetes operations and workflows."
toc:
-- title: Tutorials
- path: /docs/tutorials/
+- docs/tutorials/index.md
- title: Kubernetes Basics
section:
- - title: Overview
- path: /docs/tutorials/kubernetes-basics/
+ - docs/tutorials/kubernetes-basics/index.html
- title: 1. Create a Cluster
section:
- - title: Using Minikube to Create a Cluster
- path: /docs/tutorials/kubernetes-basics/cluster-intro/
- - title: Interactive Tutorial - Creating a Cluster
- path: /docs/tutorials/kubernetes-basics/cluster-interactive/
+ - docs/tutorials/kubernetes-basics/cluster-intro.html
+ - docs/tutorials/kubernetes-basics/cluster-interactive.html
- title: 2. Deploy an App
section:
- - title: Using kubectl to Create a Deployment
- path: /docs/tutorials/kubernetes-basics/deploy-intro/
- - title: Interactive Tutorial - Deploying an App
- path: /docs/tutorials/kubernetes-basics/deploy-interactive/
+ - docs/tutorials/kubernetes-basics/deploy-intro.html
+ - docs/tutorials/kubernetes-basics/deploy-interactive.html
- title: 3. Explore Your App
section:
- - title: Viewing Pods and Nodes
- path: /docs/tutorials/kubernetes-basics/explore-intro/
- - title: Interactive Tutorial - Exploring Your App
- path: /docs/tutorials/kubernetes-basics/explore-interactive/
+ - docs/tutorials/kubernetes-basics/explore-intro.html
+ - docs/tutorials/kubernetes-basics/explore-interactive.html
- title: 4. Expose Your App Publicly
section:
- - title: Using a Service to Expose Your App
- path: /docs/tutorials/kubernetes-basics/expose-intro/
- - title: Interactive Tutorial - Exposing Your App
- path: /docs/tutorials/kubernetes-basics/expose-interactive/
+ - docs/tutorials/kubernetes-basics/expose-intro.html
+ - docs/tutorials/kubernetes-basics/expose-interactive.html
- title: 5. Scale Your App
section:
- - title: Running Multiple Instances of Your App
- path: /docs/tutorials/kubernetes-basics/scale-intro/
- - title: Interactive Tutorial - Scaling Your App
- path: /docs/tutorials/kubernetes-basics/scale-interactive/
+ - docs/tutorials/kubernetes-basics/scale-intro.html
+ - docs/tutorials/kubernetes-basics/scale-interactive.html
- title: 6. Update Your App
section:
- - title: Performing a Rolling Update
- path: /docs/tutorials/kubernetes-basics/update-intro/
- - title: Interactive Tutorial - Updating Your App
- path: /docs/tutorials/kubernetes-basics/update-interactive/
+ - docs/tutorials/kubernetes-basics/update-intro.html
+ - docs/tutorials/kubernetes-basics/update-interactive.html
- title: Stateless Applications
section:
- - title: Running a Stateless Application Using a Deployment
- path: /docs/tutorials/stateless-application/run-stateless-application-deployment/
- - title: Using a Service to Access an Application in a Cluster
- path: /docs/tutorials/stateless-application/expose-external-ip-address-service/
- - title: Exposing an External IP Address to Access an Application in a Cluster
- path: /docs/tutorials/stateless-application/expose-external-ip-address/
+ - docs/tutorials/stateless-application/run-stateless-application-deployment.md
+ - docs/tutorials/stateless-application/expose-external-ip-address-service.md
+ - docs/tutorials/stateless-application/expose-external-ip-address.md
- title: Stateful Applications
section:
- - title: Running a Single-Instance Stateful Application
- path: /docs/tutorials/stateful-application/run-stateful-application/
+ - docs/tutorials/stateful-application/basic-stateful-set.md
+ - docs/tutorials/stateful-application/run-stateful-application.md
+ - docs/tutorials/stateful-application/run-replicated-stateful-application.md
+ - docs/tutorials/stateful-application/zookeeper.md
diff --git a/_includes/default-storage-class-prereqs.md b/_includes/default-storage-class-prereqs.md
new file mode 100644
index 0000000000..a4747d9032
--- /dev/null
+++ b/_includes/default-storage-class-prereqs.md
@@ -0,0 +1,6 @@
+You need to either have a dynamic PersistentVolume provisioner with a default
+[StorageClass](/docs/user-guide/persistent-volumes/#storageclasses),
+or [statically provision PersistentVolumes](/docs/user-guide/persistent-volumes/#provisioning)
+yourself to satisfy the [PersistentVolumeClaims](/docs/user-guide/persistent-volumes/#persistentvolumeclaims)
+used here.
+
diff --git a/_includes/footer.html b/_includes/footer.html
index 5e724f710c..0f9e67544a 100644
--- a/_includes/footer.html
+++ b/_includes/footer.html
@@ -24,6 +24,11 @@
Contribute to the K8s codebase
-
DesiredNumberScheduled is the total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: http://releases.k8s.io/HEAD/docs/admin/daemons.md
+
true
+
integer (int32)
+
+
+
+
numberReady
+
NumberReady is the number of nodes that should be running the daemon pod and have one or more of the daemon pod running and ready.
+
true
+
integer (int32)
+
+
+
+
+
+
+
+
v1beta1.Job
+
+
Job represents the configuration of a single job. DEPRECATED: extensions/v1beta1.Job is deprecated, use batch/v1.Job instead.
ObjectFieldSelector selects an APIVersioned field of an object.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
apiVersion
+
Version of the schema the FieldPath is written in terms of, defaults to "v1".
+
false
+
string
+
+
+
+
fieldPath
+
Path of the field to select in the specified API version.
+
true
+
string
+
+
+
+
+
+
+
+
v1.SELinuxOptions
+
+
SELinuxOptions are the labels to be applied to the container
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
user
+
User is a SELinux user label that applies to the container.
+
false
+
string
+
+
+
+
role
+
Role is a SELinux role label that applies to the container.
+
false
+
string
+
+
+
+
type
+
Type is a SELinux type label that applies to the container.
+
false
+
string
+
+
+
+
level
+
Level is SELinux level label that applies to the container.
+
false
+
string
+
+
+
+
+
+
+
+
v1.VolumeMount
+
+
VolumeMount describes a mounting of a Volume within a container.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
name
+
This must match the Name of a Volume.
+
true
+
string
+
+
+
+
readOnly
+
Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
+
false
+
boolean
+
false
+
+
+
mountPath
+
Path within the container at which the volume should be mounted. Must not contain :.
+
true
+
string
+
+
+
+
subPath
+
Path within the volume from which the container’s volume should be mounted. Defaults to "" (volume’s root).
+
false
+
string
+
+
+
+
+
+
+
+
v1beta1.IngressSpec
+
+
IngressSpec describes the Ingress the user wishes to exist.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
backend
+
A default backend capable of servicing requests that don’t match any rule. At least one of backend or rules must be specified. This field is optional to allow the loadbalancer controller or defaulting logic to specify a global default.
TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.
Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
+
false
+
integer (int32)
+
+
+
+
+
+
+
+
unversioned.StatusCause
+
+
StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
reason
+
A machine-readable description of the cause of the error. If this value is empty there is no information available.
+
false
+
string
+
+
+
+
message
+
A human-readable description of the cause of the error. This field may be presented as-is to a reader.
+
false
+
string
+
+
+
+
field
+
The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.
+
+Examples:
+ "name" - the field "name" on the current resource
+ "items[0].name" - the field "name" on the first array entry in "items"
+
false
+
string
+
+
+
+
+
+
+
+
v1beta1.ReplicaSetCondition
+
+
ReplicaSetCondition describes the state of a replica set at a certain point.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
type
+
Type of replica set condition.
+
true
+
string
+
+
+
+
status
+
Status of the condition, one of True, False, Unknown.
+
true
+
string
+
+
+
+
lastTransitionTime
+
The last time the condition transitioned from one status to another.
+
false
+
string (date-time)
+
+
+
+
reason
+
The reason for the condition’s last transition.
+
false
+
string
+
+
+
+
message
+
A human readable message indicating details about the transition.
+
false
+
string
+
+
+
+
+
+
+
+
v1beta1.NetworkPolicyList
+
+
Network Policy List is a list of NetworkPolicy objects.
Represents a Persistent Disk resource in Google Compute Engine.
+
+
+
A GCE PD must exist before mounting to a container. The disk must also be in the same GCE project and zone as the kubelet. A GCE PD can only be mounted as read/write once or read-only many times. GCE PDs support ownership management and SELinux relabeling.
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#gcepersistentdisk
+
false
+
string
+
+
+
+
partition
+
The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: http://kubernetes.io/docs/user-guide/volumes#gcepersistentdisk
Spec to control the desired behavior of rolling update.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
maxUnavailable
+
The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0 if MaxSurge is 0. By default, a fixed value of 1 is used. Example: when this is set to 30%, the old RC can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old RC can be scaled down further, followed by scaling up the new RC, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.
+
false
+
string
+
+
+
+
maxSurge
+
The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. By default, a value of 1 is used. Example: when this is set to 30%, the new RC can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new RC can be scaled up further, ensuring that total number of pods running at any time during the update is atmost 130% of desired pods.
+
false
+
string
+
+
+
+
+
+
+
+
v1beta1.HTTPIngressRuleValue
+
+
HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http://<host>/<path>?<searchpart> → backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last / and before the first ? or #.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
paths
+
A collection of paths that map requests to backends.
The contents of the target ConfigMap’s Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. ConfigMap volumes support ownership management and SELinux relabeling.
If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error. Paths must be relative and may not contain the .. path or start with ...
Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
+
false
+
integer (int32)
+
+
+
+
+
+
+
+
v1.GitRepoVolumeSource
+
+
Represents a volume that is populated with the contents of a git repository. Git repo volumes do not support ownership management. Git repo volumes support SELinux relabeling.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
repository
+
Repository URL
+
true
+
string
+
+
+
+
revision
+
Commit hash for the specified revision.
+
false
+
string
+
+
+
+
directory
+
Target directory name. Must not contain or start with ... If . is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.
StartTime represents time when the job was acknowledged by the Job Manager. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.
+
false
+
string (date-time)
+
+
+
+
completionTime
+
CompletionTime represents time when the job was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.
+
false
+
string (date-time)
+
+
+
+
active
+
Active is the number of actively running pods.
+
false
+
integer (int32)
+
+
+
+
succeeded
+
Succeeded is the number of pods which reached Phase Succeeded.
+
false
+
integer (int32)
+
+
+
+
failed
+
Failed is the number of pods which reached Phase Failed.
+
false
+
integer (int32)
+
+
+
+
+
+
+
+
v1.Capabilities
+
+
Adds and removes POSIX capabilities from running containers.
Command is the command line to execute inside the container, the working directory for the command is root (/) in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('
+
', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+
false
+
string array
+
+
+
+
+
+
+
v1.ObjectMeta
+
+
ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
name
+
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
+
false
+
string
+
+
+
+
generateName
+
GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.
+
+If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
+
+Applied only if Name is not specified. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#idempotency
+
false
+
string
+
+
+
+
namespace
+
Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
+
+Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces
+
false
+
string
+
+
+
+
selfLink
+
SelfLink is a URL representing this object. Populated by the system. Read-only.
+
false
+
string
+
+
+
+
uid
+
UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
+
+Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+
false
+
string
+
+
+
+
resourceVersion
+
An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
+
+Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#concurrency-control-and-consistency
+
false
+
string
+
+
+
+
generation
+
A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
+
false
+
integer (int64)
+
+
+
+
creationTimestamp
+
CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
+
+Populated by the system. Read-only. Null for lists. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata
+
false
+
string (date-time)
+
+
+
+
deletionTimestamp
+
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.
+
+Populated by the system when a graceful deletion is requested. Read-only. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata
+
false
+
string (date-time)
+
+
+
+
deletionGracePeriodSeconds
+
Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
+
false
+
integer (int64)
+
+
+
+
labels
+
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
+
false
+
object
+
+
+
+
annotations
+
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
+
false
+
object
+
+
+
+
ownerReferences
+
List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.
+
false
+
string array
+
+
+
+
clusterName
+
The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
+
false
+
string
+
+
+
+
+
+
+
+
v1beta1.ReplicaSetSpec
+
+
ReplicaSetSpec is the specification of a ReplicaSet.
Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)
+
false
+
integer (int32)
+
+
+
+
selector
+
Selector is a label query over pods that should match the replica count. If the selector is empty, it is defaulted to the labels present on the pod template. Label keys and values that must match in order to be controlled by this replica set. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors
Template is the object that describes the pod that will be created. The DaemonSet will create exactly one copy of this pod on every node that matches the template’s node selector (or on every node if no node selector is specified). More info: http://kubernetes.io/docs/user-guide/replication-controller#pod-template
AzureFile represents an Azure File Service mount on the host and bind mount to the pod.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
secretName
+
the name of secret that contains Azure Storage Account Name and Key
+
true
+
string
+
+
+
+
shareName
+
Share Name
+
true
+
string
+
+
+
+
readOnly
+
Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
+
false
+
boolean
+
false
+
+
+
+
+
+
+
types.UID
+
+
+
+
v1.ISCSIVolumeSource
+
+
Represents an ISCSI disk. ISCSI volumes can only be mounted as read/write once. ISCSI volumes support ownership management and SELinux relabeling.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
targetPortal
+
iSCSI target portal. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
+
true
+
string
+
+
+
+
iqn
+
Target iSCSI Qualified Name.
+
true
+
string
+
+
+
+
lun
+
iSCSI target lun number.
+
true
+
integer (int32)
+
+
+
+
iscsiInterface
+
Optional: Defaults to default (tcp). iSCSI interface name that uses an iSCSI transport.
+
false
+
string
+
+
+
+
fsType
+
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#iscsi
+
false
+
string
+
+
+
+
readOnly
+
ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.
+
false
+
boolean
+
false
+
+
+
+
+
+
+
v1.EmptyDirVolumeSource
+
+
Represents an empty directory for a pod. Empty directory volumes support ownership management and SELinux relabeling.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
medium
+
What type of storage medium should back this directory. The default is "" which means to use the node’s default medium. Must be an empty string (default) or Memory. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir
desired number of instances for the scaled object.
+
false
+
integer (int32)
+
+
+
+
+
+
+
+
unversioned.Patch
+
+
Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.
+
+
+
+
v1.FlockerVolumeSource
+
+
Represents a Flocker volume mounted by the Flocker agent. One and only one of datasetName and datasetUUID should be set. Flocker volumes do not support ownership management or SELinux relabeling.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
datasetName
+
Name of the dataset stored as metadata → name on the dataset for Flocker should be considered as deprecated
+
false
+
string
+
+
+
+
datasetUUID
+
UUID of the dataset. This is unique identifier of a Flocker dataset
+
false
+
string
+
+
+
+
+
+
+
+
v1.PersistentVolumeClaimVolumeSource
+
+
PersistentVolumeClaimVolumeSource references the user’s PVC in the same namespace. This volume finds the bound PV and mounts that volume for the pod. A PersistentVolumeClaimVolumeSource is, essentially, a wrapper around another type of volume that is owned by someone else (the system).
Will force the ReadOnly setting in VolumeMounts. Default false.
+
false
+
boolean
+
false
+
+
+
+
+
+
+
unversioned.ListMeta
+
+
ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
selfLink
+
SelfLink is a URL representing this object. Populated by the system. Read-only.
A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
matchLabels
+
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
+
false
+
object
+
+
+
+
matchExpressions
+
matchExpressions is a list of label selector requirements. The requirements are ANDed.
The revision to rollback to. If set to 0, rollbck to the last revision.
+
false
+
integer (int64)
+
+
+
+
+
+
+
+
v1.SecretVolumeSource
+
+
Adapts a Secret into a volume.
+
+
+
The contents of the target Secret’s Data field will be presented in a volume as files using the keys in the Data field as the file names. Secret volumes support ownership management and SELinux relabeling.
If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error. Paths must be relative and may not contain the .. path or start with ...
Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
+
false
+
integer (int32)
+
+
+
+
+
+
+
+
v1.EnvVarSource
+
+
EnvVarSource represents a source for the value of an EnvVar.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
fieldRef
+
Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, spec.nodeName, spec.serviceAccountName, status.podIP.
Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. This is an alpha feature and may change in future.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
driver
+
Driver is the name of the driver to use for this volume.
+
true
+
string
+
+
+
+
fsType
+
Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
+
false
+
string
+
+
+
+
secretRef
+
Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.
Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+
false
+
string
+
+
+
+
readOnly
+
Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
+
false
+
boolean
+
false
+
+
+
+
+
+
+
v1.KeyToPath
+
+
Maps a string key to a path within a volume.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
key
+
The key to project.
+
true
+
string
+
+
+
+
path
+
The relative path of the file to map the key to. May not be an absolute path. May not contain the path element ... May not start with the string ...
+
true
+
string
+
+
+
+
mode
+
Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
+
false
+
integer (int32)
+
+
+
+
+
+
+
+
v1.VsphereVirtualDiskVolumeSource
+
+
Represents a vSphere volume resource.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
volumePath
+
Path that identifies vSphere volume vmdk
+
true
+
string
+
+
+
+
fsType
+
Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+
false
+
string
+
+
+
+
+
+
+
+
v1.DeleteOptions
+
+
DeleteOptions may be provided when deleting an API object
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int64)
+
+
+
+
preconditions
+
Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.
HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: http://kubernetes.io/docs/user-guide/volumes#hostpath
FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. This is an alpha feature and may change in future.
How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
+
false
+
integer (int32)
+
+
+
+
successThreshold
+
Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1.
+
false
+
integer (int32)
+
+
+
+
failureThreshold
+
Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+
false
+
integer (int32)
+
+
+
+
+
+
+
+
v1beta1.DeploymentSpec
+
+
DeploymentSpec is the specification of the desired behavior of the Deployment.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
replicas
+
Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.
+
false
+
integer (int32)
+
+
+
+
selector
+
Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment.
Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)
+
false
+
integer (int32)
+
+
+
+
revisionHistoryLimit
+
The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified.
+
false
+
integer (int32)
+
+
+
+
paused
+
Indicates that the deployment is paused and will not be processed by the deployment controller.
+
false
+
boolean
+
false
+
+
+
rollbackTo
+
The config this deployment is rolling back to. Will be cleared after rollback is done.
The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Once autoRollback is implemented, the deployment controller will automatically rollback failed deployments. Note that progress will not be estimated during the time a deployment is paused. This is not set by default.
+
false
+
integer (int32)
+
+
+
+
+
+
+
+
unversioned.APIResourceList
+
+
APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.
The key of the secret to select from. Must be a valid secret key.
+
true
+
string
+
+
+
+
+
+
+
+
v1.Capability
+
+
+
+
unversioned.APIResource
+
+
APIResource specifies the name of a resource and whether it is namespaced.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
name
+
name is the name of the resource.
+
true
+
string
+
+
+
+
namespaced
+
namespaced indicates if a resource is namespaced or not.
+
true
+
boolean
+
false
+
+
+
kind
+
kind is the kind for the resource (e.g. Foo is the kind for a resource foo)
+
true
+
string
+
+
+
+
+
+
+
+
v1.DownwardAPIVolumeFile
+
+
DownwardAPIVolumeFile represents information to create the file containing the pod field
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
path
+
Required: Path is the relative path name of the file to be created. Must not be absolute or contain the .. path. Must be utf-8 encoded. The first item of the relative path must not start with ..
+
true
+
string
+
+
+
+
fieldRef
+
Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.
Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
+
false
+
integer (int32)
+
+
+
+
+
+
+
+
v1.ContainerPort
+
+
ContainerPort represents a network port in a single container.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
name
+
If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.
+
false
+
string
+
+
+
+
hostPort
+
Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.
+
false
+
integer (int32)
+
+
+
+
containerPort
+
Number of port to expose on the pod’s IP address. This must be a valid port number, 0 < x < 65536.
+
true
+
integer (int32)
+
+
+
+
protocol
+
Protocol for port. Must be UDP or TCP. Defaults to "TCP".
List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers
Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period will be used instead. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. Defaults to 30 seconds.
+
false
+
integer (int64)
+
+
+
+
activeDeadlineSeconds
+
Optional duration in seconds the pod may be active on the node relative to StartTime before the system will actively try to mark it failed and kill associated containers. Value must be a positive integer.
+
false
+
integer (int64)
+
+
+
+
dnsPolicy
+
Set DNS policy for containers within the pod. One of ClusterFirst or Default. Defaults to "ClusterFirst".
DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.
+
false
+
string
+
+
+
+
nodeName
+
NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.
+
false
+
string
+
+
+
+
hostNetwork
+
Host networking requested for this pod. Use the host’s network namespace. If this option is set, the ports that will be used must be specified. Default to false.
+
false
+
boolean
+
false
+
+
+
hostPID
+
Use the host’s pid namespace. Optional: Default to false.
+
false
+
boolean
+
false
+
+
+
hostIPC
+
Use the host’s ipc namespace. Optional: Default to false.
+
false
+
boolean
+
false
+
+
+
securityContext
+
SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.
ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
Specifies the hostname of the Pod If not specified, the pod’s hostname will be set to a system-defined value.
+
false
+
string
+
+
+
+
subdomain
+
If specified, the fully qualified Pod hostname will be "<hostname>.<subdomain>.<pod namespace>.svc.<cluster domain>". If not specified, the pod will not have a domainname at all.
+
false
+
string
+
+
+
+
+
+
+
+
v1.Lifecycle
+
+
Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
postStart
+
PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: http://kubernetes.io/docs/user-guide/container-environment#hook-details
PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: http://kubernetes.io/docs/user-guide/container-environment#hook-details
IngressTLS describes the transport layer security associated with an Ingress.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
hosts
+
Hosts are a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.
+
false
+
string array
+
+
+
+
secretName
+
SecretName is the name of the secret used to terminate SSL traffic on 443. Field is left optional to allow SSL routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the Host header is used for routing.
+
false
+
string
+
+
+
+
+
+
+
+
v1beta1.SubresourceReference
+
+
SubresourceReference contains enough information to let you inspect or modify the referred subresource.
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#rbd
Represents a Photon Controller persistent disk resource.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
pdID
+
ID that identifies Photon Controller persistent disk
+
true
+
string
+
+
+
+
fsType
+
Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
label selector for pods that should match the replicas count. This is a serializated version of both map-based and more expressive set-based selectors. This is done to avoid introspection in the clients. The string will be in the same format as the query-param syntax. If the target type only supports map-based selectors, both this field and map-based selector field are populated. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors
+
false
+
string
+
+
+
+
+
+
+
+
v1beta1.NetworkPolicySpec
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
podSelector
+
Selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace.
List of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if namespace.networkPolicy.ingress.isolation is undefined and cluster policy allows it, OR if the traffic source is the pod’s local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not affect ingress isolation. If this field is present and contains at least one rule, this policy allows any traffic which matches at least one of the ingress rules in this list.
HTTPHeader describes a custom header to be used in HTTP probes
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
name
+
The header field name
+
true
+
string
+
+
+
+
value
+
The header field value
+
true
+
string
+
+
+
+
+
+
+
+
v1beta1.HorizontalPodAutoscalerStatus
+
+
current status of a horizontal pod autoscaler
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
observedGeneration
+
most recent generation observed by this autoscaler.
+
false
+
integer (int64)
+
+
+
+
lastScaleTime
+
last time the HorizontalPodAutoscaler scaled the number of pods; used by the autoscaler to control how often the number of pods is changed.
+
false
+
string (date-time)
+
+
+
+
currentReplicas
+
current number of replicas of pods managed by this autoscaler.
+
true
+
integer (int32)
+
+
+
+
desiredReplicas
+
desired number of replicas of pods managed by this autoscaler.
+
true
+
integer (int32)
+
+
+
+
currentCPUUtilizationPercentage
+
current average CPU utilization over all pods, represented as a percentage of requested CPU, e.g. 70 means that an average pod is using now 70% of its requested CPU.
+
false
+
integer (int32)
+
+
+
+
+
+
+
+
v1.FCVolumeSource
+
+
Represents a Fibre Channel volume. Fibre Channel volumes can only be mounted as read/write once. Fibre Channel volumes support ownership management and SELinux relabeling.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
targetWWNs
+
Required: FC target worldwide names (WWNs)
+
true
+
string array
+
+
+
+
lun
+
Required: FC target lun number
+
true
+
integer (int32)
+
+
+
+
fsType
+
Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+
false
+
string
+
+
+
+
readOnly
+
Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
+
false
+
boolean
+
false
+
+
+
+
+
+
+
v1beta1.ThirdPartyResource
+
+
A ThirdPartyResource is a generic representation of a resource, it is used by add-ons and plugins to add new resource types to the API. It consists of one or more Versions of the api.
IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
host
+
Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the
+ IP in the Spec of the parent Ingress.
+2. The : delimiter is not respected because ports are not allowed.
+ Currently the port of an Ingress is implicitly :80 for http and
+ :443 for https.
+Both these may change in the future. Incoming requests are matched against the host before the IngressRuleValue. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue.
This is a label selector which selects Pods in this namespace. This field follows standard label selector semantics. If not provided, this selector selects no pods. If present but empty, this selector selects all pods in this namespace.
Selects Namespaces using cluster scoped-labels. This matches all pods in all namespaces selected by this label selector. This field follows standard label selector semantics. If omitted, this selector selects no namespaces. If present but empty, this selector selects all namespaces.
StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
name
+
The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).
+
false
+
string
+
+
+
+
group
+
The group attribute of the resource associated with the status StatusReason.
Entrypoint array. Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers#containers-and-commands
+
false
+
string array
+
+
+
+
args
+
Arguments to the entrypoint. The docker image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers#containers-and-commands
+
false
+
string array
+
+
+
+
workingDir
+
Container’s working directory. If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.
+
false
+
string
+
+
+
+
ports
+
List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated.
Optional: Path at which the file to which the container’s termination message will be written is mounted into the container’s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Defaults to /dev/termination-log. Cannot be updated.
Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.
+
false
+
boolean
+
false
+
+
+
stdinOnce
+
Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false
+
false
+
boolean
+
false
+
+
+
tty
+
Whether this container should allocate a TTY for itself, also requires stdin to be true. Default is false.
+
false
+
boolean
+
false
+
+
+
+
+
+
+
v1.PodSecurityContext
+
+
PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
seLinuxOptions
+
The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.
The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.
+
false
+
integer (int64)
+
+
+
+
runAsNonRoot
+
Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+
false
+
boolean
+
false
+
+
+
supplementalGroups
+
A list of groups applied to the first process run in each container, in addition to the container’s primary GID. If unspecified, no groups will be added to any container.
+
false
+
integer (int32) array
+
+
+
+
fsGroup
+
A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:
+
+1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR’d with rw-rw
+
false
+
integer (int64)
+
+
+
+
+
+
+
+
v1beta1.NetworkPolicyIngressRule
+
+
This NetworkPolicyIngressRule matches traffic if and only if the traffic matches both ports AND from.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
ports
+
List of ports which should be made accessible on the pods selected for this rule. Each item in this list is combined using a logical OR. If this field is not provided, this rule matches all ports (traffic not restricted by port). If this field is empty, this rule matches no ports (no traffic matches). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.
List of sources which should be able to access the pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is not provided, this rule matches all sources (traffic not restricted by source). If this field is empty, this rule matches no sources (no traffic matches). If this field is present and contains at least on item, this rule allows traffic only if the traffic matches at least one item in the from list.
OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
Represents a cinder volume resource in Openstack. A Cinder volume must exist before mounting to a container. The volume must also be in the same region as the kubelet. Cinder volumes support ownership management and SELinux relabeling.
SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
capabilities
+
The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime.
Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false.
+
false
+
boolean
+
false
+
+
+
seLinuxOptions
+
The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+
false
+
integer (int64)
+
+
+
+
runAsNonRoot
+
Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+
false
+
boolean
+
false
+
+
+
readOnlyRootFilesystem
+
Whether this container has a read-only root filesystem. Default is false.
+
false
+
boolean
+
false
+
+
+
+
+
+
+
v1.Protocol
+
+
+
+
v1.AWSElasticBlockStoreVolumeSource
+
+
Represents a Persistent Disk resource in AWS.
+
+
+
An AWS EBS disk must exist before mounting to a container. The disk must also be in the same AWS zone as the kubelet. An AWS EBS disk can only be mounted as read/write once. AWS EBS volumes support ownership management and SELinux relabeling.
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#awselasticblockstore
+
false
+
string
+
+
+
+
partition
+
The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
reference to Scale subresource; horizontal pod autoscaler will learn the current resource consumption from its status, and will set the desired number of pods by modifying its spec.
lower limit for the number of pods that can be set by the autoscaler, default 1.
+
false
+
integer (int32)
+
+
+
+
maxReplicas
+
upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas.
+
true
+
integer (int32)
+
+
+
+
cpuUtilization
+
target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified it defaults to the target CPU utilization at 80% of the requested resources.
Represents a Quobyte mount that lasts the lifetime of a pod. Quobyte volumes do not support ownership management or SELinux relabeling.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
registry
+
Registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes
+
true
+
string
+
+
+
+
volume
+
Volume is a string that references an already created Quobyte volume by name.
+
true
+
string
+
+
+
+
readOnly
+
ReadOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.
+
false
+
boolean
+
false
+
+
+
user
+
User to map volume access to Defaults to serivceaccount user
+
false
+
string
+
+
+
+
group
+
Group to map volume access to Default is no group
+
false
+
string
+
+
+
+
+
+
+
+
v1.EnvVar
+
+
EnvVar represents an environment variable present in a Container.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
name
+
Name of the environment variable. Must be a C_IDENTIFIER.
+
true
+
string
+
+
+
+
value
+
Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+
false
+
string
+
+
+
+
valueFrom
+
Source for the environment variable’s value. Cannot be used if value is not empty.
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: http://kubernetes.io/docs/user-guide/compute-resources/
+
false
+
object
+
+
+
+
+
+
+
+
v1.PodTemplateSpec
+
+
PodTemplateSpec describes the data a pod should have when created from a template
If specified, the port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched.
+
false
+
string
+
+
+
+
+
+
+
+
v1beta1.DeploymentCondition
+
+
DeploymentCondition describes the state of a deployment at a certain point.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
type
+
Type of deployment condition.
+
true
+
string
+
+
+
+
status
+
Status of the condition, one of True, False, Unknown.
+
true
+
string
+
+
+
+
lastUpdateTime
+
The last time this condition was updated.
+
false
+
string (date-time)
+
+
+
+
lastTransitionTime
+
Last time the condition transitioned from one status to another.
+
false
+
string (date-time)
+
+
+
+
reason
+
The reason for the condition’s last transition.
+
false
+
string
+
+
+
+
message
+
A human readable message indicating details about the transition.
+
false
+
string
+
+
+
+
+
+
+
+
v1beta1.JobSpec
+
+
JobSpec describes how the job execution will look like.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
parallelism
+
Parallelism specifies the maximum desired number of pods the job should run at any given time. The actual number of pods running in steady state will be less than this number when ((.spec.completions - .status.successful) < .spec.parallelism), i.e. when the work left to do is less than max parallelism. More info: http://kubernetes.io/docs/user-guide/jobs
+
false
+
integer (int32)
+
+
+
+
completions
+
Completions specifies the desired number of successfully finished pods the job should be run with. Setting to nil means that the success of any pod signals the success of all pods, and allows parallelism to have any positive value. Setting to 1 means that parallelism is limited to 1 and the success of that pod signals the success of the job. More info: http://kubernetes.io/docs/user-guide/jobs
+
false
+
integer (int32)
+
+
+
+
activeDeadlineSeconds
+
Optional duration in seconds relative to the startTime that the job may be active before the system tries to terminate it; value must be positive integer
AutoSelector controls generation of pod labels and pod selectors. It was not present in the original extensions/v1beta1 Job definition, but exists to allow conversion from batch/v1 Jobs, where it corresponds to, but has the opposite meaning as, ManualSelector. More info: http://releases.k8s.io/HEAD/docs/design/selector-generation.md
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
key
+
key is the label key that the selector applies to.
+
true
+
string
+
+
+
+
operator
+
operator represents a key’s relationship to a set of values. Valid operators ard In, NotIn, Exists and DoesNotExist.
+
true
+
string
+
+
+
+
values
+
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
+
false
+
string array
+
+
+
+
+
+
+
+
unversioned.Status
+
+
Status is a return value for calls that don’t return other objects.
A human-readable description of the status of this operation.
+
false
+
string
+
+
+
+
reason
+
A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.
+
false
+
string
+
+
+
+
details
+
Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
HTTPIngressPath associates a path regex with a backend. Incoming urls matching the path are forwarded to the backend.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
path
+
Path is an extended POSIX regex as defined by IEEE Std 1003.1, (i.e this follows the egrep/unix syntax, not the perl syntax) matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a /. If unspecified, the path defaults to a catch all sending traffic to the backend.
+
false
+
string
+
+
+
+
backend
+
Backend defines the referenced service endpoint to which the traffic will be forwarded to.
Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
list or watch objects of kind HorizontalPodAutoscaler
+
+
+
GET /apis/extensions/v1beta1/horizontalpodautoscalers
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
GET /apis/extensions/v1beta1/namespaces/{namespace}/daemonsets
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /apis/extensions/v1beta1/namespaces/{namespace}/deployments
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
list or watch objects of kind HorizontalPodAutoscaler
+
+
+
GET /apis/extensions/v1beta1/namespaces/{namespace}/horizontalpodautoscalers
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /apis/extensions/v1beta1/namespaces/{namespace}/ingresses
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /apis/extensions/v1beta1/namespaces/{namespace}/jobs
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /apis/extensions/v1beta1/namespaces/{namespace}/networkpolicies
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /apis/extensions/v1beta1/namespaces/{namespace}/replicasets
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
watch individual changes to a list of HorizontalPodAutoscaler
+
+
+
GET /apis/extensions/v1beta1/watch/horizontalpodautoscalers
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
GET /apis/extensions/v1beta1/watch/namespaces/{namespace}/daemonsets
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /apis/extensions/v1beta1/watch/namespaces/{namespace}/daemonsets/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /apis/extensions/v1beta1/watch/namespaces/{namespace}/deployments
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /apis/extensions/v1beta1/watch/namespaces/{namespace}/deployments/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
watch individual changes to a list of HorizontalPodAutoscaler
+
+
+
GET /apis/extensions/v1beta1/watch/namespaces/{namespace}/horizontalpodautoscalers
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
watch changes to an object of kind HorizontalPodAutoscaler
+
+
+
GET /apis/extensions/v1beta1/watch/namespaces/{namespace}/horizontalpodautoscalers/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /apis/extensions/v1beta1/watch/namespaces/{namespace}/ingresses
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /apis/extensions/v1beta1/watch/namespaces/{namespace}/ingresses/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /apis/extensions/v1beta1/watch/namespaces/{namespace}/jobs
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /apis/extensions/v1beta1/watch/namespaces/{namespace}/jobs/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
watch individual changes to a list of NetworkPolicy
+
+
+
GET /apis/extensions/v1beta1/watch/namespaces/{namespace}/networkpolicies
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /apis/extensions/v1beta1/watch/namespaces/{namespace}/networkpolicies/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /apis/extensions/v1beta1/watch/namespaces/{namespace}/replicasets
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /apis/extensions/v1beta1/watch/namespaces/{namespace}/replicasets/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
watch individual changes to a list of NetworkPolicy
+
+
+
GET /apis/extensions/v1beta1/watch/networkpolicies
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
watch individual changes to a list of ThirdPartyResource
+
+
+
GET /apis/extensions/v1beta1/watch/thirdpartyresources
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
watch changes to an object of kind ThirdPartyResource
+
+
+
GET /apis/extensions/v1beta1/watch/thirdpartyresources/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
+
false
+
integer (int32)
+
+
+
+
+
+
+
+
unversioned.StatusCause
+
+
StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
reason
+
A machine-readable description of the cause of the error. If this value is empty there is no information available.
+
false
+
string
+
+
+
+
message
+
A human-readable description of the cause of the error. This field may be presented as-is to a reader.
+
false
+
string
+
+
+
+
field
+
The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.
+
+Examples:
+ "name" - the field "name" on the current resource
+ "items[0].name" - the field "name" on the first array entry in "items"
+
false
+
string
+
+
+
+
+
+
+
+
v1.GCEPersistentDiskVolumeSource
+
+
Represents a Persistent Disk resource in Google Compute Engine.
+
+
+
A GCE PD must exist before mounting to a container. The disk must also be in the same GCE project and zone as the kubelet. A GCE PD can only be mounted as read/write once or read-only many times. GCE PDs support ownership management and SELinux relabeling.
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#gcepersistentdisk
+
false
+
string
+
+
+
+
partition
+
The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: http://kubernetes.io/docs/user-guide/volumes#gcepersistentdisk
A human-readable message indicating details about why the volume is in this state.
+
false
+
string
+
+
+
+
reason
+
Reason is a brief CamelCase string that describes any failure and is meant for machine parsing and tidy display in the CLI.
+
false
+
string
+
+
+
+
+
+
+
+
v1.ConfigMapVolumeSource
+
+
Adapts a ConfigMap into a volume.
+
+
+
The contents of the target ConfigMap’s Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. ConfigMap volumes support ownership management and SELinux relabeling.
If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error. Paths must be relative and may not contain the .. path or start with ...
Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
Represents a volume that is populated with the contents of a git repository. Git repo volumes do not support ownership management. Git repo volumes support SELinux relabeling.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
repository
+
Repository URL
+
true
+
string
+
+
+
+
revision
+
Commit hash for the specified revision.
+
false
+
string
+
+
+
+
directory
+
Target directory name. Must not contain or start with ... If . is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.
+
false
+
string
+
+
+
+
+
+
+
+
v1.ReplicationControllerCondition
+
+
ReplicationControllerCondition describes the state of a replication controller at a certain point.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
type
+
Type of replication controller condition.
+
true
+
string
+
+
+
+
status
+
Status of the condition, one of True, False, Unknown.
+
true
+
string
+
+
+
+
lastTransitionTime
+
The last time the condition transitioned from one status to another.
+
false
+
string (date-time)
+
+
+
+
reason
+
The reason for the condition’s last transition.
+
false
+
string
+
+
+
+
message
+
A human readable message indicating details about the transition.
+
false
+
string
+
+
+
+
+
+
+
+
v1.ScaleStatus
+
+
ScaleStatus represents the current status of a scale subresource.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
replicas
+
actual number of observed instances of the scaled object.
+
true
+
integer (int32)
+
+
+
+
selector
+
label query over pods that should match the replicas count. This is same as the label selector but in the string format to avoid introspection by clients. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors
+
false
+
string
+
+
+
+
+
+
+
+
v1.Capabilities
+
+
Adds and removes POSIX capabilities from running containers.
Used is the current observed total usage of the resource in the namespace.
+
false
+
object
+
+
+
+
+
+
+
+
v1.ExecAction
+
+
ExecAction describes a "run in container" action.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
command
+
Command is the command line to execute inside the container, the working directory for the command is root (/) in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('
+
', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+
false
+
string array
+
+
+
+
+
+
+
v1.ObjectMeta
+
+
ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
name
+
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
+
false
+
string
+
+
+
+
generateName
+
GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.
+
+If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
+
+Applied only if Name is not specified. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#idempotency
+
false
+
string
+
+
+
+
namespace
+
Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
+
+Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces
+
false
+
string
+
+
+
+
selfLink
+
SelfLink is a URL representing this object. Populated by the system. Read-only.
+
false
+
string
+
+
+
+
uid
+
UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
+
+Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+
false
+
string
+
+
+
+
resourceVersion
+
An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
+
+Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#concurrency-control-and-consistency
+
false
+
string
+
+
+
+
generation
+
A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
+
false
+
integer (int64)
+
+
+
+
creationTimestamp
+
CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
+
+Populated by the system. Read-only. Null for lists. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata
+
false
+
string (date-time)
+
+
+
+
deletionTimestamp
+
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.
+
+Populated by the system when a graceful deletion is requested. Read-only. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata
+
false
+
string (date-time)
+
+
+
+
deletionGracePeriodSeconds
+
Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
+
false
+
integer (int64)
+
+
+
+
labels
+
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
+
false
+
object
+
+
+
+
annotations
+
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
+
false
+
object
+
+
+
+
ownerReferences
+
List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.
+
false
+
string array
+
+
+
+
clusterName
+
The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
+
false
+
string
+
+
+
+
+
+
+
+
v1.LimitRangeSpec
+
+
LimitRangeSpec defines a min/max usage limit for resources that match on kind.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
limits
+
Limits is the list of LimitRangeItem objects that are enforced.
AzureFile represents an Azure File Service mount on the host and bind mount to the pod.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
secretName
+
the name of secret that contains Azure Storage Account Name and Key
+
true
+
string
+
+
+
+
shareName
+
Share Name
+
true
+
string
+
+
+
+
readOnly
+
Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
+
false
+
boolean
+
false
+
+
+
+
+
+
+
v1.ISCSIVolumeSource
+
+
Represents an ISCSI disk. ISCSI volumes can only be mounted as read/write once. ISCSI volumes support ownership management and SELinux relabeling.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
targetPortal
+
iSCSI target portal. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
+
true
+
string
+
+
+
+
iqn
+
Target iSCSI Qualified Name.
+
true
+
string
+
+
+
+
lun
+
iSCSI target lun number.
+
true
+
integer (int32)
+
+
+
+
iscsiInterface
+
Optional: Defaults to default (tcp). iSCSI interface name that uses an iSCSI transport.
+
false
+
string
+
+
+
+
fsType
+
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#iscsi
+
false
+
string
+
+
+
+
readOnly
+
ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.
+
false
+
boolean
+
false
+
+
+
+
+
+
+
v1.EmptyDirVolumeSource
+
+
Represents an empty directory for a pod. Empty directory volumes support ownership management and SELinux relabeling.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
medium
+
What type of storage medium should back this directory. The default is "" which means to use the node’s default medium. Must be an empty string (default) or Memory. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir
+
false
+
string
+
+
+
+
+
+
+
+
v1.NodeList
+
+
NodeList is the whole list of all Nodes which have been registered with master.
Eviction evicts a pod from its node subject to certain policies and safety constraints. This is a subresource of Pod. A request to cause such an eviction is created by POSTing to …/pods/<pod name>/evictions.
ServiceAccount binds together: * a name, understood by users, and perhaps by peripheral systems, for an identity * a principal that can be authenticated and authorized * a set of secrets
ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: http://kubernetes.io/docs/user-guide/secrets#manually-specifying-an-imagepullsecret
Represents a Flocker volume mounted by the Flocker agent. One and only one of datasetName and datasetUUID should be set. Flocker volumes do not support ownership management or SELinux relabeling.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
datasetName
+
Name of the dataset stored as metadata → name on the dataset for Flocker should be considered as deprecated
+
false
+
string
+
+
+
+
datasetUUID
+
UUID of the dataset. This is unique identifier of a Flocker dataset
+
false
+
string
+
+
+
+
+
+
+
+
v1.PersistentVolumeClaimVolumeSource
+
+
PersistentVolumeClaimVolumeSource references the user’s PVC in the same namespace. This volume finds the bound PV and mounts that volume for the pod. A PersistentVolumeClaimVolumeSource is, essentially, a wrapper around another type of volume that is owned by someone else (the system).
Will force the ReadOnly setting in VolumeMounts. Default false.
+
false
+
boolean
+
false
+
+
+
+
+
+
+
unversioned.ListMeta
+
+
ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
selfLink
+
SelfLink is a URL representing this object. Populated by the system. Read-only.
Represents the actual resources of the underlying volume.
+
false
+
object
+
+
+
+
+
+
+
+
v1.UniqueVolumeName
+
+
+
+
unversioned.LabelSelector
+
+
A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
matchLabels
+
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
+
false
+
object
+
+
+
+
matchExpressions
+
matchExpressions is a list of label selector requirements. The requirements are ANDed.
EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:
+ {
+ Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}],
+ Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}]
+ }
+The resulting set of endpoints can be viewed as:
+ a: [ 10.10.1.1:8675, 10.10.2.2:8675 ],
+ b: [ 10.10.1.1:309, 10.10.2.2:309 ]
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
addresses
+
IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize.
IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check.
The contents of the target Secret’s Data field will be presented in a volume as files using the keys in the Data field as the file names. Secret volumes support ownership management and SELinux relabeling.
If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error. Paths must be relative and may not contain the .. path or start with ...
Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
+
false
+
integer (int32)
+
+
+
+
+
+
+
+
v1.FlexVolumeSource
+
+
FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. This is an alpha feature and may change in future.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
driver
+
Driver is the name of the driver to use for this volume.
+
true
+
string
+
+
+
+
fsType
+
Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
+
false
+
string
+
+
+
+
secretRef
+
Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.
Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
+
false
+
boolean
+
false
+
+
+
options
+
Optional: Extra command options if any.
+
false
+
object
+
+
+
+
+
+
+
+
v1.EnvVarSource
+
+
EnvVarSource represents a source for the value of an EnvVar.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
fieldRef
+
Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, spec.nodeName, spec.serviceAccountName, status.podIP.
Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+
false
+
string
+
+
+
+
readOnly
+
Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
+
false
+
boolean
+
false
+
+
+
+
+
+
+
v1.KeyToPath
+
+
Maps a string key to a path within a volume.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
key
+
The key to project.
+
true
+
string
+
+
+
+
path
+
The relative path of the file to map the key to. May not be an absolute path. May not contain the path element ... May not start with the string ...
+
true
+
string
+
+
+
+
mode
+
Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
+
false
+
integer (int32)
+
+
+
+
+
+
+
+
v1.Service
+
+
Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy.
Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+
false
+
string
+
+
+
+
+
+
+
+
v1.ServiceAccountList
+
+
ServiceAccountList is a list of ServiceAccount objects
The set of all endpoints is the union of all subsets. Addresses are placed into subsets according to the IPs they share. A single address with multiple ports, some of which are ready and some of which are not (because they come from different containers) will result in the address being displayed in different subsets for the different ports. No address will appear in both Addresses and NotReadyAddresses in the same subset. Sets of addresses and ports that comprise a service.
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int64)
+
+
+
+
preconditions
+
Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.
HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: http://kubernetes.io/docs/user-guide/volumes#hostpath
FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. This is an alpha feature and may change in future.
How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
+
false
+
integer (int32)
+
+
+
+
successThreshold
+
Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1.
+
false
+
integer (int32)
+
+
+
+
failureThreshold
+
Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+
false
+
integer (int32)
+
+
+
+
+
+
+
+
unversioned.APIResourceList
+
+
APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.
DownwardAPIVolumeFile represents information to create the file containing the pod field
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
path
+
Required: Path is the relative path name of the file to be created. Must not be absolute or contain the .. path. Must be utf-8 encoded. The first item of the relative path must not start with ..
+
true
+
string
+
+
+
+
fieldRef
+
Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.
Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers
Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period will be used instead. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. Defaults to 30 seconds.
+
false
+
integer (int64)
+
+
+
+
activeDeadlineSeconds
+
Optional duration in seconds the pod may be active on the node relative to StartTime before the system will actively try to mark it failed and kill associated containers. Value must be a positive integer.
+
false
+
integer (int64)
+
+
+
+
dnsPolicy
+
Set DNS policy for containers within the pod. One of ClusterFirst or Default. Defaults to "ClusterFirst".
DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.
+
false
+
string
+
+
+
+
nodeName
+
NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.
+
false
+
string
+
+
+
+
hostNetwork
+
Host networking requested for this pod. Use the host’s network namespace. If this option is set, the ports that will be used must be specified. Default to false.
+
false
+
boolean
+
false
+
+
+
hostPID
+
Use the host’s pid namespace. Optional: Default to false.
+
false
+
boolean
+
false
+
+
+
hostIPC
+
Use the host’s ipc namespace. Optional: Default to false.
+
false
+
boolean
+
false
+
+
+
securityContext
+
SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.
ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
Specifies the hostname of the Pod If not specified, the pod’s hostname will be set to a system-defined value.
+
false
+
string
+
+
+
+
subdomain
+
If specified, the fully qualified Pod hostname will be "<hostname>.<subdomain>.<pod namespace>.svc.<cluster domain>". If not specified, the pod will not have a domainname at all.
+
false
+
string
+
+
+
+
+
+
+
+
v1.ContainerPort
+
+
ContainerPort represents a network port in a single container.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
name
+
If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.
+
false
+
string
+
+
+
+
hostPort
+
Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.
+
false
+
integer (int32)
+
+
+
+
containerPort
+
Number of port to expose on the pod’s IP address. This must be a valid port number, 0 < x < 65536.
+
true
+
integer (int32)
+
+
+
+
protocol
+
Protocol for port. Must be UDP or TCP. Defaults to "TCP".
+
false
+
string
+
+
+
+
hostIP
+
What host IP to bind the external port to.
+
false
+
string
+
+
+
+
+
+
+
+
v1.ResourceQuota
+
+
ResourceQuota sets aggregate quota restrictions enforced per namespace
Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
postStart
+
PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: http://kubernetes.io/docs/user-guide/container-environment#hook-details
PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: http://kubernetes.io/docs/user-guide/container-environment#hook-details
Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)
+
false
+
integer (int32)
+
+
+
+
selector
+
Selector is a label query over pods that should match the Replicas count. If Selector is empty, it is defaulted to the labels present on the Pod template. Label keys and values that must match in order to be controlled by this replication controller, if empty defaulted to labels on Pod template. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#rbd
Represents a Photon Controller persistent disk resource.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
pdID
+
ID that identifies Photon Controller persistent disk
+
true
+
string
+
+
+
+
fsType
+
Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+
false
+
string
+
+
+
+
+
+
+
+
versioned.Event
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
type
+
+
true
+
string
+
+
+
+
object
+
+
true
+
string
+
+
+
+
+
+
+
+
v1.PodTemplate
+
+
PodTemplate describes a template for creating copies of a predefined pod.
HTTPHeader describes a custom header to be used in HTTP probes
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
name
+
The header field name
+
true
+
string
+
+
+
+
value
+
The header field value
+
true
+
string
+
+
+
+
+
+
+
+
v1.FCVolumeSource
+
+
Represents a Fibre Channel volume. Fibre Channel volumes can only be mounted as read/write once. Fibre Channel volumes support ownership management and SELinux relabeling.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
targetWWNs
+
Required: FC target worldwide names (WWNs)
+
true
+
string array
+
+
+
+
lun
+
Required: FC target lun number
+
true
+
integer (int32)
+
+
+
+
fsType
+
Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+
false
+
string
+
+
+
+
readOnly
+
Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
+
false
+
boolean
+
false
+
+
+
+
+
+
+
v1.EndpointPort
+
+
EndpointPort is a tuple that describes a single port.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
name
+
The name of this port (corresponds to ServicePort.Name). Must be a DNS_LABEL. Optional only if one port is defined.
+
false
+
string
+
+
+
+
port
+
The port number of the endpoint.
+
true
+
integer (int32)
+
+
+
+
protocol
+
The IP protocol for this port. Must be UDP or TCP. Default is TCP.
+
false
+
string
+
+
+
+
+
+
+
+
v1.TCPSocketAction
+
+
TCPSocketAction describes an action based on opening a socket
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
port
+
Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
+
true
+
string
+
+
+
+
+
+
+
+
unversioned.StatusDetails
+
+
StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
name
+
The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).
+
false
+
string
+
+
+
+
group
+
The group attribute of the resource associated with the status StatusReason.
Entrypoint array. Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers#containers-and-commands
+
false
+
string array
+
+
+
+
args
+
Arguments to the entrypoint. The docker image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers#containers-and-commands
+
false
+
string array
+
+
+
+
workingDir
+
Container’s working directory. If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.
+
false
+
string
+
+
+
+
ports
+
List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated.
Optional: Path at which the file to which the container’s termination message will be written is mounted into the container’s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Defaults to /dev/termination-log. Cannot be updated.
Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.
+
false
+
boolean
+
false
+
+
+
stdinOnce
+
Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false
+
false
+
boolean
+
false
+
+
+
tty
+
Whether this container should allocate a TTY for itself, also requires stdin to be true. Default is false.
+
false
+
boolean
+
false
+
+
+
+
+
+
+
v1.PodSecurityContext
+
+
PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
seLinuxOptions
+
The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.
The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.
+
false
+
integer (int64)
+
+
+
+
runAsNonRoot
+
Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+
false
+
boolean
+
false
+
+
+
supplementalGroups
+
A list of groups applied to the first process run in each container, in addition to the container’s primary GID. If unspecified, no groups will be added to any container.
+
false
+
integer (int32) array
+
+
+
+
fsGroup
+
A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:
+
+1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR’d with rw-rw
+
false
+
integer (int64)
+
+
+
+
+
+
+
+
v1.PersistentVolumeSpec
+
+
PersistentVolumeSpec is the specification of a persistent volume.
HostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: http://kubernetes.io/docs/user-guide/volumes#hostpath
Flocker represents a Flocker volume attached to a kubelet’s host machine and exposed to the pod for its usage. This depends on the Flocker control service being running
FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. This is an alpha feature and may change in future.
ClaimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. Expected to be non-nil when bound. claim.VolumeName is the authoritative bind between PV and PVC. More info: http://kubernetes.io/docs/user-guide/persistent-volumes#binding
ServicePort contains information on service’s port.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
name
+
The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. This maps to the Name field in EndpointPort objects. Optional if only one ServicePort is defined on this service.
+
false
+
string
+
+
+
+
protocol
+
The IP protocol for this port. Supports "TCP" and "UDP". Default is TCP.
+
false
+
string
+
+
+
+
port
+
The port that will be exposed by this service.
+
true
+
integer (int32)
+
+
+
+
targetPort
+
Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod’s container ports. If this is not specified, the value of the port field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the port field. More info: http://kubernetes.io/docs/user-guide/services#defining-a-service
+
false
+
string
+
+
+
+
nodePort
+
The port on each node on which this service is exposed when type=NodePort or LoadBalancer. Usually assigned by the system. If specified, it will be allocated to the service if unused or else creation of the service will fail. Default is to auto-allocate a port if the ServiceType of this Service requires one. More info: http://kubernetes.io/docs/user-guide/services#type—nodeport
+
false
+
integer (int32)
+
+
+
+
+
+
+
+
v1.ComponentCondition
+
+
Information about the condition of a component.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
type
+
Type of condition for a component. Valid value: "Healthy"
+
true
+
string
+
+
+
+
status
+
Status of the condition for a component. Valid values for "Healthy": "True", "False", or "Unknown".
+
true
+
string
+
+
+
+
message
+
Message about the condition for a component. For example, information about a health check.
+
false
+
string
+
+
+
+
error
+
Condition error code for a component. For example, a health check error code.
+
false
+
string
+
+
+
+
+
+
+
+
v1.OwnerReference
+
+
OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
Represents a cinder volume resource in Openstack. A Cinder volume must exist before mounting to a container. The volume must also be in the same region as the kubelet. Cinder volumes support ownership management and SELinux relabeling.
ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.
SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
capabilities
+
The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime.
Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false.
+
false
+
boolean
+
false
+
+
+
seLinuxOptions
+
The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+
false
+
integer (int64)
+
+
+
+
runAsNonRoot
+
Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+
false
+
boolean
+
false
+
+
+
readOnlyRootFilesystem
+
Whether this container has a read-only root filesystem. Default is false.
+
false
+
boolean
+
false
+
+
+
+
+
+
+
v1.AWSElasticBlockStoreVolumeSource
+
+
Represents a Persistent Disk resource in AWS.
+
+
+
An AWS EBS disk must exist before mounting to a container. The disk must also be in the same AWS zone as the kubelet. An AWS EBS disk can only be mounted as read/write once. AWS EBS volumes support ownership management and SELinux relabeling.
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#awselasticblockstore
+
false
+
string
+
+
+
+
partition
+
The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
Specifies whether the container has passed its readiness probe.
+
true
+
boolean
+
false
+
+
+
restartCount
+
The number of times the container has been restarted, currently based on the number of dead containers that have not yet been removed. Note that this is calculated from dead containers. But those containers are subject to garbage collection. This value will get capped at 5 by GC.
Represents a Quobyte mount that lasts the lifetime of a pod. Quobyte volumes do not support ownership management or SELinux relabeling.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
registry
+
Registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes
+
true
+
string
+
+
+
+
volume
+
Volume is a string that references an already created Quobyte volume by name.
+
true
+
string
+
+
+
+
readOnly
+
ReadOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.
+
false
+
boolean
+
false
+
+
+
user
+
User to map volume access to Defaults to serivceaccount user
+
false
+
string
+
+
+
+
group
+
Group to map volume access to Default is no group
+
false
+
string
+
+
+
+
+
+
+
+
v1.ContainerImage
+
+
Describe a container image
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
names
+
Names by which this image is known. e.g. ["gcr.io/google_containers/hyperkube:v1.0.7", "dockerhub.io/google_containers/hyperkube:v1.0.7"]
+
true
+
string array
+
+
+
+
sizeBytes
+
The size of the image in bytes.
+
false
+
integer (int64)
+
+
+
+
+
+
+
+
v1.ResourceQuotaScope
+
+
+
+
v1.ReplicationControllerList
+
+
ReplicationControllerList is a collection of replication controllers.
Data contains the secret data. Each key must be a valid DNS_SUBDOMAIN or leading dot followed by valid DNS_SUBDOMAIN. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4
+
false
+
object
+
+
+
+
stringData
+
stringData allows specifying non-binary secret data in string form. It is provided as a write-only convenience method. All keys and values are merged into the data field on write, overwriting any existing values. It is never output when reading from the API.
+
false
+
object
+
+
+
+
type
+
Used to facilitate programmatic handling of secret data.
+
false
+
string
+
+
+
+
+
+
+
+
v1.Event
+
+
Event is a report of an event somewhere in the cluster.
The time at which the event was first recorded. (Time of server receipt is in TypeMeta.)
+
false
+
string (date-time)
+
+
+
+
lastTimestamp
+
The time at which the most recent occurrence of this event was recorded.
+
false
+
string (date-time)
+
+
+
+
count
+
The number of times this event has occurred.
+
false
+
integer (int32)
+
+
+
+
type
+
Type of this event (Normal, Warning), new types could be added in the future
+
false
+
string
+
+
+
+
+
+
+
+
v1.EnvVar
+
+
EnvVar represents an environment variable present in a Container.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
name
+
Name of the environment variable. Must be a C_IDENTIFIER.
+
true
+
string
+
+
+
+
value
+
Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+
false
+
string
+
+
+
+
valueFrom
+
Source for the environment variable’s value. Cannot be used if value is not empty.
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: http://kubernetes.io/docs/user-guide/compute-resources/
+
false
+
object
+
+
+
+
+
+
+
+
v1.ComponentStatus
+
+
ComponentStatus (and ComponentStatusList) holds the cluster validation info.
LimitRangeItem defines a min/max usage limit for any resource that matches on kind.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
type
+
Type of resource that this limit applies to.
+
false
+
string
+
+
+
+
max
+
Max usage constraints on this kind by resource name.
+
false
+
object
+
+
+
+
min
+
Min usage constraints on this kind by resource name.
+
false
+
object
+
+
+
+
default
+
Default resource requirement limit value by resource name if resource limit is omitted.
+
false
+
object
+
+
+
+
defaultRequest
+
DefaultRequest is the default resource requirement request value by resource name if resource request is omitted.
+
false
+
object
+
+
+
+
maxLimitRequestRatio
+
MaxLimitRequestRatio if specified, the named resource must have a request and limit that are both non-zero where limit divided by request is less than or equal to the enumerated value; this represents the max burst for the named resource.
+
false
+
object
+
+
+
+
+
+
+
+
v1.PodTemplateSpec
+
+
PodTemplateSpec describes the data a pod should have when created from a template
If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.
+
false
+
string
+
+
+
+
+
+
+
+
unversioned.LabelSelectorRequirement
+
+
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
key
+
key is the label key that the selector applies to.
+
true
+
string
+
+
+
+
operator
+
operator represents a key’s relationship to a set of values. Valid operators ard In, NotIn, Exists and DoesNotExist.
+
true
+
string
+
+
+
+
values
+
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
+
false
+
string array
+
+
+
+
+
+
+
+
v1.ContainerStateWaiting
+
+
ContainerStateWaiting is a waiting state of a container.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
reason
+
(brief) reason the container is not yet running.
+
false
+
string
+
+
+
+
message
+
Message regarding why the container is not yet running.
+
false
+
string
+
+
+
+
+
+
+
+
unversioned.Status
+
+
Status is a return value for calls that don’t return other objects.
A human-readable description of the status of this operation.
+
false
+
string
+
+
+
+
reason
+
A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.
+
false
+
string
+
+
+
+
details
+
Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: http://kubernetes.io/docs/user-guide/services#overview
+
false
+
object
+
+
+
+
clusterIP
+
clusterIP is the IP address of the service and is usually assigned randomly by the master. If an address is specified manually and is not in use by others, it will be allocated to the service; otherwise, creation of the service will fail. This field can not be changed through updates. Valid values are "None", empty string (""), or a valid IP address. "None" can be specified for headless services when proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: http://kubernetes.io/docs/user-guide/services#virtual-ips-and-service-proxies
+
false
+
string
+
+
+
+
type
+
type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. "ExternalName" maps to the specified externalName. "ClusterIP" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object. If clusterIP is "None", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a stable IP. "NodePort" builds on ClusterIP and allocates a port on every node which routes to the clusterIP. "LoadBalancer" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the clusterIP. More info: http://kubernetes.io/docs/user-guide/services#overview
+
false
+
string
+
+
+
+
externalIPs
+
externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system. A previous form of this functionality exists as the deprecatedPublicIPs field. When using this field, callers should also clear the deprecatedPublicIPs field.
+
false
+
string array
+
+
+
+
deprecatedPublicIPs
+
deprecatedPublicIPs is deprecated and replaced by the externalIPs field with almost the exact same semantics. This field is retained in the v1 API for compatibility until at least 8/20/2016. It will be removed from any new API revisions. If both deprecatedPublicIPs and externalIPs are set, deprecatedPublicIPs is used.
Only applies to Service Type: LoadBalancer LoadBalancer will get created with the IP specified in this field. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature.
+
false
+
string
+
+
+
+
loadBalancerSourceRanges
+
If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature." More info: http://kubernetes.io/docs/user-guide/services-firewalls
+
false
+
string array
+
+
+
+
externalName
+
externalName is the external reference that kubedns or equivalent will return as a CNAME record for this service. No proxying will be involved. Must be a valid DNS name and requires Type to be ExternalName.
+
false
+
string
+
+
+
+
+
+
+
+
v1.Pod
+
+
Pod is a collection of containers that can run on a host. This resource is created by clients and scheduled onto hosts.
EndpointAddress is a tuple that describes single IP address.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
ip
+
The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 is also accepted but not fully supported on all platforms. Also, certain kubernetes components, like kube-proxy, are not IPv6 ready.
+
true
+
string
+
+
+
+
hostname
+
The Hostname of this endpoint
+
false
+
string
+
+
+
+
nodeName
+
Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
list or watch objects of kind PersistentVolumeClaim
+
+
+
GET /api/v1/namespaces/{namespace}/persistentvolumeclaims
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /api/v1/namespaces/{namespace}/pods/{name}/attach
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
stdin
+
Stdin if true, redirects the standard input stream of the pod for this call. Defaults to false.
+
false
+
boolean
+
+
+
+
QueryParameter
+
stdout
+
Stdout if true indicates that stdout is to be redirected for the attach call. Defaults to true.
+
false
+
boolean
+
+
+
+
QueryParameter
+
stderr
+
Stderr if true indicates that stderr is to be redirected for the attach call. Defaults to true.
+
false
+
boolean
+
+
+
+
QueryParameter
+
tty
+
TTY if true indicates that a tty will be allocated for the attach call. This is passed through the container runtime so the tty is allocated on the worker node by the container runtime. Defaults to false.
+
false
+
boolean
+
+
+
+
QueryParameter
+
container
+
The container in which to execute the command. Defaults to only container if there is only one container in the pod.
+
false
+
string
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
+
true
+
string
+
+
+
+
PathParameter
+
name
+
name of the Pod
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
connect POST requests to attach of Pod
+
+
+
POST /api/v1/namespaces/{namespace}/pods/{name}/attach
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
stdin
+
Stdin if true, redirects the standard input stream of the pod for this call. Defaults to false.
+
false
+
boolean
+
+
+
+
QueryParameter
+
stdout
+
Stdout if true indicates that stdout is to be redirected for the attach call. Defaults to true.
+
false
+
boolean
+
+
+
+
QueryParameter
+
stderr
+
Stderr if true indicates that stderr is to be redirected for the attach call. Defaults to true.
+
false
+
boolean
+
+
+
+
QueryParameter
+
tty
+
TTY if true indicates that a tty will be allocated for the attach call. This is passed through the container runtime so the tty is allocated on the worker node by the container runtime. Defaults to false.
+
false
+
boolean
+
+
+
+
QueryParameter
+
container
+
The container in which to execute the command. Defaults to only container if there is only one container in the pod.
+
false
+
string
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
+
true
+
string
+
+
+
+
PathParameter
+
name
+
name of the Pod
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
create binding of a Binding
+
+
+
POST /api/v1/namespaces/{namespace}/pods/{name}/binding
GET /api/v1/namespaces/{namespace}/pods/{name}/exec
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
stdin
+
Redirect the standard input stream of the pod for this call. Defaults to false.
+
false
+
boolean
+
+
+
+
QueryParameter
+
stdout
+
Redirect the standard output stream of the pod for this call. Defaults to true.
+
false
+
boolean
+
+
+
+
QueryParameter
+
stderr
+
Redirect the standard error stream of the pod for this call. Defaults to true.
+
false
+
boolean
+
+
+
+
QueryParameter
+
tty
+
TTY if true indicates that a tty will be allocated for the exec call. Defaults to false.
+
false
+
boolean
+
+
+
+
QueryParameter
+
container
+
Container in which to execute the command. Defaults to only container if there is only one container in the pod.
+
false
+
string
+
+
+
+
QueryParameter
+
command
+
Command is the remote command to execute. argv array. Not executed within a shell.
+
false
+
string
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
+
true
+
string
+
+
+
+
PathParameter
+
name
+
name of the Pod
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
connect POST requests to exec of Pod
+
+
+
POST /api/v1/namespaces/{namespace}/pods/{name}/exec
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
stdin
+
Redirect the standard input stream of the pod for this call. Defaults to false.
+
false
+
boolean
+
+
+
+
QueryParameter
+
stdout
+
Redirect the standard output stream of the pod for this call. Defaults to true.
+
false
+
boolean
+
+
+
+
QueryParameter
+
stderr
+
Redirect the standard error stream of the pod for this call. Defaults to true.
+
false
+
boolean
+
+
+
+
QueryParameter
+
tty
+
TTY if true indicates that a tty will be allocated for the exec call. Defaults to false.
+
false
+
boolean
+
+
+
+
QueryParameter
+
container
+
Container in which to execute the command. Defaults to only container if there is only one container in the pod.
+
false
+
string
+
+
+
+
QueryParameter
+
command
+
Command is the remote command to execute. argv array. Not executed within a shell.
+
false
+
string
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
+
true
+
string
+
+
+
+
PathParameter
+
name
+
name of the Pod
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
read log of the specified Pod
+
+
+
GET /api/v1/namespaces/{namespace}/pods/{name}/log
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
container
+
The container for which to stream logs. Defaults to only container if there is one container in the pod.
+
false
+
string
+
+
+
+
QueryParameter
+
follow
+
Follow the log stream of the pod. Defaults to false.
+
false
+
boolean
+
+
+
+
QueryParameter
+
previous
+
Return previous terminated container logs. Defaults to false.
+
false
+
boolean
+
+
+
+
QueryParameter
+
sinceSeconds
+
A relative time in seconds before the current time from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
sinceTime
+
An RFC3339 timestamp from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified.
+
false
+
string
+
+
+
+
QueryParameter
+
timestamps
+
If true, add an RFC3339 or RFC3339Nano timestamp at the beginning of every line of log output. Defaults to false.
+
false
+
boolean
+
+
+
+
QueryParameter
+
tailLines
+
If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
limitBytes
+
If set, the number of bytes to read from the server before terminating the log output. This may not display a complete final line of logging, and may return slightly more or slightly less than the specified limit.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
+
true
+
string
+
+
+
+
PathParameter
+
name
+
name of the Pod
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
200
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
text/plain
+
+
+
application/json
+
+
+
application/yaml
+
+
+
application/vnd.kubernetes.protobuf
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
connect GET requests to portforward of Pod
+
+
+
GET /api/v1/namespaces/{namespace}/pods/{name}/portforward
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
+
true
+
string
+
+
+
+
PathParameter
+
name
+
name of the Pod
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
connect POST requests to portforward of Pod
+
+
+
POST /api/v1/namespaces/{namespace}/pods/{name}/portforward
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
+
true
+
string
+
+
+
+
PathParameter
+
name
+
name of the Pod
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
connect GET requests to proxy of Pod
+
+
+
GET /api/v1/namespaces/{namespace}/pods/{name}/proxy
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
path
+
Path is the URL path to use for the current proxy request to pod.
+
false
+
string
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
+
true
+
string
+
+
+
+
PathParameter
+
name
+
name of the Pod
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
connect PUT requests to proxy of Pod
+
+
+
PUT /api/v1/namespaces/{namespace}/pods/{name}/proxy
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
path
+
Path is the URL path to use for the current proxy request to pod.
+
false
+
string
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
list or watch objects of kind ReplicationController
+
+
+
GET /api/v1/namespaces/{namespace}/replicationcontrollers
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /api/v1/namespaces/{namespace}/serviceaccounts
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
list or watch objects of kind PersistentVolumeClaim
+
+
+
GET /api/v1/persistentvolumeclaims
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
object name and auth scope, such as for teams and projects
+
true
+
string
+
+
+
+
PathParameter
+
name
+
name of the Service
+
true
+
string
+
+
+
+
PathParameter
+
path
+
path to the resource
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
proxy POST requests to Service
+
+
+
POST /api/v1/proxy/namespaces/{namespace}/services/{name}/{path}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
+
true
+
string
+
+
+
+
PathParameter
+
name
+
name of the Service
+
true
+
string
+
+
+
+
PathParameter
+
path
+
path to the resource
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
proxy GET requests to Node
+
+
+
GET /api/v1/proxy/nodes/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
PathParameter
+
name
+
name of the Node
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
proxy PUT requests to Node
+
+
+
PUT /api/v1/proxy/nodes/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
PathParameter
+
name
+
name of the Node
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
proxy DELETE requests to Node
+
+
+
DELETE /api/v1/proxy/nodes/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
PathParameter
+
name
+
name of the Node
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
proxy POST requests to Node
+
+
+
POST /api/v1/proxy/nodes/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
PathParameter
+
name
+
name of the Node
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
proxy GET requests to Node
+
+
+
GET /api/v1/proxy/nodes/{name}/{path}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
PathParameter
+
name
+
name of the Node
+
true
+
string
+
+
+
+
PathParameter
+
path
+
path to the resource
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
proxy PUT requests to Node
+
+
+
PUT /api/v1/proxy/nodes/{name}/{path}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
PathParameter
+
name
+
name of the Node
+
true
+
string
+
+
+
+
PathParameter
+
path
+
path to the resource
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
proxy DELETE requests to Node
+
+
+
DELETE /api/v1/proxy/nodes/{name}/{path}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
PathParameter
+
name
+
name of the Node
+
true
+
string
+
+
+
+
PathParameter
+
path
+
path to the resource
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
proxy POST requests to Node
+
+
+
POST /api/v1/proxy/nodes/{name}/{path}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
PathParameter
+
name
+
name of the Node
+
true
+
string
+
+
+
+
PathParameter
+
path
+
path to the resource
+
true
+
string
+
+
+
+
+
+
+
+
Responses
+
+
+
+
+
+
+
+
+
HTTP Code
+
Description
+
Schema
+
+
+
+
+
default
+
success
+
string
+
+
+
+
+
+
+
Consumes
+
+
+
+
/
+
+
+
+
+
+
Produces
+
+
+
+
/
+
+
+
+
+
+
Tags
+
+
+
+
apiv1
+
+
+
+
+
+
+
list or watch objects of kind ReplicationController
+
+
+
GET /api/v1/replicationcontrollers
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
GET /api/v1/watch/namespaces/{namespace}/configmaps
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /api/v1/watch/namespaces/{namespace}/configmaps/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /api/v1/watch/namespaces/{namespace}/endpoints
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /api/v1/watch/namespaces/{namespace}/endpoints/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /api/v1/watch/namespaces/{namespace}/events/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /api/v1/watch/namespaces/{namespace}/limitranges
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /api/v1/watch/namespaces/{namespace}/limitranges/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
watch individual changes to a list of PersistentVolumeClaim
+
+
+
GET /api/v1/watch/namespaces/{namespace}/persistentvolumeclaims
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
watch changes to an object of kind PersistentVolumeClaim
+
+
+
GET /api/v1/watch/namespaces/{namespace}/persistentvolumeclaims/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /api/v1/watch/namespaces/{namespace}/pods/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /api/v1/watch/namespaces/{namespace}/podtemplates
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /api/v1/watch/namespaces/{namespace}/podtemplates/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
watch individual changes to a list of ReplicationController
+
+
+
GET /api/v1/watch/namespaces/{namespace}/replicationcontrollers
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
watch changes to an object of kind ReplicationController
+
+
+
GET /api/v1/watch/namespaces/{namespace}/replicationcontrollers/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
watch individual changes to a list of ResourceQuota
+
+
+
GET /api/v1/watch/namespaces/{namespace}/resourcequotas
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /api/v1/watch/namespaces/{namespace}/resourcequotas/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /api/v1/watch/namespaces/{namespace}/secrets/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
watch individual changes to a list of ServiceAccount
+
+
+
GET /api/v1/watch/namespaces/{namespace}/serviceaccounts
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /api/v1/watch/namespaces/{namespace}/serviceaccounts/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
GET /api/v1/watch/namespaces/{namespace}/services/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
+
false
+
string
+
+
+
+
QueryParameter
+
timeoutSeconds
+
Timeout for the list/watch call.
+
false
+
integer (int32)
+
+
+
+
PathParameter
+
namespace
+
object name and auth scope, such as for teams and projects
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
watch individual changes to a list of PersistentVolumeClaim
+
+
+
GET /api/v1/watch/persistentvolumeclaims
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
watch individual changes to a list of PersistentVolume
+
+
+
GET /api/v1/watch/persistentvolumes
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
watch changes to an object of kind PersistentVolume
+
+
+
GET /api/v1/watch/persistentvolumes/{name}
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
watch individual changes to a list of ReplicationController
+
+
+
GET /api/v1/watch/replicationcontrollers
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
watch individual changes to a list of ResourceQuota
+
+
+
GET /api/v1/watch/resourcequotas
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
watch individual changes to a list of ServiceAccount
+
+
+
GET /api/v1/watch/serviceaccounts
+
+
+
+
Parameters
+
+
+
+
+
+
+
+
+
+
+
+
Type
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
QueryParameter
+
pretty
+
If true, then the output is pretty printed.
+
false
+
string
+
+
+
+
QueryParameter
+
labelSelector
+
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
A selector to restrict the list of returned objects by their labels. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
fieldSelector
+
A selector to restrict the list of returned objects by their fields. Defaults to everything.
+
false
+
string
+
+
+
+
QueryParameter
+
watch
+
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
+
false
+
boolean
+
+
+
+
QueryParameter
+
resourceVersion
+
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history.
{% if page.url != "/404.html" and page.url != "/docs/search/" %}
@@ -58,7 +70,7 @@
-{% include footer.html %}
+{% include_cached footer.html %}
@@ -80,21 +92,21 @@
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-36037335-10', 'auto');
ga('send', 'pageview');
-
+
// hide docs nav area if no nav is present, or if nav only contains a link to the current page
(function () {
window.addEventListener('DOMContentLoaded', init)
-
+
// play nice with our neighbors
function init() {
window.removeEventListener('DOMContentLoaded', init)
hideNav()
}
-
+
function hideNav(toc){
if (!toc) toc = document.querySelector('#docsToc')
var container = toc.querySelector('.container')
-
+
// container is built dynamically, so it may not be present on the first runloop
if (container) {
if (container.childElementCount === 0 || toc.querySelectorAll('a.item').length === 1) {
diff --git a/_sass/_base.sass b/_sass/_base.sass
index c4db0c93ec..3ad4f81dc5 100644
--- a/_sass/_base.sass
+++ b/_sass/_base.sass
@@ -234,6 +234,40 @@ header
color: $blue
text-decoration: none
+// Global Nav - 12/9/2016 Update
+
+ul.global-nav
+ display: none
+
+ li
+ display: inline-block
+ margin-right: 14px
+
+ a
+ color: #fff
+ font-weight: 400
+ padding: 0
+ position: relative
+
+ &.active:after
+ position: absolute
+ width: 100%
+ height: 2px
+ content: ''
+ bottom: -4px
+ left: 0
+ background: #fff
+
+
+.flip-nav ul.global-nav li a,
+.open-nav ul.global-nav li a,
+ color: #333
+
+.flip-nav ul.global-nav li a.active:after,
+.open-nav ul.global-nav li a.active:after,
+
+ background: $blue
+
// FLIP NAV
.flip-nav
header
@@ -301,6 +335,26 @@ header
padding-left: 0
padding-right: 0
margin-bottom: 0
+ position: relative
+
+ &.bot-bar:after
+ display: block
+ margin-bottom: -20px
+ height: 8px
+ width: 100%
+ background-color: transparentize(white, 0.9)
+ content: ''
+
+ &.no-sub
+
+ h5
+ display: none
+
+ h1
+ margin-bottom: 20px
+
+#home #hero:after
+ display: none
// VENDOR STRIP
#vendorStrip
@@ -482,6 +536,19 @@ section
margin: 0 auto
height: 44px
line-height: 44px
+ position: relative
+
+ &:before
+ position: absolute
+ width: 15px
+ height: 15px
+ content: ''
+ right: 8px
+ top: 7px
+ background-image: url(/images/search-icon.svg)
+ background-repeat: no-repeat
+ background-size: 100% 100%
+ z-index: 1
#search
width: 100%
@@ -490,6 +557,10 @@ section
line-height: 30px
font-size: 16px
vertical-align: top
+ background: #fff
+ border: none
+ border-radius: 4px
+ position: relative
#encyclopedia
@@ -712,7 +783,6 @@ dd
font-weight: 500
margin-bottom: 30px
padding-bottom: 10px
- border-bottom: 1px solid #cccccc
// Make sure anchor links aren't hidden by the header
&:before
@@ -722,6 +792,9 @@ dd
height: $header-clearance
visibility: hidden
+ h1,h2
+ border-bottom: 1px solid #cccccc
+
h1
font-size: 32px
padding-right: 60px
@@ -731,9 +804,12 @@ dd
h3
font-size: 24px
+ font-weight: 300
+ margin-bottom: 5px
h4
font-size: 20px
+ margin-bottom: 0px
h5, h6
font-size: 16px
@@ -1008,7 +1084,7 @@ $feature-box-div-margin-bottom: 40px
#video
width: 100%
position: relative
- background-image: url(/images/kub_video_thm.jpg)
+ background-image: url(/images/kub_video_banner.jpg)
background-position: center center
background-size: cover
diff --git a/_sass/_desktop.sass b/_sass/_desktop.sass
index 9c02fbcf6c..27fbc46ae1 100644
--- a/_sass/_desktop.sass
+++ b/_sass/_desktop.sass
@@ -3,6 +3,15 @@ $vendor-strip-height: 44px
$video-section-height: 550px
@media screen and (min-width: 1025px)
+ #hamburger
+ display: none
+
+ ul.global-nav
+ display: inline-block
+
+ #docs #vendorStrip #searchBox:before
+ top: 15px
+
#vendorStrip
height: $vendor-strip-height
line-height: $vendor-strip-height
@@ -40,7 +49,7 @@ $video-section-height: 550px
#searchBox
float: right
- width: 30%
+ width: 320px
#search
vertical-align: middle
@@ -65,7 +74,7 @@ $video-section-height: 550px
#encyclopedia
- padding: 50px 50px 20px 20px
+ padding: 50px 50px 100px 100px
clear: both
#docsToc
@@ -88,6 +97,11 @@ $video-section-height: 550px
section, header, footer
main
max-width: $main-max-width
+
+ header, #vendorStrip, #encyclopedia, #hero h1, #hero h5, #docs #hero h1, #docs #hero h5,
+ #community #hero h1, .gridPage #hero h1, #community #hero h5, .gridPage #hero h5
+ padding-left: 100px
+ padding-right: 100px
#home
section, header, footer
@@ -121,7 +135,7 @@ $video-section-height: 550px
#video
height: $video-section-height
position: relative
- background-image: url(../images/kub_video_thm.jpg)
+ background-image: url(../images/kub_video_banner.jpg)
background-position: center center
background-size: cover
@@ -276,7 +290,7 @@ $video-section-height: 550px
text-align: left
h1
- padding: 20px
+ padding: 20px 100px
#tryKubernetes
width: auto
diff --git a/case-studies/index.html b/case-studies/index.html
index 4b92adb805..ce14542424 100644
--- a/case-studies/index.html
+++ b/case-studies/index.html
@@ -76,8 +76,13 @@ title: Case Studies
-
+
+
+
+
+
+
diff --git a/docs/admin/accessing-the-api.md b/docs/admin/accessing-the-api.md
index cb3f3d4ce4..c8f239969f 100644
--- a/docs/admin/accessing-the-api.md
+++ b/docs/admin/accessing-the-api.md
@@ -3,7 +3,7 @@ assignees:
- bgrant0607
- erictune
- lavalamp
-
+title: Overview
---
This document describes how access to the Kubernetes API is controlled.
@@ -148,7 +148,7 @@ By default the Kubernetes APIserver serves HTTP on 2 ports:
- default IP is first non-localhost network interface, change with `--bind-address` flag.
- request handled by authentication and authorization modules.
- request handled by admission control module(s).
- - authentication and authoriation modules run.
+ - authentication and authorisation modules run.
When the cluster is created by `kube-up.sh`, on Google Compute Engine (GCE),
and on several other cloud providers, the API server serves on port 443. On
diff --git a/docs/admin/addons.md b/docs/admin/addons.md
index 1555f8263c..f45aebeb09 100644
--- a/docs/admin/addons.md
+++ b/docs/admin/addons.md
@@ -1,4 +1,5 @@
---
+title: Installing Addons
---
## Overview
@@ -11,7 +12,7 @@ Add-ons in each section are sorted alphabetically - the ordering does not imply
## Networking and Network Policy
-* [Calico](http://docs.projectcalico.org/v1.6/getting-started/kubernetes/installation/hosted/) is a secure L3 networking and network policy provider.
+* [Calico](http://docs.projectcalico.org/v2.0/getting-started/kubernetes/installation/hosted/) is a secure L3 networking and network policy provider.
* [Canal](https://github.com/tigera/canal/tree/master/k8s-install/kubeadm) unites Flannel and Calico, providing networking and network policy.
* [Flannel](https://github.com/coreos/flannel/blob/master/Documentation/kube-flannel.yml) is a overlay network provider that can be used with Kubernetes.
* [Romana](http://romana.io) is a Layer 3 networking solution for pod networks that also supports the [NetworkPolicy API](/docs/user-guide/networkpolicies/). Kubeadm add-on installation details available [here](https://github.com/romana/romana/tree/master/containerize).
diff --git a/docs/admin/admission-controllers.md b/docs/admin/admission-controllers.md
index 24da796163..475f2e4be9 100644
--- a/docs/admin/admission-controllers.md
+++ b/docs/admin/admission-controllers.md
@@ -6,7 +6,7 @@ assignees:
- erictune
- janetkuo
- thockin
-
+title: Using Admission Controllers
---
* TOC
diff --git a/docs/admin/apparmor/index.md b/docs/admin/apparmor/index.md
index 9730c07953..4c2d02d989 100644
--- a/docs/admin/apparmor/index.md
+++ b/docs/admin/apparmor/index.md
@@ -1,7 +1,7 @@
---
assignees:
- stclair
-
+title: AppArmor
---
AppArmor is a Linux kernel enhancement that can reduce the potential attack surface of an
diff --git a/docs/admin/authentication.md b/docs/admin/authentication.md
index b0f1aa5cc1..3ada61a5fd 100644
--- a/docs/admin/authentication.md
+++ b/docs/admin/authentication.md
@@ -4,8 +4,10 @@ assignees:
- lavalamp
- ericchiang
- deads2k
-
+- liggitt
+title: Authenticating
---
+
* TOC
{:toc}
@@ -29,7 +31,7 @@ to talk to the Kubernetes API.
API requests are tied to either a normal user or a service account, or are treated
as anonymous requests. This means every process inside or outside the cluster, from
a human user typing `kubectl` on a workstation, to `kubelets` on nodes, to members
-of the control plane, must authenticate when making requests to the the API server,
+of the control plane, must authenticate when making requests to the API server,
or be treated as an anonymous user.
## Authentication strategies
@@ -382,6 +384,13 @@ option to the API server during startup. The plugin is implemented in
`plugin/pkg/auth/authenticator/password/keystone/keystone.go` and currently uses
basic auth to verify used by username and password.
+If you have configured self-signed certificates for the Keystone server,
+you may need to set the `--experimental-keystone-ca-file=SOMEFILE` option when
+starting the Kubernetes API server. If you set the option, the Keystone
+server's certificate is verified by one of the authorities in the
+`experimental-keystone-ca-file`. Otherwise, the certificate is verified by
+the host's root Certificate Authority.
+
For details on how to use keystone to manage projects and users, refer to the
[Keystone documentation](http://docs.openstack.org/developer/keystone/). Please
note that this plugin is still experimental, under active development, and likely
diff --git a/docs/admin/authorization.md b/docs/admin/authorization.md
index 1a86359a92..6f76a1c033 100644
--- a/docs/admin/authorization.md
+++ b/docs/admin/authorization.md
@@ -2,7 +2,9 @@
assignees:
- erictune
- lavalamp
-
+- deads2k
+- liggitt
+title: Using Authorization Plugins
---
In Kubernetes, authorization happens as a separate step from authentication.
@@ -565,10 +567,10 @@ Access to non-resource paths are sent as:
Non-resource paths include: `/api`, `/apis`, `/metrics`, `/resetMetrics`,
`/logs`, `/debug`, `/healthz`, `/swagger-ui/`, `/swaggerapi/`, `/ui`, and
-`/version.` Clients require access to `/api`, `/api/*/`, `/apis/`, `/apis/*`,
-`/apis/*/*`, and `/version` to discover what resources and versions are present
-on the server. Access to other non-resource paths can be disallowed without
-restricting access to the REST api.
+`/version.` Clients require access to `/api`, `/api/*`, `/apis`, `/apis/*`,
+and `/version` to discover what resources and versions are present on the server.
+Access to other non-resource paths can be disallowed without restricting access
+to the REST api.
For further documentation refer to the authorization.v1beta1 API objects and
plugin/pkg/auth/authorizer/webhook/webhook.go.
diff --git a/docs/admin/cluster-components.md b/docs/admin/cluster-components.md
index c1bcae8577..0b913d8956 100644
--- a/docs/admin/cluster-components.md
+++ b/docs/admin/cluster-components.md
@@ -1,7 +1,7 @@
---
assignees:
- lavalamp
-
+title: Kubernetes Components
---
This document outlines the various binary components that need to run to
diff --git a/docs/admin/cluster-large.md b/docs/admin/cluster-large.md
index d2285c3346..f41df12689 100644
--- a/docs/admin/cluster-large.md
+++ b/docs/admin/cluster-large.md
@@ -1,11 +1,10 @@
----
-assignees:
-- davidopp
-- lavalamp
-
----
-
-
+---
+assignees:
+- davidopp
+- lavalamp
+title: Building Large Clusters
+---
+
## Support
At {{page.version}}, Kubernetes supports clusters with up to 1000 nodes. More specifically, we support configurations that meet *all* of the following criteria:
diff --git a/docs/admin/cluster-management.md b/docs/admin/cluster-management.md
index 97362c4bab..b1c4c340a3 100644
--- a/docs/admin/cluster-management.md
+++ b/docs/admin/cluster-management.md
@@ -2,7 +2,7 @@
assignees:
- lavalamp
- thockin
-
+title: Cluster Management Guide
---
* TOC
diff --git a/docs/admin/cluster-troubleshooting.md b/docs/admin/cluster-troubleshooting.md
index 8bab089ce6..89cd99926b 100644
--- a/docs/admin/cluster-troubleshooting.md
+++ b/docs/admin/cluster-troubleshooting.md
@@ -1,7 +1,7 @@
---
assignees:
- davidopp
-
+title: Troubleshooting Clusters
---
This doc is about cluster troubleshooting; we assume you have already ruled out your application as the root cause of the
diff --git a/docs/admin/daemons.md b/docs/admin/daemons.md
index be3137bc93..90637239b3 100644
--- a/docs/admin/daemons.md
+++ b/docs/admin/daemons.md
@@ -1,13 +1,13 @@
---
assignees:
- erictune
-
+title: Daemon Sets
---
* TOC
{:toc}
-## What is a _Daemon Set_?
+## What is a Daemon Set?
A _Daemon Set_ ensures that all (or some) nodes run a copy of a pod. As nodes are added to the
cluster, pods are added to them. As nodes are removed from the cluster, those pods are garbage
@@ -74,7 +74,7 @@ a node for testing.
If you specify a `.spec.template.spec.nodeSelector`, then the DaemonSet controller will
create pods on nodes which match that [node
-selector](https://github.com/kubernetes/kubernetes.github.io/tree/{{page.docsbranch}}/docs/user-guide/node-selection).
+selector](/docs/user-guide/node-selection/).
If you specify a `scheduler.alpha.kubernetes.io/affinity` annotation in `.spec.template.metadata.annotations`,
then DaemonSet controller will create pods on nodes which match that [node affinity](../../user-guide/node-selection/#alpha-feature-in-kubernetes-v12-node-affinity).
@@ -99,7 +99,7 @@ Some possible patterns for communicating with pods in a DaemonSet are:
- **Push**: Pods in the Daemon Set are configured to send updates to another service, such
as a stats database. They do not have clients.
- **NodeIP and Known Port**: Pods in the Daemon Set use a `hostPort`, so that the pods are reachable
- via the node IPs. Clients knows the the list of nodes ips somehow, and know the port by convention.
+ via the node IPs. Clients knows the list of nodes ips somehow, and know the port by convention.
- **DNS**: Create a [headless service](/docs/user-guide/services/#headless-services) with the same pod selector,
and then discover DaemonSets using the `endpoints` resource or retrieve multiple A records from
DNS.
diff --git a/docs/admin/disruptions.md b/docs/admin/disruptions.md
index 0743b565e6..df94c58cf2 100644
--- a/docs/admin/disruptions.md
+++ b/docs/admin/disruptions.md
@@ -1,6 +1,6 @@
---
assignees:
-- mml
+- davidopp
---
This guide is for anyone wishing to specify safety constraints on pods or anyone
@@ -59,7 +59,7 @@ itself. To attempt an eviction (perhaps more REST-precisely, to attempt to
```json
{
- "apiVersion": "policy/v1alpha1",
+ "apiVersion": "policy/v1beta1",
"kind": "Eviction",
"metadata": {
"name": "quux",
diff --git a/docs/admin/dns.md b/docs/admin/dns.md
index d75acfa093..5f96838f32 100644
--- a/docs/admin/dns.md
+++ b/docs/admin/dns.md
@@ -3,7 +3,7 @@ assignees:
- ArtfulCoder
- davidopp
- lavalamp
-
+title: Using DNS Pods and Services
---
## Introduction
@@ -60,7 +60,7 @@ of the form `auto-generated-name.my-svc.my-namespace.svc.cluster.local`.
### Backwards compatibility
-Previous versions of kube-dns made names of the for
+Previous versions of kube-dns made names of the form
`my-svc.my-namespace.cluster.local` (the 'svc' level was added later). This
is no longer supported.
@@ -114,7 +114,7 @@ Given a Pod with the hostname set to "foo" and the subdomain set to "bar", and a
With v1.2, the Endpoints object also has a new annotation `endpoints.beta.kubernetes.io/hostnames-map`. Its value is the json representation of map[string(IP)][endpoints.HostRecord], for example: '{"10.245.1.6":{HostName: "my-webserver"}}'.
If the Endpoints are for a headless service, an A record is created with the format ...svc.
-For the example json, if endpoints are for a headless service named "bar", and one of the endpoints has IP "10.245.1.6", an A is created with the name "my-webserver.bar.my-namespace.svc.cluster.local" and the A record lookup would return "10.245.1.6".
+For the example json, if endpoints are for a headless service named "bar", and one of the endpoints has IP "10.245.1.6", an A record is created with the name "my-webserver.bar.my-namespace.svc.cluster.local" and the A record lookup would return "10.245.1.6".
This endpoints annotation generally does not need to be specified by end-users, but can used by the internal service controller to deliver the aforementioned feature.
With v1.3, The Endpoints object can specify the `hostname` for any endpoint, along with its IP. The hostname field takes precedence over the hostname value
@@ -251,7 +251,7 @@ If you see that no pod is running or that the pod has failed/completed, the dns
Use `kubectl logs` command to see logs for the DNS daemons.
```
-kubectl logs --namespace=kube-system $(kubectl get pods --namespace=kube-system -l k8s-app=kube-dns -o name) -c kubedns
+kubectl logs --namespace=kube-system $(kubectl get pods --namespace=kube-system -l k8s-app=kube-dns -o name) -c kube-dns
kubectl logs --namespace=kube-system $(kubectl get pods --namespace=kube-system -l k8s-app=kube-dns -o name) -c dnsmasq
kubectl logs --namespace=kube-system $(kubectl get pods --namespace=kube-system -l k8s-app=kube-dns -o name) -c healthz
```
@@ -356,3 +356,5 @@ for more information.
- [Docs for the DNS cluster addon](http://releases.k8s.io/{{page.githubbranch}}/build-tools/kube-dns/README.md)
+## What's next
+- [Autoscaling the DNS Service in a Cluster](/docs/tasks/administer-cluster/dns-horizontal-autoscaling/).
diff --git a/docs/admin/etcd.md b/docs/admin/etcd.md
index 14b36a33be..ea4f6b09b3 100644
--- a/docs/admin/etcd.md
+++ b/docs/admin/etcd.md
@@ -1,10 +1,9 @@
---
assignees:
- lavalamp
-
+title: Configuring Kubernetes Use of etcd
---
-
[etcd](https://coreos.com/etcd/docs/2.2.1/) is a highly-available key value
store which Kubernetes uses for persistent storage of all of its REST API
objects.
diff --git a/docs/admin/federation-apiserver.md b/docs/admin/federation-apiserver.md
index 00fb08c1a0..72d71547c7 100644
--- a/docs/admin/federation-apiserver.md
+++ b/docs/admin/federation-apiserver.md
@@ -1,4 +1,6 @@
---
+title: federation-apiserver
+notitle: true
---
## federation-apiserver
@@ -20,9 +22,10 @@ federation-apiserver
### Options
```
- --admission-control string Ordered list of plug-ins to do admission control of resources into cluster. Comma-delimited list of: AlwaysAdmit, AlwaysDeny, NamespaceLifecycle. (default "AlwaysAdmit")
+ --admission-control string Ordered list of plug-ins to do admission control of resources into cluster. Comma-delimited list of: AlwaysAdmit, AlwaysDeny, NamespaceLifecycle, OwnerReferencesPermissionEnforcement. (default "AlwaysAdmit")
--admission-control-config-file string File with admission control configuration.
- --advertise-address value The IP address on which to advertise the apiserver to members of the cluster. This address must be reachable by the rest of the cluster. If blank, the --bind-address will be used. If --bind-address is unspecified, the host's default interface will be used.
+ --advertise-address ip The IP address on which to advertise the apiserver to members of the cluster. This address must be reachable by the rest of the cluster. If blank, the --bind-address will be used. If --bind-address is unspecified, the host's default interface will be used.
+ --anonymous-auth Enables anonymous requests to the secure port of the API server. Requests that are not rejected by another authentication method are treated as anonymous requests. Anonymous requests have a username of system:anonymous, and a group name of system:unauthenticated. (default true)
--apiserver-count int The number of apiservers running in the cluster. (default 1)
--audit-log-maxage int The maximum number of days to retain old audit log files based on the timestamp encoded in their filename.
--audit-log-maxbackup int The maximum number of old audit log files to retain.
@@ -35,64 +38,71 @@ federation-apiserver
--authorization-webhook-cache-unauthorized-ttl duration The duration to cache 'unauthorized' responses from the webhook authorizer. Default is 30s. (default 30s)
--authorization-webhook-config-file string File with webhook configuration in kubeconfig format, used with --authorization-mode=Webhook. The API server will query the remote service to determine access on the API server's secure port.
--basic-auth-file string If set, the file that will be used to admit requests to the secure port of the API server via http basic authentication.
- --bind-address value The IP address on which to listen for the --secure-port port. The associated interface(s) must be reachable by the rest of the cluster, and by CLI/web clients. If blank, all interfaces will be used (0.0.0.0). (default 0.0.0.0)
+ --bind-address ip The IP address on which to listen for the --secure-port port. The associated interface(s) must be reachable by the rest of the cluster, and by CLI/web clients. If blank, all interfaces will be used (0.0.0.0). (default 0.0.0.0)
--cert-dir string The directory where the TLS certs are located (by default /var/run/kubernetes). If --tls-cert-file and --tls-private-key-file are provided, this flag will be ignored. (default "/var/run/kubernetes")
--client-ca-file string If set, any request presenting a client certificate signed by one of the authorities in the client-ca-file is authenticated with an identity corresponding to the CommonName of the client certificate.
--cloud-config string The path to the cloud provider configuration file. Empty string for no configuration file.
--cloud-provider string The provider for cloud services. Empty string for no provider.
- --cors-allowed-origins value List of allowed origins for CORS, comma separated. An allowed origin can be a regular expression to support subdomain matching. If this list is empty CORS will not be enabled. (default [])
+ --contention-profiling Enable contention profiling. Requires --profiling to be set to work.
+ --cors-allowed-origins stringSlice List of allowed origins for CORS, comma separated. An allowed origin can be a regular expression to support subdomain matching. If this list is empty CORS will not be enabled.
--delete-collection-workers int Number of workers spawned for DeleteCollection call. These are used to speed up namespace cleanup. (default 1)
--deserialization-cache-size int Number of deserialized json objects to cache in memory.
+ --enable-garbage-collector Enables the generic garbage collector. MUST be synced with the corresponding flag of the kube-controller-manager. (default true)
--enable-swagger-ui Enables swagger ui on the apiserver at /swagger-ui
--etcd-cafile string SSL Certificate Authority file used to secure etcd communication.
--etcd-certfile string SSL certification file used to secure etcd communication.
--etcd-keyfile string SSL key file used to secure etcd communication.
--etcd-prefix string The prefix for all resource paths in etcd. (default "/registry")
--etcd-quorum-read If true, enable quorum read.
- --etcd-servers value List of etcd servers to connect with (http://ip:port), comma separated. (default [])
- --etcd-servers-overrides value Per-resource etcd servers overrides, comma separated. The individual override format: group/resource#servers, where servers are http://ip:port, semicolon separated. (default [])
+ --etcd-servers stringSlice List of etcd servers to connect with (scheme://ip:port), comma separated.
+ --etcd-servers-overrides stringSlice Per-resource etcd servers overrides, comma separated. The individual override format: group/resource#servers, where servers are http://ip:port, semicolon separated.
--event-ttl duration Amount of time to retain events. Default is 1h. (default 1h0m0s)
+ --experimental-keystone-ca-file string If set, the Keystone server's certificate will be verified by one of the authorities in the experimental-keystone-ca-file, otherwise the host's root CA set will be used.
--experimental-keystone-url string If passed, activates the keystone authentication plugin.
--external-hostname string The hostname to use when generating externalized URLs for this master (e.g. Swagger API Docs).
- --feature-gates value A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
+ --feature-gates mapStringBool A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
AllAlpha=true|false (ALPHA - default=false)
-AllowExtTrafficLocalEndpoints=true|false (ALPHA - default=false)
+AllowExtTrafficLocalEndpoints=true|false (BETA - default=true)
AppArmor=true|false (BETA - default=true)
DynamicKubeletConfig=true|false (ALPHA - default=false)
DynamicVolumeProvisioning=true|false (ALPHA - default=true)
- --insecure-bind-address value The IP address on which to serve the --insecure-port (set to 0.0.0.0 for all interfaces). Defaults to localhost. (default 127.0.0.1)
+ExperimentalHostUserNamespaceDefaulting=true|false (ALPHA - default=false)
+StreamingProxyRedirects=true|false (ALPHA - default=false)
+ --insecure-allow-any-token username/group1,group2 If set, your server will be INSECURE. Any token will be allowed and user information will be parsed from the token as username/group1,group2
+ --insecure-bind-address ip The IP address on which to serve the --insecure-port (set to 0.0.0.0 for all interfaces). Defaults to localhost. (default 127.0.0.1)
--insecure-port int The port on which to serve unsecured, unauthenticated access. Default 8080. It is assumed that firewall rules are set up such that this port is not reachable from outside of the cluster and that port 443 on the cluster's public address is proxied to this port. This is performed by nginx in the default setup. (default 8080)
--kubernetes-service-node-port int If non-zero, the Kubernetes master service (which apiserver creates/maintains) will be of type NodePort, using this as the value of the port. If zero, the Kubernetes master service will be of type ClusterIP.
--long-running-request-regexp string A regular expression matching long running requests which should be excluded from maximum inflight request handling. (default "(/|^)((watch|proxy)(/|$)|(logs?|portforward|exec|attach)/?$)")
- --master-service-namespace string The namespace from which the kubernetes master services should be injected into pods. (default "default")
+ --master-service-namespace string DEPRECATED: the namespace from which the kubernetes master services should be injected into pods. (default "default")
--max-requests-inflight int The maximum number of requests in flight at a given time. When the server exceeds this, it rejects requests. Zero for no limit. (default 400)
--min-request-timeout int An optional field indicating the minimum number of seconds a handler must keep a request open before timing it out. Currently only honored by the watch request handler, which picks a randomized value above this number as the connection timeout, to spread out load. (default 1800)
--oidc-ca-file string If set, the OpenID server's certificate will be verified by one of the authorities in the oidc-ca-file, otherwise the host's root CA set will be used.
--oidc-client-id string The client ID for the OpenID Connect client, must be set if oidc-issuer-url is set.
- --oidc-groups-claim string If provided, the name of a custom OpenID Connect claim for specifying user groups. The claim value is expected to be an array of strings. This flag is experimental, please see the authentication documentation for further details.
+ --oidc-groups-claim string If provided, the name of a custom OpenID Connect claim for specifying user groups. The claim value is expected to be a string or array of strings. This flag is experimental, please see the authentication documentation for further details.
--oidc-issuer-url string The URL of the OpenID issuer, only HTTPS scheme will be accepted. If set, it will be used to verify the OIDC JSON Web Token (JWT).
--oidc-username-claim string The OpenID claim to use as the user name. Note that claims other than the default ('sub') is not guaranteed to be unique and immutable. This flag is experimental, please see the authentication documentation for further details. (default "sub")
--profiling Enable profiling via web interface host:port/debug/pprof/ (default true)
- --runtime-config value A set of key=value pairs that describe runtime configuration that may be passed to apiserver. apis/ key can be used to turn on/off specific api versions. apis// can be used to turn on/off specific resources. api/all and api/legacy are special keys to control all and legacy api versions respectively.
+ --requestheader-allowed-names stringSlice List of client certificate common names to allow to provide usernames in headers specified by --requestheader-username-headers. If empty, any client certificate validated by the authorities in --requestheader-client-ca-file is allowed.
+ --requestheader-client-ca-file string Root certificate bundle to use to verify client certificates on incoming requests before trusting usernames in headers specified by --requestheader-username-headers
+ --requestheader-username-headers stringSlice List of request headers to inspect for usernames. X-Remote-User is common.
+ --runtime-config mapStringString A set of key=value pairs that describe runtime configuration that may be passed to apiserver. apis/ key can be used to turn on/off specific api versions. apis// can be used to turn on/off specific resources. api/all and api/legacy are special keys to control all and legacy api versions respectively.
--secure-port int The port on which to serve HTTPS with authentication and authorization. If 0, don't serve HTTPS at all. (default 6443)
- --service-cluster-ip-range value A CIDR notation IP range from which to assign service cluster IPs. This must not overlap with any IP ranges assigned to nodes for pods.
- --service-node-port-range value A port range to reserve for services with NodePort visibility. Example: '30000-32767'. Inclusive at both ends of the range. (default 30000-32767)
+ --service-cluster-ip-range ipNet A CIDR notation IP range from which to assign service cluster IPs. This must not overlap with any IP ranges assigned to nodes for pods.
+ --service-node-port-range portRange A port range to reserve for services with NodePort visibility. Example: '30000-32767'. Inclusive at both ends of the range. (default 30000-32767)
--storage-backend string The storage backend for persistence. Options: 'etcd2' (default), 'etcd3'.
--storage-media-type string The media type to use to store objects in storage. Defaults to application/json. Some resources may only support a specific media type and will ignore this setting. (default "application/json")
- --storage-versions string The per-group version to store resources in. Specified in the format "group1/version1,group2/version2,...". In the case where objects are moved from one group to the other, you may specify the format "group1=group2/v1beta1,group3/v1beta1,...". You only need to pass the groups you wish to change from the defaults. It defaults to a list of preferred versions of all registered groups, which is derived from the KUBE_API_VERSIONS environment variable. (default "apps/v1alpha1,authentication.k8s.io/v1beta1,authorization.k8s.io/v1beta1,autoscaling/v1,batch/v1,certificates.k8s.io/v1alpha1,componentconfig/v1alpha1,extensions/v1beta1,federation/v1beta1,policy/v1alpha1,rbac.authorization.k8s.io/v1alpha1,storage.k8s.io/v1beta1,v1")
+ --storage-versions string The per-group version to store resources in. Specified in the format "group1/version1,group2/version2,...". In the case where objects are moved from one group to the other, you may specify the format "group1=group2/v1beta1,group3/v1beta1,...". You only need to pass the groups you wish to change from the defaults. It defaults to a list of preferred versions of all registered groups, which is derived from the KUBE_API_VERSIONS environment variable. (default "apps/v1beta1,authentication.k8s.io/v1beta1,authorization.k8s.io/v1beta1,autoscaling/v1,batch/v1,certificates.k8s.io/v1alpha1,componentconfig/v1alpha1,extensions/v1beta1,federation/v1beta1,policy/v1beta1,rbac.authorization.k8s.io/v1alpha1,storage.k8s.io/v1beta1,v1")
--target-ram-mb int Memory limit for apiserver in MB (used to configure sizes of caches, etc.)
- --tls-cert-file string File containing x509 Certificate for HTTPS. (CA cert, if any, concatenated after server cert). If HTTPS serving is enabled, and --tls-cert-file and --tls-private-key-file are not provided, a self-signed certificate and key are generated for the public address and saved to /var/run/kubernetes.
- --tls-private-key-file string File containing x509 private key matching --tls-cert-file.
+ --tls-ca-file string If set, this certificate authority will used for secure access from Admission Controllers. This must be a valid PEM-encoded CA bundle.
+ --tls-cert-file string File containing the default x509 Certificate for HTTPS. (CA cert, if any, concatenated after server cert). If HTTPS serving is enabled, and --tls-cert-file and --tls-private-key-file are not provided, a self-signed certificate and key are generated for the public address and saved to /var/run/kubernetes.
+ --tls-private-key-file string File containing the default x509 private key matching --tls-cert-file.
+ --tls-sni-cert-key namedCertKey A pair of x509 certificate and private key file paths, optionally suffixed with a list of domain patterns which are fully qualified domain names, possibly with prefixed wildcard segments. If no domain patterns are provided, the names of the certificate are extracted. Non-wildcard matches trump over wildcard matches, explicit domain patterns trump over extracted names. For multiple key/certificate pairs, use the --tls-sni-cert-key multiple times. Examples: "example.key,example.crt" or "*.foo.com,foo.com:foo.key,foo.crt". (default [])
--token-auth-file string If set, the file that will be used to secure the secure port of the API server via token authentication.
--watch-cache Enable watch caching in the apiserver (default true)
- --watch-cache-sizes value List of watch cache sizes for every resource (pods, nodes, etc.), comma separated. The individual override format: resource#size, where size is a number. It takes effect when watch-cache is enabled. (default [])
+ --watch-cache-sizes stringSlice List of watch cache sizes for every resource (pods, nodes, etc.), comma separated. The individual override format: resource#size, where size is a number. It takes effect when watch-cache is enabled.
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
diff --git a/docs/admin/federation-controller-manager.md b/docs/admin/federation-controller-manager.md
index d73dde0b9e..d3dca5bf06 100644
--- a/docs/admin/federation-controller-manager.md
+++ b/docs/admin/federation-controller-manager.md
@@ -1,4 +1,6 @@
---
+title: federation-controller-mananger
+notitle: true
---
## federation-controller-manager
@@ -23,14 +25,14 @@ federation-controller-manager
### Options
```
- --address value The IP address to serve on (set to 0.0.0.0 for all interfaces) (default 0.0.0.0)
+ --address ip The IP address to serve on (set to 0.0.0.0 for all interfaces) (default 0.0.0.0)
--cluster-monitor-period duration The period for syncing ClusterStatus in ClusterController. (default 40s)
--concurrent-replicaset-syncs int The number of ReplicaSets syncing operations that will be done concurrently. Larger number = faster endpoint updating, but more CPU (and network) load (default 10)
--concurrent-service-syncs int The number of service syncing operations that will be done concurrently. Larger number = faster endpoint updating, but more CPU (and network) load (default 10)
- --dns-provider string DNS provider. Valid values are: ["aws-route53" "google-clouddns"]
+ --dns-provider string DNS provider. Valid values are: ["google-clouddns" "aws-route53"]
--dns-provider-config string Path to config file for configuring DNS provider.
--federated-api-burst int Burst to use while talking with federation apiserver (default 30)
- --federated-api-qps value QPS to use while talking with federation apiserver (default 20)
+ --federated-api-qps float32 QPS to use while talking with federation apiserver (default 20)
--federation-name string Federation name.
--kube-api-content-type string ContentType of requests sent to apiserver. Passing application/vnd.kubernetes.protobuf is an experimental feature now.
--kubeconfig string Path to kubeconfig file with authorization and master location information.
@@ -41,14 +43,12 @@ federation-controller-manager
--master string The address of the federation API server (overrides any value in kubeconfig)
--port int The port that the controller-manager's http service runs on (default 10253)
--profiling Enable profiling via web interface host:port/debug/pprof/ (default true)
+ --service-dns-suffix string DNS Suffix to use when publishing federated service names. Defaults to zone-name
+ --zone-id string Zone ID, needed if the zone name is not unique.
--zone-name string Zone name, like example.com.
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
diff --git a/docs/admin/federation/index.md b/docs/admin/federation/index.md
index 41d43b9572..478f7563de 100644
--- a/docs/admin/federation/index.md
+++ b/docs/admin/federation/index.md
@@ -3,8 +3,9 @@ assignees:
- madhusudancs
- mml
- nikhiljindal
-
+title: Using `federation-up` and `deploy.sh`
---
+
This guide explains how to set up cluster federation that lets us control multiple Kubernetes clusters.
@@ -14,11 +15,11 @@ This guide explains how to set up cluster federation that lets us control multip
## Prerequisites
This guide assumes that you have a running Kubernetes cluster.
-If not, then head over to the [getting started guides](/docs/getting-started-guides/) to bring up a cluster.
+If you need to start a new cluster, see the [getting started guides](/docs/getting-started-guides/) for instructions on bringing a cluster up.
-This guide also assumes that you have a Kubernetes release
-[downloaded from here](/docs/getting-started-guides/binary_release/),
-extracted into a directory and all the commands in this guide are run from
+To use the commands in this guide, you must download a Kubernetes release from the
+[getting started binary releases](/docs/getting-started-guides/binary_release/) and
+extract into a directory; all the commands in this guide are run from
that directory.
```shell
@@ -26,8 +27,8 @@ $ curl -L https://github.com/kubernetes/kubernetes/releases/download/v1.4.0/kube
$ cd kubernetes
```
-This guide also assumes that you have an installation of Docker running
-locally, i.e. on the machine where you run the commands described in this
+You must also have a Docker installation running
+locally--meaning on the machine where you run the commands described in this
guide.
## Setting up a federation control plane
@@ -212,47 +213,81 @@ cluster1 Ready 3m
## Updating KubeDNS
-Once the cluster is registered with the federation, you are all set to use it.
-But for the cluster to be able to route federation service requests, you need to restart
-KubeDNS and pass it a `--federations` flag which tells it about valid federation DNS hostnames.
-Format of the flag is like this:
+Once you've registered your cluster with the federation, you'll need to update KubeDNS so that your cluster can route federation service requests. The update method varies depending on your Kubernetes version; on Kubernetes 1.5 or later, you must pass the
+`--federations` flag to kube-dns via the kube-dns config map. In version 1.4 or earlier, you must set the `--federations` flag directly on kube-dns-rc on other clusters.
+
+### Kubernetes 1.5+: Passing federations flag via config map to kube-dns
+
+For kubernetes clusters of version 1.5+, you can pass the
+`--federations` flag to kube-dns via the kube-dns config map.
+The flag uses the following format:
```
--federations=${FEDERATION_NAME}=${DNS_DOMAIN_NAME}
```
-To update KubeDNS with federations flag, you can edit the existing kubedns replication controller to
-include that flag in pod template spec and then delete the existing pod. Replication controller will
-recreate the pod with updated template.
+To pass this flag to KubeDNS, create a config-map with name `kube-dns` in
+namespace `kube-system`. The configmap should look like the following:
-To find the name of existing kubedns replication controller, run
+```yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: kube-dns
+ namespace: kube-system
+data:
+ federations: =
+```
+
+where `` should be replaced by the name you want to give to your
+federation, and
+`federation-domain-name` should be replaced by the domain name you want to use
+in your federation DNS.
+
+You can find more details about config maps in general at
+http://kubernetes.io/docs/user-guide/configmap/.
+
+### Kubernetes 1.4 and earlier: Setting federations flag on kube-dns-rc
+
+If your cluster is running Kubernetes version 1.4 or earlier, you must to restart
+KubeDNS and pass it a `--federations` flag, which tells it about valid federation DNS hostnames.
+The flag uses the following format:
+
+```
+--federations=${FEDERATION_NAME}=${DNS_DOMAIN_NAME}
+```
+
+To update KubeDNS with the `--federations` flag, you can edit the existing kubedns replication controller to
+include that flag in pod template spec, and then delete the existing pod. The replication controller then
+recreates the pod with updated template.
+
+To find the name of existing kubedns replication controller, run the following command:
```shell
$ kubectl get rc --namespace=kube-system
```
-This will list all the replication controllers. Name of the kube-dns replication
-controller will look like `kube-dns-v18`. You can then edit it by running:
+You should see a list of all the replication controllers on the cluster. The kube-dns replication
+controller should have a name similar to `kube-dns-v18`. To edit the replication controller, specify it by name as follows:
```shell
$ kubectl edit rc --namespace=kube-system
```
-Add the `--federations` flag as args to kube-dns container in the YAML file that
-pops up after running the above command.
+In the resulting YAML file for the kube-dns replication controller, add the `--federations` flag as an argument to kube-dns container.
-To delete the existing kube dns pod, you can first find it by running:
+Then, you must delete the existing kube dns pod. You can find the pod by running:
```shell
$ kubectl get pods --namespace=kube-system
```
-And then delete it by running:
+And then delete the appropriate pod by running:
```shell
$ kubectl delete pods --namespace=kube-system
```
-You are now all set to start using federation.
+Once you've completed the kube-dns configuration, your federation is ready for use.
## Turn down
diff --git a/docs/admin/federation/kubefed.md b/docs/admin/federation/kubefed.md
new file mode 100644
index 0000000000..52d83d3535
--- /dev/null
+++ b/docs/admin/federation/kubefed.md
@@ -0,0 +1,194 @@
+---
+assignees:
+- madhusudancs
+
+---
+
+* TOC
+{:toc}
+
+Kubernetes version 1.5 includes a new command line tool called
+`kubefed` to help you administrate your federated clusters.
+`kubefed` helps you to deploy a new Kubernetes cluster federation
+control plane, and to add clusters to or remove clusters from an
+existing federation control plane.
+
+This guide explains how to administer a Kubernetes Cluster Federation
+using `kubefed`.
+
+> Note: `kubefed` is an alpha feature in Kubernetes 1.5.
+
+## Prerequisites
+
+This guide assumes that you have a running Kubernetes cluster. Please
+see one of the [getting started](/docs/getting-started-guides/) guides
+for installation instructions for your platform.
+
+
+## Getting `kubefed`
+
+Download the client tarball corresponding to Kubernetes version 1.5
+or later
+[from the release page](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG.md),
+extract the binaries in the tarball to one of the directories
+in your `$PATH` and set the executable permission on those binaries.
+
+```shell
+curl -O https://storage.googleapis.com/kubernetes-release/release/v1.5.0/kubernetes-client-linux-amd64.tar.gz
+tar -xzvf kubernetes-client-linux-amd64.tar.gz
+sudo cp kubernetes/client/bin/kubefed /usr/local/bin
+sudo chmod +x /usr/local/bin/kubefed
+sudo cp kubernetes/client/bin/kubectl /usr/local/bin
+sudo chmod +x /usr/local/bin/kubectl
+```
+
+
+## Choosing a host cluster.
+
+You'll need to choose one of your Kubernetes clusters to be the
+*host cluster*. The host cluster hosts the components that make up
+your federation control plane. Ensure that you have a `kubeconfig`
+entry in your local `kubeconfig` that corresponds to the host cluster.
+You can verify that you have the required `kubeconfig` entry by
+running:
+
+```shell
+kubectl config get-contexts
+```
+
+The output should contain an entry corresponding to your host cluster,
+similar to the following:
+
+```
+CURRENT NAME CLUSTER AUTHINFO NAMESPACE
+ gke_myproject_asia-east1-b_gce-asia-east1 gke_myproject_asia-east1-b_gce-asia-east1 gke_myproject_asia-east1-b_gce-asia-east1
+```
+
+
+You'll need to provide the `kubeconfig` context (called name in the
+entry above) for your host cluster when you deploy your federation
+control plane.
+
+
+## Deploying a federation control plane.
+
+"To deploy a federation control plane on your host cluster, run
+`kubefed init` command. When you use `kubefed init`, you must provide
+the following:
+
+* Federation name
+* `--host-cluster-context`, the `kubeconfig` context for the host cluster
+* `--dns-zone-name`, a domain name suffix for your federated services
+
+The following example command deploys a federation control plane with
+the name `fellowship`, a host cluster context `rivendell`, and the
+domain suffix `example.com`:
+
+```shell
+kubefed init fellowship --host-cluster-context=rivendell --dns-zone-name="example.com"
+```
+
+The domain suffix you specify in `--dns-zone-name` must be an existing
+domain that you control, and that is programmable by your DNS provider.
+
+`kubefed init` sets up the federation control plane in the host
+cluster and also adds an entry for the federation API server in your
+local kubeconfig. Note that in the alpha release in Kubernetes 1.5,
+`kubefed init` does not automatically set the current context to the
+newly deployed federation. You can set the current context manually by
+running:
+
+```shell
+kubectl config use-context fellowship
+```
+
+where `fellowship` is the name of your federation.
+
+
+## Adding a cluster to a federation
+
+Once you've deployed a federation control plane, you'll need to make
+that control plane aware of the clusters it should manage. You can add
+a cluster to your federation by using the `kubefed join` command.
+
+To use `kubefed join`, you'll need to provide the name of the cluster
+you want to add to the federation, and the `--host-cluster-context`
+for the federation control plane's host cluster.
+
+The following example command adds the cluster `gondor` to the
+federation with host cluster `rivendell`:
+
+```
+kubefed join gondor --host-cluster-context=rivendell
+```
+
+> Note: Kubernetes requires that you manually join clusters to a
+federation because the federation control plane manages only those
+clusters that it is responsible for managing. Adding a cluster tells
+the federation control plane that it is responsible for managing that
+cluster.
+
+### Naming rules and customization
+
+The cluster name you supply to `kubefed join` must be a valid RFC 1035
+label.
+
+Furthermore, federation control plane requires credentials of the
+joined clusters to operate on them. These credentials are obtained
+from the local kubeconfig. `kubefed join` uses the cluster name
+specified as the argument to look for the cluster's context in the
+local kubeconfig. If it fails to find a matching context, it exits
+with an error.
+
+This might cause issues in cases where context names for each cluster
+in the federation don't follow RFC 1035 label naming rules. In such
+cases, you can specify a cluster name that conforms to the RFC 1035
+label naming rules and specify the cluster context using the
+`--cluster-context` flag. For example, if context of the cluster your
+are joining is `gondor_needs-no_king`, then you can
+join the cluster by running:
+
+```shell
+kubefed join gondor --host-cluster-context=rivendell --cluster-context=gondor_needs-no_king
+```
+
+#### Secret name
+
+Cluster credentials required by the federation control plane as
+described above are stored as a secret in the host cluster. The name
+of the secret is also derived from the cluster name.
+
+However, the name of a secret object in Kubernetes should conform
+to the subdomain name specification described in RFC 1123. If this
+isn't case, you can pass the secret name to `kubefed join` using the
+`--secret-name` flag. For example, if the cluster name is `noldor` and
+the secret name is `11kingdom`, you can join the cluster by
+running:
+
+```shell
+kubefed join noldor --host-cluster-context=rivendell --secret-name=11kingdom
+```
+
+## Removing a cluster from a federation
+
+To remove a cluster from a federation, run the `kubefed unjoin`
+command with the cluster name and the federation's
+`--host-cluster-context`:
+
+```
+kubefed unjoin gondor --host-cluster-context=rivendell
+```
+
+
+## Turning down the federation control plane:
+
+Proper cleanup of federation control plane is not fully implemented in
+this alpha release of `kubefed`. However, for the time being, deleting
+the federation system namespace should remove all the resources except
+the persistent storage volume dynamically provisioned for the
+federation control plane's etcd. You can delete the federation
+namespace by running the following command:
+
+```
+$ kubectl delete ns federation-system
+```
diff --git a/docs/admin/garbage-collection.md b/docs/admin/garbage-collection.md
index a3112a07f1..0492f9f277 100644
--- a/docs/admin/garbage-collection.md
+++ b/docs/admin/garbage-collection.md
@@ -1,7 +1,7 @@
---
assignees:
- mikedanese
-
+title: Configuring kubelet Garbage Collection
---
* TOC
@@ -17,7 +17,7 @@ kubernetes manages lifecycle of all images through imageManager, with the cooper
of cadvisor.
The policy for garbage collecting images takes two factors into consideration:
-`HighThresholdPercent` and `LowThresholdPercent`. Disk usage above the the high threshold
+`HighThresholdPercent` and `LowThresholdPercent`. Disk usage above the high threshold
will trigger garbage collection. The garbage collection will delete least recently used images until the low
threshold has been met.
diff --git a/docs/admin/ha-master-gce.md b/docs/admin/ha-master-gce.md
new file mode 100644
index 0000000000..262dafbe0a
--- /dev/null
+++ b/docs/admin/ha-master-gce.md
@@ -0,0 +1,160 @@
+---
+assignees:
+- jszczepkowski
+
+---
+
+* TOC
+{:toc}
+
+## Introduction
+
+Kubernetes version 1.5 adds alpha support for replicating Kubernetes masters in `kube-up` or `kube-down` scripts for Google Compute Engine.
+This document describes how to use kube-up/down scripts to manage highly available (HA) masters and how HA masters are implemented for use with GCE.
+
+## Starting an HA-compatible cluster
+
+To create a new HA-compatible cluster, you must set the following flags in your `kube-up` script:
+
+* `MULTIZONE=true` - to prevent removal of master replicas kubelets from zones different than server's default zone.
+Required if you want to run master replicas in different zones, which is recommended.
+
+* `ENABLE_ETCD_QUORUM_READS=true` - to ensure that reads from all API servers will return most up-to-date data.
+If true, reads will be directed to leader etcd replica.
+Setting this value to true is optional: reads will be more reliable but will also be slower.
+
+Optionally, you can specify a GCE zone where the first master replica is to be created.
+Set the the following flag:
+
+* `KUBE_GCE_ZONE=zone` - zone where the first master replica will run.
+
+The following sample command sets up a HA-compatible cluster in the GCE zone europe-west1-b:
+
+```shell
+$ MULTIZONE=true KUBE_GCE_ZONE=europe-west1-b ENABLE_ETCD_QUORUM_READS=true ./cluster/kube-up.sh
+```
+
+Note that the commands above create a cluster with one master;
+however, you can add new master replicas to the cluster with subsequent commands.
+
+## Adding a new master replica
+
+After you have created an HA-compatible cluster, you can add master replicas to it.
+You add master replicas by using a `kube-up` script with the following flags:
+
+* `KUBE_REPLICATE_EXISTING_MASTER=true` - to create a replica of an existing
+master.
+
+* `KUBE_GCE_ZONE=zone` - zone where the master replica will run.
+Must be in the same region as other replicas' zones.
+
+You don't need to set the `MULTIZONE` or `ENABLE_ETCD_QUORUM_READS` flags,
+as those are inherited from when you started your HA-compatible cluster.
+
+The following sample command replicates the master on an existing HA-compatible cluster:
+
+```shell
+$ KUBE_GCE_ZONE=europe-west1-c KUBE_REPLICATE_EXISTING_MASTER=true ./cluster/kube-up.sh
+```
+
+## Removing a master replica
+
+You can remove a master replica from an HA cluster by using a `kube-down` script with the following flags:
+
+* `KUBE_DELETE_NODES=false` - to restrain deletion of kubelets.
+
+* `KUBE_GCE_ZONE=zone` - the zone from where master replica will be removed.
+
+* `KUBE_REPLICA_NAME=replica_name` - (optional) the name of master replica to remove.
+If empty: any replica from the given zone will be removed.
+
+The following sample command removes a master replica from an existing HA cluster:
+
+```shell
+$ KUBE_DELETE_NODES=false KUBE_GCE_ZONE=europe-west1-c ./cluster/kube-down.sh
+```
+
+## Handling master replica failures
+
+If one of the master replicas in your HA cluster fails,
+the best practice is to remove the replica from your cluster and add a new replica in the same zone.
+The following sample commands demonstrate this process:
+
+1. Remove the broken replica:
+
+```shell
+$ KUBE_DELETE_NODES=false KUBE_GCE_ZONE=replica_zone KUBE_REPLICA_NAME=replica_name ./cluster/kube-down.sh
+```
+
+2. Add a new replica in place of the old one:
+
+```shell
+$ KUBE_GCE_ZONE=replica-zone KUBE_REPLICATE_EXISTING_MASTER=true ./cluster/kube-up.sh
+```
+
+## Best practices for replicating masters for HA clusters
+
+* Try to place masters replicas in different zones. During a zone failure, all master placed inside the zone will fail.
+To survive zone failure, also place nodes in multiple zones
+(see [multiple-zones](http://kubernetes.io/docs/admin/multiple-zones/) for details).
+
+* Do not use a cluster with two master replicas. Consensus on a two replica cluster requires both replicas running when changing persistent state.
+As a result, both replicas are needed and a failure of any replica turns cluster into majority failure state.
+A two-replica cluster is thus inferior, in terms of HA, to a single replica cluster.
+
+* When you add a master replica, cluster state (etcd) is copied to a new instance.
+If the cluster is large, it may take a long time to duplicate its state.
+This operation may be speed up by migrating etcd data directory, as described [here](https://coreos.com/etcd/docs/latest/admin_guide.html#member-migration) here
+(we are considering adding support for etcd data dir migration in future).
+
+## Implementation notes
+
+
+
+### Overview
+
+Each of master replicas will run the following components in the following mode:
+
+* etcd instance: all instances will be clustered together using consensus;
+
+* API server: each server will talk to local etcd - all API servers in the cluster will be available;
+
+* controllers, scheduler, and cluster auto-scaler: will use lease mechanism - only one instance of each of them will be active in the cluster;
+
+* add-on manager: each manager will work independently trying to keep add-ons in sync.
+
+In addition, there will be a load balancer in front of API servers that will route external and internal traffic to them.
+
+### Load balancing
+
+When starting the second master replica, a load balancer containing the two replicas will be created
+and the IP address of the first replica will be promoted to IP address of load balancer.
+Similarly, after removal of the penultimate master replica, the load balancer will be removed and its IP address will be assigned to the last remaining replica.
+Please note that creation and removal of load balancer are complex operations and it may take some time (~20 minutes) for them to propagate.
+
+### Master service & kubelets
+
+Instead of trying to keep an up-to-date list of Kubernetes apiserver in the Kubernetes service,
+the system directs all traffic to the external IP:
+
+* in one master cluster the IP points to the single master,
+
+* in multi-master cluster the IP points to the load balancer in-front of the masters.
+
+Similarly, the external IP will be used by kubelets to communicate with master.
+
+### Master certificates
+
+Kubernetes generates Master TLS certificates for the external public IP and local IP for each replica.
+There are no certificates for the ephemeral public IP for replicas;
+to access a replica via its ephemeral public IP, you must skip TLS verification.
+
+### Clustering etcd
+
+To allow etcd clustering, ports needed to communicate between etcd instances will be opened (for inside cluster communication).
+To make such deployment secure, communication between etcd instances is authorized using SSL.
+
+## Additional reading
+
+[Automated HA master deployment - design doc](https://github.com/kubernetes/kubernetes/blob/master/docs/design/ha_master.md)
+
diff --git a/docs/admin/ha-master-gce.png b/docs/admin/ha-master-gce.png
new file mode 100644
index 0000000000..a05e04a187
Binary files /dev/null and b/docs/admin/ha-master-gce.png differ
diff --git a/docs/admin/high-availability/index.md b/docs/admin/high-availability/index.md
index ad78270e4a..42e51d3d51 100644
--- a/docs/admin/high-availability/index.md
+++ b/docs/admin/high-availability/index.md
@@ -1,7 +1,7 @@
----
-
----
-
+---
+title: Building High-Availability Clusters
+---
+
## Introduction
This document describes how to build a high-availability (HA) Kubernetes cluster. This is a fairly advanced topic.
diff --git a/docs/admin/index.md b/docs/admin/index.md
index 47f47f8116..98f38b428a 100644
--- a/docs/admin/index.md
+++ b/docs/admin/index.md
@@ -2,7 +2,7 @@
assignees:
- davidopp
- lavalamp
-
+title: Admin Guide
---
The cluster admin guide is for anyone creating or administering a Kubernetes cluster.
@@ -84,3 +84,8 @@ project](/docs/admin/salt).
* **Sysctls** [sysctls](/docs/admin/sysctls.md)
* **Audit** [audit](/docs/admin/audit)
+
+* **Securing the kubelet**
+ * [Master-Node communication](/docs/admin/master-node-communication/)
+ * [TLS bootstrapping](/docs/admin/kubelet-tls-bootstrapping/)
+ * [Kubelet authentication/authorization](/docs/admin/kubelet-authentication-authorization/)
diff --git a/docs/admin/kube-apiserver.md b/docs/admin/kube-apiserver.md
index 4e24cd2d89..bc08ef1f0a 100644
--- a/docs/admin/kube-apiserver.md
+++ b/docs/admin/kube-apiserver.md
@@ -1,4 +1,6 @@
---
+title: kube-apiserver
+notitle: true
---
## kube-apiserver
@@ -20,10 +22,11 @@ kube-apiserver
### Options
```
- --admission-control string Ordered list of plug-ins to do admission control of resources into cluster. Comma-delimited list of: AlwaysAdmit, AlwaysDeny, AlwaysPullImages, DefaultStorageClass, DenyEscalatingExec, DenyExecOnPrivileged, ImagePolicyWebhook, InitialResources, LimitPodHardAntiAffinityTopology, LimitRanger, NamespaceAutoProvision, NamespaceExists, NamespaceLifecycle, PersistentVolumeLabel, PodSecurityPolicy, ResourceQuota, SecurityContextDeny, ServiceAccount. (default "AlwaysAdmit")
+ --admission-control string Ordered list of plug-ins to do admission control of resources into cluster. Comma-delimited list of: AlwaysAdmit, AlwaysDeny, AlwaysPullImages, DefaultStorageClass, DenyEscalatingExec, DenyExecOnPrivileged, ImagePolicyWebhook, InitialResources, LimitPodHardAntiAffinityTopology, LimitRanger, NamespaceAutoProvision, NamespaceExists, NamespaceLifecycle, OwnerReferencesPermissionEnforcement, PersistentVolumeLabel, PodNodeSelector, PodSecurityPolicy, ResourceQuota, SecurityContextDeny, ServiceAccount. (default "AlwaysAdmit")
--admission-control-config-file string File with admission control configuration.
- --advertise-address value The IP address on which to advertise the apiserver to members of the cluster. This address must be reachable by the rest of the cluster. If blank, the --bind-address will be used. If --bind-address is unspecified, the host's default interface will be used.
+ --advertise-address ip The IP address on which to advertise the apiserver to members of the cluster. This address must be reachable by the rest of the cluster. If blank, the --bind-address will be used. If --bind-address is unspecified, the host's default interface will be used.
--allow-privileged If true, allow privileged containers.
+ --anonymous-auth Enables anonymous requests to the secure port of the API server. Requests that are not rejected by another authentication method are treated as anonymous requests. Anonymous requests have a username of system:anonymous, and a group name of system:unauthenticated. (default true)
--apiserver-count int The number of apiservers running in the cluster. (default 1)
--audit-log-maxage int The maximum number of days to retain old audit log files based on the timestamp encoded in their filename.
--audit-log-maxbackup int The maximum number of old audit log files to retain.
@@ -38,12 +41,13 @@ kube-apiserver
--authorization-webhook-cache-unauthorized-ttl duration The duration to cache 'unauthorized' responses from the webhook authorizer. Default is 30s. (default 30s)
--authorization-webhook-config-file string File with webhook configuration in kubeconfig format, used with --authorization-mode=Webhook. The API server will query the remote service to determine access on the API server's secure port.
--basic-auth-file string If set, the file that will be used to admit requests to the secure port of the API server via http basic authentication.
- --bind-address value The IP address on which to listen for the --secure-port port. The associated interface(s) must be reachable by the rest of the cluster, and by CLI/web clients. If blank, all interfaces will be used (0.0.0.0). (default 0.0.0.0)
+ --bind-address ip The IP address on which to listen for the --secure-port port. The associated interface(s) must be reachable by the rest of the cluster, and by CLI/web clients. If blank, all interfaces will be used (0.0.0.0). (default 0.0.0.0)
--cert-dir string The directory where the TLS certs are located (by default /var/run/kubernetes). If --tls-cert-file and --tls-private-key-file are provided, this flag will be ignored. (default "/var/run/kubernetes")
--client-ca-file string If set, any request presenting a client certificate signed by one of the authorities in the client-ca-file is authenticated with an identity corresponding to the CommonName of the client certificate.
--cloud-config string The path to the cloud provider configuration file. Empty string for no configuration file.
--cloud-provider string The provider for cloud services. Empty string for no provider.
- --cors-allowed-origins value List of allowed origins for CORS, comma separated. An allowed origin can be a regular expression to support subdomain matching. If this list is empty CORS will not be enabled. (default [])
+ --contention-profiling Enable contention profiling. Requires --profiling to be set to work.
+ --cors-allowed-origins stringSlice List of allowed origins for CORS, comma separated. An allowed origin can be a regular expression to support subdomain matching. If this list is empty CORS will not be enabled.
--delete-collection-workers int Number of workers spawned for DeleteCollection call. These are used to speed up namespace cleanup. (default 1)
--deserialization-cache-size int Number of deserialized json objects to cache in memory.
--enable-garbage-collector Enables the generic garbage collector. MUST be synced with the corresponding flag of the kube-controller-manager. (default true)
@@ -53,62 +57,68 @@ kube-apiserver
--etcd-keyfile string SSL key file used to secure etcd communication.
--etcd-prefix string The prefix for all resource paths in etcd. (default "/registry")
--etcd-quorum-read If true, enable quorum read.
- --etcd-servers value List of etcd servers to connect with (http://ip:port), comma separated. (default [])
- --etcd-servers-overrides value Per-resource etcd servers overrides, comma separated. The individual override format: group/resource#servers, where servers are http://ip:port, semicolon separated. (default [])
+ --etcd-servers stringSlice List of etcd servers to connect with (scheme://ip:port), comma separated.
+ --etcd-servers-overrides stringSlice Per-resource etcd servers overrides, comma separated. The individual override format: group/resource#servers, where servers are http://ip:port, semicolon separated.
--event-ttl duration Amount of time to retain events. Default is 1h. (default 1h0m0s)
+ --experimental-keystone-ca-file string If set, the Keystone server's certificate will be verified by one of the authorities in the experimental-keystone-ca-file, otherwise the host's root CA set will be used.
--experimental-keystone-url string If passed, activates the keystone authentication plugin.
--external-hostname string The hostname to use when generating externalized URLs for this master (e.g. Swagger API Docs).
- --feature-gates value A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
+ --feature-gates mapStringBool A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
AllAlpha=true|false (ALPHA - default=false)
-AllowExtTrafficLocalEndpoints=true|false (ALPHA - default=false)
+AllowExtTrafficLocalEndpoints=true|false (BETA - default=true)
AppArmor=true|false (BETA - default=true)
DynamicKubeletConfig=true|false (ALPHA - default=false)
DynamicVolumeProvisioning=true|false (ALPHA - default=true)
+ExperimentalHostUserNamespaceDefaulting=true|false (ALPHA - default=false)
+StreamingProxyRedirects=true|false (ALPHA - default=false)
--google-json-key string The Google Cloud Platform Service Account JSON Key to use for authentication.
- --insecure-bind-address value The IP address on which to serve the --insecure-port (set to 0.0.0.0 for all interfaces). Defaults to localhost. (default 127.0.0.1)
+ --insecure-allow-any-token username/group1,group2 If set, your server will be INSECURE. Any token will be allowed and user information will be parsed from the token as username/group1,group2
+ --insecure-bind-address ip The IP address on which to serve the --insecure-port (set to 0.0.0.0 for all interfaces). Defaults to localhost. (default 127.0.0.1)
--insecure-port int The port on which to serve unsecured, unauthenticated access. Default 8080. It is assumed that firewall rules are set up such that this port is not reachable from outside of the cluster and that port 443 on the cluster's public address is proxied to this port. This is performed by nginx in the default setup. (default 8080)
--kubelet-certificate-authority string Path to a cert file for the certificate authority.
--kubelet-client-certificate string Path to a client cert file for TLS.
--kubelet-client-key string Path to a client key file for TLS.
--kubelet-https Use https for kubelet connections. (default true)
+ --kubelet-preferred-address-types stringSlice List of the preferred NodeAddressTypes to use for kubelet connections. (default [Hostname,InternalIP,ExternalIP,LegacyHostIP])
--kubelet-timeout duration Timeout for kubelet operations. (default 5s)
--kubernetes-service-node-port int If non-zero, the Kubernetes master service (which apiserver creates/maintains) will be of type NodePort, using this as the value of the port. If zero, the Kubernetes master service will be of type ClusterIP.
--long-running-request-regexp string A regular expression matching long running requests which should be excluded from maximum inflight request handling. (default "(/|^)((watch|proxy)(/|$)|(logs?|portforward|exec|attach)/?$)")
- --master-service-namespace string The namespace from which the kubernetes master services should be injected into pods. (default "default")
+ --master-service-namespace string DEPRECATED: the namespace from which the kubernetes master services should be injected into pods. (default "default")
--max-connection-bytes-per-sec int If non-zero, throttle each user connection to this number of bytes/sec. Currently only applies to long-running requests.
--max-requests-inflight int The maximum number of requests in flight at a given time. When the server exceeds this, it rejects requests. Zero for no limit. (default 400)
--min-request-timeout int An optional field indicating the minimum number of seconds a handler must keep a request open before timing it out. Currently only honored by the watch request handler, which picks a randomized value above this number as the connection timeout, to spread out load. (default 1800)
--oidc-ca-file string If set, the OpenID server's certificate will be verified by one of the authorities in the oidc-ca-file, otherwise the host's root CA set will be used.
--oidc-client-id string The client ID for the OpenID Connect client, must be set if oidc-issuer-url is set.
- --oidc-groups-claim string If provided, the name of a custom OpenID Connect claim for specifying user groups. The claim value is expected to be an array of strings. This flag is experimental, please see the authentication documentation for further details.
+ --oidc-groups-claim string If provided, the name of a custom OpenID Connect claim for specifying user groups. The claim value is expected to be a string or array of strings. This flag is experimental, please see the authentication documentation for further details.
--oidc-issuer-url string The URL of the OpenID issuer, only HTTPS scheme will be accepted. If set, it will be used to verify the OIDC JSON Web Token (JWT).
--oidc-username-claim string The OpenID claim to use as the user name. Note that claims other than the default ('sub') is not guaranteed to be unique and immutable. This flag is experimental, please see the authentication documentation for further details. (default "sub")
--profiling Enable profiling via web interface host:port/debug/pprof/ (default true)
--repair-malformed-updates If true, server will do its best to fix the update request to pass the validation, e.g., setting empty UID in update request to its existing value. This flag can be turned off after we fix all the clients that send malformed updates. (default true)
- --runtime-config value A set of key=value pairs that describe runtime configuration that may be passed to apiserver. apis/ key can be used to turn on/off specific api versions. apis// can be used to turn on/off specific resources. api/all and api/legacy are special keys to control all and legacy api versions respectively.
+ --requestheader-allowed-names stringSlice List of client certificate common names to allow to provide usernames in headers specified by --requestheader-username-headers. If empty, any client certificate validated by the authorities in --requestheader-client-ca-file is allowed.
+ --requestheader-client-ca-file string Root certificate bundle to use to verify client certificates on incoming requests before trusting usernames in headers specified by --requestheader-username-headers
+ --requestheader-username-headers stringSlice List of request headers to inspect for usernames. X-Remote-User is common.
+ --runtime-config mapStringString A set of key=value pairs that describe runtime configuration that may be passed to apiserver. apis/ key can be used to turn on/off specific api versions. apis// can be used to turn on/off specific resources. api/all and api/legacy are special keys to control all and legacy api versions respectively.
--secure-port int The port on which to serve HTTPS with authentication and authorization. If 0, don't serve HTTPS at all. (default 6443)
- --service-account-key-file string File containing PEM-encoded x509 RSA private or public key, used to verify ServiceAccount tokens. If unspecified, --tls-private-key-file is used.
+ --service-account-key-file stringArray File containing PEM-encoded x509 RSA or ECDSA private or public keys, used to verify ServiceAccount tokens. If unspecified, --tls-private-key-file is used. The specified file can contain multiple keys, and the flag can be specified multiple times with different files.
--service-account-lookup If true, validate ServiceAccount tokens exist in etcd as part of authentication.
- --service-cluster-ip-range value A CIDR notation IP range from which to assign service cluster IPs. This must not overlap with any IP ranges assigned to nodes for pods.
- --service-node-port-range value A port range to reserve for services with NodePort visibility. Example: '30000-32767'. Inclusive at both ends of the range. (default 30000-32767)
+ --service-cluster-ip-range ipNet A CIDR notation IP range from which to assign service cluster IPs. This must not overlap with any IP ranges assigned to nodes for pods.
+ --service-node-port-range portRange A port range to reserve for services with NodePort visibility. Example: '30000-32767'. Inclusive at both ends of the range. (default 30000-32767)
--ssh-keyfile string If non-empty, use secure SSH proxy to the nodes, using this user keyfile
--ssh-user string If non-empty, use secure SSH proxy to the nodes, using this user name
--storage-backend string The storage backend for persistence. Options: 'etcd2' (default), 'etcd3'.
--storage-media-type string The media type to use to store objects in storage. Defaults to application/json. Some resources may only support a specific media type and will ignore this setting. (default "application/json")
- --storage-versions string The per-group version to store resources in. Specified in the format "group1/version1,group2/version2,...". In the case where objects are moved from one group to the other, you may specify the format "group1=group2/v1beta1,group3/v1beta1,...". You only need to pass the groups you wish to change from the defaults. It defaults to a list of preferred versions of all registered groups, which is derived from the KUBE_API_VERSIONS environment variable. (default "apps/v1alpha1,authentication.k8s.io/v1beta1,authorization.k8s.io/v1beta1,autoscaling/v1,batch/v1,certificates.k8s.io/v1alpha1,componentconfig/v1alpha1,extensions/v1beta1,imagepolicy.k8s.io/v1alpha1,policy/v1alpha1,rbac.authorization.k8s.io/v1alpha1,storage.k8s.io/v1beta1,v1")
+ --storage-versions string The per-group version to store resources in. Specified in the format "group1/version1,group2/version2,...". In the case where objects are moved from one group to the other, you may specify the format "group1=group2/v1beta1,group3/v1beta1,...". You only need to pass the groups you wish to change from the defaults. It defaults to a list of preferred versions of all registered groups, which is derived from the KUBE_API_VERSIONS environment variable. (default "apps/v1beta1,authentication.k8s.io/v1beta1,authorization.k8s.io/v1beta1,autoscaling/v1,batch/v1,certificates.k8s.io/v1alpha1,componentconfig/v1alpha1,extensions/v1beta1,imagepolicy.k8s.io/v1alpha1,policy/v1beta1,rbac.authorization.k8s.io/v1alpha1,storage.k8s.io/v1beta1,v1")
--target-ram-mb int Memory limit for apiserver in MB (used to configure sizes of caches, etc.)
- --tls-cert-file string File containing x509 Certificate for HTTPS. (CA cert, if any, concatenated after server cert). If HTTPS serving is enabled, and --tls-cert-file and --tls-private-key-file are not provided, a self-signed certificate and key are generated for the public address and saved to /var/run/kubernetes.
- --tls-private-key-file string File containing x509 private key matching --tls-cert-file.
+ --tls-ca-file string If set, this certificate authority will used for secure access from Admission Controllers. This must be a valid PEM-encoded CA bundle.
+ --tls-cert-file string File containing the default x509 Certificate for HTTPS. (CA cert, if any, concatenated after server cert). If HTTPS serving is enabled, and --tls-cert-file and --tls-private-key-file are not provided, a self-signed certificate and key are generated for the public address and saved to /var/run/kubernetes.
+ --tls-private-key-file string File containing the default x509 private key matching --tls-cert-file.
+ --tls-sni-cert-key namedCertKey A pair of x509 certificate and private key file paths, optionally suffixed with a list of domain patterns which are fully qualified domain names, possibly with prefixed wildcard segments. If no domain patterns are provided, the names of the certificate are extracted. Non-wildcard matches trump over wildcard matches, explicit domain patterns trump over extracted names. For multiple key/certificate pairs, use the --tls-sni-cert-key multiple times. Examples: "example.key,example.crt" or "*.foo.com,foo.com:foo.key,foo.crt". (default [])
--token-auth-file string If set, the file that will be used to secure the secure port of the API server via token authentication.
--watch-cache Enable watch caching in the apiserver (default true)
- --watch-cache-sizes value List of watch cache sizes for every resource (pods, nodes, etc.), comma separated. The individual override format: resource#size, where size is a number. It takes effect when watch-cache is enabled. (default [])
+ --watch-cache-sizes stringSlice List of watch cache sizes for every resource (pods, nodes, etc.), comma separated. The individual override format: resource#size, where size is a number. It takes effect when watch-cache is enabled.
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
diff --git a/docs/admin/kube-controller-manager.md b/docs/admin/kube-controller-manager.md
index c6db5ea858..4b158fe4e4 100644
--- a/docs/admin/kube-controller-manager.md
+++ b/docs/admin/kube-controller-manager.md
@@ -1,4 +1,6 @@
---
+title: kube-controller-manager
+notitle: true
---
## kube-controller-manager
@@ -24,7 +26,7 @@ kube-controller-manager
### Options
```
- --address value The IP address to serve on (set to 0.0.0.0 for all interfaces) (default 0.0.0.0)
+ --address ip The IP address to serve on (set to 0.0.0.0 for all interfaces) (default 0.0.0.0)
--allocate-node-cidrs Should CIDRs for Pods be allocated and set on the cloud provider.
--cloud-config string The path to the cloud provider configuration file. Empty string for no configuration file.
--cloud-provider string The provider for cloud services. Empty string for no provider.
@@ -32,37 +34,39 @@ kube-controller-manager
--cluster-name string The instance prefix for the cluster (default "kubernetes")
--cluster-signing-cert-file string Filename containing a PEM-encoded X509 CA certificate used to issue cluster-scoped certificates (default "/etc/kubernetes/ca/ca.pem")
--cluster-signing-key-file string Filename containing a PEM-encoded RSA or ECDSA private key used to sign cluster-scoped certificates (default "/etc/kubernetes/ca/ca.key")
- --concurrent-deployment-syncs value The number of deployment objects that are allowed to sync concurrently. Larger number = more responsive deployments, but more CPU (and network) load (default 5)
- --concurrent-endpoint-syncs value The number of endpoint syncing operations that will be done concurrently. Larger number = faster endpoint updating, but more CPU (and network) load (default 5)
- --concurrent-gc-syncs value The number of garbage collector workers that are allowed to sync concurrently. (default 20)
- --concurrent-namespace-syncs value The number of namespace objects that are allowed to sync concurrently. Larger number = more responsive namespace termination, but more CPU (and network) load (default 2)
- --concurrent-replicaset-syncs value The number of replica sets that are allowed to sync concurrently. Larger number = more responsive replica management, but more CPU (and network) load (default 5)
- --concurrent-resource-quota-syncs value The number of resource quotas that are allowed to sync concurrently. Larger number = more responsive quota management, but more CPU (and network) load (default 5)
- --concurrent-service-syncs value The number of services that are allowed to sync concurrently. Larger number = more responsive service management, but more CPU (and network) load (default 1)
- --concurrent-serviceaccount-token-syncs value The number of service account token objects that are allowed to sync concurrently. Larger number = more responsive token generation, but more CPU (and network) load (default 5)
- --concurrent_rc_syncs value The number of replication controllers that are allowed to sync concurrently. Larger number = more responsive replica management, but more CPU (and network) load (default 5)
+ --concurrent-deployment-syncs int32 The number of deployment objects that are allowed to sync concurrently. Larger number = more responsive deployments, but more CPU (and network) load (default 5)
+ --concurrent-endpoint-syncs int32 The number of endpoint syncing operations that will be done concurrently. Larger number = faster endpoint updating, but more CPU (and network) load (default 5)
+ --concurrent-gc-syncs int32 The number of garbage collector workers that are allowed to sync concurrently. (default 20)
+ --concurrent-namespace-syncs int32 The number of namespace objects that are allowed to sync concurrently. Larger number = more responsive namespace termination, but more CPU (and network) load (default 2)
+ --concurrent-replicaset-syncs int32 The number of replica sets that are allowed to sync concurrently. Larger number = more responsive replica management, but more CPU (and network) load (default 5)
+ --concurrent-resource-quota-syncs int32 The number of resource quotas that are allowed to sync concurrently. Larger number = more responsive quota management, but more CPU (and network) load (default 5)
+ --concurrent-service-syncs int32 The number of services that are allowed to sync concurrently. Larger number = more responsive service management, but more CPU (and network) load (default 1)
+ --concurrent-serviceaccount-token-syncs int32 The number of service account token objects that are allowed to sync concurrently. Larger number = more responsive token generation, but more CPU (and network) load (default 5)
+ --concurrent_rc_syncs int32 The number of replication controllers that are allowed to sync concurrently. Larger number = more responsive replica management, but more CPU (and network) load (default 5)
--configure-cloud-routes Should CIDRs allocated by allocate-node-cidrs be configured on the cloud provider. (default true)
- --controller-start-interval duration Interval between starting controller managers. (default 0s)
- --daemonset-lookup-cache-size value The the size of lookup cache for daemonsets. Larger number = more responsive daemonsets, but more MEM load. (default 1024)
+ --controller-start-interval duration Interval between starting controller managers.
+ --daemonset-lookup-cache-size int32 The size of lookup cache for daemonsets. Larger number = more responsive daemonsets, but more MEM load. (default 1024)
--deployment-controller-sync-period duration Period for syncing the deployments. (default 30s)
--enable-dynamic-provisioning Enable dynamic provisioning for environments that support it. (default true)
--enable-garbage-collector Enables the generic garbage collector. MUST be synced with the corresponding flag of the kube-apiserver. (default true)
--enable-hostpath-provisioner Enable HostPath PV provisioning when running without a cloud provider. This allows testing and development of provisioning features. HostPath provisioning is not supported in any way, won't work in a multi-node cluster, and should not be used for anything other than testing or development.
- --feature-gates value A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
+ --feature-gates mapStringBool A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
AllAlpha=true|false (ALPHA - default=false)
-AllowExtTrafficLocalEndpoints=true|false (ALPHA - default=false)
+AllowExtTrafficLocalEndpoints=true|false (BETA - default=true)
AppArmor=true|false (BETA - default=true)
DynamicKubeletConfig=true|false (ALPHA - default=false)
DynamicVolumeProvisioning=true|false (ALPHA - default=true)
+ExperimentalHostUserNamespaceDefaulting=true|false (ALPHA - default=false)
+StreamingProxyRedirects=true|false (ALPHA - default=false)
--flex-volume-plugin-dir string Full path of the directory in which the flex volume plugin should search for additional third party volume plugins. (default "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/")
--google-json-key string The Google Cloud Platform Service Account JSON Key to use for authentication.
--horizontal-pod-autoscaler-sync-period duration The period for syncing the number of pods in horizontal pod autoscaler. (default 30s)
--insecure-experimental-approve-all-kubelet-csrs-for-group string The group for which the controller-manager will auto approve all CSRs for kubelet client certificates.
- --kube-api-burst value Burst to use while talking with kubernetes apiserver (default 30)
+ --kube-api-burst int32 Burst to use while talking with kubernetes apiserver (default 30)
--kube-api-content-type string Content type of requests sent to apiserver. (default "application/vnd.kubernetes.protobuf")
- --kube-api-qps value QPS to use while talking with kubernetes apiserver (default 20)
+ --kube-api-qps float32 QPS to use while talking with kubernetes apiserver (default 20)
--kubeconfig string Path to kubeconfig file with authorization and master location information.
- --large-cluster-size-threshold value Number of nodes from which NodeController treats the cluster as large for the eviction logic purposes. --secondary-node-eviction-rate is implicitly overridden to 0 for clusters this size or smaller. (default 50)
+ --large-cluster-size-threshold int32 Number of nodes from which NodeController treats the cluster as large for the eviction logic purposes. --secondary-node-eviction-rate is implicitly overridden to 0 for clusters this size or smaller. (default 50)
--leader-elect Start a leader election client and gain leadership before executing the main loop. Enable this when running replicated components for high availability. (default true)
--leader-elect-lease-duration duration The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate. This is only applicable if leader election is enabled. (default 15s)
--leader-elect-renew-deadline duration The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration. This is only applicable if leader election is enabled. (default 10s)
@@ -70,39 +74,36 @@ DynamicVolumeProvisioning=true|false (ALPHA - default=true)
--master string The address of the Kubernetes API server (overrides any value in kubeconfig)
--min-resync-period duration The resync period in reflectors will be random between MinResyncPeriod and 2*MinResyncPeriod (default 12h0m0s)
--namespace-sync-period duration The period for syncing namespace life-cycle updates (default 5m0s)
- --node-cidr-mask-size value Mask size for node cidr in cluster. (default 24)
- --node-eviction-rate value Number of nodes per second on which pods are deleted in case of node failure when a zone is healthy (see --unhealthy-zone-threshold for definition of healthy/unhealthy). Zone refers to entire cluster in non-multizone clusters. (default 0.1)
+ --node-cidr-mask-size int32 Mask size for node cidr in cluster. (default 24)
+ --node-eviction-rate float32 Number of nodes per second on which pods are deleted in case of node failure when a zone is healthy (see --unhealthy-zone-threshold for definition of healthy/unhealthy). Zone refers to entire cluster in non-multizone clusters. (default 0.1)
--node-monitor-grace-period duration Amount of time which we allow running Node to be unresponsive before marking it unhealthy. Must be N times more than kubelet's nodeStatusUpdateFrequency, where N means number of retries allowed for kubelet to post node status. (default 40s)
--node-monitor-period duration The period for syncing NodeStatus in NodeController. (default 5s)
--node-startup-grace-period duration Amount of time which we allow starting Node to be unresponsive before marking it unhealthy. (default 1m0s)
- --node-sync-period duration The period for syncing nodes from cloudprovider. Longer periods will result in fewer calls to cloud provider, but may delay addition of new nodes to cluster. (default 10s)
--pod-eviction-timeout duration The grace period for deleting pods on failed nodes. (default 5m0s)
- --port value The port that the controller-manager's http service runs on (default 10252)
+ --port int32 The port that the controller-manager's http service runs on (default 10252)
--profiling Enable profiling via web interface host:port/debug/pprof/ (default true)
- --pv-recycler-increment-timeout-nfs value the increment of time added per Gi to ActiveDeadlineSeconds for an NFS scrubber pod (default 30)
- --pv-recycler-minimum-timeout-hostpath value The minimum ActiveDeadlineSeconds to use for a HostPath Recycler pod. This is for development and testing only and will not work in a multi-node cluster. (default 60)
- --pv-recycler-minimum-timeout-nfs value The minimum ActiveDeadlineSeconds to use for an NFS Recycler pod (default 300)
+ --pv-recycler-increment-timeout-nfs int32 the increment of time added per Gi to ActiveDeadlineSeconds for an NFS scrubber pod (default 30)
+ --pv-recycler-minimum-timeout-hostpath int32 The minimum ActiveDeadlineSeconds to use for a HostPath Recycler pod. This is for development and testing only and will not work in a multi-node cluster. (default 60)
+ --pv-recycler-minimum-timeout-nfs int32 The minimum ActiveDeadlineSeconds to use for an NFS Recycler pod (default 300)
--pv-recycler-pod-template-filepath-hostpath string The file path to a pod definition used as a template for HostPath persistent volume recycling. This is for development and testing only and will not work in a multi-node cluster.
--pv-recycler-pod-template-filepath-nfs string The file path to a pod definition used as a template for NFS persistent volume recycling
- --pv-recycler-timeout-increment-hostpath value the increment of time added per Gi to ActiveDeadlineSeconds for a HostPath scrubber pod. This is for development and testing only and will not work in a multi-node cluster. (default 30)
+ --pv-recycler-timeout-increment-hostpath int32 the increment of time added per Gi to ActiveDeadlineSeconds for a HostPath scrubber pod. This is for development and testing only and will not work in a multi-node cluster. (default 30)
--pvclaimbinder-sync-period duration The period for syncing persistent volumes and persistent volume claims (default 15s)
- --replicaset-lookup-cache-size value The the size of lookup cache for replicatsets. Larger number = more responsive replica management, but more MEM load. (default 4096)
- --replication-controller-lookup-cache-size value The the size of lookup cache for replication controllers. Larger number = more responsive replica management, but more MEM load. (default 4096)
+ --replicaset-lookup-cache-size int32 The size of lookup cache for replicatsets. Larger number = more responsive replica management, but more MEM load. (default 4096)
+ --replication-controller-lookup-cache-size int32 The size of lookup cache for replication controllers. Larger number = more responsive replica management, but more MEM load. (default 4096)
--resource-quota-sync-period duration The period for syncing quota usage status in the system (default 5m0s)
--root-ca-file string If set, this root certificate authority will be included in service account's token secret. This must be a valid PEM-encoded CA bundle.
- --secondary-node-eviction-rate value Number of nodes per second on which pods are deleted in case of node failure when a zone is unhealthy (see --unhealthy-zone-threshold for definition of healthy/unhealthy). Zone refers to entire cluster in non-multizone clusters. This value is implicitly overridden to 0 if the cluster size is smaller than --large-cluster-size-threshold. (default 0.01)
- --service-account-private-key-file string Filename containing a PEM-encoded private RSA key used to sign service account tokens.
+ --route-reconciliation-period duration The period for reconciling routes created for Nodes by cloud provider. (default 10s)
+ --secondary-node-eviction-rate float32 Number of nodes per second on which pods are deleted in case of node failure when a zone is unhealthy (see --unhealthy-zone-threshold for definition of healthy/unhealthy). Zone refers to entire cluster in non-multizone clusters. This value is implicitly overridden to 0 if the cluster size is smaller than --large-cluster-size-threshold. (default 0.01)
+ --service-account-private-key-file string Filename containing a PEM-encoded private RSA or ECDSA key used to sign service account tokens.
--service-cluster-ip-range string CIDR Range for Services in cluster.
--service-sync-period duration The period for syncing services with their external load balancers (default 5m0s)
- --terminated-pod-gc-threshold value Number of terminated pods that can exist before the terminated pod garbage collector starts deleting terminated pods. If <= 0, the terminated pod garbage collector is disabled. (default 12500)
- --unhealthy-zone-threshold value Fraction of Nodes in a zone which needs to be not Ready (minimum 3) for zone to be treated as unhealthy. (default 0.55)
+ --terminated-pod-gc-threshold int32 Number of terminated pods that can exist before the terminated pod garbage collector starts deleting terminated pods. If <= 0, the terminated pod garbage collector is disabled. (default 12500)
+ --unhealthy-zone-threshold float32 Fraction of Nodes in a zone which needs to be not Ready (minimum 3) for zone to be treated as unhealthy. (default 0.55)
+ --use-service-account-credentials If true, use individual service account credentials for each controller.
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
diff --git a/docs/admin/kube-proxy.md b/docs/admin/kube-proxy.md
index 98480612cb..31d3263b5d 100644
--- a/docs/admin/kube-proxy.md
+++ b/docs/admin/kube-proxy.md
@@ -1,4 +1,6 @@
---
+title: kube-proxy
+notitle: true
---
## kube-proxy
@@ -23,42 +25,42 @@ kube-proxy
### Options
```
- --bind-address value The IP address for the proxy server to serve on (set to 0.0.0.0 for all interfaces) (default 0.0.0.0)
+ --bind-address ip The IP address for the proxy server to serve on (set to 0.0.0.0 for all interfaces) (default 0.0.0.0)
--cleanup-iptables If true cleanup iptables rules and exit.
--cluster-cidr string The CIDR range of pods in the cluster. It is used to bridge traffic coming from outside of the cluster. If not provided, no off-cluster bridging will be performed.
--config-sync-period duration How often configuration from the apiserver is refreshed. Must be greater than 0. (default 15m0s)
- --conntrack-max-per-core value Maximum number of NAT connections to track per CPU core (0 to leave the limit as-is and ignore conntrack-min). (default 32768)
- --conntrack-min value Minimum number of conntrack entries to allocate, regardless of conntrack-max-per-core (set conntrack-max-per-core=0 to leave the limit as-is). (default 131072)
+ --conntrack-max-per-core int32 Maximum number of NAT connections to track per CPU core (0 to leave the limit as-is and ignore conntrack-min). (default 32768)
+ --conntrack-min int32 Minimum number of conntrack entries to allocate, regardless of conntrack-max-per-core (set conntrack-max-per-core=0 to leave the limit as-is). (default 131072)
+ --conntrack-tcp-timeout-close-wait duration NAT timeout for TCP connections in the CLOSE_WAIT state (default 1h0m0s)
--conntrack-tcp-timeout-established duration Idle timeout for established TCP connections (0 to leave as-is) (default 24h0m0s)
- --feature-gates value A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
+ --feature-gates mapStringBool A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
AllAlpha=true|false (ALPHA - default=false)
-AllowExtTrafficLocalEndpoints=true|false (ALPHA - default=false)
+AllowExtTrafficLocalEndpoints=true|false (BETA - default=true)
AppArmor=true|false (BETA - default=true)
DynamicKubeletConfig=true|false (ALPHA - default=false)
DynamicVolumeProvisioning=true|false (ALPHA - default=true)
+ExperimentalHostUserNamespaceDefaulting=true|false (ALPHA - default=false)
+StreamingProxyRedirects=true|false (ALPHA - default=false)
--google-json-key string The Google Cloud Platform Service Account JSON Key to use for authentication.
- --healthz-bind-address value The IP address for the health check server to serve on, defaulting to 127.0.0.1 (set to 0.0.0.0 for all interfaces) (default 127.0.0.1)
- --healthz-port value The port to bind the health check server. Use 0 to disable. (default 10249)
+ --healthz-bind-address ip The IP address for the health check server to serve on, defaulting to 127.0.0.1 (set to 0.0.0.0 for all interfaces) (default 127.0.0.1)
+ --healthz-port int32 The port to bind the health check server. Use 0 to disable. (default 10249)
--hostname-override string If non-empty, will use this string as identification instead of the actual hostname.
- --iptables-masquerade-bit value If using the pure iptables proxy, the bit of the fwmark space to mark packets requiring SNAT with. Must be within the range [0, 31]. (default 14)
- --iptables-sync-period duration How often iptables rules are refreshed (e.g. '5s', '1m', '2h22m'). Must be greater than 0. (default 30s)
- --kube-api-burst value Burst to use while talking with kubernetes apiserver (default 10)
+ --iptables-masquerade-bit int32 If using the pure iptables proxy, the bit of the fwmark space to mark packets requiring SNAT with. Must be within the range [0, 31]. (default 14)
+ --iptables-min-sync-period duration The minimum interval of how often the iptables rules can be refreshed as endpoints and services change (e.g. '5s', '1m', '2h22m').
+ --iptables-sync-period duration The maximum interval of how often iptables rules are refreshed (e.g. '5s', '1m', '2h22m'). Must be greater than 0. (default 30s)
+ --kube-api-burst int32 Burst to use while talking with kubernetes apiserver (default 10)
--kube-api-content-type string Content type of requests sent to apiserver. (default "application/vnd.kubernetes.protobuf")
- --kube-api-qps value QPS to use while talking with kubernetes apiserver (default 5)
+ --kube-api-qps float32 QPS to use while talking with kubernetes apiserver (default 5)
--kubeconfig string Path to kubeconfig file with authorization information (the master location is set by the master flag).
--masquerade-all If using the pure iptables proxy, SNAT everything
--master string The address of the Kubernetes API server (overrides any value in kubeconfig)
- --oom-score-adj value The oom-score-adj value for kube-proxy process. Values must be within the range [-1000, 1000] (default -999)
- --proxy-mode value Which proxy mode to use: 'userspace' (older) or 'iptables' (faster). If blank, look at the Node object on the Kubernetes API and respect the 'net.experimental.kubernetes.io/proxy-mode' annotation if provided. Otherwise use the best-available proxy (currently iptables). If the iptables proxy is selected, regardless of how, but the system's kernel or iptables versions are insufficient, this always falls back to the userspace proxy.
- --proxy-port-range value Range of host ports (beginPort-endPort, inclusive) that may be consumed in order to proxy service traffic. If unspecified (0-0) then ports will be randomly chosen.
+ --oom-score-adj int32 The oom-score-adj value for kube-proxy process. Values must be within the range [-1000, 1000] (default -999)
+ --proxy-mode ProxyMode Which proxy mode to use: 'userspace' (older) or 'iptables' (faster). If blank, look at the Node object on the Kubernetes API and respect the 'net.experimental.kubernetes.io/proxy-mode' annotation if provided. Otherwise use the best-available proxy (currently iptables). If the iptables proxy is selected, regardless of how, but the system's kernel or iptables versions are insufficient, this always falls back to the userspace proxy.
+ --proxy-port-range port-range Range of host ports (beginPort-endPort, inclusive) that may be consumed in order to proxy service traffic. If unspecified (0-0) then ports will be randomly chosen.
--udp-timeout duration How long an idle UDP connection will be kept open (e.g. '250ms', '2s'). Must be greater than 0. Only applicable for proxy-mode=userspace (default 250ms)
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
diff --git a/docs/admin/kube-scheduler.md b/docs/admin/kube-scheduler.md
index 3316d7e10d..6d3b8c9f64 100644
--- a/docs/admin/kube-scheduler.md
+++ b/docs/admin/kube-scheduler.md
@@ -1,4 +1,6 @@
---
+title: kube-scheduler
+notitle: true
---
## kube-scheduler
@@ -24,19 +26,21 @@ kube-scheduler
```
--address string The IP address to serve on (set to 0.0.0.0 for all interfaces) (default "0.0.0.0")
- --algorithm-provider string The scheduling algorithm provider to use, one of: DefaultProvider | ClusterAutoscalerProvider (default "DefaultProvider")
+ --algorithm-provider string The scheduling algorithm provider to use, one of: ClusterAutoscalerProvider | DefaultProvider (default "DefaultProvider")
--failure-domains string Indicate the "all topologies" set for an empty topologyKey when it's used for PreferredDuringScheduling pod anti-affinity. (default "kubernetes.io/hostname,failure-domain.beta.kubernetes.io/zone,failure-domain.beta.kubernetes.io/region")
- --feature-gates value A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
+ --feature-gates mapStringBool A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
AllAlpha=true|false (ALPHA - default=false)
-AllowExtTrafficLocalEndpoints=true|false (ALPHA - default=false)
+AllowExtTrafficLocalEndpoints=true|false (BETA - default=true)
AppArmor=true|false (BETA - default=true)
DynamicKubeletConfig=true|false (ALPHA - default=false)
DynamicVolumeProvisioning=true|false (ALPHA - default=true)
+ExperimentalHostUserNamespaceDefaulting=true|false (ALPHA - default=false)
+StreamingProxyRedirects=true|false (ALPHA - default=false)
--google-json-key string The Google Cloud Platform Service Account JSON Key to use for authentication.
--hard-pod-affinity-symmetric-weight int RequiredDuringScheduling affinity is not symmetric, but there is an implicit PreferredDuringScheduling affinity rule corresponding to every RequiredDuringScheduling affinity rule. --hard-pod-affinity-symmetric-weight represents the weight of implicit PreferredDuringScheduling affinity rule. (default 1)
- --kube-api-burst value Burst to use while talking with kubernetes apiserver (default 100)
+ --kube-api-burst int32 Burst to use while talking with kubernetes apiserver (default 100)
--kube-api-content-type string Content type of requests sent to apiserver. (default "application/vnd.kubernetes.protobuf")
- --kube-api-qps value QPS to use while talking with kubernetes apiserver (default 50)
+ --kube-api-qps float32 QPS to use while talking with kubernetes apiserver (default 50)
--kubeconfig string Path to kubeconfig file with authorization and master location information.
--leader-elect Start a leader election client and gain leadership before executing the main loop. Enable this when running replicated components for high availability. (default true)
--leader-elect-lease-duration duration The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate. This is only applicable if leader election is enabled. (default 15s)
@@ -44,16 +48,12 @@ DynamicVolumeProvisioning=true|false (ALPHA - default=true)
--leader-elect-retry-period duration The duration the clients should wait between attempting acquisition and renewal of a leadership. This is only applicable if leader election is enabled. (default 2s)
--master string The address of the Kubernetes API server (overrides any value in kubeconfig)
--policy-config-file string File with scheduler policy configuration
- --port value The port that the scheduler's http service runs on (default 10251)
+ --port int32 The port that the scheduler's http service runs on (default 10251)
--profiling Enable profiling via web interface host:port/debug/pprof/ (default true)
--scheduler-name string Name of the scheduler, used to select which pods will be processed by this scheduler, based on pod's annotation with key 'scheduler.alpha.kubernetes.io/name' (default "default-scheduler")
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
diff --git a/docs/admin/kubeadm.md b/docs/admin/kubeadm.md
index e1c8537149..9ecabe8b7a 100644
--- a/docs/admin/kubeadm.md
+++ b/docs/admin/kubeadm.md
@@ -4,10 +4,9 @@ assignees:
- luxas
- errordeveloper
- jbeda
-
+title: kubeadm reference
---
-
This document provides information on how to use kubeadm's advanced options.
Running `kubeadm init` bootstraps a Kubernetes cluster. This consists of the
@@ -82,7 +81,7 @@ of the box. You can specify a cloud provider using `--cloud-provider`.
Valid values are the ones supported by `controller-manager`, namely `"aws"`,
`"azure"`, `"cloudstack"`, `"gce"`, `"mesos"`, `"openstack"`, `"ovirt"`,
`"rackspace"`, `"vsphere"`. In order to provide additional configuration for
-the cloud provider, you should create a `/etc/kubernetes/cloud-config.json`
+the cloud provider, you should create a `/etc/kubernetes/cloud-config`
file manually, before running `kubeadm init`. `kubeadm` automatically
picks those settings up and ensures other nodes are configured correctly.
You must also set the `--cloud-provider` and `--cloud-config` parameters
@@ -141,10 +140,10 @@ By default, `kubeadm init` automatically generates the token used to initialise
each new node. If you would like to manually specify this token, you can use the
`--token` flag. The token must be of the format `<6 character string>.<16 character string>`.
-- `--use-kubernetes-version` (default 'v1.4.4') the kubernetes version to initialise
+- `--use-kubernetes-version` (default 'v1.5.1') the kubernetes version to initialise
`kubeadm` was originally built for Kubernetes version **v1.4.0**, older versions are not
-supported. With this flag you can try any future version, e.g. **v1.5.0-beta.1**
+supported. With this flag you can try any future version, e.g. **v1.6.0-beta.1**
whenever it comes out (check [releases page](https://github.com/kubernetes/kubernetes/releases)
for a full list of available versions).
@@ -168,6 +167,59 @@ necessary.
By default, when `kubeadm init` runs, a token is generated and revealed in the output.
That's the token you should use here.
+
+## Using kubeadm with a configuration file
+
+WARNING: kubeadm is in alpha and the configuration API syntax will likely change before GA.
+
+It's possible to configure kubeadm with a configuration file instead of command line flags, and some more advanced features may only be
+available as configuration file options.
+
+### Sample Master Configuration
+
+ ```yaml
+ apiVersion: kubeadm.k8s.io/v1alpha1
+ kind: MasterConfiguration
+ api:
+ advertiseAddresses:
+ -
+ -
+ bindPort:
+ externalDNSNames:
+ -
+ -
+ cloudProvider:
+ discovery:
+ bindPort:
+ etcd:
+ endpoints:
+ -
+ -
+ caFile:
+ certFile:
+ keyFile:
+ kubernetesVersion:
+ networking:
+ dnsDomain:
+ serviceSubnet:
+ podSubnet:
+ secrets:
+ givenToken:
+ ```
+
+### Sample Node Configuration
+
+ ```yaml
+ apiVersion: kubeadm.k8s.io/v1alpha1
+ kind: NodeConfiguration
+ apiPort:
+ discoveryPort:
+ masterAddresses:
+ -
+ secrets:
+ givenToken:
+ ```
+
## Automating kubeadm
Rather than copying the token you obtained from `kubeadm init` to each node, as
@@ -175,13 +227,12 @@ in the basic `kubeadm` tutorials, you can parallelize the token distribution for
easier automation. To implement this automation, you must know the IP address
that the master will have after it is started.
-1. Generate a token. This token must have the form `<6 character string>.<16
-character string>`
+1. Generate a token. This token must have the form `<6 character string>.<16 character string>`.
- Here is a simple python one-liner for this:
+ Kubeadm can pre-generate a token for you:
- ```
- python -c 'import random; print "%0x.%0x" % (random.SystemRandom().getrandbits(3*8), random.SystemRandom().getrandbits(8*8))'
+ ```console
+ $ kubeadm token generate
```
1. Start both the master node and the worker nodes concurrently with this token. As they come up they should find each other and form the cluster.
@@ -191,6 +242,7 @@ Once the cluster is up, you can grab the admin credentials from the master node
## Environment variables
There are some environment variables that modify the way that `kubeadm` works. Most users will have no need to set these.
+These enviroment variables are a short-term solution, eventually they will be integrated in the kubeadm configuration file.
| Variable | Default | Description |
| --- | --- | --- |
@@ -200,36 +252,10 @@ There are some environment variables that modify the way that `kubeadm` works.
| `KUBE_HYPERKUBE_IMAGE` | `` | If set, use a single hyperkube image with this name. If not set, individual images per server component will be used. |
| `KUBE_DISCOVERY_IMAGE` | `gcr.io/google_containers/kube-discovery-:1.0` | The bootstrap discovery helper image to use. |
| `KUBE_ETCD_IMAGE` | `gcr.io/google_containers/etcd-:2.2.5` | The etcd container image to use. |
-| `KUBE_COMPONENT_LOGLEVEL` | `--v=4` | Logging configuration for all Kubernetes components |
-
+| `KUBE_REPO_PREFIX` | `gcr.io/google_containers` | The image prefix for all images that are used. |
## Releases and release notes
If you already have kubeadm installed and want to upgrade, run `apt-get update && apt-get upgrade` or `yum update` to get the latest version of kubeadm.
- - Second release between v1.4 and v1.5: `v1.5.0-alpha.2.421+a6bea3d79b8bba`
- - Switch to the 10.96.0.0/12 subnet: [#35290](https://github.com/kubernetes/kubernetes/pull/35290)
- - Fix kubeadm on AWS by including /etc/ssl/certs in the controller-manager [#33681](https://github.com/kubernetes/kubernetes/pull/33681)
- - The API was refactored and is now componentconfig: [#33728](https://github.com/kubernetes/kubernetes/pull/33728), [#34147](https://github.com/kubernetes/kubernetes/pull/34147) and [#34555](https://github.com/kubernetes/kubernetes/pull/34555)
- - Allow kubeadm to get config options from a file: [#34501](https://github.com/kubernetes/kubernetes/pull/34501), [#34885](https://github.com/kubernetes/kubernetes/pull/34885) and [#34891](https://github.com/kubernetes/kubernetes/pull/34891)
- - Implement preflight checks: [#34341](https://github.com/kubernetes/kubernetes/pull/34341) and [#35843](https://github.com/kubernetes/kubernetes/pull/35843)
- - Using kubernetes v1.4.4 by default: [#34419](https://github.com/kubernetes/kubernetes/pull/34419) and [#35270](https://github.com/kubernetes/kubernetes/pull/35270)
- - Make api and discovery ports configurable and default to 6443: [#34719](https://github.com/kubernetes/kubernetes/pull/34719)
- - Implement kubeadm reset: [#34807](https://github.com/kubernetes/kubernetes/pull/34807)
- - Make kubeadm poll/wait for endpoints instead of directly fail when the master isn't available [#34703](https://github.com/kubernetes/kubernetes/pull/34703) and [#34718](https://github.com/kubernetes/kubernetes/pull/34718)
- - Allow empty directories in the directory preflight check: [#35632](https://github.com/kubernetes/kubernetes/pull/35632)
- - Started adding unit tests: [#35231](https://github.com/kubernetes/kubernetes/pull/35231), [#35326](https://github.com/kubernetes/kubernetes/pull/35326) and [#35332](https://github.com/kubernetes/kubernetes/pull/35332)
- - Various enhancements: [#35075](https://github.com/kubernetes/kubernetes/pull/35075), [#35111](https://github.com/kubernetes/kubernetes/pull/35111), [#35119](https://github.com/kubernetes/kubernetes/pull/35119), [#35124](https://github.com/kubernetes/kubernetes/pull/35124), [#35265](https://github.com/kubernetes/kubernetes/pull/35265) and [#35777](https://github.com/kubernetes/kubernetes/pull/35777)
- - Bug fixes: [#34352](https://github.com/kubernetes/kubernetes/pull/34352), [#34558](https://github.com/kubernetes/kubernetes/pull/34558), [#34573](https://github.com/kubernetes/kubernetes/pull/34573), [#34834](https://github.com/kubernetes/kubernetes/pull/34834), [#34607](https://github.com/kubernetes/kubernetes/pull/34607), [#34907](https://github.com/kubernetes/kubernetes/pull/34907) and [#35796](https://github.com/kubernetes/kubernetes/pull/35796)
- - Initial v1.4 release: `v1.5.0-alpha.0.1534+cf7301f16c0363`
-
-
-## Troubleshooting
-
-* Some users on RHEL/CentOS 7 have reported issues with traffic being routed incorrectly due to iptables being bypassed. You should ensure `net.bridge.bridge-nf-call-iptables` is set to 1 in your sysctl config, eg.
-
-```
-# cat /etc/sysctl.d/k8s.conf
-net.bridge.bridge-nf-call-ip6tables = 1
-net.bridge.bridge-nf-call-iptables = 1
-```
+Refer to the [CHANGELOG.md](https://github.com/kubernetes/kubeadm/blob/master/CHANGELOG.md) for more information.
diff --git a/docs/admin/kubelet-authentication-authorization.md b/docs/admin/kubelet-authentication-authorization.md
new file mode 100644
index 0000000000..aa8abf85df
--- /dev/null
+++ b/docs/admin/kubelet-authentication-authorization.md
@@ -0,0 +1,87 @@
+---
+assignees:
+- liggitt
+title: Kubelet authentication/authorization
+---
+
+* TOC
+{:toc}
+
+## Overview
+
+A kubelet's HTTPS endpoint exposes APIs which give access to data of varying sensitivity,
+and allow you to perform operations with varying levels of power on the node and within containers.
+
+This document describes how to authenticate and authorize access to the kubelet's HTTPS endpoint.
+
+## Kubelet authentication
+
+By default, requests to the kubelet's HTTPS endpoint that are not rejected by other configured
+authentication methods are treated as anonymous requests, and given a username of `system:anonymous`
+and a group of `system:unauthenticated`.
+
+To disable anonymous access and send `401 Unauthorized` responses to unauthenticated requests:
+
+* start the kubelet with the `--anonymous-auth=false` flag
+
+To enable X509 client certificate authentication to the kubelet's HTTPS endpoint:
+
+* start the kubelet with the `--client-ca-file` flag, providing a CA bundle to verify client certificates with
+* start the apiserver with `--kubelet-client-certificate` and `--kubelet-client-key` flags
+* see the [apiserver authentication documentation](/docs/admin/authentication/#x509-client-certs) for more details
+
+To enable API bearer tokens (including service account tokens) to be used to authenticate to the kubelet's HTTPS endpoint:
+
+* ensure the `authentication.k8s.io/v1beta1` API group is enabled in the API server
+* start the kubelet with the `--authentication-token-webhook`, `--kubeconfig`, and `--require-kubeconfig` flags
+* the kubelet calls the `TokenReview` API on the configured API server to determine user information from bearer tokens
+
+## Kubelet authorization
+
+Any request that is successfully authenticated (including an anonymous request) is then authorized. The default authorization mode is `AlwaysAllow`, which allows all requests.
+
+There are many possible reasons to subdivide access to the kubelet API:
+
+* anonymous auth is enabled, but anonymous users' ability to call the kubelet API should be limited
+* bearer token auth is enabled, but arbitrary API users' (like service accounts) ability to call the kubelet API should be limited
+* client certificate auth is enabled, but only some of the client certificates signed by the configured CA should be allowed to use the kubelet API
+
+To subdivide access to the kubelet API, delegate authorization to the API server:
+
+* ensure the `authorization.k8s.io/v1beta1` API group is enabled in the API server
+* start the kubelet with the `--authorization-mode=Webhook`, `--kubeconfig`, and `--require-kubeconfig` flags
+* the kubelet calls the `SubjectAccessReview` API on the configured API server to determine whether each request is authorized
+
+The kubelet authorizes API requests using the same [request attributes](/docs/admin/authorization/#request-attributes) approach as the apiserver.
+
+The verb is determined from the incoming request's HTTP verb:
+
+HTTP verb | request verb
+----------|---------------
+POST | create
+GET, HEAD | get
+PUT | update
+PATCH | patch
+DELETE | delete
+
+The resource and subresource is determined from the incoming request's path:
+
+Kubelet API | resource | subresource
+-------------|----------|------------
+/stats/\* | nodes | stats
+/metrics/\* | nodes | metrics
+/logs/\* | nodes | log
+/spec/\* | nodes | spec
+*all others* | nodes | proxy
+
+The namespace and API group attributes are always an empty string, and
+the resource name is always the name of the kubelet's `Node` API object.
+
+When running in this mode, ensure the user identified by the `--kubelet-client-certificate` and `--kubelet-client-key`
+flags passed to the apiserver is authorized for the following attributes:
+
+* verb=\*, resource=nodes, subresource=proxy
+* verb=\*, resource=nodes, subresource=stats
+* verb=\*, resource=nodes, subresource=log
+* verb=\*, resource=nodes, subresource=spec
+* verb=\*, resource=nodes, subresource=metrics
diff --git a/docs/admin/kubelet-tls-bootstrapping.md b/docs/admin/kubelet-tls-bootstrapping.md
new file mode 100644
index 0000000000..f8d56923ee
--- /dev/null
+++ b/docs/admin/kubelet-tls-bootstrapping.md
@@ -0,0 +1,96 @@
+---
+assignees:
+- mikedanese
+title: TLS bootstrapping
+---
+
+* TOC
+{:toc}
+
+## Overview
+
+This document describes how to set up TLS client certificate boostrapping for kubelets.
+Kubernetes 1.4 introduces an experimental API for requesting certificates from a cluster-level
+Certificate Authority (CA). The first supported use of this API is the provisioning of TLS client
+certificates for kubelets. The proposal can be found [here](https://github.com/kubernetes/kubernetes/pull/20439)
+and progress on the feature is being tracked as [feature #43](https://github.com/kubernetes/features/issues/43).
+
+## apiserver configuration
+
+You must provide a token file which specifies at least one "bootstrap token" assigned to a kubelet boostrap-specific group.
+This group will later be used in the controller-manager configuration to scope approvals in the default approval
+controller. As this feature matures, you should ensure tokens are bound to an RBAC policy which limits requests
+using the bootstrap token to only be able to make requests related to certificate provisioning. When RBAC policy
+is in place, scoping the tokens to a group will allow great flexibility (e.g. you could disable a particular
+bootstrap group's access when you are done provisioning the nodes).
+
+### Token auth file
+Tokens are arbitrary but should represent at least 128 bits of entropy derived from a secure random number
+generator (such as /dev/urandom on most modern systems). There are multiple ways you can generate a token. For example:
+
+`head -c 16 /dev/urandom | od -An -t x | tr -d ' '`
+
+will generate tokens that look like `02b50b05283e98dd0fd71db496ef01e8`
+
+The token file will look like the following example, where the first three values can be anything and the quoted group
+name should be as depicted:
+
+```
+02b50b05283e98dd0fd71db496ef01e8,kubelet-bootstrap,10001,"system:kubelet-bootstrap"
+```
+
+Add the `--token-auth-file=FILENAME` flag to the apiserver command to enable the token file.
+See docs at http://kubernetes.io/docs/admin/authentication/#static-token-file for further details.
+
+### Client certificate CA bundle
+
+Add the `--client-ca-file=FILENAME` flag to the apiserver command to enable client certificate authentication,
+referencing a certificate authority bundle containing the signing certificate.
+
+## controller-manager configuration
+The API for requesting certificates adds a certificate-issuing control loop to the KCM. This takes the form of a
+[cfssl](https://blog.cloudflare.com/introducing-cfssl/) local signer using assets on disk.
+Currently, all certificates issued have one year validity and a default set of key usages.
+
+### Signing assets
+You must provide a Certificate Authority in order to provide the cryptographic materials necessary to issue certificates.
+This CA should be trusted by the apiserver for authentication with the `--client-ca-file=SOMEFILE` flag. The management
+of the CA is beyond the scope of this document but it is recommended that you generate a dedicated CA for Kubernetes.
+Both certificate and key are assumed to be PEM-encoded.
+
+The new controller-manager flags are:
+```
+--cluster-signing-cert-file="/etc/path/to/kubernetes/ca/ca.crt" --cluster-signing-key-file="/etc/path/to/kubernetes/ca/ca.key"
+```
+
+### Auto-approval
+To ease deployment and testing, the alpha version of the certificate request API includes a flag to approve all certificate
+requests made by users in a certain group. The intended use of this is to whitelist only the group corresponding to the bootstrap
+token in the token file above. Use of this flag circumvents makes the "approval" process described below and is not recommended
+for production use.
+
+The flag is:
+```
+--insecure-experimental-approve-all-kubelet-csrs-for-group="system:kubelet-bootstrap"
+```
+
+## kubelet configuration
+To use request a client cert from the certificate request API, the kubelet needs a path to a kubeconfig file that contains the
+bootstrap auth token. If the file specified by `--kubeconfig` does not exist, the bootstrap kubeconfig is used to request a
+client certificate from the API server. On success, a kubeconfig file referencing the generated key and obtained certificate
+is written to the path specified by `--kubeconfig`. The certificate and key file will be stored in the directory pointed
+by `--cert-dir`. The new flag is:
+
+```
+--experimental-bootstrap-kubeconfig="/path/to/bootstrap/kubeconfig"
+```
+
+## kubectl approval
+The signing controller does not immediately sign all certificate requests. Instead, it waits until they have been flagged with an
+"Approved" status by an appropriately-privileged user. This is intended to eventually be an automated process handled by an external
+approval controller, but for the alpha version of the API it can be done manually by a cluster administrator using kubectl.
+An administrator can list CSRs with `kubectl get csr`, describe one in detail with `kubectl describe `. There are
+[currently no direct approve/deny commands](https://github.com/kubernetes/kubernetes/issues/30163) so an approver will need to update
+the Status field directly. A rough example of how to do this in bash which should only be used until the porcelain merges is available
+at [https://github.com/gtank/csrctl](https://github.com/gtank/csrctl).
+
diff --git a/docs/admin/kubelet.md b/docs/admin/kubelet.md
index 88842eab14..342189ba94 100644
--- a/docs/admin/kubelet.md
+++ b/docs/admin/kubelet.md
@@ -1,4 +1,6 @@
---
+title: Overview
+notitle: true
---
## kubelet
@@ -15,7 +17,7 @@ various mechanisms (primarily through the apiserver) and ensures that the contai
described in those PodSpecs are running and healthy. The kubelet doesn't manage
containers which were not created by Kubernetes.
-Other than from an PodSpec from the apiserver, there are three ways that a container
+Other than from a PodSpec from the apiserver, there are three ways that a container
manifest can be provided to the Kubelet.
File: Path passed as a flag on the command line. This file is rechecked every 20
@@ -34,123 +36,134 @@ kubelet
### Options
```
- --address value The IP address for the Kubelet to serve on (set to 0.0.0.0 for all interfaces) (default 0.0.0.0)
- --allow-privileged If true, allow containers to request privileged mode. [default=false]
- --cadvisor-port value The port of the localhost cAdvisor endpoint (default 4194)
- --cert-dir string The directory where the TLS certs are located (by default /var/run/kubernetes). If --tls-cert-file and --tls-private-key-file are provided, this flag will be ignored. (default "/var/run/kubernetes")
- --cgroup-root string Optional root cgroup to use for pods. This is handled by the container runtime on a best effort basis. Default: '', which means use the container runtime default.
- --chaos-chance float If > 0.0, introduce random client errors and latency. Intended for testing. [default=0.0]
- --cloud-config string The path to the cloud provider configuration file. Empty string for no configuration file.
- --cloud-provider string The provider for cloud services. By default, kubelet will attempt to auto-detect the cloud provider. Specify empty string for running with no cloud provider. [default=auto-detect] (default "auto-detect")
- --cluster-dns string IP address for a cluster DNS server. This value is used for containers' DNS server in case of Pods with "dnsPolicy=ClusterFirst"
- --cluster-domain string Domain for this cluster. If set, kubelet will configure all containers to search this domain in addition to the host's search domains
- --cni-bin-dir string The full path of the directory in which to search for CNI plugin binaries. Default: /opt/cni/bin
- --cni-conf-dir string The full path of the directory in which to search for CNI config files. Default: /etc/cni/net.d
- --container-runtime string The container runtime to use. Possible values: 'docker', 'rkt'. Default: 'docker'. (default "docker")
- --container-runtime-endpoint string The unix socket endpoint of remote runtime service. If not empty, this option will override --container-runtime. This is an experimental feature. Intended for testing only.
- --containerized Experimental support for running kubelet in a container. Intended for testing. [default=false]
- --cpu-cfs-quota Enable CPU CFS quota enforcement for containers that specify CPU limits (default true)
- --docker-endpoint string Use this for the docker endpoint to communicate with (default "unix:///var/run/docker.sock")
- --docker-exec-handler string Handler to use when executing a command in a container. Valid values are 'native' and 'nsenter'. Defaults to 'native'. (default "native")
- --enable-controller-attach-detach Enables the Attach/Detach controller to manage attachment/detachment of volumes scheduled to this node, and disables kubelet from executing any attach/detach operations (default true)
- --enable-custom-metrics Support for gathering custom metrics.
- --enable-debugging-handlers Enables server endpoints for log collection and local running of containers and commands (default true)
- --enable-server Enable the Kubelet's server (default true)
- --event-burst value Maximum size of a bursty event records, temporarily allows event records to burst to this number, while still not exceeding event-qps. Only used if --event-qps > 0 (default 10)
- --event-qps value If > 0, limit event creations per second to this value. If 0, unlimited. (default 5)
- --eviction-hard string A set of eviction thresholds (e.g. memory.available<1Gi) that if met would trigger a pod eviction. (default "memory.available<100Mi")
- --eviction-max-pod-grace-period value Maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. If negative, defer to pod specified value.
- --eviction-minimum-reclaim string A set of minimum reclaims (e.g. imagefs.available=2Gi) that describes the minimum amount of resource the kubelet will reclaim when performing a pod eviction if that resource is under pressure.
- --eviction-pressure-transition-period duration Duration for which the kubelet has to wait before transitioning out of an eviction pressure condition. (default 5m0s)
- --eviction-soft string A set of eviction thresholds (e.g. memory.available<1.5Gi) that if met over a corresponding grace period would trigger a pod eviction.
- --eviction-soft-grace-period string A set of eviction grace periods (e.g. memory.available=1m30s) that correspond to how long a soft eviction threshold must hold before triggering a pod eviction.
- --exit-on-lock-contention Whether kubelet should exit upon lock-file contention.
- --experimental-allowed-unsafe-sysctls value Comma-separated whitelist of unsafe sysctls or unsafe sysctl patterns (ending in *). Use these at your own risk. (default [])
- --experimental-bootstrap-kubeconfig string Path to a kubeconfig file that will be used to get client certificate for kubelet. If the file specified by --kubeconfig does not exist, the bootstrap kubeconfig is used to request a client certificate from the API server. On success, a kubeconfig file referencing the generated key and obtained certificate is written to the path specified by --kubeconfig. The certificate and key file will be stored in the directory pointed by --cert-dir.
- --experimental-nvidia-gpus value Number of NVIDIA GPU devices on this node. Only 0 (default) and 1 are currently supported.
- --feature-gates value A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
+ --address ip The IP address for the Kubelet to serve on (set to 0.0.0.0 for all interfaces) (default 0.0.0.0)
+ --allow-privileged If true, allow containers to request privileged mode. [default=false]
+ --anonymous-auth Enables anonymous requests to the Kubelet server. Requests that are not rejected by another authentication method are treated as anonymous requests. Anonymous requests have a username of system:anonymous, and a group name of system:unauthenticated. (default true)
+ --authentication-token-webhook Use the TokenReview API to determine authentication for bearer tokens.
+ --authentication-token-webhook-cache-ttl duration The duration to cache responses from the webhook token authenticator. (default 2m0s)
+ --authorization-mode string Authorization mode for Kubelet server. Valid options are AlwaysAllow or Webhook. Webhook mode uses the SubjectAccessReview API to determine authorization. (default "AlwaysAllow")
+ --authorization-webhook-cache-authorized-ttl duration The duration to cache 'authorized' responses from the webhook authorizer. (default 5m0s)
+ --authorization-webhook-cache-unauthorized-ttl duration The duration to cache 'unauthorized' responses from the webhook authorizer. (default 30s)
+ --cadvisor-port int32 The port of the localhost cAdvisor endpoint (default 4194)
+ --cert-dir string The directory where the TLS certs are located (by default /var/run/kubernetes). If --tls-cert-file and --tls-private-key-file are provided, this flag will be ignored. (default "/var/run/kubernetes")
+ --cgroup-driver string Driver that the kubelet uses to manipulate cgroups on the host. Possible values: 'cgroupfs', 'systemd' (default "cgroupfs")
+ --cgroup-root string Optional root cgroup to use for pods. This is handled by the container runtime on a best effort basis. Default: '', which means use the container runtime default.
+ --chaos-chance float If > 0.0, introduce random client errors and latency. Intended for testing. [default=0.0]
+ --client-ca-file string If set, any request presenting a client certificate signed by one of the authorities in the client-ca-file is authenticated with an identity corresponding to the CommonName of the client certificate.
+ --cloud-config string The path to the cloud provider configuration file. Empty string for no configuration file.
+ --cloud-provider string The provider for cloud services. By default, kubelet will attempt to auto-detect the cloud provider. Specify empty string for running with no cloud provider. [default=auto-detect] (default "auto-detect")
+ --cluster-dns string IP address for a cluster DNS server. This value is used for containers' DNS server in case of Pods with "dnsPolicy=ClusterFirst"
+ --cluster-domain string Domain for this cluster. If set, kubelet will configure all containers to search this domain in addition to the host's search domains
+ --cni-bin-dir string The full path of the directory in which to search for CNI plugin binaries. Default: /opt/cni/bin
+ --cni-conf-dir string The full path of the directory in which to search for CNI config files. Default: /etc/cni/net.d
+ --container-runtime string The container runtime to use. Possible values: 'docker', 'rkt'. Default: 'docker'. (default "docker")
+ --container-runtime-endpoint string [Experimental] The unix socket endpoint of remote runtime service. The endpoint is used only when CRI integration is enabled (--experimental-cri)
+ --containerized Experimental support for running kubelet in a container. Intended for testing. [default=false]
+ --cpu-cfs-quota Enable CPU CFS quota enforcement for containers that specify CPU limits (default true)
+ --docker-endpoint string Use this for the docker endpoint to communicate with (default "unix:///var/run/docker.sock")
+ --docker-exec-handler string Handler to use when executing a command in a container. Valid values are 'native' and 'nsenter'. Defaults to 'native'. (default "native")
+ --enable-controller-attach-detach Enables the Attach/Detach controller to manage attachment/detachment of volumes scheduled to this node, and disables kubelet from executing any attach/detach operations (default true)
+ --enable-custom-metrics Support for gathering custom metrics.
+ --enable-debugging-handlers Enables server endpoints for log collection and local running of containers and commands (default true)
+ --enable-server Enable the Kubelet's server (default true)
+ --event-burst int32 Maximum size of a bursty event records, temporarily allows event records to burst to this number, while still not exceeding event-qps. Only used if --event-qps > 0 (default 10)
+ --event-qps int32 If > 0, limit event creations per second to this value. If 0, unlimited. (default 5)
+ --eviction-hard string A set of eviction thresholds (e.g. memory.available<1Gi) that if met would trigger a pod eviction. (default "memory.available<100Mi")
+ --eviction-max-pod-grace-period int32 Maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. If negative, defer to pod specified value.
+ --eviction-minimum-reclaim string A set of minimum reclaims (e.g. imagefs.available=2Gi) that describes the minimum amount of resource the kubelet will reclaim when performing a pod eviction if that resource is under pressure.
+ --eviction-pressure-transition-period duration Duration for which the kubelet has to wait before transitioning out of an eviction pressure condition. (default 5m0s)
+ --eviction-soft string A set of eviction thresholds (e.g. memory.available<1.5Gi) that if met over a corresponding grace period would trigger a pod eviction.
+ --eviction-soft-grace-period string A set of eviction grace periods (e.g. memory.available=1m30s) that correspond to how long a soft eviction threshold must hold before triggering a pod eviction.
+ --exit-on-lock-contention Whether kubelet should exit upon lock-file contention.
+ --experimental-allowed-unsafe-sysctls stringSlice Comma-separated whitelist of unsafe sysctls or unsafe sysctl patterns (ending in *). Use these at your own risk.
+ --experimental-bootstrap-kubeconfig string Path to a kubeconfig file that will be used to get client certificate for kubelet. If the file specified by --kubeconfig does not exist, the bootstrap kubeconfig is used to request a client certificate from the API server. On success, a kubeconfig file referencing the generated key and obtained certificate is written to the path specified by --kubeconfig. The certificate and key file will be stored in the directory pointed by --cert-dir.
+ --experimental-cgroups-per-qos Enable creation of QoS cgroup hierarchy, if true top level QoS and pod cgroups are created.
+ --experimental-check-node-capabilities-before-mount [Experimental] if set true, the kubelet will check the underlying node for required componenets (binaries, etc.) before performing the mount
+ --experimental-cri [Experimental] Enable the Container Runtime Interface (CRI) integration. If --container-runtime is set to "remote", Kubelet will communicate with the runtime/image CRI server listening on the endpoint specified by --remote-runtime-endpoint/--remote-image-endpoint. If --container-runtime is set to "docker", Kubelet will launch a in-process CRI server on behalf of docker, and communicate over a default endpoint.
+ --experimental-fail-swap-on Makes the Kubelet fail to start if swap is enabled on the node. This is a temporary opton to maintain legacy behavior, failing due to swap enabled will happen by default in v1.6.
+ --experimental-kernel-memcg-notification If enabled, the kubelet will integrate with the kernel memcg notification to determine if memory eviction thresholds are crossed rather than polling.
+ --experimental-mounter-path string [Experimental] Path of mounter binary. Leave empty to use the default mount.
+ --experimental-nvidia-gpus int32 Number of NVIDIA GPU devices on this node. Only 0 (default) and 1 are currently supported.
+ --feature-gates string A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
AllAlpha=true|false (ALPHA - default=false)
-AllowExtTrafficLocalEndpoints=true|false (ALPHA - default=false)
+AllowExtTrafficLocalEndpoints=true|false (BETA - default=true)
AppArmor=true|false (BETA - default=true)
DynamicKubeletConfig=true|false (ALPHA - default=false)
DynamicVolumeProvisioning=true|false (ALPHA - default=true)
- --file-check-frequency duration Duration between checking config files for new data (default 20s)
- --google-json-key string The Google Cloud Platform Service Account JSON Key to use for authentication.
- --hairpin-mode string How should the kubelet setup hairpin NAT. This allows endpoints of a Service to loadbalance back to themselves if they should try to access their own Service. Valid values are "promiscuous-bridge", "hairpin-veth" and "none". (default "promiscuous-bridge")
- --healthz-bind-address value The IP address for the healthz server to serve on, defaulting to 127.0.0.1 (set to 0.0.0.0 for all interfaces) (default 127.0.0.1)
- --healthz-port value The port of the localhost healthz endpoint (default 10248)
- --host-ipc-sources value Comma-separated list of sources from which the Kubelet allows pods to use the host ipc namespace. [default="*"] (default [*])
- --host-network-sources value Comma-separated list of sources from which the Kubelet allows pods to use of host network. [default="*"] (default [*])
- --host-pid-sources value Comma-separated list of sources from which the Kubelet allows pods to use the host pid namespace. [default="*"] (default [*])
- --hostname-override string If non-empty, will use this string as identification instead of the actual hostname.
- --http-check-frequency duration Duration between checking http for new data (default 20s)
- --image-gc-high-threshold value The percent of disk usage after which image garbage collection is always run. Default: 90% (default 90)
- --image-gc-low-threshold value The percent of disk usage before which image garbage collection is never run. Lowest disk usage to garbage collect to. Default: 80% (default 80)
- --image-service-endpoint string The unix socket endpoint of remote image service. If not specified, it will be the same with container-runtime-endpoint by default. This is an experimental feature. Intended for testing only.
- --iptables-drop-bit value The bit of the fwmark space to mark packets for dropping. Must be within the range [0, 31]. (default 15)
- --iptables-masquerade-bit value The bit of the fwmark space to mark packets for SNAT. Must be within the range [0, 31]. Please match this parameter with corresponding parameter in kube-proxy. (default 14)
- --kube-api-burst value Burst to use while talking with kubernetes apiserver (default 10)
- --kube-api-content-type string Content type of requests sent to apiserver. (default "application/vnd.kubernetes.protobuf")
- --kube-api-qps value QPS to use while talking with kubernetes apiserver (default 5)
- --kube-reserved value A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs that describe resources reserved for kubernetes system components. Currently only cpu and memory are supported. See http://releases.k8s.io/release-1.4/docs/user-guide/compute-resources.md for more detail. [default=none]
- --kubeconfig value Path to a kubeconfig file, specifying how to connect to the API server. --api-servers will be used for the location unless --require-kubeconfig is set. (default "/var/lib/kubelet/kubeconfig")
- --kubelet-cgroups string Optional absolute name of cgroups to create and run the Kubelet in.
- --lock-file string The path to file for kubelet to use as a lock file.
- --low-diskspace-threshold-mb value The absolute free disk space, in MB, to maintain. When disk space falls below this threshold, new pods would be rejected. Default: 256 (default 256)
- --make-iptables-util-chains If true, kubelet will ensure iptables utility rules are present on host. (default true)
- --manifest-url string URL for accessing the container manifest
- --manifest-url-header string HTTP header to use when accessing the manifest URL, with the key separated from the value with a ':', as in 'key:value'
- --master-service-namespace string The namespace from which the kubernetes master services should be injected into pods (default "default")
- --max-open-files int Number of files that can be opened by Kubelet process. [default=1000000] (default 1000000)
- --max-pods value Number of Pods that can run on this Kubelet. (default 110)
- --minimum-image-ttl-duration duration Minimum age for an unused image before it is garbage collected. Examples: '300ms', '10s' or '2h45m'. Default: '2m' (default 2m0s)
- --network-plugin string The name of the network plugin to be invoked for various events in kubelet/pod lifecycle
- --network-plugin-dir string The full path of the directory in which to search for network plugins or CNI config
- --network-plugin-mtu value The MTU to be passed to the network plugin, to override the default. Set to 0 to use the default 1460 MTU.
- --node-ip string IP address of the node. If set, kubelet will use this IP address for the node
- --node-labels value Labels to add when registering the node in the cluster. Labels must be key=value pairs separated by ','.
- --node-status-update-frequency duration Specifies how often kubelet posts node status to master. Note: be cautious when changing the constant, it must work with nodeMonitorGracePeriod in nodecontroller. Default: 10s (default 10s)
- --non-masquerade-cidr string Traffic to IPs outside this range will use IP masquerade. (default "10.0.0.0/8")
- --oom-score-adj value The oom-score-adj value for kubelet process. Values must be within the range [-1000, 1000] (default -999)
- --outofdisk-transition-frequency duration Duration for which the kubelet has to wait before transitioning out of out-of-disk node condition status. Default: 5m0s (default 5m0s)
- --pod-cidr string The CIDR to use for pod IP addresses, only used in standalone mode. In cluster mode, this is obtained from the master.
- --pod-infra-container-image string The image whose network/ipc namespaces containers in each pod will use. (default "gcr.io/google_containers/pause-amd64:3.0")
- --pod-manifest-path string Path to to the directory containing pod manifest files to run, or the path to a single pod manifest file.
- --pods-per-core value Number of Pods per core that can run on this Kubelet. The total number of Pods on this Kubelet cannot exceed max-pods, so max-pods will be used if this calculation results in a larger number of Pods allowed on the Kubelet. A value of 0 disables this limit.
- --port value The port for the Kubelet to serve on. (default 10250)
- --protect-kernel-defaults Default kubelet behaviour for kernel tuning. If set, kubelet errors if any of kernel tunables is different than kubelet defaults.
- --read-only-port value The read-only port for the Kubelet to serve on with no authentication/authorization (set to 0 to disable) (default 10255)
- --really-crash-for-testing If true, when panics occur crash. Intended for testing.
- --reconcile-cidr Reconcile node CIDR with the CIDR specified by the API server. No-op if register-node or configure-cbr0 is false. [default=true] (default true)
- --register-node Register the node with the apiserver (defaults to true if --api-servers is set) (default true)
- --register-schedulable Register the node as schedulable. No-op if register-node is false. [default=true] (default true)
- --registry-burst value Maximum size of a bursty pulls, temporarily allows pulls to burst to this number, while still not exceeding registry-qps. Only used if --registry-qps > 0 (default 10)
- --registry-qps value If > 0, limit registry pull QPS to this value. If 0, unlimited. [default=5.0] (default 5)
- --require-kubeconfig If true the Kubelet will exit if there are configuration errors, and will ignore the value of --api-servers in favor of the server defined in the kubeconfig file.
- --resolv-conf string Resolver configuration file used as the basis for the container DNS resolution configuration. (default "/etc/resolv.conf")
- --rkt-api-endpoint string The endpoint of the rkt API service to communicate with. Only used if --container-runtime='rkt'. (default "localhost:15441")
- --rkt-path string Path of rkt binary. Leave empty to use the first rkt in $PATH. Only used if --container-runtime='rkt'.
- --root-dir string Directory path for managing kubelet files (volume mounts,etc). (default "/var/lib/kubelet")
- --runonce If true, exit after spawning pods from local manifests or remote urls. Exclusive with --api-servers, and --enable-server
- --runtime-cgroups string Optional absolute name of cgroups to create and run the runtime in.
- --runtime-request-timeout duration Timeout of all runtime requests except long running request - pull, logs, exec and attach. When timeout exceeded, kubelet will cancel the request, throw out an error and retry later. Default: 2m0s (default 2m0s)
- --seccomp-profile-root string Directory path for seccomp profiles.
- --serialize-image-pulls Pull images one at a time. We recommend *not* changing the default value on nodes that run docker daemon with version < 1.9 or an Aufs storage backend. Issue #10959 has more details. [default=true] (default true)
- --streaming-connection-idle-timeout duration Maximum time a streaming connection can be idle before the connection is automatically closed. 0 indicates no timeout. Example: '5m' (default 4h0m0s)
- --sync-frequency duration Max period between synchronizing running containers and config (default 1m0s)
- --system-cgroups / Optional absolute name of cgroups in which to place all non-kernel processes that are not already inside a cgroup under /. Empty for no container. Rolling back the flag requires a reboot. (Default: "").
- --system-reserved value A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs that describe resources reserved for non-kubernetes components. Currently only cpu and memory are supported. See http://releases.k8s.io/release-1.4/docs/user-guide/compute-resources.md for more detail. [default=none]
- --tls-cert-file string File containing x509 Certificate for HTTPS. (CA cert, if any, concatenated after server cert). If --tls-cert-file and --tls-private-key-file are not provided, a self-signed certificate and key are generated for the public address and saved to the directory passed to --cert-dir.
- --tls-private-key-file string File containing x509 private key matching --tls-cert-file.
- --volume-plugin-dir string The full path of the directory in which to search for additional third party volume plugins (default "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/")
- --volume-stats-agg-period duration Specifies interval for kubelet to calculate and cache the volume disk usage for all pods and volumes. To disable volume calculations, set to 0. Default: '1m' (default 1m0s)
+ExperimentalHostUserNamespaceDefaulting=true|false (ALPHA - default=false)
+StreamingProxyRedirects=true|false (ALPHA - default=false)
+ --file-check-frequency duration Duration between checking config files for new data (default 20s)
+ --google-json-key string The Google Cloud Platform Service Account JSON Key to use for authentication.
+ --hairpin-mode string How should the kubelet setup hairpin NAT. This allows endpoints of a Service to loadbalance back to themselves if they should try to access their own Service. Valid values are "promiscuous-bridge", "hairpin-veth" and "none". (default "promiscuous-bridge")
+ --healthz-bind-address ip The IP address for the healthz server to serve on, defaulting to 127.0.0.1 (set to 0.0.0.0 for all interfaces) (default 127.0.0.1)
+ --healthz-port int32 The port of the localhost healthz endpoint (default 10248)
+ --host-ipc-sources stringSlice Comma-separated list of sources from which the Kubelet allows pods to use the host ipc namespace. [default="*"] (default [*])
+ --host-network-sources stringSlice Comma-separated list of sources from which the Kubelet allows pods to use of host network. [default="*"] (default [*])
+ --host-pid-sources stringSlice Comma-separated list of sources from which the Kubelet allows pods to use the host pid namespace. [default="*"] (default [*])
+ --hostname-override string If non-empty, will use this string as identification instead of the actual hostname.
+ --http-check-frequency duration Duration between checking http for new data (default 20s)
+ --image-gc-high-threshold int32 The percent of disk usage after which image garbage collection is always run. Default: 90% (default 90)
+ --image-gc-low-threshold int32 The percent of disk usage before which image garbage collection is never run. Lowest disk usage to garbage collect to. Default: 80% (default 80)
+ --image-service-endpoint string [Experimental] The unix socket endpoint of remote image service. If not specified, it will be the same with container-runtime-endpoint by default. The endpoint is used only when CRI integration is enabled (--experimental-cri)
+ --iptables-drop-bit int32 The bit of the fwmark space to mark packets for dropping. Must be within the range [0, 31]. (default 15)
+ --iptables-masquerade-bit int32 The bit of the fwmark space to mark packets for SNAT. Must be within the range [0, 31]. Please match this parameter with corresponding parameter in kube-proxy. (default 14)
+ --kube-api-burst int32 Burst to use while talking with kubernetes apiserver (default 10)
+ --kube-api-content-type string Content type of requests sent to apiserver. (default "application/vnd.kubernetes.protobuf")
+ --kube-api-qps int32 QPS to use while talking with kubernetes apiserver (default 5)
+ --kube-reserved mapStringString A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs that describe resources reserved for kubernetes system components. Currently only cpu and memory are supported. See http://kubernetes.io/docs/user-guide/compute-resources for more detail. [default=none]
+ --kubeconfig string Path to a kubeconfig file, specifying how to connect to the API server. --api-servers will be used for the location unless --require-kubeconfig is set. (default "/var/lib/kubelet/kubeconfig")
+ --kubelet-cgroups string Optional absolute name of cgroups to create and run the Kubelet in.
+ --lock-file string The path to file for kubelet to use as a lock file.
+ --low-diskspace-threshold-mb int32 The absolute free disk space, in MB, to maintain. When disk space falls below this threshold, new pods would be rejected. Default: 256 (default 256)
+ --make-iptables-util-chains If true, kubelet will ensure iptables utility rules are present on host. (default true)
+ --manifest-url string URL for accessing the container manifest
+ --manifest-url-header string HTTP header to use when accessing the manifest URL, with the key separated from the value with a ':', as in 'key:value'
+ --master-service-namespace string The namespace from which the kubernetes master services should be injected into pods (default "default")
+ --max-open-files int Number of files that can be opened by Kubelet process. [default=1000000] (default 1000000)
+ --max-pods int32 Number of Pods that can run on this Kubelet. (default 110)
+ --minimum-image-ttl-duration duration Minimum age for an unused image before it is garbage collected. Examples: '300ms', '10s' or '2h45m'. Default: '2m' (default 2m0s)
+ --network-plugin string The name of the network plugin to be invoked for various events in kubelet/pod lifecycle
+ --network-plugin-dir string The full path of the directory in which to search for network plugins or CNI config
+ --network-plugin-mtu int32 The MTU to be passed to the network plugin, to override the default. Set to 0 to use the default 1460 MTU.
+ --node-ip string IP address of the node. If set, kubelet will use this IP address for the node
+ --node-labels mapStringString Labels to add when registering the node in the cluster. Labels must be key=value pairs separated by ','.
+ --node-status-update-frequency duration Specifies how often kubelet posts node status to master. Note: be cautious when changing the constant, it must work with nodeMonitorGracePeriod in nodecontroller. Default: 10s (default 10s)
+ --non-masquerade-cidr string Traffic to IPs outside this range will use IP masquerade. (default "10.0.0.0/8")
+ --oom-score-adj int32 The oom-score-adj value for kubelet process. Values must be within the range [-1000, 1000] (default -999)
+ --outofdisk-transition-frequency duration Duration for which the kubelet has to wait before transitioning out of out-of-disk node condition status. Default: 5m0s (default 5m0s)
+ --pod-cidr string The CIDR to use for pod IP addresses, only used in standalone mode. In cluster mode, this is obtained from the master.
+ --pod-infra-container-image string The image whose network/ipc namespaces containers in each pod will use. (default "gcr.io/google_containers/pause-amd64:3.0")
+ --pod-manifest-path string Path to to the directory containing pod manifest files to run, or the path to a single pod manifest file.
+ --pods-per-core int32 Number of Pods per core that can run on this Kubelet. The total number of Pods on this Kubelet cannot exceed max-pods, so max-pods will be used if this calculation results in a larger number of Pods allowed on the Kubelet. A value of 0 disables this limit.
+ --port int32 The port for the Kubelet to serve on. (default 10250)
+ --protect-kernel-defaults Default kubelet behaviour for kernel tuning. If set, kubelet errors if any of kernel tunables is different than kubelet defaults.
+ --read-only-port int32 The read-only port for the Kubelet to serve on with no authentication/authorization (set to 0 to disable) (default 10255)
+ --really-crash-for-testing If true, when panics occur crash. Intended for testing.
+ --register-node Register the node with the apiserver (defaults to true if --api-servers is set) (default true)
+ --register-schedulable Register the node as schedulable. Won't have any effect if register-node is false. [default=true] (default true)
+ --registry-burst int32 Maximum size of a bursty pulls, temporarily allows pulls to burst to this number, while still not exceeding registry-qps. Only used if --registry-qps > 0 (default 10)
+ --registry-qps int32 If > 0, limit registry pull QPS to this value. If 0, unlimited. [default=5.0] (default 5)
+ --require-kubeconfig If true the Kubelet will exit if there are configuration errors, and will ignore the value of --api-servers in favor of the server defined in the kubeconfig file.
+ --resolv-conf string Resolver configuration file used as the basis for the container DNS resolution configuration. (default "/etc/resolv.conf")
+ --rkt-api-endpoint string The endpoint of the rkt API service to communicate with. Only used if --container-runtime='rkt'. (default "localhost:15441")
+ --rkt-path string Path of rkt binary. Leave empty to use the first rkt in $PATH. Only used if --container-runtime='rkt'.
+ --root-dir string Directory path for managing kubelet files (volume mounts,etc). (default "/var/lib/kubelet")
+ --runonce If true, exit after spawning pods from local manifests or remote urls. Exclusive with --api-servers, and --enable-server
+ --runtime-cgroups string Optional absolute name of cgroups to create and run the runtime in.
+ --runtime-request-timeout duration Timeout of all runtime requests except long running request - pull, logs, exec and attach. When timeout exceeded, kubelet will cancel the request, throw out an error and retry later. Default: 2m0s (default 2m0s)
+ --seccomp-profile-root string Directory path for seccomp profiles. (default "/var/lib/kubelet/seccomp")
+ --serialize-image-pulls Pull images one at a time. We recommend *not* changing the default value on nodes that run docker daemon with version < 1.9 or an Aufs storage backend. Issue #10959 has more details. [default=true] (default true)
+ --streaming-connection-idle-timeout duration Maximum time a streaming connection can be idle before the connection is automatically closed. 0 indicates no timeout. Example: '5m' (default 4h0m0s)
+ --sync-frequency duration Max period between synchronizing running containers and config (default 1m0s)
+ --system-cgroups / Optional absolute name of cgroups in which to place all non-kernel processes that are not already inside a cgroup under /. Empty for no container. Rolling back the flag requires a reboot. (Default: "").
+ --system-reserved mapStringString A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs that describe resources reserved for non-kubernetes components. Currently only cpu and memory are supported. See http://kubernetes.io/docs/user-guide/compute-resources for more detail. [default=none]
+ --tls-cert-file string File containing x509 Certificate for HTTPS. (CA cert, if any, concatenated after server cert). If --tls-cert-file and --tls-private-key-file are not provided, a self-signed certificate and key are generated for the public address and saved to the directory passed to --cert-dir.
+ --tls-private-key-file string File containing x509 private key matching --tls-cert-file.
+ --volume-plugin-dir string The full path of the directory in which to search for additional third party volume plugins (default "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/")
+ --volume-stats-agg-period duration Specifies interval for kubelet to calculate and cache the volume disk usage for all pods and volumes. To disable volume calculations, set to 0. Default: '1m' (default 1m0s)
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
diff --git a/docs/admin/limitrange/index.md b/docs/admin/limitrange/index.md
index 0336264bc3..767513a1a3 100644
--- a/docs/admin/limitrange/index.md
+++ b/docs/admin/limitrange/index.md
@@ -2,7 +2,7 @@
assignees:
- derekwaynecarr
- janetkuo
-
+title: Setting Pod CPU and Memory Limits
---
By default, pods run with unbounded CPU and memory limits. This means that any pod in the
diff --git a/docs/admin/master-node-communication.md b/docs/admin/master-node-communication.md
index 3860c33475..91ecff7ef9 100644
--- a/docs/admin/master-node-communication.md
+++ b/docs/admin/master-node-communication.md
@@ -2,13 +2,14 @@
assignees:
- dchen1107
- roberthbailey
-
+- liggitt
+title: Master-Node communication
---
* TOC
{:toc}
-## Summary
+## Overview
This document catalogs the communication paths between the master (really the
apiserver) and the Kubernetes cluster. The intent is to allow users to
@@ -22,14 +23,21 @@ All communication paths from the cluster to the master terminate at the
apiserver (none of the other master components are designed to expose remote
services). In a typical deployment, the apiserver is configured to listen for
remote connections on a secure HTTPS port (443) with one or more forms of
-client [authentication](/docs/admin/authentication/) enabled.
+client [authentication](/docs/admin/authentication/) enabled. One or more forms
+of [authorization](/docs/admin/authorization/) should be enabled, especially
+if [anonymous requests](/docs/admin/authentication/#anonymous-requests) or
+[service account tokens](/docs/admin/authentication/#service-account-tokens)
+are allowed.
Nodes should be provisioned with the public root certificate for the cluster
such that they can connect securely to the apiserver along with valid client
credentials. For example, on a default GCE deployment, the client credentials
-provided to the kubelet are in the form of a client certificate. Pods that
-wish to connect to the apiserver can do so securely by leveraging a service
-account so that Kubernetes will automatically inject the public root
+provided to the kubelet are in the form of a client certificate. See
+[kubelet TLS bootstrapping](/docs/admin/kubelet-tls-bootstrapping/) for
+automated provisioning of kubelet client certificates.
+
+Pods that wish to connect to the apiserver can do so securely by leveraging a
+service account so that Kubernetes will automatically inject the public root
certificate and a valid bearer token into the pod when it is instantiated.
The `kubernetes` service (in all namespaces) is configured with a virtual IP
address that is redirected (via kube-proxy) to the HTTPS endpoint on the
@@ -54,16 +62,29 @@ cluster. The first is from the apiserver to the kubelet process which runs on
each node in the cluster. The second is from the apiserver to any node, pod,
or service through the apiserver's proxy functionality.
+### apiserver -> kubelet
+
The connections from the apiserver to the kubelet are used for fetching logs
for pods, attaching (through kubectl) to running pods, and using the kubelet's
-port-forwarding functionality. These connections terminate at the kubelet's
-HTTPS endpoint, which is typically using a self-signed certificate, and
-ignore the certificate presented by the kubelet (although you can override this
-behavior by specifying the `--kubelet-certificate-authority`,
-`--kubelet-client-certificate`, and `--kubelet-client-key` flags when starting
-the cluster apiserver). By default, these connections **are not currently safe**
-to run over untrusted and/or public networks as they are subject to
-man-in-the-middle attacks.
+port-forwarding functionality. These connections terminate at the kubelet's
+HTTPS endpoint.
+
+By default, the apiserver does not verify the kubelet's serving certificate,
+which makes the connection subject to man-in-the-middle attacks, and
+**unsafe** to run over untrusted and/or public networks.
+
+To verify this connection, use the `--kubelet-certificate-authority` flag to
+provide the apiserver with a root certificates bundle to use to verify the
+kubelet's serving certificate.
+
+If that is not possible, use [SSH tunneling](/docs/admin/master-node-communication/#ssh-tunnels)
+between the apiserver and kubelet if required to avoid connecting over an
+untrusted or public network.
+
+Finally, [Kubelet authentication and/or authorization](/docs/admin/kubelet-authentication-authorization/)
+should be enabled to secure the kubelet API.
+
+### apiserver -> nodes, pods, and services
The connections from the apiserver to a node, pod, or service default to plain
HTTP connections and are therefore neither authenticated nor encrypted. They
@@ -83,83 +104,3 @@ cluster (connecting to the ssh server listening on port 22) and passes all
traffic destined for a kubelet, node, pod, or service through the tunnel.
This tunnel ensures that the traffic is not exposed outside of the private
GCE network in which the cluster is running.
-
-### Kubelet TLS Bootstrap
-
-Kubernetes 1.4 introduces an experimental API for requesting certificates from a cluster-level
-Certificate Authority (CA). The first supported use of this API is the provisioning of TLS client
-certificates for kubelets. The proposal can be found [here](https://github.com/kubernetes/kubernetes/pull/20439)
-and progress on the feature is being tracked as [feature #43](https://github.com/kubernetes/features/issues/43).
-
-##### apiserver configuration
-You must provide a token file which specifies at least one "bootstrap token" assigned to a kubelet boostrap-specific group.
-This group will later be used in the controller-manager configuration to scope approvals in the default approval
-controller. As this feature matures, you should ensure tokens are bound to an RBAC policy which limits requests
-using the bootstrap token to only be able to make requests related to certificate provisioning. When RBAC policy
-is in place, scoping the tokens to a group will allow great flexibility (e.g. you could disable a particular
-bootstrap group's access when you are done provisioning the nodes).
-
-##### Token auth file
-Tokens are arbitrary but should represent at least 128 bits of entropy derived from a secure random number
-generator (such as /dev/urandom on most modern systems). There are multiple ways you can generate a token. For example:
-
-`head -c 16 /dev/urandom | od -An -t x | tr -d ' '`
-
-will generate tokens that look like `02b50b05283e98dd0fd71db496ef01e8`
-
-The token file will look like the following example, where the first three values can be anything and the quoted group
-name should be as depicted:
-
-```
-02b50b05283e98dd0fd71db496ef01e8,kubelet-bootstrap,10001,"system:kubelet-bootstrap"
-```
-
-Add the `--token-auth-file=FILENAME` flag to the apiserver command to enable the token file.
-See docs at http://kubernetes.io/docs/admin/authentication/#static-token-file for further details.
-
-#### controller-manager configuration
-The API for requesting certificates adds a certificate-issuing control loop to the KCM. This takes the form of a
-[cfssl](https://blog.cloudflare.com/introducing-cfssl/) local signer using assets on disk.
-Currently, all certificates issued have one year validity and a default set of key usages.
-
-##### Signing assets
-You must provide a Certificate Authority in order to provide the cryptographic materials necessary to issue certificates.
-This CA should be trusted by the apiserver for authentication with the `--client-ca-file=SOMEFILE` flag. The management
-of the CA is beyond the scope of this document but it is recommended that you generate a dedicated CA for Kubernetes.
-Both certificate and key are assumed to be PEM-encoded.
-
-The new controller-manager flags are:
-```
---cluster-signing-cert-file="/etc/path/to/kubernetes/ca/ca.crt" --cluster-signing-key-file="/etc/path/to/kubernetes/ca/ca.key"
-```
-
-##### Auto-approval
-To ease deployment and testing, the alpha version of the certificate request API includes a flag to approve all certificate
-requests made by users in a certain group. The intended use of this is to whitelist only the group corresponding to the bootstrap
-token in the token file above. Use of this flag circumvents makes the "approval" process described below and is not recommended
-for production use.
-
-The flag is:
-```
---insecure-experimental-approve-all-kubelet-csrs-for-group="system:kubelet-bootstrap"
-```
-
-#### kubelet configuration
-To use request a client cert from the certificate request API, the kubelet needs a path to a kubeconfig file that contains the
-bootstrap auth token. If the file specified by `--kubeconfig` does not exist, the bootstrap kubeconfig is used to request a
-client certificate from the API server. On success, a kubeconfig file referencing the generated key and obtained certificate
-is written to the path specified by `--kubeconfig`. The certificate and key file will be stored in the directory pointed
-by `--cert-dir`. The new flag is:
-
-```
---experimental-bootstrap-kubeconfig="/path/to/bootstrap/kubeconfig"
-```
-
-#### kubectl approval
-The signing controller does not immediately sign all certificate requests. Instead, it waits until they have been flagged with an
-"Approved" status by an appropriately-privileged user. This is intended to eventually be an automated process handled by an external
-approval controller, but for the alpha version of the API it can be done manually by a cluster administrator using kubectl.
-An administrator can list CSRs with `kubectl get csr`, describe one in detail with `kubectl describe `. There are
-[currently no direct approve/deny commands](https://github.com/kubernetes/kubernetes/issues/30163) so an approver will need to update
-the Status field directly. A rough example of how to do this in bash which should only be used until the porcelain merges is available
-at https://github.com/gtank/csrctl.
diff --git a/docs/admin/multi-cluster.md b/docs/admin/multi-cluster.md
index 6359782409..1d238d8e13 100644
--- a/docs/admin/multi-cluster.md
+++ b/docs/admin/multi-cluster.md
@@ -1,7 +1,7 @@
---
assignees:
- davidopp
-
+title: Using Multiple Clusters
---
You may want to set up multiple Kubernetes clusters, both to
diff --git a/docs/admin/multiple-schedulers.md b/docs/admin/multiple-schedulers.md
index 8ba152ac04..eb1c4c44f9 100644
--- a/docs/admin/multiple-schedulers.md
+++ b/docs/admin/multiple-schedulers.md
@@ -2,7 +2,7 @@
assignees:
- davidopp
- madhusudancs
-
+title: Configuring Multiple Schedulers
---
Kubernetes ships with a default scheduler that is described [here](/docs/admin/kube-scheduler/).
diff --git a/docs/admin/multiple-zones.md b/docs/admin/multiple-zones.md
index bfde54213e..e215b31716 100644
--- a/docs/admin/multiple-zones.md
+++ b/docs/admin/multiple-zones.md
@@ -3,7 +3,7 @@ assignees:
- jlowdermilk
- justinsb
- quinton-hoole
-
+title: Running in Multiple Zones
---
## Introduction
diff --git a/docs/admin/namespaces/index.md b/docs/admin/namespaces/index.md
index 574f41b10a..b723a9c361 100644
--- a/docs/admin/namespaces/index.md
+++ b/docs/admin/namespaces/index.md
@@ -2,7 +2,7 @@
assignees:
- derekwaynecarr
- janetkuo
-
+title: Sharing a Cluster with Namespaces
---
A Namespace is a mechanism to partition resources created by users into
diff --git a/docs/admin/namespaces/walkthrough.md b/docs/admin/namespaces/walkthrough.md
index 2a3e6298ea..9faecf89e9 100644
--- a/docs/admin/namespaces/walkthrough.md
+++ b/docs/admin/namespaces/walkthrough.md
@@ -2,7 +2,7 @@
assignees:
- derekwaynecarr
- janetkuo
-
+title: Namespaces Walkthrough
---
Kubernetes _namespaces_ help different projects, teams, or customers to share a Kubernetes cluster.
diff --git a/docs/admin/network-plugins.md b/docs/admin/network-plugins.md
index 6c5f354423..9bb3805714 100644
--- a/docs/admin/network-plugins.md
+++ b/docs/admin/network-plugins.md
@@ -3,7 +3,7 @@ assignees:
- dcbw
- freehan
- thockin
-
+title: Network Plugins
---
* TOC
@@ -26,13 +26,13 @@ The kubelet has a single default network plugin, and a default network common to
## Network Plugin Requirements
-Besides providing the [`NetworkPlugin` interface](https://github.com/kubernetes/kubernetes/tree/{{page.version}}.0/pkg/kubelet/network/plugins.go) to configure and clean up pod networking, the plugin may also need specific support for kube-proxy. The iptables proxy obviously depends on iptables, and the plugin may need to ensure that container traffic is made available to iptables. For example, if the plugin connects containers to a Linux bridge, the plugin must set the `net/bridge/bridge-nf-call-iptables` sysctl to `1` to ensure that the iptables proxy functions correctly. If the plugin does not use a Linux bridge (but instead something like Open vSwitch or some other mechanism) it should ensure container traffic is appropriately routed for the proxy.
+Besides providing the [`NetworkPlugin` interface](https://github.com/kubernetes/kubernetes/tree/{{page.version}}/pkg/kubelet/network/plugins.go) to configure and clean up pod networking, the plugin may also need specific support for kube-proxy. The iptables proxy obviously depends on iptables, and the plugin may need to ensure that container traffic is made available to iptables. For example, if the plugin connects containers to a Linux bridge, the plugin must set the `net/bridge/bridge-nf-call-iptables` sysctl to `1` to ensure that the iptables proxy functions correctly. If the plugin does not use a Linux bridge (but instead something like Open vSwitch or some other mechanism) it should ensure container traffic is appropriately routed for the proxy.
By default if no kubelet network plugin is specified, the `noop` plugin is used, which sets `net/bridge/bridge-nf-call-iptables=1` to ensure simple configurations (like docker with a bridge) work correctly with the iptables proxy.
### Exec
-Place plugins in `network-plugin-dir/plugin-name/plugin-name`, i.e if you have a bridge plugin and `network-plugin-dir` is `/usr/lib/kubernetes`, you'd place the bridge plugin executable at `/usr/lib/kubernetes/bridge/bridge`. See [this comment](https://github.com/kubernetes/kubernetes/tree/{{page.version}}.0/pkg/kubelet/network/exec/exec.go) for more details.
+Place plugins in `network-plugin-dir/plugin-name/plugin-name`, i.e if you have a bridge plugin and `network-plugin-dir` is `/usr/lib/kubernetes`, you'd place the bridge plugin executable at `/usr/lib/kubernetes/bridge/bridge`. See [this comment](https://github.com/kubernetes/kubernetes/tree/{{page.version}}/pkg/kubelet/network/exec/exec.go) for more details.
### CNI
diff --git a/docs/admin/networking.md b/docs/admin/networking.md
index 28c259a5f7..c8a8c53d9c 100644
--- a/docs/admin/networking.md
+++ b/docs/admin/networking.md
@@ -2,7 +2,7 @@
assignees:
- lavalamp
- thockin
-
+title: Networking in Kubernetes
---
Kubernetes approaches networking somewhat differently than Docker does by
@@ -169,12 +169,26 @@ Follow the "With Linux Bridge devices" section of [this very nice
tutorial](http://blog.oddbit.com/2014/08/11/four-ways-to-connect-a-docker/) from
Lars Kellogg-Stedman.
+### Nuage Networks VCS (Virtualized Cloud Services)
+
+[Nuage](http://www.nuagenetworks.net) provides a highly scalable policy-based Software-Defined Networking (SDN) platform. Nuage uses the open source Open vSwitch for the data plane along with a feature rich SDN Controller built on open standards.
+
+The Nuage platform uses overlays to provide seamless policy-based networking between Kubernetes Pods and non-Kubernetes environments (VMs and bare metal servers). Nuage’s policy abstraction model is designed with applications in mind and makes it easy to declare fine-grained policies for applications.The platform’s real-time analytics engine enables visibility and security monitoring for Kubernetes applications.
+
### OpenVSwitch
[OpenVSwitch](/docs/admin/ovs-networking) is a somewhat more mature but also
complicated way to build an overlay network. This is endorsed by several of the
"Big Shops" for networking.
+### OVN (Open Virtual Networking)
+
+OVN is an opensource network virtualization solution developed by the
+Open vSwitch community. It lets one create logical switches, logical routers,
+stateful ACLs, load-balancers etc to build different virtual networking
+topologies. The project has a specific Kubernetes plugin and documentation
+at [ovn-kubernetes](https://github.com/openvswitch/ovn-kubernetes).
+
### Project Calico
[Project Calico](http://docs.projectcalico.org/) is an open source container networking provider and network policy engine.
diff --git a/docs/admin/node-conformance.md b/docs/admin/node-conformance.md
index 2adb159c5c..f53ba858b1 100644
--- a/docs/admin/node-conformance.md
+++ b/docs/admin/node-conformance.md
@@ -1,7 +1,7 @@
---
assignees:
- Random-Liu
-
+title: Validate Node Setup
---
* TOC
@@ -9,54 +9,52 @@ assignees:
## Node Conformance Test
-*Node conformance test* is a test framework validating whether a node meets the
-minimum requirement of Kubernetes with a set of system verification and
-functionality test. A node which passes the tests is qualified to join a
-Kubernetes cluster.
+*Node conformance test* is a containerized test framework that provides a system
+verification and functionality test for a node. The test validates whether the
+node meets the minimum requirements for Kubernetes; a node that passes the test
+is qualified to join a Kubernetes cluster.
## Limitations
-There are following limitations in the current implementation of node
-conformance test. They'll be improved in future version.
+In Kubernetes version 1.5, node conformance test has the following limitations:
* Node conformance test only supports Docker as the container runtime.
-* Node conformance test doesn't validate network related system configurations
- and functionalities.
-## Prerequisite
+## Node Prerequisite
-Node conformance test is used to test whether a node is ready to join a
-Kubernetes cluster, so the prerequisite is the same with a standard Kubernetes
-node. At least, the node should have properly installed:
+To run node conformance test, a node must satisfy the same prerequisites as a
+standard Kubernetes node. At a minimum, the node should have the following
+daemons installed:
* Container Runtime (Docker)
* Kubelet
-Node conformance test validates kernel configurations. If the kenrel module
-`configs` is built as module in your environment, it must be loaded before the
-test. (See [Caveats #3](#caveats) for more information)
+## Running Node Conformance Test
-## Usage
+To run the node conformance test, perform the following steps:
-### Run Node Conformance Test
+1. Point your Kubelet to localhost `--api-servers="http://localhost:8080"`,
+because the test framework starts a local master to test Kubelet. There are some
+other Kubelet flags you may care:
+ * `--pod-cidr`: If you are using `kubenet`, you should specify an arbitrary CIDR
+ to Kubelet, for example `--pod-cidr=10.180.0.0/24`.
+ * `--cloud-provider`: If you are using `--cloud-provider=gce`, you should
+ remove the flag to run the test.
-* **Step 1:** Point your Kubelet to localhost `--api-servers="http://localhost:8080"`,
-because the test framework starts a local master to test Kubelet.
-
-* **Step 2:** Run the node conformance test with command:
+2. Run the node conformance test with command:
```shell
-# $CONFIG_DIR is the pod manifest path of your kubelet.
+# $CONFIG_DIR is the pod manifest path of your Kubelet.
# $LOG_DIR is the test output path.
sudo docker run -it --rm --privileged --net=host \
- -v /:/rootfs:ro -v /var/run:/var/run \
- -v $CONFIG_DIR:/etc/manifest -v $LOG_DIR:/var/result \
- gcr.io/google_containers/node-test-amd64:v0.1
+ -v /:/rootfs -v $CONFIG_DIR:$CONFIG_DIR -v $LOG_DIR:/var/result \
+ gcr.io/google_containers/node-test:0.2
```
-### Run Node Conformance Test for Other Architectures
+## Running Node Conformance Test for Other Architectures
-We also build node conformance test docker images for other architectures:
+Kubernetes also provides node conformance test docker images for other
+architectures:
Arch | Image |
--------|:-----------------:|
@@ -64,25 +62,16 @@ We also build node conformance test docker images for other architectures:
arm | node-test-arm |
arm64 | node-test-arm64 |
-### Run Selected Test
-
-In fact, Node conformance test is a containerized version of [node e2e
-test](https://github.com/kubernetes/kubernetes/blob/release-1.4/docs/devel/e2e-node-tests.md).
-By default, it runs all conformance test.
-
-Theoretically, you can run any node e2e test if you configure the container and
-mount required volumes properly. But **it is strongly recommended to only run conformance
-test**, because the non-conformance test needs much more complex framework configuration.
+## Running Selected Test
To run specific tests, overwrite the environment variable `FOCUS` with the
regular expression of tests you want to run.
```shell
sudo docker run -it --rm --privileged --net=host \
- -v /:/rootfs:ro -v /var/run:/var/run \
- -v $CONFIG_DIR:/etc/manifest -v $LOG_DIR:/var/result \
+ -v /:/rootfs:ro -v $CONFIG_DIR:$CONFIG_DIR -v $LOG_DIR:/var/result \
-e FOCUS=MirrorPod \ # Only run MirrorPod test
- gcr.io/google_containers/node-test-amd64:v0.1
+ gcr.io/google_containers/node-test:0.2
```
To skip specific tests, overwrite the environment variable `SKIP` with the
@@ -90,25 +79,22 @@ regular expression of tests you want to skip.
```shell
sudo docker run -it --rm --privileged --net=host \
- -v /:/rootfs:ro -v /var/run:/var/run \
- -v $CONFIG_DIR:/etc/manifest -v $LOG_DIR:/var/result \
- -e SKIP=MirrorPod \ # Run all conformance test and skip MirrorPod test
- gcr.io/google_containers/node-test-amd64:v0.1
+ -v /:/rootfs:ro -v $CONFIG_DIR:$CONFIG_DIR -v $LOG_DIR:/var/result \
+ -e SKIP=MirrorPod \ # Run all conformance tests but skip MirrorPod test
+ gcr.io/google_containers/node-test:0.2
```
-### Caveats
+Node conformance test is a containerized version of [node e2e test](https://github.com/kubernetes/kubernetes/blob/release-1.5/docs/devel/e2e-node-tests.md).
+By default, it runs all conformance tests.
-* The test will leave some docker images on the node, including the node
- conformance test image and images of containers used in the functionality
+Theoretically, you can run any node e2e test if you configure the container and
+mount required volumes properly. But **it is strongly recommended to only run conformance
+test**, because it requires much more complex configuration to run non-conformance test.
+
+## Caveats
+
+* The test leaves some docker images on the node, including the node conformance
+ test image and images of containers used in the functionality
test.
-* The test will leave dead containers on the node, these containers are created
+* The test leaves dead containers on the node. These containers are created
during the functionality test.
-* Node conformance test validates kernel configuration. However, in some os
- distro the kernel module `configs` may not be loaded by default, and you will get
- the error `no config path in [POSSIBLE KERNEL CONFIG FILE PATHS] is
- available`. In that case please do either of the followings:
- * Manually load/unload `configs` kernel module: run `sudo modprobe configs` to
- load the kernel module, and `sudo modprobe -r configs` to unload it after the test.
- * Mount `modprobe` into the container: Add option `-v /bin/kmod:/bin/kmod
- -v /sbin/modprobe:/sbin/modprobe -v /lib/modules:/lib/modules` when starting
- the test container.
diff --git a/docs/admin/node-problem.md b/docs/admin/node-problem.md
index b6926ba15b..0d7b57005e 100644
--- a/docs/admin/node-problem.md
+++ b/docs/admin/node-problem.md
@@ -2,7 +2,7 @@
assignees:
- Random-Liu
- dchen1107
-
+title: Monitoring Node Health
---
* TOC
diff --git a/docs/admin/node.md b/docs/admin/node.md
index 01e8f8bae7..a18aaf5ca7 100644
--- a/docs/admin/node.md
+++ b/docs/admin/node.md
@@ -3,7 +3,7 @@ assignees:
- caesarxuchao
- dchen1107
- lavalamp
-
+title: Nodes
---
* TOC
@@ -54,10 +54,9 @@ The node condition is represented as a JSON object. For example, the following r
]
```
-If the Status of the Ready condition is Unknown or False for more than five
-minutes, then all of the pods on the node are terminated by the node
-controller. (The timeout length is configurable by the `--pod-eviction-timeout`
-parameter on the controller manager.)
+If the Status of the Ready condition is "Unknown" or "False" for longer than the `pod-eviction-timeout`, an argument passed to the [kube-controller-manager](docs/admin/kube-controller-manager/), all of the Pods on the node are scheduled for deletion by the Node Controller. The default eviction timeout duration is **five minutes**. In some cases when the node is unreachable, the apiserver is unable to communicate with the kubelet on it. The decision to delete the pods cannot be communicated to the kubelet until it re-establishes communication with the apiserver. In the meantime, the pods which are scheduled for deletion may continue to run on the partitioned node.
+
+In versions of Kubernetes prior to 1.5, the node controller would [force delete](/docs/user-guide/pods/#force-deletion-of-pods) these unreachable pods from the apiserver. However, in 1.5 and higher, the node controller does not force delete pods until it is confirmed that they have stopped running in the cluster. One can see these pods which may be running on an unreachable node as being in the "Terminating" or "Unknown" states. In cases where Kubernetes cannot deduce from the underlying infrastructure if a node has permanently left a cluster, the cluster administrator may need to delete the node object by hand. Deleting the node object from Kubernetes causes all the Pod objects running on it to be deleted from the apiserver, freeing up their names.
### Capacity
@@ -187,7 +186,7 @@ Modifications include setting labels on the node and marking it unschedulable.
Labels on nodes can be used in conjunction with node selectors on pods to control scheduling,
e.g. to constrain a pod to only be eligible to run on a subset of the nodes.
-Marking a node as unscheduleable will prevent new pods from being scheduled to that
+Marking a node as unschedulable will prevent new pods from being scheduled to that
node, but will not affect any existing pods on the node. This is useful as a
preparatory step before a node reboot, etc. For example, to mark a node
unschedulable, run this command:
diff --git a/docs/admin/out-of-resource.md b/docs/admin/out-of-resource.md
index 8af7114ed6..0fa6f3942c 100644
--- a/docs/admin/out-of-resource.md
+++ b/docs/admin/out-of-resource.md
@@ -3,7 +3,7 @@ assignees:
- derekwaynecarr
- vishh
- timstclair
-
+title: Configuring Out Of Resource Handling
---
* TOC
@@ -349,7 +349,7 @@ in favor of the simpler configuation supported around eviction.
The `kubelet` currently polls `cAdvisor` to collect memory usage stats at a regular interval. If memory usage
increases within that window rapidly, the `kubelet` may not observe `MemoryPressure` fast enough, and the `OOMKiller`
will still be invoked. We intend to integrate with the `memcg` notification API in a future release to reduce this
-latency, and instead have the kernel tell us when a threshold has been crossed immmediately.
+latency, and instead have the kernel tell us when a threshold has been crossed immediately.
If you are not trying to achieve extreme utilization, but a sensible measure of overcommit, a viable workaround for
this issue is to set eviction thresholds at approximately 75% capacity. This increases the ability of this feature
diff --git a/docs/admin/ovs-networking.md b/docs/admin/ovs-networking.md
index 7a8f89506c..9370dcec46 100644
--- a/docs/admin/ovs-networking.md
+++ b/docs/admin/ovs-networking.md
@@ -2,7 +2,7 @@
assignees:
- lavalamp
- thockin
-
+title: Kubernetes OpenVSwitch GRE/VxLAN networking
---
This document describes how OpenVSwitch is used to setup networking between pods across nodes.
diff --git a/docs/admin/rescheduler.md b/docs/admin/rescheduler.md
index e1a2cca5de..c9a3bd074c 100644
--- a/docs/admin/rescheduler.md
+++ b/docs/admin/rescheduler.md
@@ -36,7 +36,7 @@ Each critical add-on has to tolerate it,
the other pods shouldn't tolerate the taint. The tain is removed once the add-on is successfully scheduled.
*Warning:* currently there is no guarantee which node is chosen and which pods are being killed
-in order to schedule crical pod, so if rescheduler is enabled you pods might be occasionally
+in order to schedule critical pods, so if rescheduler is enabled you pods might be occasionally
killed for this purpose.
## Config
diff --git a/docs/admin/resourcequota/index.md b/docs/admin/resourcequota/index.md
index ff76942702..88f5d55afd 100644
--- a/docs/admin/resourcequota/index.md
+++ b/docs/admin/resourcequota/index.md
@@ -1,7 +1,7 @@
---
assignees:
- derekwaynecarr
-
+title: Resource Quotas
---
When several users or teams share a cluster with a fixed number of nodes,
@@ -125,7 +125,7 @@ The quota can be configured to quota either value.
If the quota has a value specified for `requests.cpu` or `requests.memory`, then it requires that every incoming
container makes an explicit request for those resources. If the quota has a value specified for `limits.cpu` or `limits.memory`,
-then it requires that every incoming container specifies an explict limit for those resources.
+then it requires that every incoming container specifies an explicit limit for those resources.
## Viewing and Setting Quotas
diff --git a/docs/admin/resourcequota/walkthrough.md b/docs/admin/resourcequota/walkthrough.md
index 7422f2abcf..1120e7550d 100644
--- a/docs/admin/resourcequota/walkthrough.md
+++ b/docs/admin/resourcequota/walkthrough.md
@@ -2,7 +2,7 @@
assignees:
- derekwaynecarr
- janetkuo
-
+title: Applying Resource Quotas and Limits
---
This example demonstrates a typical setup to control for resource usage in a namespace.
@@ -232,7 +232,7 @@ services.loadbalancers 0 2
services.nodeports 0 0
```
-As you can see, the pod that was created is consuming explict amounts of compute resources, and the usage is being
+As you can see, the pod that was created is consuming explicit amounts of compute resources, and the usage is being
tracked by Kubernetes properly.
## Step 5: Advanced quota scopes
diff --git a/docs/admin/salt.md b/docs/admin/salt.md
index 5d82b54d39..ba4d4fe227 100644
--- a/docs/admin/salt.md
+++ b/docs/admin/salt.md
@@ -2,7 +2,7 @@
assignees:
- davidopp
- lavalamp
-
+title: Configuring Kubernetes with Salt
---
The Kubernetes cluster can be configured using Salt.
diff --git a/docs/admin/service-accounts-admin.md b/docs/admin/service-accounts-admin.md
index 810f4d7515..4a31fbeced 100644
--- a/docs/admin/service-accounts-admin.md
+++ b/docs/admin/service-accounts-admin.md
@@ -4,7 +4,7 @@ assignees:
- davidopp
- lavalamp
- liggitt
-
+title: Managing Service Accounts
---
*This is a Cluster Administrator guide to service accounts. It assumes knowledge of
diff --git a/docs/admin/static-pods.md b/docs/admin/static-pods.md
index 531494fb04..4766002917 100644
--- a/docs/admin/static-pods.md
+++ b/docs/admin/static-pods.md
@@ -1,7 +1,7 @@
---
assignees:
- jsafrane
-
+title: Static Pods
---
**If you are running clustered Kubernetes and are using static pods to run a pod on every node, you should probably be using a [DaemonSet](/docs/admin/daemons/)!**
@@ -16,7 +16,7 @@ Static pod can be created in two ways: either by using configuration file(s) or
### Configuration files
-The configuration files are just standard pod definition in json or yaml format in specific directory. Use `kubelet --config=` to start kubelet daemon, which periodically scans the directory and creates/deletes static pods as yaml/json files appear/disappear there.
+The configuration files are just standard pod definition in json or yaml format in specific directory. Use `kubelet --pod-manifest-path=` to start kubelet daemon, which periodically scans the directory and creates/deletes static pods as yaml/json files appear/disappear there.
For example, this is how to start a simple web server as a static pod:
@@ -48,10 +48,10 @@ For example, this is how to start a simple web server as a static pod:
EOF
```
-2. Configure your kubelet daemon on the node to use this directory by running it with `--config=/etc/kubelet.d/` argument. On Fedora edit `/etc/kubernetes/kubelet` to include this line:
+2. Configure your kubelet daemon on the node to use this directory by running it with `--pod-manifest-path=/etc/kubelet.d/` argument. On Fedora edit `/etc/kubernetes/kubelet` to include this line:
```conf
- KUBELET_ARGS="--cluster-dns=10.254.0.10 --cluster-domain=kube.local --config=/etc/kubelet.d/"
+ KUBELET_ARGS="--cluster-dns=10.254.0.10 --cluster-domain=kube.local --pod-manifest-path=/etc/kubelet.d/"
```
Instructions for other distributions or Kubernetes installations may vary.
@@ -64,11 +64,11 @@ For example, this is how to start a simple web server as a static pod:
## Pods created via HTTP
-Kubelet periodically downloads a file specified by `--manifest-url=` argument and interprets it as a json/yaml file with a pod definition. It works the same as `--config=`, i.e. it's reloaded every now and then and changes are applied to running static pods (see below).
+Kubelet periodically downloads a file specified by `--manifest-url=` argument and interprets it as a json/yaml file with a pod definition. It works the same as `--pod-manifest-path=`, i.e. it's reloaded every now and then and changes are applied to running static pods (see below).
## Behavior of static pods
-When kubelet starts, it automatically starts all pods defined in directory specified in `--config=` or `--manifest-url=` arguments, i.e. our static-web. (It may take some time to pull nginx image, be patient…):
+When kubelet starts, it automatically starts all pods defined in directory specified in `--pod-manifest-path=` or `--manifest-url=` arguments, i.e. our static-web. (It may take some time to pull nginx image, be patient…):
```shell
[joe@my-node1 ~] $ docker ps
diff --git a/docs/api-reference/README.md b/docs/api-reference/README.md
index 905b267947..a2fae5b001 100644
--- a/docs/api-reference/README.md
+++ b/docs/api-reference/README.md
@@ -1,6 +1,5 @@
---
---
-
# API Reference
Use the following reference docs to understand the kubernetes REST API for various API group versions:
@@ -9,10 +8,7 @@ Use the following reference docs to understand the kubernetes REST API for vario
* extensions/v1beta1: [operations](/docs/api-reference/extensions/v1beta1/operations.html), [model definitions](/docs/api-reference/extensions/v1beta1/definitions.html)
* batch/v1: [operations](/docs/api-reference/batch/v1/operations.html), [model definitions](/docs/api-reference/batch/v1/definitions.html)
* autoscaling/v1: [operations](/docs/api-reference/autoscaling/v1/operations.html), [model definitions](/docs/api-reference/autoscaling/v1/definitions.html)
-
-
-
-
+* apps/v1beta1: [operations](/docs/api-reference/apps/v1beta1/operations.html), [model definitions](/docs/api-reference/apps/v1beta1/definitions.html)
diff --git a/docs/api-reference/apps/v1alpha1/definitions.html b/docs/api-reference/apps/v1beta1/definitions.html
similarity index 89%
rename from docs/api-reference/apps/v1alpha1/definitions.html
rename to docs/api-reference/apps/v1beta1/definitions.html
index 0dfdf27a56..77ef25e10c 100755
--- a/docs/api-reference/apps/v1alpha1/definitions.html
+++ b/docs/api-reference/apps/v1beta1/definitions.html
@@ -18,10 +18,10 @@
Represents a Photon Controller persistent disk resource.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
pdID
+
ID that identifies Photon Controller persistent disk
+
true
+
string
+
+
+
+
fsType
+
Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+
false
+
string
+
+
+
+
+
+
+
+
versioned.Event
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
type
+
+
true
+
string
+
+
+
+
object
+
+
true
+
string
+
+
+
+
+
+
+
v1.Preconditions
Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#gcepersistentdisk
false
string
partition
-
The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#gcepersistentdisk
+
The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: http://kubernetes.io/docs/user-guide/volumes#gcepersistentdisk
Entrypoint array. Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/containers.md#containers-and-commands
+
Entrypoint array. Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers#containers-and-commands
false
string array
args
-
Arguments to the entrypoint. The docker image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/containers.md#containers-and-commands
+
Arguments to the entrypoint. The docker image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers#containers-and-commands
A StatefulSetSpec is the specification of a StatefulSet.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
replicas
+
Replicas is the desired number of replicas of the given Template. These are replicas in the sense that they are instantiations of the same Template, but individual replicas also have a consistent identity. If unspecified, defaults to 1.
Template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet.
VolumeClaimTemplates is a list of claims that pods are allowed to reference. The StatefulSet controller is responsible for mapping network identities to claims in a way that maintains the identity of a pod. Every claim in this list must have at least one matching (by name) volumeMount in one container in the template. A claim in this list takes precedence over any volumes in the template, with the same name.
ServiceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where "pod-specific-string" is managed by the StatefulSet controller.
+
true
+
string
+
+
+
+
+
v1.ObjectMeta
@@ -1232,7 +1410,7 @@ Examples:
-
+
@@ -1246,7 +1424,7 @@ Examples:
name
-
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/identifiers.md#names
+
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
false
string
@@ -1257,7 +1435,7 @@ Examples:
If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
@@ -1307,16 +1485,16 @@ Populated by the system. Read-only. Value must be treated as opaque by clients a
creationTimestamp
CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource will be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. Once the resource is deleted in the API, the Kubelet will send a hard termination signal to the container. If not set, graceful deletion of the object has not been requested.
+
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
false
object
annotations
-
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://releases.k8s.io/release-1.4/docs/user-guide/annotations.md
+
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
false
object
@@ -1378,7 +1556,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -1399,21 +1577,21 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
@@ -1478,7 +1656,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -1526,7 +1704,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -1568,7 +1746,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
fsType
-
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#iscsi
+
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#iscsi
false
string
@@ -1583,68 +1761,6 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
-
-
v1alpha1.PetSetSpec
-
-
A PetSetSpec is the specification of a PetSet.
-
-
-
-
-
-
-
-
-
-
-
-
Name
-
Description
-
Required
-
Schema
-
Default
-
-
-
-
-
replicas
-
Replicas is the desired number of replicas of the given Template. These are replicas in the sense that they are instantiations of the same Template, but individual replicas also have a consistent identity. If unspecified, defaults to 1.
Template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the PetSet will fulfill this Template, but have a unique identity from the rest of the PetSet.
VolumeClaimTemplates is a list of claims that pets are allowed to reference. The PetSet controller is responsible for mapping network identities to claims in a way that maintains the identity of a pet. Every claim in this list must have at least one matching (by name) volumeMount in one container in the template. A claim in this list takes precedence over any volumes in the template, with the same name.
ServiceName is the name of the service that governs this PetSet. This service must exist before the PetSet, and is responsible for the network identity of the set. Pets get DNS/hostnames that follow the pattern: pet-specific-string.serviceName.default.svc.cluster.local where "pet-specific-string" is managed by the PetSet controller.
-
true
-
string
-
-
-
-
-
v1.EmptyDirVolumeSource
@@ -1657,7 +1773,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -1671,7 +1787,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
What type of storage medium should back this directory. The default is "" which means to use the node’s default medium. Must be an empty string (default) or Memory. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir
false
string
@@ -1697,7 +1813,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -1711,21 +1827,21 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#awselasticblockstore
false
string
@@ -1955,7 +2071,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
@@ -1967,7 +2083,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
v1.FlockerVolumeSource
-
Represents a Flocker volume mounted by the Flocker agent. Flocker volumes do not support ownership management or SELinux relabeling.
+
Represents a Flocker volume mounted by the Flocker agent. One and only one of datasetName and datasetUUID should be set. Flocker volumes do not support ownership management or SELinux relabeling.
@@ -1975,7 +2091,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -1989,8 +2105,15 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
datasetName
-
Required: the volume name. This is going to be store on metadata → name on the payload for Flocker
-
true
+
Name of the dataset stored as metadata → name on the dataset for Flocker should be considered as deprecated
+
false
+
string
+
+
+
+
datasetUUID
+
UUID of the dataset. This is unique identifier of a Flocker dataset
+
false
string
@@ -2009,7 +2132,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -2030,7 +2153,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
@@ -2098,7 +2221,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -2148,71 +2271,6 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
-
-
v1alpha1.PetSet
-
-
PetSet represents a set of pods with consistent identities. Identities are defined as:
- - Network: A single stable DNS and hostname.
- - Storage: As many VolumeClaims as requested.
-The PetSet guarantees that a given network identity will always map to the same storage identity. PetSet is currently in alpha and subject to change without notice.
@@ -2810,6 +2827,71 @@ The PetSet guarantees that a given network identity will always map to the same
+
+
+
v1beta1.StatefulSet
+
+
StatefulSet represents a set of pods with consistent identities. Identities are defined as:
+ - Network: A single stable DNS and hostname.
+ - Storage: As many VolumeClaims as requested.
+The StatefulSet guarantees that a given network identity will always map to the same storage identity.
HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#hostpath
+
HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: http://kubernetes.io/docs/user-guide/volumes#hostpath
List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers
@@ -3587,7 +3676,7 @@ The PetSet guarantees that a given network identity will always map to the same
imagePullSecrets
-
ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: http://releases.k8s.io/release-1.4/docs/user-guide/images.md#specifying-imagepullsecrets-on-a-pod
+
ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: http://kubernetes.io/docs/user-guide/container-environment#hook-details
PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: http://releases.k8s.io/release-1.4/docs/user-guide/container-environment.md#hook-details
+
PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: http://kubernetes.io/docs/user-guide/container-environment#hook-details
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#rbd
+
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#rbd
@@ -4003,7 +4092,7 @@ The PetSet guarantees that a given network identity will always map to the same
diff --git a/docs/api-reference/apps/v1alpha1/operations.html b/docs/api-reference/apps/v1beta1/operations.html
similarity index 91%
rename from docs/api-reference/apps/v1alpha1/operations.html
rename to docs/api-reference/apps/v1beta1/operations.html
index b46e335e91..8bcd4a2a08 100755
--- a/docs/api-reference/apps/v1alpha1/operations.html
+++ b/docs/api-reference/apps/v1beta1/operations.html
@@ -19,7 +19,7 @@
get available resources
-
GET /apis/apps/v1alpha1
+
GET /apis/apps/v1beta1
@@ -28,7 +28,7 @@
-
+
@@ -84,17 +84,17 @@
-
apisappsv1alpha1
+
apisappsv1beta1
-
list or watch objects of kind PetSet
+
list or watch objects of kind StatefulSet
-
GET /apis/apps/v1alpha1/namespaces/{namespace}/petsets
+
GET /apis/apps/v1beta1/namespaces/{namespace}/statefulsets
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/identifiers.md#names
+
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
false
string
@@ -180,7 +180,7 @@
If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
@@ -230,16 +230,16 @@ Populated by the system. Read-only. Value must be treated as opaque by clients a
creationTimestamp
CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource will be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. Once the resource is deleted in the API, the Kubelet will send a hard termination signal to the container. If not set, graceful deletion of the object has not been requested.
+
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
false
object
annotations
-
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://releases.k8s.io/release-1.4/docs/user-guide/annotations.md
+
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
false
object
@@ -301,7 +301,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -349,7 +349,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -383,7 +383,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -397,14 +397,14 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
@@ -500,7 +500,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -548,7 +548,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
diff --git a/docs/api-reference/authentication.k8s.io/v1beta1/operations.html b/docs/api-reference/authentication.k8s.io/v1beta1/operations.html
index 2934b11a6f..9a234b46fc 100755
--- a/docs/api-reference/authentication.k8s.io/v1beta1/operations.html
+++ b/docs/api-reference/authentication.k8s.io/v1beta1/operations.html
@@ -28,7 +28,7 @@
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/identifiers.md#names
+
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
false
string
@@ -125,7 +131,7 @@
If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
@@ -175,16 +181,16 @@ Populated by the system. Read-only. Value must be treated as opaque by clients a
creationTimestamp
CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource will be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. Once the resource is deleted in the API, the Kubelet will send a hard termination signal to the container. If not set, graceful deletion of the object has not been requested.
+
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
false
object
annotations
-
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://releases.k8s.io/release-1.4/docs/user-guide/annotations.md
+
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
false
object
@@ -236,9 +242,9 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
v1beta1.SubjectAccessReview
+
v1beta1.SelfSubjectAccessReview
-
SubjectAccessReview checks whether or not a user or group can perform an action.
+
SelfSubjectAccessReview checks whether or the current user can perform an action. Not filling in a spec.namespace means "in all namespaces". Self is a special case, because users should always be able to check whether they can perform an action
@@ -246,7 +252,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -260,14 +266,76 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
@@ -298,9 +366,9 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
unversioned.APIResourceList
+
v1beta1.LocalSubjectAccessReview
-
APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.
+
LocalSubjectAccessReview checks whether or not a user or group can perform an action in a given namespace. Having a namespace scoped resource makes it much easier to grant namespace scoped policy that includes permissions checking.
@@ -308,7 +376,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -322,14 +390,76 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
Spec holds information about the request being evaluated. spec.namespace must be equal to the namespace you made the request against. If empty, it is defaulted.
APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.
@@ -363,7 +493,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -439,7 +569,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -468,6 +598,47 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
+
+
+
v1beta1.SelfSubjectAccessReviewSpec
+
+
SelfSubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
resourceAttributes
+
ResourceAuthorizationAttributes describes information for a resource access request
@@ -480,7 +651,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -542,7 +713,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -590,7 +761,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -638,7 +809,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
diff --git a/docs/api-reference/authorization.k8s.io/v1beta1/operations.html b/docs/api-reference/authorization.k8s.io/v1beta1/operations.html
index fb0c129910..bb75407034 100755
--- a/docs/api-reference/authorization.k8s.io/v1beta1/operations.html
+++ b/docs/api-reference/authorization.k8s.io/v1beta1/operations.html
@@ -28,7 +28,7 @@
-
+
@@ -91,10 +91,10 @@
-
create a SubjectAccessReview
+
create a LocalSubjectAccessReview
-
POST /apis/authorization.k8s.io/v1beta1/subjectaccessreviews
+
POST /apis/authorization.k8s.io/v1beta1/namespaces/{namespace}/localsubjectaccessreviews
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/identifiers.md#names
+
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
false
string
@@ -743,7 +779,7 @@
If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
@@ -793,16 +829,16 @@ Populated by the system. Read-only. Value must be treated as opaque by clients a
creationTimestamp
CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource will be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. Once the resource is deleted in the API, the Kubelet will send a hard termination signal to the container. If not set, graceful deletion of the object has not been requested.
+
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
false
object
annotations
-
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://releases.k8s.io/release-1.4/docs/user-guide/annotations.md
+
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
false
object
@@ -885,21 +921,21 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
Represents a Photon Controller persistent disk resource.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
pdID
+
ID that identifies Photon Controller persistent disk
+
true
+
string
+
+
+
+
fsType
+
Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+
false
+
string
+
+
+
+
+
+
+
+
versioned.Event
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
type
+
+
true
+
string
+
+
+
+
object
+
+
true
+
string
+
+
+
+
+
+
+
v1.Preconditions
Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.
A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.
-
-
-
-
-
-
-
-
-
-
-
-
Name
-
Description
-
Required
-
Schema
-
Default
-
-
-
-
-
matchLabels
-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
-
false
-
object
-
-
-
-
matchExpressions
-
matchExpressions is a list of label selector requirements. The requirements are ANDed.
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#gcepersistentdisk
false
string
partition
-
The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#gcepersistentdisk
+
The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: http://kubernetes.io/docs/user-guide/volumes#gcepersistentdisk
Entrypoint array. Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/containers.md#containers-and-commands
+
Entrypoint array. Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers#containers-and-commands
false
string array
args
-
Arguments to the entrypoint. The docker image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/containers.md#containers-and-commands
+
Arguments to the entrypoint. The docker image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers#containers-and-commands
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/identifiers.md#names
+
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
false
string
@@ -1312,7 +1348,7 @@ Examples:
If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
@@ -1362,16 +1398,16 @@ Populated by the system. Read-only. Value must be treated as opaque by clients a
creationTimestamp
CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource will be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. Once the resource is deleted in the API, the Kubelet will send a hard termination signal to the container. If not set, graceful deletion of the object has not been requested.
+
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
false
object
annotations
-
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://releases.k8s.io/release-1.4/docs/user-guide/annotations.md
+
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
false
object
@@ -1454,21 +1490,21 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
@@ -1623,7 +1659,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
fsType
-
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#iscsi
+
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#iscsi
false
string
@@ -1664,7 +1700,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
What type of storage medium should back this directory. The default is "" which means to use the node’s default medium. Must be an empty string (default) or Memory. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir
false
string
@@ -1704,21 +1740,21 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#awselasticblockstore
false
string
@@ -1886,7 +1922,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
@@ -1898,7 +1934,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
v1.FlockerVolumeSource
-
Represents a Flocker volume mounted by the Flocker agent. Flocker volumes do not support ownership management or SELinux relabeling.
+
Represents a Flocker volume mounted by the Flocker agent. One and only one of datasetName and datasetUUID should be set. Flocker volumes do not support ownership management or SELinux relabeling.
@@ -1920,8 +1956,15 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
datasetName
-
Required: the volume name. This is going to be store on metadata → name on the payload for Flocker
-
true
+
Name of the dataset stored as metadata → name on the dataset for Flocker should be considered as deprecated
+
false
+
string
+
+
+
+
datasetUUID
+
UUID of the dataset. This is unique identifier of a Flocker dataset
+
false
string
@@ -1961,7 +2004,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
@@ -2093,6 +2136,47 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
+
+
+
unversioned.LabelSelector
+
+
A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
matchLabels
+
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
+
false
+
object
+
+
+
+
matchExpressions
+
matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -2268,54 +2352,6 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
-
-
v1.LabelSelectorRequirement
-
-
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
-
-
-
-
-
-
-
-
-
-
-
-
Name
-
Description
-
Required
-
Schema
-
Default
-
-
-
-
-
key
-
key is the label key that the selector applies to.
-
true
-
string
-
-
-
-
operator
-
operator represents a key’s relationship to a set of values. Valid operators ard In, NotIn, Exists and DoesNotExist.
-
true
-
string
-
-
-
-
values
-
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
-
false
-
string array
-
-
-
-
-
v1.EnvVar
@@ -2548,14 +2584,14 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
@@ -2740,14 +2776,14 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
parallelism
-
Parallelism specifies the maximum desired number of pods the job should run at any given time. The actual number of pods running in steady state will be less than this number when ((.spec.completions - .status.successful) < .spec.parallelism), i.e. when the work left to do is less than max parallelism. More info: http://releases.k8s.io/release-1.4/docs/user-guide/jobs.md
+
Parallelism specifies the maximum desired number of pods the job should run at any given time. The actual number of pods running in steady state will be less than this number when ((.spec.completions - .status.successful) < .spec.parallelism), i.e. when the work left to do is less than max parallelism. More info: http://kubernetes.io/docs/user-guide/jobs
false
integer (int32)
completions
-
Completions specifies the desired number of successfully finished pods the job should be run with. Setting to nil means that the success of any pod signals the success of all pods, and allows parallelism to have any positive value. Setting to 1 means that parallelism is limited to 1 and the success of that pod signals the success of the job. More info: http://releases.k8s.io/release-1.4/docs/user-guide/jobs.md
+
Completions specifies the desired number of successfully finished pods the job should be run with. Setting to nil means that the success of any pod signals the success of all pods, and allows parallelism to have any positive value. Setting to 1 means that parallelism is limited to 1 and the success of that pod signals the success of the job. More info: http://kubernetes.io/docs/user-guide/jobs
false
integer (int32)
@@ -2761,21 +2797,21 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
ManualSelector controls generation of pod labels and pod selectors. Leave manualSelector unset unless you are certain what you are doing. When false or unset, the system pick labels unique to this job and appends those labels to the pod template. When true, the user is responsible for picking unique labels and specifying the selector. Failure to pick a unique label may cause this and other jobs to not function correctly. However, You may see manualSelector=true in jobs that were created with the old extensions/v1beta1 API. More info: http://releases.k8s.io/release-1.4/docs/design/selector-generation.md
+
ManualSelector controls generation of pod labels and pod selectors. Leave manualSelector unset unless you are certain what you are doing. When false or unset, the system pick labels unique to this job and appends those labels to the pod template. When true, the user is responsible for picking unique labels and specifying the selector. Failure to pick a unique label may cause this and other jobs to not function correctly. However, You may see manualSelector=true in jobs that were created with the old extensions/v1beta1 API. More info: http://releases.k8s.io/HEAD/docs/design/selector-generation.md
HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#hostpath
+
HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: http://kubernetes.io/docs/user-guide/volumes#hostpath
@@ -3164,6 +3207,54 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
+
+
+
unversioned.LabelSelectorRequirement
+
+
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
key
+
key is the label key that the selector applies to.
+
true
+
string
+
+
+
+
operator
+
operator represents a key’s relationship to a set of values. Valid operators ard In, NotIn, Exists and DoesNotExist.
+
true
+
string
+
+
+
+
values
+
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
+
false
+
string array
+
+
+
+
+
unversioned.APIResourceList
@@ -3190,14 +3281,14 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers
@@ -3574,7 +3665,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
imagePullSecrets
-
ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: http://releases.k8s.io/release-1.4/docs/user-guide/images.md#specifying-imagepullsecrets-on-a-pod
+
ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: http://kubernetes.io/docs/user-guide/container-environment#hook-details
PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: http://releases.k8s.io/release-1.4/docs/user-guide/container-environment.md#hook-details
+
PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: http://kubernetes.io/docs/user-guide/container-environment#hook-details
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#rbd
+
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#rbd
@@ -3935,7 +4026,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
diff --git a/docs/api-reference/batch/v1/operations.html b/docs/api-reference/batch/v1/operations.html
index 3883aca7d9..5be3ce0b60 100755
--- a/docs/api-reference/batch/v1/operations.html
+++ b/docs/api-reference/batch/v1/operations.html
@@ -1,5 +1,7 @@
---
+title: Batch API Operations
---
+
@@ -219,6 +221,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -370,6 +378,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -962,6 +976,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/identifiers.md#names
+
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
false
string
@@ -720,7 +754,7 @@
If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
@@ -770,16 +804,16 @@ Populated by the system. Read-only. Value must be treated as opaque by clients a
creationTimestamp
CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource will be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. Once the resource is deleted in the API, the Kubelet will send a hard termination signal to the container. If not set, graceful deletion of the object has not been requested.
+
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
false
object
annotations
-
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://releases.k8s.io/release-1.4/docs/user-guide/annotations.md
+
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
false
object
@@ -841,7 +875,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -862,21 +896,21 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
DesiredNumberScheduled is the total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: http://releases.k8s.io/HEAD/docs/admin/daemons.md
+
true
+
integer (int32)
+
+
+
+
numberReady
+
NumberReady is the number of nodes that should be running the daemon pod and have one or more of the daemon pod running and ready.
true
integer (int32)
@@ -191,7 +207,7 @@
v1beta1.Job
-
Job represents the configuration of a single job.
+
Job represents the configuration of a single job. DEPRECATED: extensions/v1beta1.Job is deprecated, use batch/v1.Job instead.
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#gcepersistentdisk
false
string
partition
-
The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#gcepersistentdisk
+
The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: http://kubernetes.io/docs/user-guide/volumes#gcepersistentdisk
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/identifiers.md#names
+
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
false
string
@@ -1280,7 +1354,7 @@ Examples:
If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
@@ -1330,16 +1404,16 @@ Populated by the system. Read-only. Value must be treated as opaque by clients a
creationTimestamp
CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource will be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. Once the resource is deleted in the API, the Kubelet will send a hard termination signal to the container. If not set, graceful deletion of the object has not been requested.
+
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
false
object
annotations
-
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://releases.k8s.io/release-1.4/docs/user-guide/annotations.md
+
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
false
object
@@ -1415,21 +1489,28 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)
false
integer (int32)
selector
-
Selector is a label query over pods that should match the replica count. If the selector is empty, it is defaulted to the labels present on the pod template. Label keys and values that must match in order to be controlled by this replica set. More info: http://releases.k8s.io/release-1.4/docs/user-guide/labels.md#label-selectors
+
Selector is a label query over pods that should match the replica count. If the selector is empty, it is defaulted to the labels present on the pod template. Label keys and values that must match in order to be controlled by this replica set. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors
Template is the object that describes the pod that will be created. The DaemonSet will create exactly one copy of this pod on every node that matches the template’s node selector (or on every node if no node selector is specified). More info: http://kubernetes.io/docs/user-guide/replication-controller#pod-template
@@ -1646,7 +1727,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
fsType
-
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#iscsi
+
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#iscsi
false
string
@@ -1687,7 +1768,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
What type of storage medium should back this directory. The default is "" which means to use the node’s default medium. Must be an empty string (default) or Memory. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir
false
string
@@ -1721,21 +1802,21 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
@@ -1794,7 +1875,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
v1.FlockerVolumeSource
-
Represents a Flocker volume mounted by the Flocker agent. Flocker volumes do not support ownership management or SELinux relabeling.
+
Represents a Flocker volume mounted by the Flocker agent. One and only one of datasetName and datasetUUID should be set. Flocker volumes do not support ownership management or SELinux relabeling.
@@ -1816,8 +1897,15 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
datasetName
-
Required: the volume name. This is going to be store on metadata → name on the payload for Flocker
-
true
+
Name of the dataset stored as metadata → name on the dataset for Flocker should be considered as deprecated
+
false
+
string
+
+
+
+
datasetUUID
+
UUID of the dataset. This is unique identifier of a Flocker dataset
+
false
string
@@ -1850,7 +1938,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
@@ -1968,6 +2056,47 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
+
+
+
unversioned.LabelSelector
+
+
A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
matchLabels
+
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
+
false
+
object
+
+
+
+
matchExpressions
+
matchExpressions is a list of label selector requirements. The requirements are ANDed.
HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#hostpath
+
HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: http://kubernetes.io/docs/user-guide/volumes#hostpath
The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Once autoRollback is implemented, the deployment controller will automatically rollback failed deployments. Note that progress will not be estimated during the time a deployment is paused. This is not set by default.
+
false
+
integer (int32)
+
+
@@ -3007,14 +3150,14 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers
@@ -3370,7 +3513,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
imagePullSecrets
-
ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: http://releases.k8s.io/release-1.4/docs/user-guide/images.md#specifying-imagepullsecrets-on-a-pod
+
ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: http://kubernetes.io/docs/user-guide/container-environment#hook-details
PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: http://releases.k8s.io/release-1.4/docs/user-guide/container-environment.md#hook-details
+
PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: http://kubernetes.io/docs/user-guide/container-environment#hook-details
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#rbd
+
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#rbd
@@ -3770,6 +3913,47 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
+
+
+
v1.PhotonPersistentDiskVolumeSource
+
+
Represents a Photon Controller persistent disk resource.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
pdID
+
ID that identifies Photon Controller persistent disk
+
true
+
string
+
+
+
+
fsType
+
Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+
false
+
string
+
+
+
+
+
v1beta1.NetworkPolicy
@@ -3793,21 +3977,21 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
label selector for pods that should match the replicas count. This is a serializated version of both map-based and more expressive set-based selectors. This is done to avoid introspection in the clients. The string will be in the same format as the query-param syntax. If the target type only supports map-based selectors, both this field and map-based selector field are populated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/labels.md#label-selectors
+
label selector for pods that should match the replicas count. This is a serializated version of both map-based and more expressive set-based selectors. This is done to avoid introspection in the clients. The string will be in the same format as the query-param syntax. If the target type only supports map-based selectors, both this field and map-based selector field are populated. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors
false
string
@@ -3895,7 +4117,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
podSelector
Selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace.
@@ -4494,14 +4716,14 @@ Both these may change in the future. Incoming requests are matched against the h
podSelector
This is a label selector which selects Pods in this namespace. This field follows standard label selector semantics. If not provided, this selector selects no pods. If present but empty, this selector selects all pods in this namespace.
Selects Namespaces using cluster scoped-labels. This matches all pods in all namespaces selected by this label selector. This field follows standard label selector semantics. If omitted, this selector selects no namespaces. If present but empty, this selector selects all namespaces.
Entrypoint array. Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/containers.md#containers-and-commands
+
Entrypoint array. Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers#containers-and-commands
false
string array
args
-
Arguments to the entrypoint. The docker image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/containers.md#containers-and-commands
+
Arguments to the entrypoint. The docker image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers#containers-and-commands
false
string array
@@ -4771,7 +4993,7 @@ Both these may change in the future. Incoming requests are matched against the h
@@ -5062,51 +5284,24 @@ Both these may change in the future. Incoming requests are matched against the h
+
availableReplicas
+
The number of available replicas (ready for at least minReadySeconds) for this replica set.
+
false
+
integer (int32)
+
+
+
observedGeneration
ObservedGeneration reflects the generation of the most recently observed ReplicaSet.
false
integer (int64)
-
-
-
-
-
-
v1beta1.LabelSelector
-
-
A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.
-
-
-
-
-
-
-
-
-
-
-
Name
-
Description
-
Required
-
Schema
-
Default
-
-
-
-
-
matchLabels
-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
+
conditions
+
Represents the latest available observations of a replica set’s current state.
false
-
object
-
-
-
-
matchExpressions
-
matchExpressions is a list of label selector requirements. The requirements are ANDed.
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#awselasticblockstore
false
string
@@ -5441,7 +5636,7 @@ Both these may change in the future. Incoming requests are matched against the h
@@ -5566,54 +5761,6 @@ Both these may change in the future. Incoming requests are matched against the h
-
-
-
v1beta1.LabelSelectorRequirement
-
-
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
-
-
-
-
-
-
-
-
-
-
-
-
Name
-
Description
-
Required
-
Schema
-
Default
-
-
-
-
-
key
-
key is the label key that the selector applies to.
-
true
-
string
-
-
-
-
operator
-
operator represents a key’s relationship to a set of values. Valid operators ard In, NotIn, Exists and DoesNotExist.
-
true
-
string
-
-
-
-
values
-
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
-
false
-
string array
-
-
-
-
-
v1.EnvVar
@@ -5729,14 +5876,14 @@ Both these may change in the future. Incoming requests are matched against the h
@@ -5782,6 +5929,75 @@ Both these may change in the future. Incoming requests are matched against the h
+
+
+
v1beta1.DeploymentCondition
+
+
DeploymentCondition describes the state of a deployment at a certain point.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
type
+
Type of deployment condition.
+
true
+
string
+
+
+
+
status
+
Status of the condition, one of True, False, Unknown.
+
true
+
string
+
+
+
+
lastUpdateTime
+
The last time this condition was updated.
+
false
+
string (date-time)
+
+
+
+
lastTransitionTime
+
Last time the condition transitioned from one status to another.
+
false
+
string (date-time)
+
+
+
+
reason
+
The reason for the condition’s last transition.
+
false
+
string
+
+
+
+
message
+
A human readable message indicating details about the transition.
+
false
+
string
+
+
+
+
+
v1beta1.JobSpec
@@ -5808,14 +6024,14 @@ Both these may change in the future. Incoming requests are matched against the h
parallelism
-
Parallelism specifies the maximum desired number of pods the job should run at any given time. The actual number of pods running in steady state will be less than this number when ((.spec.completions - .status.successful) < .spec.parallelism), i.e. when the work left to do is less than max parallelism. More info: http://releases.k8s.io/release-1.4/docs/user-guide/jobs.md
+
Parallelism specifies the maximum desired number of pods the job should run at any given time. The actual number of pods running in steady state will be less than this number when ((.spec.completions - .status.successful) < .spec.parallelism), i.e. when the work left to do is less than max parallelism. More info: http://kubernetes.io/docs/user-guide/jobs
false
integer (int32)
completions
-
Completions specifies the desired number of successfully finished pods the job should be run with. Setting to nil means that the success of any pod signals the success of all pods, and allows parallelism to have any positive value. Setting to 1 means that parallelism is limited to 1 and the success of that pod signals the success of the job. More info: http://releases.k8s.io/release-1.4/docs/user-guide/jobs.md
+
Completions specifies the desired number of successfully finished pods the job should be run with. Setting to nil means that the success of any pod signals the success of all pods, and allows parallelism to have any positive value. Setting to 1 means that parallelism is limited to 1 and the success of that pod signals the success of the job. More info: http://kubernetes.io/docs/user-guide/jobs
false
integer (int32)
@@ -5829,21 +6045,21 @@ Both these may change in the future. Incoming requests are matched against the h
AutoSelector controls generation of pod labels and pod selectors. It was not present in the original extensions/v1beta1 Job definition, but exists to allow conversion from batch/v1 Jobs, where it corresponds to, but has the opposite meaning as, ManualSelector. More info: http://releases.k8s.io/release-1.4/docs/design/selector-generation.md
+
AutoSelector controls generation of pod labels and pod selectors. It was not present in the original extensions/v1beta1 Job definition, but exists to allow conversion from batch/v1 Jobs, where it corresponds to, but has the opposite meaning as, ManualSelector. More info: http://releases.k8s.io/HEAD/docs/design/selector-generation.md
@@ -5851,6 +6067,54 @@ Both these may change in the future. Incoming requests are matched against the h
+
+
+
unversioned.LabelSelectorRequirement
+
+
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
key
+
key is the label key that the selector applies to.
+
true
+
string
+
+
+
+
operator
+
operator represents a key’s relationship to a set of values. Valid operators ard In, NotIn, Exists and DoesNotExist.
+
true
+
string
+
+
+
+
values
+
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
+
false
+
string array
+
+
+
+
+
unversioned.Status
@@ -5877,28 +6141,28 @@ Both these may change in the future. Incoming requests are matched against the h
@@ -6204,7 +6468,7 @@ Both these may change in the future. Incoming requests are matched against the h
diff --git a/docs/api-reference/extensions/v1beta1/definitions.md b/docs/api-reference/extensions/v1beta1/definitions.md
index c7cdbb0908..f5c5208e1b 100644
--- a/docs/api-reference/extensions/v1beta1/definitions.md
+++ b/docs/api-reference/extensions/v1beta1/definitions.md
@@ -1,11 +1,7 @@
---
---
-{% include v1.4/extensions-v1beta1-definitions.html %}
-
-
-
-
+{% include v1.5/extensions-v1beta1-definitions.html %}
diff --git a/docs/api-reference/extensions/v1beta1/operations.html b/docs/api-reference/extensions/v1beta1/operations.html
index 78a0f60bf6..a97f64b789 100755
--- a/docs/api-reference/extensions/v1beta1/operations.html
+++ b/docs/api-reference/extensions/v1beta1/operations.html
@@ -1,5 +1,7 @@
---
+title: Extensions API Operations
---
+
@@ -219,6 +221,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -362,6 +370,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -505,6 +519,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -648,6 +668,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -791,6 +817,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -942,6 +974,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -1534,6 +1572,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -2264,6 +2318,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -2856,6 +2916,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -4092,6 +4168,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -4684,6 +4766,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -5414,6 +5512,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -5580,7 +5684,7 @@
-
create a Ingress
+
create an Ingress
POST /apis/extensions/v1beta1/namespaces/{namespace}/ingresses
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -6736,6 +6856,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -7328,6 +7454,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -8058,6 +8200,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -8650,6 +8798,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -9001,6 +9165,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -9593,6 +9763,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -11073,6 +11259,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -11216,6 +11408,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -11359,6 +11557,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -11919,6 +12123,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
diff --git a/docs/api-reference/extensions/v1beta1/operations.md b/docs/api-reference/extensions/v1beta1/operations.md
index 3aedba68c8..dab4b1d5b7 100644
--- a/docs/api-reference/extensions/v1beta1/operations.md
+++ b/docs/api-reference/extensions/v1beta1/operations.md
@@ -1,11 +1,7 @@
---
---
-{% include v1.4/extensions-v1beta1-operations.html %}
-
-
-
-
+{% include v1.5/extensions-v1beta1-operations.html %}
diff --git a/docs/api-reference/labels-annotations-taints.md b/docs/api-reference/labels-annotations-taints.md
new file mode 100644
index 0000000000..7d02eb509a
--- /dev/null
+++ b/docs/api-reference/labels-annotations-taints.md
@@ -0,0 +1,113 @@
+---
+---
+# Well-Known Labels, Annotations and Taints
+
+Kubernetes reserves all labels and annotations in the kubernetes.io namespace. This document describes
+the well-known kubernetes.io labels and annotations.
+
+This document serves both as a reference to the values, and as a coordination point for assigning values.
+
+**Table of contents:**
+
+
+- [Well-Known Labels, Annotations and Taints](#well-known-labels-annotations-and-taints)
+ - [beta.kubernetes.io/arch](#betakubernetesioarch)
+ - [beta.kubernetes.io/os](#betakubernetesioos)
+ - [kubernetes.io/hostname](#kubernetesiohostname)
+ - [beta.kubernetes.io/instance-type](#betakubernetesioinstance-type)
+ - [failure-domain.beta.kubernetes.io/region](#failure-domainbetakubernetesioregion)
+ - [failure-domain.beta.kubernetes.io/zone](#failure-domainbetakubernetesiozone)
+
+
+
+
+## beta.kubernetes.io/arch
+
+Example: `beta.kubernetes.io/arch=amd64`
+
+Used on: Node
+
+Kubelet populates this with `runtime.GOARCH` as defined by Go. This can be handy if you are mixing arm and x86 nodes,
+for example.
+
+## beta.kubernetes.io/os
+
+Example: `beta.kubernetes.io/os=linux`
+
+Used on: Node
+
+Kubelet populates this with `runtime.GOOS` as defined by Go. This can be handy if you are mixing operating systems
+in your cluster (although currently Linux is the only OS supported by kubernetes).
+
+## kubernetes.io/hostname
+
+Example: `kubernetes.io/hostname=ip-172-20-114-199.ec2.internal`
+
+Used on: Node
+
+Kubelet populates this with the hostname. Note that the hostname can be changed from the "actual" hostname
+by passing the `--hostname-override` flag to kubelet.
+
+## beta.kubernetes.io/instance-type
+
+Example: `beta.kubernetes.io/instance-type=m3.medium`
+
+Used on: Node
+
+Kubelet populates this with the instance type as defined by the `cloudprovider`. It will not be set if
+not using a cloudprovider. This can be handy if you want to target certain workloads to certain instance
+types, but typically you want to rely on the kubernetes scheduler to perform resource-based scheduling,
+and you should aim to schedule based on properties rather than on instance types (e.g. require a GPU, instead
+of requiring a `g2.2xlarge`)
+
+
+## failure-domain.beta.kubernetes.io/region
+
+See [failure-domain.beta.kubernetes.io/zone](#failure-domainbetakubernetesiozone)
+
+## failure-domain.beta.kubernetes.io/zone
+
+Example:
+
+`failure-domain.beta.kubernetes.io/region=us-east-1`
+
+`failure-domain.beta.kubernetes.io/zone=us-east-1c`
+
+Used on: Node, PersistentVolume
+
+On the Node: Kubelet populates this with the zone information as defined by the `cloudprovider`. It will not be set if
+not using a `cloudprovider`, but you should consider setting it on the nodes if it makes sense in your topology.
+
+On the PersistentVolume: The `PersistentVolumeLabel` admission controller will automatically add zone labels to PersistentVolumes,
+on GCE and AWS.
+
+Kubernetes will automatically spread the pods in a replication controller or service across nodes in a single-zone
+cluster (to reduce the impact of failures.) With multiple-zone clusters, this spreading behaviour is extended
+across zones (to reduce the impact of zone failures.) This is achieved via SelectorSpreadPriority.
+
+This is a best-effort placement, and so if the zones in your cluster are heterogeneous (e.g. different numbers of nodes,
+different types of nodes, or different pod resource requirements), this might prevent equal spreading of
+your pods across zones. If desired, you can use homogenous zones (same number and types of nodes) to reduce
+the probability of unequal spreading.
+
+The scheduler (via the VolumeZonePredicate predicate) will also ensure that pods that claim a given volume
+are only placed into the same zone as that volume, as volumes cannot be attached across zones.
+
+
+The actual values of zone and region don't matter, and nor is the meaning of the hierarchy rigidly defined. The expectation
+is that failures of nodes in different zones should be uncorrelated unless the entire region has failed. For example,
+zones should typically avoid sharing a single network switch. The exact mapping depends on your particular
+infrastructure - a three-rack installation will choose a very different setup to a multi-datacenter configuration.
+
+If `PersistentVolumeLabel` does not support automatic labeling of your PersistentVolumes, you should consider
+adding the labels manually (or adding support to `PersistentVolumeLabel`), if you want the scheduler to prevent
+pods from mounting volumes in a different zone. If your infrastructure doesn't have this constraint, you don't
+need to add the zone labels to the volumes at all.
+
+
+
+
+
+
+[]()
+
diff --git a/docs/api-reference/policy/v1alpha1/definitions.html b/docs/api-reference/policy/v1beta1/definitions.html
similarity index 84%
rename from docs/api-reference/policy/v1alpha1/definitions.html
rename to docs/api-reference/policy/v1beta1/definitions.html
index d5c2c1124a..844e66c00a 100755
--- a/docs/api-reference/policy/v1alpha1/definitions.html
+++ b/docs/api-reference/policy/v1beta1/definitions.html
@@ -18,10 +18,10 @@
PodDisruptionBudgetStatus represents information about the status of a PodDisruptionBudget. Status may trail the actual state of a system.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
observedGeneration
+
Most recent generation observed when updating this PDB status. PodDisruptionsAllowed and other status informatio is valid only if observedGeneration equals to PDB’s object generation.
+
false
+
integer (int64)
+
+
+
+
disruptedPods
+
DisruptedPods contains information about pods whose eviction was processed by the API server eviction subresource handler but has not yet been observed by the PodDisruptionBudget controller. A pod will be in this map from the time when the API server processed the eviction request to the time when the pod is seen by PDB controller as having been marked for deletion (or after a timeout). The key in the map is the name of the pod and the value is the time when the API server processed the eviction request. If the deletion didn’t occur and a pod is still there it will be removed from the list automatically by PodDisruptionBudget controller after some time. If everything goes smooth this map should be empty for the most of the time. Large number of entries in the map may indicate problems with pod deletions.
+
true
+
object
+
+
+
+
disruptionsAllowed
+
Number of pod disruptions that are currently allowed.
+
true
+
integer (int32)
+
+
+
+
currentHealthy
+
current number of healthy pods
+
true
+
integer (int32)
+
+
+
+
desiredHealthy
+
minimum desired number of healthy pods
+
true
+
integer (int32)
+
+
+
+
expectedPods
+
total number of pods counted by this disruption budget
+
true
+
integer (int32)
+
+
+
+
+
unversioned.LabelSelector
@@ -463,7 +518,7 @@
-
+
@@ -494,9 +549,9 @@
-
unversioned.Status
+
v1beta1.PodDisruptionBudgetList
-
Status is a return value for calls that don’t return other objects.
+
PodDisruptionBudgetList is a collection of PodDisruptionBudgets.
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/identifiers.md#names
+
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
false
string
@@ -660,7 +770,7 @@
If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
@@ -710,16 +820,16 @@ Populated by the system. Read-only. Value must be treated as opaque by clients a
creationTimestamp
CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource will be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. Once the resource is deleted in the API, the Kubelet will send a hard termination signal to the container. If not set, graceful deletion of the object has not been requested.
+
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
false
object
annotations
-
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://releases.k8s.io/release-1.4/docs/user-guide/annotations.md
+
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
false
object
@@ -781,7 +891,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -802,21 +912,21 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
@@ -950,7 +957,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -990,6 +997,47 @@ Examples:
+
+
+
v1beta1.PodDisruptionBudgetSpec
+
+
PodDisruptionBudgetSpec is a description of a PodDisruptionBudget.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
minAvailable
+
An eviction is allowed if at least "minAvailable" pods selected by "selector" will still be available after the eviction, i.e. even in the absence of the evicted pod. So for example you can prevent all voluntary evictions by specifying "100%".
+
false
+
string
+
+
+
+
selector
+
Label query over pods whose evictions are managed by the disruption budget.
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -844,7 +866,7 @@
-
+
@@ -894,7 +916,7 @@
-
apispolicyv1alpha1
+
apispolicyv1beta1
@@ -904,7 +926,7 @@
partially update the specified PodDisruptionBudget
If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/identifiers.md#names
+
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
false
string
@@ -885,7 +843,7 @@
If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
@@ -935,16 +893,16 @@ Populated by the system. Read-only. Value must be treated as opaque by clients a
creationTimestamp
CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource will be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. Once the resource is deleted in the API, the Kubelet will send a hard termination signal to the container. If not set, graceful deletion of the object has not been requested.
+
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
false
object
annotations
-
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://releases.k8s.io/release-1.4/docs/user-guide/annotations.md
+
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
false
object
@@ -1006,7 +964,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -1027,21 +985,21 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
@@ -1174,7 +1132,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
roleRef
RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
name
name of the ClusterRoleBinding
@@ -780,7 +802,7 @@
-
+
@@ -852,7 +874,7 @@
-
+
@@ -899,7 +921,7 @@
-
+
@@ -977,7 +999,7 @@
-
+
@@ -1048,7 +1070,7 @@
-
+
@@ -1090,6 +1112,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -1120,7 +1148,7 @@
-
+
@@ -1191,7 +1219,7 @@
-
+
@@ -1263,7 +1291,7 @@
-
+
@@ -1302,7 +1330,7 @@
-
+
@@ -1374,7 +1402,7 @@
-
+
@@ -1413,7 +1441,7 @@
-
+
@@ -1485,7 +1513,7 @@
-
+
@@ -1532,7 +1560,7 @@
-
+
@@ -1604,7 +1632,7 @@
-
+
@@ -1634,6 +1662,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
name
name of the ClusterRole
@@ -1651,7 +1695,7 @@
-
+
@@ -1723,7 +1767,7 @@
-
+
@@ -1770,7 +1814,7 @@
-
+
@@ -1848,7 +1892,7 @@
-
+
@@ -1927,7 +1971,7 @@
-
+
@@ -1969,6 +2013,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -1999,7 +2049,7 @@
-
+
@@ -2078,7 +2128,7 @@
-
+
@@ -2150,7 +2200,7 @@
-
+
@@ -2197,7 +2247,7 @@
-
+
@@ -2269,7 +2319,7 @@
-
+
@@ -2316,7 +2366,7 @@
-
+
@@ -2388,7 +2438,7 @@
-
+
@@ -2443,7 +2493,7 @@
-
+
@@ -2515,7 +2565,7 @@
-
+
@@ -2545,6 +2595,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -2570,7 +2636,7 @@
-
+
@@ -2642,7 +2708,7 @@
-
+
@@ -2697,7 +2763,7 @@
-
+
@@ -2775,7 +2841,7 @@
-
+
@@ -2854,7 +2920,7 @@
-
+
@@ -2896,6 +2962,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -2926,7 +2998,7 @@
-
+
@@ -3005,7 +3077,7 @@
-
+
@@ -3077,7 +3149,7 @@
-
+
@@ -3124,7 +3196,7 @@
-
+
@@ -3196,7 +3268,7 @@
-
+
@@ -3243,7 +3315,7 @@
-
+
@@ -3315,7 +3387,7 @@
-
+
@@ -3370,7 +3442,7 @@
-
+
@@ -3442,7 +3514,7 @@
-
+
@@ -3472,6 +3544,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/identifiers.md#names
+
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
false
string
@@ -581,7 +615,7 @@
If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
@@ -631,16 +665,16 @@ Populated by the system. Read-only. Value must be treated as opaque by clients a
creationTimestamp
CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource will be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. Once the resource is deleted in the API, the Kubelet will send a hard termination signal to the container. If not set, graceful deletion of the object has not been requested.
+
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
false
object
annotations
-
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://releases.k8s.io/release-1.4/docs/user-guide/annotations.md
+
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
false
object
@@ -702,7 +736,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
-
+
@@ -723,21 +757,21 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#gcepersistentdisk
false
string
partition
-
The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#gcepersistentdisk
+
The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: http://kubernetes.io/docs/user-guide/volumes#gcepersistentdisk
ReplicationControllerCondition describes the state of a replication controller at a certain point.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
type
+
Type of replication controller condition.
+
true
+
string
+
+
+
+
status
+
Status of the condition, one of True, False, Unknown.
+
true
+
string
+
+
+
+
lastTransitionTime
+
The last time the condition transitioned from one status to another.
+
false
+
string (date-time)
+
+
+
+
reason
+
The reason for the condition’s last transition.
+
false
+
string
+
+
+
+
message
+
A human readable message indicating details about the transition.
+
false
+
string
+
+
+
+
+
v1.ScaleStatus
@@ -1201,7 +1261,7 @@ Examples:
selector
-
label query over pods that should match the replicas count. This is same as the label selector but in the string format to avoid introspection by clients. The string will be in the same format as the query-param syntax. More info about label selectors: http://releases.k8s.io/release-1.4/docs/user-guide/labels.md#label-selectors
+
label query over pods that should match the replicas count. This is same as the label selector but in the string format to avoid introspection by clients. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/identifiers.md#names
+
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
false
string
@@ -1575,7 +1635,7 @@ Examples:
If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
@@ -1625,16 +1685,16 @@ Populated by the system. Read-only. Value must be treated as opaque by clients a
creationTimestamp
CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource will be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. Once the resource is deleted in the API, the Kubelet will send a hard termination signal to the container. If not set, graceful deletion of the object has not been requested.
+
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
false
object
annotations
-
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://releases.k8s.io/release-1.4/docs/user-guide/annotations.md
+
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
false
object
@@ -1824,7 +1884,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
fsType
-
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#iscsi
+
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#iscsi
false
string
@@ -1865,7 +1925,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
What type of storage medium should back this directory. The default is "" which means to use the node’s default medium. Must be an empty string (default) or Memory. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir
false
string
@@ -1899,21 +1959,21 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
@@ -2051,6 +2111,61 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
+
+
+
v1beta1.Eviction
+
+
Eviction evicts a pod from its node subject to certain policies and safety constraints. This is a subresource of Pod. A request to cause such an eviction is created by POSTing to …/pods/<pod name>/evictions.
ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: http://releases.k8s.io/release-1.4/docs/user-guide/secrets.md#manually-specifying-an-imagepullsecret
+
ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: http://kubernetes.io/docs/user-guide/secrets#manually-specifying-an-imagepullsecret
@@ -2220,7 +2335,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
v1.FlockerVolumeSource
-
Represents a Flocker volume mounted by the Flocker agent. Flocker volumes do not support ownership management or SELinux relabeling.
+
Represents a Flocker volume mounted by the Flocker agent. One and only one of datasetName and datasetUUID should be set. Flocker volumes do not support ownership management or SELinux relabeling.
@@ -2242,8 +2357,15 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
datasetName
-
Required: the volume name. This is going to be store on metadata → name on the payload for Flocker
-
true
+
Name of the dataset stored as metadata → name on the dataset for Flocker should be considered as deprecated
+
false
+
string
+
+
+
+
datasetUUID
+
UUID of the dataset. This is unique identifier of a Flocker dataset
+
false
string
@@ -2276,7 +2398,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#hostpath
+
HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: http://kubernetes.io/docs/user-guide/volumes#hostpath
List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers
@@ -4103,7 +4232,7 @@ The resulting set of endpoints can be viewed as:
imagePullSecrets
-
ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: http://releases.k8s.io/release-1.4/docs/user-guide/images.md#specifying-imagepullsecrets-on-a-pod
+
ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: http://kubernetes.io/docs/user-guide/container-environment#hook-details
PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: http://releases.k8s.io/release-1.4/docs/user-guide/container-environment.md#hook-details
+
PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: http://kubernetes.io/docs/user-guide/container-environment#hook-details
Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)
false
integer (int32)
selector
-
Selector is a label query over pods that should match the Replicas count. If Selector is empty, it is defaulted to the labels present on the Pod template. Label keys and values that must match in order to be controlled by this replication controller, if empty defaulted to labels on Pod template. More info: http://releases.k8s.io/release-1.4/docs/user-guide/labels.md#label-selectors
+
Selector is a label query over pods that should match the Replicas count. If Selector is empty, it is defaulted to the labels present on the Pod template. Label keys and values that must match in order to be controlled by this replication controller, if empty defaulted to labels on Pod template. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#rbd
+
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#rbd
@@ -4820,6 +4956,85 @@ The resulting set of endpoints can be viewed as:
+
+
+
v1.PhotonPersistentDiskVolumeSource
+
+
Represents a Photon Controller persistent disk resource.
+
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
pdID
+
ID that identifies Photon Controller persistent disk
+
true
+
string
+
+
+
+
fsType
+
Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+
false
+
string
+
+
+
+
+
+
+
+
versioned.Event
+
+
+
+
+
+
+
+
+
+
+
Name
+
Description
+
Required
+
Schema
+
Default
+
+
+
+
+
type
+
+
true
+
string
+
+
+
+
object
+
+
true
+
string
+
+
+
+
+
v1.PodTemplate
@@ -4846,28 +5061,28 @@ The resulting set of endpoints can be viewed as:
Entrypoint array. Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/containers.md#containers-and-commands
+
Entrypoint array. Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers#containers-and-commands
false
string array
args
-
Arguments to the entrypoint. The docker image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://releases.k8s.io/release-1.4/docs/user-guide/containers.md#containers-and-commands
+
Arguments to the entrypoint. The docker image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/containers#containers-and-commands
false
string array
@@ -5423,7 +5638,7 @@ The resulting set of endpoints can be viewed as:
HostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: http://releases.k8s.io/release-1.4/docs/user-guide/volumes.md#hostpath
+
HostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: http://kubernetes.io/docs/user-guide/volumes#hostpath
ClaimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. Expected to be non-nil when bound. claim.VolumeName is the authoritative bind between PV and PVC. More info: http://kubernetes.io/docs/user-guide/persistent-volumes#binding
@@ -5838,14 +6074,14 @@ The resulting set of endpoints can be viewed as:
targetPort
-
Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod’s container ports. If this is not specified, the value of the port field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the port field. More info: http://releases.k8s.io/release-1.4/docs/user-guide/services.md#defining-a-service
+
Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod’s container ports. If this is not specified, the value of the port field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the port field. More info: http://kubernetes.io/docs/user-guide/services#defining-a-service
false
string
nodePort
-
The port on each node on which this service is exposed when type=NodePort or LoadBalancer. Usually assigned by the system. If specified, it will be allocated to the service if unused or else creation of the service will fail. Default is to auto-allocate a port if the ServiceType of this Service requires one. More info: http://releases.k8s.io/release-1.4/docs/user-guide/services.md#type—nodeport
+
The port on each node on which this service is exposed when type=NodePort or LoadBalancer. Usually assigned by the system. If specified, it will be allocated to the service if unused or else creation of the service will fail. Default is to auto-allocate a port if the ServiceType of this Service requires one. More info: http://kubernetes.io/docs/user-guide/services#type—nodeport
false
integer (int32)
@@ -5941,21 +6177,21 @@ The resulting set of endpoints can be viewed as:
@@ -6389,61 +6625,6 @@ The resulting set of endpoints can be viewed as:
-
-
-
v1alpha1.Eviction
-
-
Eviction evicts a pod from its node subject to certain policies and safety constraints. This is a subresource of Pod. A request to cause such an eviction is created by POSTing to …/pods/<pod name>/evictions.
Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#awselasticblockstore
false
string
@@ -6494,7 +6675,7 @@ The resulting set of endpoints can be viewed as:
Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: http://releases.k8s.io/release-1.4/docs/user-guide/services.md#overview
+
Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: http://kubernetes.io/docs/user-guide/services#overview
false
object
clusterIP
-
clusterIP is the IP address of the service and is usually assigned randomly by the master. If an address is specified manually and is not in use by others, it will be allocated to the service; otherwise, creation of the service will fail. This field can not be changed through updates. Valid values are "None", empty string (""), or a valid IP address. "None" can be specified for headless services when proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: http://releases.k8s.io/release-1.4/docs/user-guide/services.md#virtual-ips-and-service-proxies
+
clusterIP is the IP address of the service and is usually assigned randomly by the master. If an address is specified manually and is not in use by others, it will be allocated to the service; otherwise, creation of the service will fail. This field can not be changed through updates. Valid values are "None", empty string (""), or a valid IP address. "None" can be specified for headless services when proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: http://kubernetes.io/docs/user-guide/services#virtual-ips-and-service-proxies
false
string
type
-
type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. "ExternalName" maps to the specified externalName. "ClusterIP" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object. If clusterIP is "None", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a stable IP. "NodePort" builds on ClusterIP and allocates a port on every node which routes to the clusterIP. "LoadBalancer" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the clusterIP. More info: http://releases.k8s.io/release-1.4/docs/user-guide/services.md#overview
+
type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. "ExternalName" maps to the specified externalName. "ClusterIP" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object. If clusterIP is "None", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a stable IP. "NodePort" builds on ClusterIP and allocates a port on every node which routes to the clusterIP. "LoadBalancer" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the clusterIP. More info: http://kubernetes.io/docs/user-guide/services#overview
false
string
@@ -7831,7 +8012,7 @@ The resulting set of endpoints can be viewed as:
@@ -7845,7 +8026,7 @@ The resulting set of endpoints can be viewed as:
loadBalancerSourceRanges
-
If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature." More info: http://releases.k8s.io/release-1.4/docs/user-guide/services-firewalls.md
+
If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature." More info: http://kubernetes.io/docs/user-guide/services-firewalls
false
string array
@@ -7886,35 +8067,35 @@ The resulting set of endpoints can be viewed as:
@@ -8082,7 +8263,7 @@ The resulting set of endpoints can be viewed as:
diff --git a/docs/api-reference/v1/definitions.md b/docs/api-reference/v1/definitions.md
index 6e0097d365..a643643103 100644
--- a/docs/api-reference/v1/definitions.md
+++ b/docs/api-reference/v1/definitions.md
@@ -1,11 +1,7 @@
---
---
-{% include v1.4/v1-definitions.html %}
-
-
-
-
+{% include v1.5/v1-definitions.html %}
diff --git a/docs/api-reference/v1/operations.html b/docs/api-reference/v1/operations.html
index 7e23b5c822..f75e9a44f5 100755
--- a/docs/api-reference/v1/operations.html
+++ b/docs/api-reference/v1/operations.html
@@ -1,5 +1,7 @@
---
+title: Kubernetes API Operations
---
+
@@ -219,6 +221,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -473,6 +481,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -616,6 +630,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -759,6 +779,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -902,6 +928,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -1045,6 +1077,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -1569,6 +1607,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -2161,6 +2205,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -4398,6 +4502,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -4990,6 +5100,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -5341,6 +5467,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -5933,6 +6065,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -6663,6 +6811,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -7255,6 +7409,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -7887,7 +8057,7 @@
-
create eviction of a Eviction
+
create eviction of an Eviction
POST /api/v1/namespaces/{namespace}/pods/{name}/eviction
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -11110,6 +11302,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -11702,6 +11900,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -12811,6 +13025,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -13403,6 +13623,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -14133,6 +14369,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -14725,6 +14967,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -15076,6 +15334,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -15668,6 +15932,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
namespace
object name and auth scope, such as for teams and projects
@@ -16019,6 +16299,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -18273,6 +18559,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
name
name of the Namespace
@@ -19074,6 +19376,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -19634,6 +19942,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
+
false
+
boolean
+
+
+
PathParameter
name
name of the Node
@@ -21188,6 +21512,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -21331,6 +21661,12 @@
application/vnd.kubernetes.protobuf
+
+
application/json;stream=watch
+
+
+
application/vnd.kubernetes.protobuf;stream=watch
+
@@ -21891,6 +22227,22 @@
+
QueryParameter
+
gracePeriodSeconds
+
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
+
false
+
integer (int32)
+
+
+
+
QueryParameter
+
orphanDependents
+
Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.
@@ -32446,7 +32966,7 @@
diff --git a/docs/api-reference/v1/operations.md b/docs/api-reference/v1/operations.md
index f76001cc73..2e6a4939e4 100644
--- a/docs/api-reference/v1/operations.md
+++ b/docs/api-reference/v1/operations.md
@@ -1,11 +1,7 @@
---
---
-{% include v1.4/v1-operations.html %}
-
-
-
-
+{% include v1.5/v1-operations.html %}
diff --git a/docs/api.md b/docs/api.md
index 9ea627721e..cfc3c32125 100644
--- a/docs/api.md
+++ b/docs/api.md
@@ -3,7 +3,7 @@ assignees:
- bgrant0607
- erictune
- lavalamp
-
+title: Kubernetes API Overview
---
Primary system and API concepts are documented in the [User guide](/docs/user-guide/).
@@ -24,11 +24,13 @@ In our experience, any system that is successful needs to grow and change as new
What constitutes a compatible change and how to change the API are detailed by the [API change document](https://github.com/kubernetes/kubernetes/tree/{{page.githubbranch}}/docs/devel/api_changes.md).
-## API Swagger definitions
+## OpenAPI and Swagger definitions
-Complete API details are documented using [Swagger v1.2](http://swagger.io/). The Kubernetes apiserver (aka "master") exposes an API that can be used to retrieve the Swagger Kubernetes API spec, by default at located at `/swaggerapi`, and a UI to browse the API documentation at `/swagger-ui`.
+Complete API details are documented using [Swagger v1.2](http://swagger.io/) and [OpenAPI](https://www.openapis.org/). The Kubernetes apiserver (aka "master") exposes an API that can be used to retrieve the Swagger v1.2 Kubernetes API spec located at `/swaggerapi`. You can also enable a UI to browse the API documentation at `/swagger-ui` by passing the `--enable-swagger-ui=true` flag to apiserver.
-We also host a version of the [latest API documentation UI](http://kubernetes.io/kubernetes/third_party/swagger-ui/). This is updated with the latest release, so if you are using a different version of Kubernetes you will want to use the spec from your apiserver.
+We also host a version of the [latest v1.2 API documentation UI](http://kubernetes.io/kubernetes/third_party/swagger-ui/). This is updated with the latest release, so if you are using a different version of Kubernetes you will want to use the spec from your apiserver.
+
+Staring kubernetes 1.4, OpenAPI spec is also available at `/swagger.json`. While we are transitioning from Swagger v1.2 to OpenAPI (aka Swagger v2.0), some of the tools such as kubectl and swagger-ui are still using v1.2 spec. OpenAPI spec is in Beta as of Kubernetes 1.5.
Kubernetes implements an alternative Protobuf based serialization format for the API that is primarily intended for intra-cluster communication, documented in the [design proposal](https://github.com/kubernetes/kubernetes/blob/{{ page.githubbranch }}/docs/proposals/protobuf.md) and the IDL files for each schema are located in the Go packages that define the API objects.
diff --git a/docs/concepts/abstractions/controllers/statefulsets.md b/docs/concepts/abstractions/controllers/statefulsets.md
new file mode 100644
index 0000000000..996a63fe8d
--- /dev/null
+++ b/docs/concepts/abstractions/controllers/statefulsets.md
@@ -0,0 +1,174 @@
+---
+assignees:
+- bprashanth
+- enisoc
+- erictune
+- foxish
+- janetkuo
+- kow3ns
+- smarterclayton
+title: StatefulSets
+---
+
+{% capture overview %}
+**StatefulSets are a beta feature in 1.5. This feature replaces the
+PetSets feature from 1.4. Users of PetSets are referred to the 1.5
+[Upgrade Guide](/docs/tasks/manage-stateful-set/upgrade-pet-set-to-stateful-set/)
+for further information on how to upgrade existing PetSets to StatefulSets.**
+
+A StatefulSet is a Controller that provides a unique identity to its Pods. It provides
+guarantees about the ordering of deployment and scaling.
+{% endcapture %}
+
+{% capture body %}
+
+### Using StatefulSets
+
+StatefulSets are valuable for applications that require one or more of the
+following.
+
+* Stable, unique network identifiers.
+* Stable, persistent storage.
+* Ordered, graceful deployment and scaling.
+* Ordered, graceful deletion and termination.
+
+In the above, stable is synonymous with persistence across Pod (re)schedulings.
+If an application doesn't require any stable identifiers or ordered deployment,
+deletion, or scaling, you should deploy your application with a controller that
+provides a set of stateless replicas. Controllers such as
+[Deployment](/docs/user-guide/deployments/) or
+[ReplicaSet](/docs/user-guide/replicasets/) may be better suited to your stateless needs.
+
+### Limitations
+* StatefulSet is a beta resource, not available in any Kubernetes release prior to 1.5.
+* As with all alpha/beta resources, you can disable StatefulSet through the `--runtime-config` option passed to the apiserver.
+* The storage for a given Pod must either be provisioned by a [PersistentVolume Provisioner](http://releases.k8s.io/{{page.githubbranch}}/examples/experimental/persistent-volume-provisioning/README.md) based on the requested `storage class`, or pre-provisioned by an admin.
+* Deleting and/or scaling a StatefulSet down will *not* delete the volumes associated with the StatefulSet. This is done to ensure data safety, which is generally more valuable than an automatic purge of all related StatefulSet resources.
+* StatefulSets currently require a [Headless Service](/docs/user-guide/services/#headless-services) to be responsible for the network identity of the Pods. You are responsible for creating this Service.
+* Updating an existing StatefulSet is currently a manual process.
+
+### Components
+The example below demonstrates the components of a StatefulSet.
+
+* A Headless Service, named nginx, is used to control the network domain.
+* The StatefulSet, named web, has a Spec that indicates that 3 replicas of the nginx container will be launched in unique Pods.
+* The volumeClaimTemplates will provide stable storage using [PersistentVolumes](/docs/user-guide/volumes/) provisioned by a
+ PersistentVolume Provisioner.
+
+```yaml
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: nginx
+ labels:
+ app: nginx
+spec:
+ ports:
+ - port: 80
+ name: web
+ clusterIP: None
+ selector:
+ app: nginx
+---
+apiVersion: apps/v1beta1
+kind: StatefulSet
+metadata:
+ name: web
+spec:
+ serviceName: "nginx"
+ replicas: 3
+ template:
+ metadata:
+ labels:
+ app: nginx
+ spec:
+ terminationGracePeriodSeconds: 10
+ containers:
+ - name: nginx
+ image: gcr.io/google_containers/nginx-slim:0.8
+ ports:
+ - containerPort: 80
+ name: web
+ volumeMounts:
+ - name: www
+ mountPath: /usr/share/nginx/html
+ volumeClaimTemplates:
+ - metadata:
+ name: www
+ spec:
+ accessModes: [ "ReadWriteOnce" ]
+ resources:
+ requests:
+ storage: 1Gi
+```
+
+### Pod Identity
+StatefulSet Pods have a unique identity that is comprised of an ordinal, a
+stable network identity, and stable storage. The identity sticks to the Pod,
+regardless of which node it's (re)scheduled on.
+
+__Ordinal Index__
+
+For a StatefulSet with N replicas, each Pod in the StatefulSet will be
+assigned an integer ordinal, in the range [0,N), that is unique over the Set.
+
+__Stable Network ID__
+
+Each Pod in a StatefulSet derives its hostname from the name of the StatefulSet
+and the ordinal of the Pod. The pattern for the constructed hostname
+is `$(statefulset name)-$(ordinal)`. The example above will create three Pods
+named `web-0,web-1,web-2`.
+A StatefulSet can use a [Headless Service](/docs/user-guide/services/#headless-services)
+to control the domain of its Pods. The domain managed by this Service takes the form:
+`$(service name).$(namespace).svc.cluster.local`, where "cluster.local"
+is the [cluster domain](http://releases.k8s.io/{{page.githubbranch}}/build/kube-dns/README.md#how-do-i-configure-it).
+As each Pod is created, it gets a matching DNS subdomain, taking the form:
+`$(podname).$(governing service domain)`, where the governing service is defined
+by the `serviceName` field on the StatefulSet.
+
+Here are some examples of choices for Cluster Domain, Service name,
+StatefulSet name, and how that affects the DNS names for the StatefulSet's Pods.
+
+Cluster Domain | Service (ns/name) | StatefulSet (ns/name) | StatefulSet Domain | Pod DNS | Pod Hostname |
+-------------- | ----------------- | ----------------- | -------------- | ------- | ------------ |
+ cluster.local | default/nginx | default/web | nginx.default.svc.cluster.local | web-{0..N-1}.nginx.default.svc.cluster.local | web-{0..N-1} |
+ cluster.local | foo/nginx | foo/web | nginx.foo.svc.cluster.local | web-{0..N-1}.nginx.foo.svc.cluster.local | web-{0..N-1} |
+ kube.local | foo/nginx | foo/web | nginx.foo.svc.kube.local | web-{0..N-1}.nginx.foo.svc.kube.local | web-{0..N-1} |
+
+Note that Cluster Domain will be set to `cluster.local` unless
+[otherwise configured](http://releases.k8s.io/{{page.githubbranch}}/build/kube-dns/README.md#how-do-i-configure-it).
+
+__Stable Storage__
+
+Kubernetes creates one [PersistentVolume](/docs/user-guide/volumes/) for each
+VolumeClaimTemplate. In the nginx example above, each Pod will receive a single PersistentVolume
+with a storage class of `anything` and 1 Gib of provisioned storage. When a Pod is (re)scheduled
+onto a node, its `volumeMounts` mount the PersistentVolumes associated with its
+PersistentVolume Claims. Note that, the PersistentVolumes associated with the
+Pods' PersistentVolume Claims are not deleted when the Pods, or StatefulSet are deleted.
+This must be done manually.
+
+### Deployment and Scaling Guarantee
+
+* For a StatefulSet with N replicas, when Pods are being deployed, they are created sequentially, in order from {0..N-1}.
+* When Pods are being deleted, they are terminated in reverse order, from {N-1..0}.
+* Before a scaling operation is applied to a Pod, all of its predecessors must be Running and Ready.
+* Before a Pod is terminated, all of its successors must be completely shutdown.
+
+The StatefulSet should not specify a `pod.Spec.TerminationGracePeriodSeconds` of 0. This practice is unsafe and strongly discouraged. For further explanation, please refer to [force deleting StatefulSet Pods](/docs/tasks/manage-stateful-set/delete-pods/#deleting-pods).
+
+When the nginx example above is created, three Pods will be deployed in the order
+web-0, web-1, web-2. web-1 will not be deployed before web-0 is
+[Running and Ready](/docs/user-guide/pod-states), and web-2 will not be deployed until
+web-1 is Running and Ready. If web-0 should fail, after web-1 is Running and Ready, but before
+web-2 is launched, web-2 will not be launched until web-0 is successfully relaunched and
+becomes Running and Ready.
+
+If a user were to scale the deployed example by patching the StatefulSet such that
+`replicas=1`, web-2 would be terminated first. web-1 would not be terminated until web-2
+is fully shutdown and deleted. If web-0 were to fail after web-2 has been terminated and
+is completely shutdown, but prior to web-1's termination, web-1 would not be terminated
+until web-0 is Running and Ready.
+{% endcapture %}
+{% include templates/concept.md %}
diff --git a/docs/concepts/index.md b/docs/concepts/index.md
index db56a3d05b..c26b972202 100644
--- a/docs/concepts/index.md
+++ b/docs/concepts/index.md
@@ -1,11 +1,17 @@
---
+title: Concepts
---
The Concepts section of the Kubernetes documentation is a work in progress.
#### Object Metadata
-[Annotations](/docs/concepts/object-metadata/annotations/)
+
+* [Annotations](/docs/concepts/object-metadata/annotations/)
+
+#### Controllers
+* [StatefulSets](/docs/concepts/abstractions/controllers/statefulsets/)
+
### What's next
diff --git a/docs/concepts/object-metadata/annotations.md b/docs/concepts/object-metadata/annotations.md
index e337493fe1..fbf73f48fd 100644
--- a/docs/concepts/object-metadata/annotations.md
+++ b/docs/concepts/object-metadata/annotations.md
@@ -1,4 +1,5 @@
---
+title: Annotations
---
{% capture overview %}
diff --git a/docs/contribute/create-pull-request.md b/docs/contribute/create-pull-request.md
index 7f42bfb125..4637c0b066 100644
--- a/docs/contribute/create-pull-request.md
+++ b/docs/contribute/create-pull-request.md
@@ -1,4 +1,5 @@
---
+title: Creating a Documentation Pull Request
---
{% capture overview %}
@@ -80,6 +81,12 @@ site where you can verify that your changes have rendered correctly.
If needed, revise your pull request by committing changes to your
new branch in your fork.
+The staging site for the upcoming Kubernetes release is here:
+[http://kubernetes-io-vnext-staging.netlify.com/](http://kubernetes-io-vnext-staging.netlify.com/).
+The staging site reflects the current state of what's been merged in the
+release branch, or in other words, what the docs will look like for the
+next upcoming release. It's automatically updated as new PRs get merged.
+
{% endcapture %}
{% capture whatsnext %}
diff --git a/docs/contribute/page-templates.md b/docs/contribute/page-templates.md
index 4b19cde39b..93fa03a6bb 100644
--- a/docs/contribute/page-templates.md
+++ b/docs/contribute/page-templates.md
@@ -1,7 +1,8 @@
---
redirect_from:
- - /docs/templatedemos/
- - /docs/templatedemos.html
+- "/docs/templatedemos/"
+- "/docs/templatedemos.html"
+title: Using Page Templates
---
+ v |
+ endpoint
+```
+
+
+To avoid this, Kubernetes 1.5 has a beta feature triggered by the
+`service.beta.kubernetes.io/external-traffic` [annotation](/docs/user-guide/load-balancer/#loss-of-client-source-ip-for-external-traffic).
+Setting it to the value `OnlyLocal` will only proxy requests to local endpoints,
+never forwarding traffic to other nodes and thereby preserving the original
+source IP address. If there are no local endpoints, packets sent to the node
+are dropped, so you can rely on the correct source-ip in any packet processing
+rules you might apply a packet that make it through to the endpoint.
+
+Set the annotation as follows:
+
+```console
+$ kubectl annotate service nodeport service.beta.kubernetes.io/external-traffic=OnlyLocal
+service "nodeport" annotated
+```
+
+Now, re-run the test:
+
+```console
+$ for node in $NODES; do curl --connect-timeout 1 -s $node:$NODEPORT | grep -i client_address; do
+client_address=104.132.1.79
+```
+
+Note that you only got one reply, with the *right* client IP, from the one node on which the endpoint pod
+is running on.
+
+This is what happens:
+
+* client sends packet to `node2:nodePort`, which doesn't have any endpoints
+* packet is dropped
+* client sends packet to `node1:nodePort`, which *does* have endpoints
+* node1 routes packet to endpoint with the correct source IP
+
+Visually:
+
+```
+ client
+ ^ / \
+ / / \
+ / v X
+ node 1 node 2
+ ^ |
+ | |
+ | v
+ endpoint
+```
+
+
+
+### Source IP for Services with Type=LoadBalancer
+
+As of Kubernetes 1.5, packets sent to Services with [Type=LoadBalancer](/docs/user-guide/services/#type-loadbalancer) are
+source NAT'd by default, because all schedulable Kubernetes nodes in the
+`Ready` state are eligible for loadbalanced traffic. So if packets arrive
+at a node without an endpoint, the system proxies it to a node *with* an
+endpoint, replacing the source IP on the packet with the IP of the node (as
+described in the previous section).
+
+You can test this by exposing the source-ip-app through a loadbalancer
+
+```console
+$ kubectl expose deployment source-ip-app --name=loadbalancer --port=80 --target-port=8080 --type=LoadBalancer
+service "loadbalancer" exposed
+
+$ kubectl get svc loadbalancer
+NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
+loadbalancer 10.0.65.118 104.198.149.140 80/TCP 5m
+
+$ curl 104.198.149.140
+CLIENT VALUES:
+client_address=10.240.0.5
+...
+```
+
+However, if you're running on GKE/GCE, setting the same `service.beta.kubernetes.io/external-traffic`
+annotation to `OnlyLocal` forces nodes *without* Service endpoints to remove
+themselves from the list of nodes eligible for loadbalanced traffic by
+deliberately failing health checks. We expect to roll this feature out across a
+wider range of providers before GA (see next section).
+
+Visually:
+
+```
+ client
+ |
+ lb VIP
+ / ^
+ v /
+health check ---> node 1 node 2 <--- health check
+ 200 <--- ^ | ---> 500
+ | V
+ endpoint
+```
+
+You can test this by setting the annotation:
+
+```console
+$ kubectl annotate service loadbalancer service.beta.kubernetes.io/external-traffic=OnlyLocal
+```
+
+You should immediately see a second annotation allocated by Kubernetes:
+
+```console
+$ kubectl get svc loadbalancer -o yaml | grep -i annotations -A 2
+ annotations:
+ service.beta.kubernetes.io/external-traffic: OnlyLocal
+ service.beta.kubernetes.io/healthcheck-nodeport: "32122"
+```
+
+The `service.beta.kubernetes.io/healthcheck-nodeport` annotation points to
+a port on every node serving the health check at `/healthz`. You can test this:
+
+```
+$ kubectl get po -o wide -l run=source-ip-app
+NAME READY STATUS RESTARTS AGE IP NODE
+source-ip-app-826191075-qehz4 1/1 Running 0 20h 10.180.1.136 kubernetes-minion-group-6jst
+
+kubernetes-minion-group-6jst $ curl localhost:32122/healthz
+1 Service Endpoints found
+
+kubernetes-minion-group-jj1t $ curl localhost:32122/healthz
+No Service Endpoints Found
+```
+
+A service controller running on the master is responsible for allocating the cloud
+loadbalancer, and when it does so, it also allocates HTTP health checks
+pointing to this port/path on each node. Wait about 10 seconds for the 2 nodes
+without endpoints to fail health checks, then curl the lb ip:
+
+```console
+$ curl 104.198.149.140
+CLIENT VALUES:
+client_address=104.132.1.79
+...
+```
+
+__Cross platform support__
+
+As of Kubernetes 1.5 support for source IP preservation through Services
+with Type=LoadBalancer is only implemented in a subset of cloudproviders
+(GCP and Azure). The cloudprovider you're running on might fulfill the
+request for a loadbalancer in a few different ways:
+
+1. With a proxy that terminates the client connection and opens a new connection
+to your nodes/endpoints. In such cases the source IP will always be that of the
+cloud LB, not that of the client.
+
+2. With a packet forwarder, such that requests from the client sent to the
+loadbalancer VIP end up at the node with the source IP of the client, not
+an intermediate proxy.
+
+Loadbalancers in the first category must use an agreed upon
+protocol between the loadbalancer and backend to communicate the true client IP
+such as the HTTP [X-FORWARDED-FOR](https://en.wikipedia.org/wiki/X-Forwarded-For)
+header, or the [proxy protocol](http://www.haproxy.org/download/1.5/doc/proxy-protocol.txt).
+Loadbalancers in the second category can leverage the feature described above
+by simply creating a HTTP health check pointing at the port stored in
+the `service.beta.kubernetes.io/healthcheck-nodeport` annotation on the Service.
+
+{% endcapture %}
+
+{% capture cleanup %}
+
+Delete the Services:
+
+```console
+$ kubectl delete svc -l run=source-ip-app
+```
+
+Delete the Deployment, ReplicaSet and Pod:
+
+```console
+$ kubectl delete deployment source-ip-app
+```
+
+{% endcapture %}
+
+{% capture whatsnext %}
+* Learn more about [connecting applications via services](/docs/user-guide/connecting-applications/)
+* Learn more about [loadbalancing](/docs/user-guide/load-balancer)
+{% endcapture %}
+
+{% include templates/tutorial.md %}
diff --git a/docs/tutorials/stateful-application/Dockerfile b/docs/tutorials/stateful-application/Dockerfile
new file mode 100644
index 0000000000..8016958d83
--- /dev/null
+++ b/docs/tutorials/stateful-application/Dockerfile
@@ -0,0 +1,17 @@
+# This is an image with Percona XtraBackup, mysql-client and ncat installed.
+FROM debian:jessie
+
+RUN \
+ echo "deb http://repo.percona.com/apt jessie main" > /etc/apt/sources.list.d/percona.list \
+ && echo "deb-src http://repo.percona.com/apt jessie main" >> /etc/apt/sources.list.d/percona.list \
+ && apt-key adv --keyserver keys.gnupg.net --recv-keys 8507EFA5
+
+RUN \
+ apt-get update && apt-get install -y --no-install-recommends \
+ percona-xtrabackup-24 \
+ mysql-client \
+ nmap \
+ && rm -rf /var/lib/apt/lists/*
+
+CMD ["bash"]
+
diff --git a/docs/tutorials/stateful-application/basic-stateful-set.md b/docs/tutorials/stateful-application/basic-stateful-set.md
new file mode 100644
index 0000000000..07e41cd56d
--- /dev/null
+++ b/docs/tutorials/stateful-application/basic-stateful-set.md
@@ -0,0 +1,736 @@
+---
+assignees:
+- bprashanth
+- enisoc
+- erictune
+- foxish
+- janetkuo
+- kow3ns
+- smarterclayton
+title: StatefulSet Basics
+---
+
+{% capture overview %}
+This tutorial provides an introduction to managing applications with
+[StatefulSets](/docs/concepts/abstractions/controllers/statefulsets/). It
+demonstrates how to create, delete, scale, and update the container image of a
+StatefulSet.
+{% endcapture %}
+
+{% capture prerequisites %}
+Before you begin this tutorial, you should familiarize yourself with the
+following Kubernetes concepts.
+
+* [Pods](/docs/user-guide/pods/single-container/)
+* [Cluster DNS](/docs/admin/dns/)
+* [Headless Services](/docs/user-guide/services/#headless-services)
+* [PersistentVolumes](/docs/user-guide/volumes/)
+* [PersistentVolume Provisioning](http://releases.k8s.io/{{page.githubbranch}}/examples/experimental/persistent-volume-provisioning/)
+* [StatefulSets](/docs/concepts/abstractions/controllers/statefulsets/)
+* [kubectl CLI](/docs/user-guide/kubectl)
+
+This tutorial assumes that your cluster is configured to dynamically provision
+PersistentVolumes. If your cluster is not configured to do so, you
+will have to manually provision five 1 GiB volumes prior to starting this
+tutorial.
+{% endcapture %}
+
+{% capture objectives %}
+StatefulSets are intended to be used with stateful applications and distributed
+systems. However, the administration of stateful applications and
+distributed systems on Kubernetes is a broad, complex topic. In order to
+demonstrate the basic features of a StatefulSet, and to not conflate the former
+topic with the latter, you will deploy a simple web application using StatefulSets.
+
+After this tutorial, you will be familiar with the following.
+
+* How to create a StatefulSet
+* How a StatefulSet manages its Pods
+* How to delete a StatefulSet
+* How to scale a StatefulSet
+* How to update the container image of a StatefulSet's Pods
+{% endcapture %}
+
+{% capture lessoncontent %}
+### Creating a StatefulSet
+
+Begin by creating a StatefulSet using the example below. It is similar to the
+example presented in the
+[StatefulSets](/docs/concepts/abstractions/controllers/statefulsets/) concept. It creates
+a [Headless Service](/docs/user-guide/services/#headless-services), `nginx`, to
+control the domain of the StatefulSet, `web`.
+
+{% include code.html language="yaml" file="web.yaml" ghlink="/docs/tutorials/stateful-application/web.yaml" %}
+
+Download the example above, and save it to a file named `web.yaml`
+
+You will need to use two terminal windows. In the first terminal, use
+[`kubectl get`](/docs/user-guide/kubectl/kubectl_get/) to watch the creation
+of the StatefulSet's Pods.
+
+```shell
+kubectl get pods -w -l app=nginx
+```
+
+In the second terminal, use
+[`kubectl create`](/docs/user-guide/kubectl/kubectl_create/) to create the
+Headless Service and StatefulSet defined in `web.yaml`.
+
+```shell
+kubectl create -f web.yml
+service "nginx" created
+statefulset "web" created
+```
+
+The command above creates two Pods, each running an
+[NGINX](https://www.nginx.com) webserver. Get the `nginx` Service and the
+`web` StatefulSet to verify that they were created successfully.
+
+```shell
+kubectl get service nginx
+NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
+nginx None 80/TCP 12s
+
+kubectl get statefulset web
+NAME DESIRED CURRENT AGE
+web 2 1 20s
+```
+
+#### Ordered Pod Creation
+
+For a StatefulSet with N replicas, when Pods are being deployed, they are
+created sequentially, in order from {0..N-1}. Examine the output of the
+`kubectl get` command in the first terminal. Eventually, the output will
+look like the example below.
+
+```shell
+kubectl get pods -w -l app=nginx
+NAME READY STATUS RESTARTS AGE
+NAME READY STATUS RESTARTS AGE
+web-0 0/1 Pending 0 0s
+web-0 0/1 Pending 0 0s
+web-0 0/1 ContainerCreating 0 0s
+web-0 1/1 Running 0 19s
+web-1 0/1 Pending 0 0s
+web-1 0/1 Pending 0 0s
+web-1 0/1 ContainerCreating 0 0s
+web-1 1/1 Running 0 18s
+```
+
+Notice that the `web-0` Pod is launched and set to Pending prior to
+launching `web-1`. In fact, `web-1` is not launched until `web-0` is
+[Running and Ready](/docs/user-guide/pod-states).
+
+### Pods in a StatefulSet
+Unlike Pods in other controllers, the Pods in a StatefulSet have a unqiue
+ordinal index and a stable network identity.
+
+#### Examining the Pod's Ordinal Index
+
+Get the StatefulSet's Pods.
+
+```shell
+kubectl get pods -l app=nginx
+NAME READY STATUS RESTARTS AGE
+web-0 1/1 Running 0 1m
+web-1 1/1 Running 0 1m
+
+```
+
+As mentioned in the [StatefulSets](/docs/concepts/abstractions/controllers/statefulsets/)
+concept, the Pods in a StatefulSet have a sticky, unique identity. This identity
+is based on a unique ordinal index that is assigned to each Pod by the Stateful
+Set controller. The Pods' names take the form
+`-`. Since the `web` StatefulSet has two
+replicas, it creates two Pods, `web-0` and `web-1`.
+
+#### Using Stable Network Identities
+Each Pod has a stable hostname based on its ordinal index. Use
+[`kubectl exec`](/docs/user-guide/kubectl/kubectl_exec/) to execute the
+`hostname` command in each Pod.
+
+```shell
+for i in 0 1; do kubectl exec web-$i -- sh -c 'hostname'; done
+web-0
+web-1
+```
+
+Use [`kubectl run`](/docs/user-guide/kubectl/kubectl_run/) to execute
+a container that provides the `nslookup` command from the `dnsutils` package.
+Using `nslookup` on the Pods' hostnames, you can examine their in-cluster DNS
+addresses.
+
+```shell
+kubectl run -i --tty --image busybox dns-test --restart=Never --rm /bin/sh
+nslookup web-0.nginx
+Server: 10.0.0.10
+Address 1: 10.0.0.10 kube-dns.kube-system.svc.cluster.local
+
+Name: web-0.nginx
+Address 1: 10.244.1.6
+
+nslookup web-1.nginx
+Server: 10.0.0.10
+Address 1: 10.0.0.10 kube-dns.kube-system.svc.cluster.local
+
+Name: web-1.nginx
+Address 1: 10.244.2.6
+```
+
+The CNAME of the headless serivce points to SRV records (one for each Pod that
+is Running and Ready). The SRV records point to A record entries that
+contain the Pods' IP addresses.
+
+In one terminal, watch the StatefulSet's Pods.
+
+```shell
+kubectl get pod -w -l app=nginx
+```
+In a second terminal, use
+[`kubectl delete`](/docs/user-guide/kubectl/kubectl_delete/) to delete all
+the Pods in the StatefulSet.
+
+```shell
+kubectl delete pod -l app=nginx
+pod "web-0" deleted
+pod "web-1" deleted
+```
+
+Wait for the StatefulSet to restart them, and for both Pods to transition to
+Running and Ready.
+
+```shell
+kubectl get pod -w -l app=nginx
+NAME READY STATUS RESTARTS AGE
+web-0 0/1 ContainerCreating 0 0s
+NAME READY STATUS RESTARTS AGE
+web-0 1/1 Running 0 2s
+web-1 0/1 Pending 0 0s
+web-1 0/1 Pending 0 0s
+web-1 0/1 ContainerCreating 0 0s
+web-1 1/1 Running 0 34s
+```
+
+Use `kubectl exec` and `kubectl run` to view the Pods hostnames and in-cluster
+DNS entries.
+
+```shell
+for i in 0 1; do kubectl exec web-$i -- sh -c 'hostname'; done
+web-0
+web-1
+
+kubectl run -i --tty --image busybox dns-test --restart=Never --rm /bin/sh
+nslookup web-0.nginx
+Server: 10.0.0.10
+Address 1: 10.0.0.10 kube-dns.kube-system.svc.cluster.local
+
+Name: web-0.nginx
+Address 1: 10.244.1.7
+
+nslookup web-1.nginx
+Server: 10.0.0.10
+Address 1: 10.0.0.10 kube-dns.kube-system.svc.cluster.local
+
+Name: web-1.nginx
+Address 1: 10.244.2.8
+```
+
+The Pods' ordinals, hostnames, SRV records, and A record names have not changed,
+but the IP addresses associated with the Pods may have changed. In the cluster
+used for this tutorial, they have. This is why it is important not to configure
+other applications to connect to Pods in a StatefulSet by IP address.
+
+
+If you need to find and connect to the active members of a StatefulSet, you
+should query the CNAME of the Headless Service
+(`nginx.default.svc.cluster.local`). The SRV records associated with the
+CNAME will contain only the Pods in the StatefulSet that are Running and
+Ready.
+
+If your application already implements connection logic that tests for
+liveness and readiness, you can use the SRV records of the Pods (
+`web-0.nginx.default.svc.cluster.local`,
+`web-1.nginx.default.svc.cluster.local`), as they are stable, and your
+application will be able to discover the Pods' addresses when they transition
+to Running and Ready.
+
+#### Writing to Stable Storage
+
+Get the PersistentVolumeClaims for `web-0` and `web-1`.
+
+```shell
+kubectl get pvc -l app=nginx
+NAME STATUS VOLUME CAPACITY ACCESSMODES AGE
+www-web-0 Bound pvc-15c268c7-b507-11e6-932f-42010a800002 1Gi RWO 48s
+www-web-1 Bound pvc-15c79307-b507-11e6-932f-42010a800002 1Gi RWO 48s
+```
+The StatefulSet controller created two PersistentVolumeClaims that are
+bound to two [PersistentVolumes](/docs/user-guide/volumes/). As the cluster used
+in this tutorial is configured to dynamically provision PersistentVolumes, the
+PersistentVolumes were created and bound automatically.
+
+The NGINX webservers, by default, will serve an index file at
+`/usr/share/nginx/html/index.html`. The `volumeMounts` field in the
+StatefulSets `spec` ensures that the `/usr/share/nginx/html` directory is
+backed by a PersistentVolume.
+
+Write the Pods' hostnames to their `index.html` files and verify that the NGINX
+webservers serve the hostnames.
+
+```shell
+for i in 0 1; do kubectl exec web-$i -- sh -c 'echo $(hostname) > /usr/share/nginx/html/index.html'; done
+
+for i in 0 1; do kubectl exec -it web-$i -- curl localhost; done
+web-0
+web-1
+```
+
+In one terminal, watch the StatefulSet's Pods.
+
+```shell
+kubectl get pod -w -l app=nginx
+```
+
+In a second terminal, delete all of the StatefulSet's Pods.
+
+```shell
+kubectl delete pod -l app=nginx
+pod "web-0" deleted
+pod "web-1" deleted
+```
+Examine the output of the `kubectl get` command in the first terminal, and wait
+for all of the Pods to transition to Running and Ready.
+
+```shell
+kubectl get pod -w -l app=nginx
+NAME READY STATUS RESTARTS AGE
+web-0 0/1 ContainerCreating 0 0s
+NAME READY STATUS RESTARTS AGE
+web-0 1/1 Running 0 2s
+web-1 0/1 Pending 0 0s
+web-1 0/1 Pending 0 0s
+web-1 0/1 ContainerCreating 0 0s
+web-1 1/1 Running 0 34s
+```
+
+Verify the web servers continue to serve their hostnames.
+
+```
+for i in 0 1; do kubectl exec -it web-$i -- curl localhost; done
+web-0
+web-1
+```
+
+Event though `web-0` and `web-1` were rescheduled, they continue to serve their
+hostnames because the PersistentVolumes associated with their Persistent
+Volume Claims are remounted to their `volumeMount`s. No matter what node `web-0`
+and `web-1` are scheduled on, their PersistentVolumes will be mounted to the
+appropriate mount points.
+
+### Scaling a StatefulSet
+Scaling a StatefulSet refers to increasing or decreasing the number of replicas.
+This is accomplished by updating the `replicas` field. You can use either
+[`kubectl scale`](/docs/user-guide/kubectl/kubectl_scale/) or
+[`kubectl patch`](/docs/user-guide/kubectl/kubectl_patch/) to scale a Stateful
+Set.
+
+#### Scaling Up
+
+In one terminal window, watch the Pods in the StatefulSet.
+
+```shell
+kubectl get pods -w -l app=nginx
+```
+
+In another terminal window, use `kubectl scale` to scale the number of replicas
+to 5.
+
+```shell
+kubectl scale statefulset web --replicas=5
+statefulset "web" scaled
+```
+
+Examine the output of the `kubectl get` command in the first terminal, and wait
+for the three additional Pods to transition to Running and Ready.
+
+```shell
+kubectl get pods -w -l app=nginx
+NAME READY STATUS RESTARTS AGE
+web-0 1/1 Running 0 2h
+web-1 1/1 Running 0 2h
+NAME READY STATUS RESTARTS AGE
+web-2 0/1 Pending 0 0s
+web-2 0/1 Pending 0 0s
+web-2 0/1 ContainerCreating 0 0s
+web-2 1/1 Running 0 19s
+web-3 0/1 Pending 0 0s
+web-3 0/1 Pending 0 0s
+web-3 0/1 ContainerCreating 0 0s
+web-3 1/1 Running 0 18s
+web-4 0/1 Pending 0 0s
+web-4 0/1 Pending 0 0s
+web-4 0/1 ContainerCreating 0 0s
+web-4 1/1 Running 0 19s
+```
+
+The StatefulSet controller scaled the number of replicas. As with
+[StatefulSet creation](#ordered-pod-creation), the StatefulSet controller
+created each Pod sequentially with respect to its ordinal index, and it
+waited for each Pod's predecessor to be Running and Ready before launching the
+subsequent Pod.
+
+#### Scaling Down
+
+In one terminal, watch the StatefulSet's Pods.
+
+```shell
+kubectl get pods -w -l app=nginx
+```
+
+In another terminal, use `kubectl patch` to scale the StatefulSet back down to
+3 replicas.
+
+```shell
+kubectl patch statefulset web -p '{"spec":{"replicas":3}}'
+"web" patched
+```
+
+Wait for `web-4` and `web-3` to transition to Terminating.
+
+```
+kubectl get pods -w -l app=nginx
+NAME READY STATUS RESTARTS AGE
+web-0 1/1 Running 0 3h
+web-1 1/1 Running 0 3h
+web-2 1/1 Running 0 55s
+web-3 1/1 Running 0 36s
+web-4 0/1 ContainerCreating 0 18s
+NAME READY STATUS RESTARTS AGE
+web-4 1/1 Running 0 19s
+web-4 1/1 Terminating 0 24s
+web-4 1/1 Terminating 0 24s
+web-3 1/1 Terminating 0 42s
+web-3 1/1 Terminating 0 42s
+```
+
+#### Ordered Pod Termination
+
+The controller deleted one Pod at a time, with respect to its ordinal index,
+in reverse order, and it waited for each to be completely shutdown before
+deleting the next.
+
+Get the StatefulSet's PersistentVolumeClaims.
+
+```shell
+kubectl get pvc -l app=nginx
+NAME STATUS VOLUME CAPACITY ACCESSMODES AGE
+www-web-0 Bound pvc-15c268c7-b507-11e6-932f-42010a800002 1Gi RWO 13h
+www-web-1 Bound pvc-15c79307-b507-11e6-932f-42010a800002 1Gi RWO 13h
+www-web-2 Bound pvc-e1125b27-b508-11e6-932f-42010a800002 1Gi RWO 13h
+www-web-3 Bound pvc-e1176df6-b508-11e6-932f-42010a800002 1Gi RWO 13h
+www-web-4 Bound pvc-e11bb5f8-b508-11e6-932f-42010a800002 1Gi RWO 13h
+
+```
+
+There are still five PersistentVolumeClaims and five PersistentVolumes.
+When exploring a Pod's [stable storage](#stable-storage), we saw that the
+PersistentVolumes mounted to the Pods of a StatefulSet are not deleted when
+the StatefulSet's Pods are deleted. This is still true when Pod deletion is
+caused by scaling the StatefulSet down. This feature can be used to facilitate
+upgrading the container images of Pods in a StatefulSet.
+
+### Updating Containers
+As demonstrated in the [Scaling a StatefulSet](#scaling-a-statefulset) section,
+the `replicas` field of a StatefulSet is mutable. The only other field of a
+StatefulSet that can be updated is the `spec.template.containers` field.
+
+StatefulSet currently *does not* support automated image upgrade. However, you
+can update the `image` field of any container in the podTemplate and delete
+StatefulSet's Pods one by one, the StatefulSet controller will recreate
+each Pod with the new image.
+
+Patch the container image for the `web` StatefulSet.
+
+```shell
+kubectl patch statefulset web --type='json' -p='[{"op": "replace", "path": "/spec/template/spec/containers/0/image", "value":"gcr.io/google_containers/nginx-slim:0.7"}]'
+"web" patched
+```
+
+Delete the `web-0` Pod.
+
+```shell
+kubectl delete pod web-0
+pod "web-0" deleted
+```
+
+Watch `web-0`, and wait for the Pod to transition to Running and Ready.
+
+```shell
+kubectl get pod web-0 -w
+NAME READY STATUS RESTARTS AGE
+web-0 1/1 Running 0 54s
+web-0 1/1 Terminating 0 1m
+web-0 0/1 Terminating 0 1m
+web-0 0/1 Terminating 0 1m
+web-0 0/1 Terminating 0 1m
+web-0 0/1 Pending 0 0s
+web-0 0/1 Pending 0 0s
+web-0 0/1 ContainerCreating 0 0s
+web-0 1/1 Running 0 3s
+```
+
+Get the Pods to view their container images.
+
+```shell{% raw %}
+for p in 0 1 2; do kubectl get po web-$p --template '{{range $i, $c := .spec.containers}}{{$c.image}}{{end}}'; echo; done
+gcr.io/google_containers/nginx-slim:0.7
+gcr.io/google_containers/nginx-slim:0.8
+gcr.io/google_containers/nginx-slim:0.8
+{% endraw %}```
+
+`web-0` has had its image updated. Complete the update by deleting the remaining
+Pods.
+
+```shell
+kubectl delete pod web-1 web-2
+pod "web-1" deleted
+pod "web-2" deleted
+```
+
+Watch the Pods, and wait for all of them to transition to Running and Ready.
+
+```
+kubectl get pods -w -l app=nginx
+NAME READY STATUS RESTARTS AGE
+web-0 1/1 Running 0 8m
+web-1 1/1 Running 0 4h
+web-2 1/1 Running 0 23m
+NAME READY STATUS RESTARTS AGE
+web-1 1/1 Terminating 0 4h
+web-1 1/1 Terminating 0 4h
+web-1 0/1 Pending 0 0s
+web-1 0/1 Pending 0 0s
+web-1 0/1 ContainerCreating 0 0s
+web-2 1/1 Terminating 0 23m
+web-2 1/1 Terminating 0 23m
+web-1 1/1 Running 0 4s
+web-2 0/1 Pending 0 0s
+web-2 0/1 Pending 0 0s
+web-2 0/1 ContainerCreating 0 0s
+web-2 1/1 Running 0 36s
+```
+
+Get the Pods to view their container images.
+
+```shell{% raw %}
+for p in 0 1 2; do kubectl get po web-$p --template '{{range $i, $c := .spec.containers}}{{$c.image}}{{end}}'; echo; done
+gcr.io/google_containers/nginx-slim:0.7
+gcr.io/google_containers/nginx-slim:0.7
+gcr.io/google_containers/nginx-slim:0.7
+{% endraw %}```
+
+All the Pods in the StatefulSet are now running a new container image.
+
+### Deleting StatefulSets
+
+StatefulSet supports both Non-Cascading and Cascading deletion. In a
+Non-Cascading Delete, the StatefulSet's Pods are not deleted when the Stateful
+Set is deleted. In a Cascading Delete, both the StatefulSet and its Pods are
+deleted.
+
+#### Non-Cascading Delete
+
+In one terminal window, watch the Pods in the StatefulSet.
+
+```
+kubectl get pods -w -l app=nginx
+```
+
+Use [`kubectl delete`](/docs/user-guide/kubectl/kubectl_delete/) to delete the
+StatefulSet. Make sure to supply the `--cascade=false` parameter to the
+command. This parameter tells Kubernetes to only delete the StatefulSet, and to
+not delete any of its Pods.
+
+```shell
+kubectl delete statefulset web --cascade=false
+statefulset "web" deleted
+```
+
+Get the Pods to examine their status.
+
+```shell
+kubectl get pods -l app=nginx
+NAME READY STATUS RESTARTS AGE
+web-0 1/1 Running 0 6m
+web-1 1/1 Running 0 7m
+web-2 1/1 Running 0 5m
+```
+
+Even though `web` has been deleted, all of the Pods are still Running and Ready.
+Delete `web-0`.
+
+```shell
+kubectl delete pod web-0
+pod "web-0" deleted
+```
+
+Get the StatefulSet's Pods.
+
+```shell
+kubectl get pods -l app=nginx
+NAME READY STATUS RESTARTS AGE
+web-1 1/1 Running 0 10m
+web-2 1/1 Running 0 7m
+```
+
+As the `web` StatefulSet has been deleted, `web-0` has not been relaunched.
+
+In one terminal, watch the StatefulSet's Pods.
+
+```
+kubectl get pods -w -l app=nginx
+```
+
+In a second terminal, recreate the StatefulSet. Note that, unless
+you deleted the `nginx` Service ( which you should not have ), you will see
+an error indicating that the Service already exists.
+
+```shell
+kubectl create -f web.yaml
+statefulset "web" created
+Error from server (AlreadyExists): error when creating "web.yaml": services "nginx" already exists
+```
+
+Ignore the error. It only indicates that an attempt was made to create the nginx
+Headless Service even though that Service already exists.
+
+Examine the output of the `kubectl get` command running in the first terminal.
+
+```shell
+kubectl get pods -w -l app=nginx
+NAME READY STATUS RESTARTS AGE
+web-1 1/1 Running 0 16m
+web-2 1/1 Running 0 2m
+NAME READY STATUS RESTARTS AGE
+web-0 0/1 Pending 0 0s
+web-0 0/1 Pending 0 0s
+web-0 0/1 ContainerCreating 0 0s
+web-0 1/1 Running 0 18s
+web-2 1/1 Terminating 0 3m
+web-2 0/1 Terminating 0 3m
+web-2 0/1 Terminating 0 3m
+web-2 0/1 Terminating 0 3m
+```
+
+When the `web` StatefulSet was recreated, it first relaunched `web-0`.
+Since `web-1` was already Running and Ready, when `web-0` transitioned to
+ Running and Ready, it simply adopted this Pod. Since you recreated the StatefulSet
+ with `replicas` equal to 2, once `web-0` had been recreated, and once
+ `web-1` had been determined to already be Running and Ready, `web-2` was
+ terminated.
+
+Let's take another look at the contents of the `index.html` file served by the
+Pods' webservers.
+
+```shell
+for i in 0 1; do kubectl exec -it web-$i -- curl localhost; done
+web-0
+web-1
+```
+
+Even though you deleted both the StatefulSet and the `web-0` Pod, it still
+serves the hostname originally entered into its `index.html` file. This is
+because the StatefulSet never deletes the PersistentVolumes associated with a
+Pod. When you recreated the StatefulSet and it relaunched `web-0`, its original
+PersistentVolume was remounted.
+
+#### Cascading Delete
+
+In one terminal window, watch the Pods in the StatefulSet.
+
+```shell
+kubectl get pods -w -l app=nginx
+```
+
+In another terminal, delete the StatefulSet again. This time, omit the
+`--cascade=false` parameter.
+
+```shell
+kubectl delete statefulset web
+statefulset "web" deleted
+```
+Examine the output of the `kubectl get` command running in the first terminal,
+and wait for all of the Pods to transition to Terminating.
+
+```shell
+kubectl get pods -w -l app=nginx
+NAME READY STATUS RESTARTS AGE
+web-0 1/1 Running 0 11m
+web-1 1/1 Running 0 27m
+NAME READY STATUS RESTARTS AGE
+web-0 1/1 Terminating 0 12m
+web-1 1/1 Terminating 0 29m
+web-0 0/1 Terminating 0 12m
+web-0 0/1 Terminating 0 12m
+web-0 0/1 Terminating 0 12m
+web-1 0/1 Terminating 0 29m
+web-1 0/1 Terminating 0 29m
+web-1 0/1 Terminating 0 29m
+
+```
+
+As you saw in the [Scaling Down](#ordered-pod-termination) section, the Pods
+are terminated one at a time, with respect to the reverse order of their ordinal
+indices. Before terminating a Pod, the StatefulSet controller waits for
+the Pod's successor to be completely terminated.
+
+Note that, while a cascading delete will delete the StatefulSet and its Pods,
+it will not delete the Headless Service associated with the StatefulSet. You
+must delete the `nginx` Service manually.
+
+```shell
+kubectl delete service nginx
+service "nginx" deleted
+```
+
+Recreate the StatefulSet and Headless Service one more time.
+
+```shell
+kubectl create -f web.yaml
+service "nginx" created
+statefulset "web" created
+```
+
+When all of the StatefulSet's Pods transition to Running and Ready, retrieve
+the contents of their `index.html` files.
+
+```shell
+for i in 0 1; do kubectl exec -it web-$i -- curl localhost; done
+web-0
+web-1
+```
+
+Even though you completely deleted the StatefulSet, and all of its Pods, the
+Pods are recreated with their PersistentVolumes mounted, and `web-0` and
+`web-1` will still serve their hostnames.
+
+Finally delete the `web` StatefulSet and the `nginx` service.
+
+```shell
+kubectl delete service nginx
+service "nginx" deleted
+
+kubectl delete statefulset web
+statefulset "web" deleted
+```
+
+{% endcapture %}
+
+{% capture cleanup %}
+You will need to delete the persistent storage media for the PersistentVolumes
+used in this tutorial. Follow the necessary steps, based on your environment,
+storage configuration, and provisioning method, to ensure that all storage is
+reclaimed.
+{% endcapture %}
+
+{% include templates/tutorial.md %}
\ No newline at end of file
diff --git a/docs/tutorials/stateful-application/mysql-configmap.yaml b/docs/tutorials/stateful-application/mysql-configmap.yaml
new file mode 100644
index 0000000000..46d34e422c
--- /dev/null
+++ b/docs/tutorials/stateful-application/mysql-configmap.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: mysql
+ labels:
+ app: mysql
+data:
+ master.cnf: |
+ # Apply this config only on the master.
+ [mysqld]
+ log-bin
+ slave.cnf: |
+ # Apply this config only on slaves.
+ [mysqld]
+ super-read-only
+
diff --git a/docs/tutorials/stateful-application/mysql-services.yaml b/docs/tutorials/stateful-application/mysql-services.yaml
new file mode 100644
index 0000000000..f538992566
--- /dev/null
+++ b/docs/tutorials/stateful-application/mysql-services.yaml
@@ -0,0 +1,30 @@
+# Headless service for stable DNS entries of StatefulSet members.
+apiVersion: v1
+kind: Service
+metadata:
+ name: mysql
+ labels:
+ app: mysql
+spec:
+ ports:
+ - name: mysql
+ port: 3306
+ clusterIP: None
+ selector:
+ app: mysql
+---
+# Client service for connecting to any MySQL instance for reads.
+# For writes, you must instead connect to the master: mysql-0.mysql.
+apiVersion: v1
+kind: Service
+metadata:
+ name: mysql-read
+ labels:
+ app: mysql
+spec:
+ ports:
+ - name: mysql
+ port: 3306
+ selector:
+ app: mysql
+
diff --git a/docs/tutorials/stateful-application/mysql-statefulset.yaml b/docs/tutorials/stateful-application/mysql-statefulset.yaml
new file mode 100644
index 0000000000..106f77cd99
--- /dev/null
+++ b/docs/tutorials/stateful-application/mysql-statefulset.yaml
@@ -0,0 +1,165 @@
+apiVersion: apps/v1beta1
+kind: StatefulSet
+metadata:
+ name: mysql
+spec:
+ serviceName: mysql
+ replicas: 3
+ template:
+ metadata:
+ labels:
+ app: mysql
+ annotations:
+ pod.beta.kubernetes.io/init-containers: '[
+ {
+ "name": "init-mysql",
+ "image": "mysql:5.7",
+ "command": ["bash", "-c", "
+ set -ex\n
+ # mysqld --initialize expects an empty data dir.\n
+ rm -rf /mnt/data/lost+found\n
+ # Generate mysql server-id from pod ordinal index.\n
+ [[ `hostname` =~ -([0-9]+)$ ]] || exit 1\n
+ ordinal=${BASH_REMATCH[1]}\n
+ echo [mysqld] > /mnt/conf.d/server-id.cnf\n
+ # Add an offset to avoid reserved server-id=0 value.\n
+ echo server-id=$((100 + $ordinal)) >> /mnt/conf.d/server-id.cnf\n
+ # Copy appropriate conf.d files from config-map to emptyDir.\n
+ if [[ $ordinal -eq 0 ]]; then\n
+ cp /mnt/config-map/master.cnf /mnt/conf.d/\n
+ else\n
+ cp /mnt/config-map/slave.cnf /mnt/conf.d/\n
+ fi\n
+ "],
+ "volumeMounts": [
+ {"name": "data", "mountPath": "/mnt/data"},
+ {"name": "conf", "mountPath": "/mnt/conf.d"},
+ {"name": "config-map", "mountPath": "/mnt/config-map"}
+ ]
+ },
+ {
+ "name": "clone-mysql",
+ "image": "gcr.io/google-samples/xtrabackup:1.0",
+ "command": ["bash", "-c", "
+ set -ex\n
+ # Skip the clone if data already exists.\n
+ [[ -d /var/lib/mysql/mysql ]] && exit 0\n
+ # Skip the clone on master (ordinal index 0).\n
+ [[ `hostname` =~ -([0-9]+)$ ]] || exit 1\n
+ ordinal=${BASH_REMATCH[1]}\n
+ [[ $ordinal -eq 0 ]] && exit 0\n
+ # Clone data from previous peer.\n
+ ncat --recv-only mysql-$(($ordinal-1)).mysql 3307 | xbstream -x -C /var/lib/mysql\n
+ # Prepare the backup.\n
+ xtrabackup --prepare --target-dir=/var/lib/mysql\n
+ "],
+ "volumeMounts": [
+ {"name": "data", "mountPath": "/var/lib/mysql"},
+ {"name": "conf", "mountPath": "/etc/mysql/conf.d"}
+ ]
+ }
+ ]'
+ spec:
+ containers:
+ - name: mysql
+ image: mysql:5.7
+ env:
+ - name: MYSQL_ALLOW_EMPTY_PASSWORD
+ value: "1"
+ ports:
+ - name: mysql
+ containerPort: 3306
+ volumeMounts:
+ - name: data
+ mountPath: /var/lib/mysql
+ - name: conf
+ mountPath: /etc/mysql/conf.d
+ resources:
+ requests:
+ cpu: 1
+ memory: 1Gi
+ livenessProbe:
+ exec:
+ command: ["mysqladmin", "ping"]
+ initialDelaySeconds: 30
+ timeoutSeconds: 5
+ readinessProbe:
+ exec:
+ # Check we can execute queries over TCP (skip-networking is off).
+ command: ["mysql", "-h", "127.0.0.1", "-e", "SELECT 1"]
+ initialDelaySeconds: 5
+ timeoutSeconds: 1
+ - name: xtrabackup
+ image: gcr.io/google-samples/xtrabackup:1.0
+ ports:
+ - name: xtrabackup
+ containerPort: 3307
+ command:
+ - bash
+ - "-c"
+ - |
+ set -ex
+ cd /var/lib/mysql
+
+ # Determine binlog position of cloned data, if any.
+ if [[ -f xtrabackup_slave_info ]]; then
+ # XtraBackup already generated a partial "CHANGE MASTER TO" query
+ # because we're cloning from an existing slave.
+ mv xtrabackup_slave_info change_master_to.sql.in
+ # Ignore xtrabackup_binlog_info in this case (it's useless).
+ rm -f xtrabackup_binlog_info
+ elif [[ -f xtrabackup_binlog_info ]]; then
+ # We're cloning directly from master. Parse binlog position.
+ [[ `cat xtrabackup_binlog_info` =~ ^(.*?)[[:space:]]+(.*?)$ ]] || exit 1
+ rm xtrabackup_binlog_info
+ echo "CHANGE MASTER TO MASTER_LOG_FILE='${BASH_REMATCH[1]}',\
+ MASTER_LOG_POS=${BASH_REMATCH[2]}" > change_master_to.sql.in
+ fi
+
+ # Check if we need to complete a clone by starting replication.
+ if [[ -f change_master_to.sql.in ]]; then
+ echo "Waiting for mysqld to be ready (accepting connections)"
+ until mysql -h 127.0.0.1 -e "SELECT 1"; do sleep 1; done
+
+ echo "Initializing replication from clone position"
+ # In case of container restart, attempt this at-most-once.
+ mv change_master_to.sql.in change_master_to.sql.orig
+ mysql -h 127.0.0.1 <.mysql` from within any other Pod in the same Kubernetes
+cluster and namespace.
+
+The Client Service, called `mysql-read`, is a normal Service with its own
+cluster IP that distributes connections across all MySQL Pods that report
+being Ready. The set of potential endpoints includes the MySQL master and all
+slaves.
+
+Note that only read queries can use the load-balanced Client Service.
+Because there is only one MySQL master, clients should connect directly to the
+MySQL master Pod (through its DNS entry within the Headless Service) to execute
+writes.
+
+#### StatefulSet
+
+Finally, create the StatefulSet from the following YAML configuration file:
+
+```shell
+kubectl create -f http://k8s.io/docs/tutorials/stateful-application/mysql-statefulset.yaml
+```
+
+{% include code.html language="yaml" file="mysql-statefulset.yaml" ghlink="/docs/tutorials/stateful-application/mysql-statefulset.yaml" %}
+
+You can watch the startup progress by running:
+
+```shell
+kubectl get pods -l app=mysql --watch
+```
+
+After a while, you should see all 3 Pods become Running:
+
+```
+NAME READY STATUS RESTARTS AGE
+mysql-0 2/2 Running 0 2m
+mysql-1 2/2 Running 0 1m
+mysql-2 2/2 Running 0 1m
+```
+
+Press **Ctrl+C** to cancel the watch.
+If you don't see any progress, make sure you have a dynamic PersistentVolume
+provisioner enabled as mentioned in the [prerequisites](#before-you-begin).
+
+This manifest uses a variety of techniques for managing stateful Pods as part of
+a StatefulSet. The next section highlights some of these techniques to explain
+what happens as the StatefulSet creates Pods.
+
+### Understanding stateful Pod initialization
+
+The StatefulSet controller starts Pods one at a time, in order by their
+ordinal index.
+It waits until each Pod reports being Ready before starting the next one.
+
+In addition, the controller assigns each Pod a unique, stable name of the form
+`-`.
+In this case, that results in Pods named `mysql-0`, `mysql-1`, and `mysql-2`.
+
+The Pod template in the above StatefulSet manifest takes advantage of these
+properties to perform orderly startup of MySQL replication.
+
+#### Generating configuration
+
+Before starting any of the containers in the Pod spec, the Pod first runs any
+[Init Containers](/docs/user-guide/production-pods/#handling-initialization)
+in the order defined.
+In the StatefulSet manifest, you can find these defined within the
+`pod.beta.kubernetes.io/init-containers` annotation.
+
+The first Init Container, named `init-mysql`, generates special MySQL config
+files based on the ordinal index.
+
+The script determines its own ordinal index by extracting it from the end of
+the Pod name, which is returned by the `hostname` command.
+Then it saves the ordinal (with a numeric offset to avoid reserved values)
+into a file called `server-id.cnf` in the MySQL `conf.d` directory.
+This translates the unique, stable identity provided by the StatefulSet
+controller into the domain of MySQL server IDs, which require the same
+properties.
+
+The script in the `init-mysql` container also applies either `master.cnf` or
+`slave.cnf` from the ConfigMap by copying the contents into `conf.d`.
+Because the example topology consists of a single MySQL master and any number of
+slaves, the script simply assigns ordinal `0` to be the master, and everyone
+else to be slaves.
+Combined with the StatefulSet controller's
+[deployment order guarantee](/docs/concepts/abstractions/controllers/statefulsets/#deployment-and-scaling-guarantee),
+this ensures the MySQL master is Ready before creating slaves, so they can begin
+replicating.
+
+#### Cloning existing data
+
+In general, when a new Pod joins the set as a slave, it must assume the MySQL
+master might already have data on it. It also must assume that the replication
+logs might not go all the way back to the beginning of time.
+These conservative assumptions are the key to allowing a running StatefulSet
+to scale up and down over time, rather than being fixed at its initial size.
+
+The second Init Container, named `clone-mysql`, performs a clone operation on
+a slave Pod the first time it starts up on an empty PersistentVolume.
+That means it copies all existing data from another running Pod,
+so its local state is consistent enough to begin replicating from the master.
+
+MySQL itself does not provide a mechanism to do this, so the example uses a
+popular open-source tool called Percona XtraBackup.
+During the clone, the source MySQL server might suffer reduced performance.
+To minimize impact on the MySQL master, the script instructs each Pod to clone
+from the Pod whose ordinal index is one lower.
+This works because the StatefulSet controller always ensures Pod `N` is
+Ready before starting Pod `N+1`.
+
+#### Starting replication
+
+After the Init Containers complete successfully, the regular containers run.
+The MySQL Pods consist of a `mysql` container that runs the actual `mysqld`
+server, and an `xtrabackup` container that acts as a
+[sidecar](http://blog.kubernetes.io/2015/06/the-distributed-system-toolkit-patterns.html).
+
+The `xtrabackup` sidecar looks at the cloned data files and determines if
+it's necessary to initialize MySQL replication on the slave.
+If so, it waits for `mysqld` to be ready and then executes the
+`CHANGE MASTER TO` and `START SLAVE` commands with replication parameters
+extracted from the XtraBackup clone files.
+
+Once a slave begins replication, it remembers its MySQL master and
+reconnects automatically if the server restarts or the connection dies.
+Also, because slaves look for the master at its stable DNS name
+(`mysql-0.mysql`), they automatically find the master even if it gets a new
+Pod IP due to being rescheduled.
+
+Lastly, after starting replication, the `xtrabackup` container listens for
+connections from other Pods requesting a data clone.
+This server remains up indefinitely in case the StatefulSet scales up, or in
+case the next Pod loses its PersistentVolumeClaim and needs to redo the clone.
+
+### Sending client traffic
+
+You can send test queries to the MySQL master (hostname `mysql-0.mysql`)
+by running a temporary container with the `mysql:5.7` image and running the
+`mysql` client binary.
+
+```shell
+kubectl run mysql-client --image=mysql:5.7 -i -t --rm --restart=Never --\
+ mysql -h mysql-0.mysql <` with the name of the Node you found in the last step.
+
+This might impact other applications on the Node, so it's best to
+**only do this in a test cluster**.
+
+```shell
+kubectl drain --force --delete-local-data --ignore-daemonsets
+```
+
+Now you can watch as the Pod reschedules on a different Node:
+
+```shell
+kubectl get pod mysql-2 -o wide --watch
+```
+
+It should look something like this:
+
+```
+NAME READY STATUS RESTARTS AGE IP NODE
+mysql-2 2/2 Terminating 0 15m 10.244.1.56 kubernetes-minion-group-9l2t
+[...]
+mysql-2 0/2 Pending 0 0s kubernetes-minion-group-fjlm
+mysql-2 0/2 Init:0/2 0 0s kubernetes-minion-group-fjlm
+mysql-2 0/2 Init:1/2 0 20s 10.244.5.32 kubernetes-minion-group-fjlm
+mysql-2 0/2 PodInitializing 0 21s 10.244.5.32 kubernetes-minion-group-fjlm
+mysql-2 1/2 Running 0 22s 10.244.5.32 kubernetes-minion-group-fjlm
+mysql-2 2/2 Running 0 30s 10.244.5.32 kubernetes-minion-group-fjlm
+```
+
+And again, you should see server ID `102` disappear from the
+`SELECT @@server_id` loop output for a while and then return.
+
+Now uncordon the Node to return it to a normal state:
+
+```shell
+kubectl uncordon
+```
+
+### Scaling the number of slaves
+
+With MySQL replication, you can scale your read query capacity by adding slaves.
+With StatefulSet, you can do this with a single command:
+
+```shell
+kubectl scale --replicas=5 statefulset mysql
+```
+
+Watch the new Pods come up by running:
+
+```shell
+kubectl get pods -l app=mysql --watch
+```
+
+Once they're up, you should see server IDs `103` and `104` start appearing in
+the `SELECT @@server_id` loop output.
+
+You can also verify that these new servers have the data you added before they
+existed:
+
+```shell
+kubectl run mysql-client --image=mysql:5.7 -i -t --rm --restart=Never --\
+ mysql -h mysql-3.mysql -e "SELECT * FROM test.messages"
+```
+
+```
+Waiting for pod default/mysql-client to be running, status is Pending, pod ready: false
++---------+
+| message |
++---------+
+| hello |
++---------+
+pod "mysql-client" deleted
+```
+
+Scaling back down is also seamless:
+
+```shell
+kubectl scale --replicas=3 statefulset mysql
+```
+
+Note, however, that while scaling up creates new PersistentVolumeClaims
+automatically, scaling down does not automatically delete these PVCs.
+This gives you the choice to keep those initialized PVCs around to make
+scaling back up quicker, or to extract data before deleting them.
+
+You can see this by running:
+
+```shell
+kubectl get pvc -l app=mysql
+```
+
+Which shows that all 5 PVCs still exist, despite having scaled the
+StatefulSet down to 3:
+
+```
+NAME STATUS VOLUME CAPACITY ACCESSMODES AGE
+data-mysql-0 Bound pvc-8acbf5dc-b103-11e6-93fa-42010a800002 10Gi RWO 20m
+data-mysql-1 Bound pvc-8ad39820-b103-11e6-93fa-42010a800002 10Gi RWO 20m
+data-mysql-2 Bound pvc-8ad69a6d-b103-11e6-93fa-42010a800002 10Gi RWO 20m
+data-mysql-3 Bound pvc-50043c45-b1c5-11e6-93fa-42010a800002 10Gi RWO 2m
+data-mysql-4 Bound pvc-500a9957-b1c5-11e6-93fa-42010a800002 10Gi RWO 2m
+```
+
+If you don't intend to reuse the extra PVCs, you can delete them:
+
+```shell
+kubectl delete pvc data-mysql-3
+kubectl delete pvc data-mysql-4
+```
+
+{% endcapture %}
+
+{% capture cleanup %}
+
+1. Cancel the `SELECT @@server_id` loop by pressing **Ctrl+C** in its terminal,
+ or running the following from another terminal:
+
+ ```shell
+ kubectl delete pod mysql-client-loop --now
+ ```
+
+1. Delete the StatefulSet. This also begins terminating the Pods.
+
+ ```shell
+ kubectl delete statefulset mysql
+ ```
+
+1. Verify that the Pods disappear.
+ They might take some time to finish terminating.
+
+ ```shell
+ kubectl get pods -l app=mysql
+ ```
+
+ You'll know the Pods have terminated when the above returns:
+
+ ```
+ No resources found.
+ ```
+
+1. Delete the ConfigMap, Services, and PersistentVolumeClaims.
+
+ ```shell
+ kubectl delete configmap,service,pvc -l app=mysql
+ ```
+
+1. If you manually provisioned PersistentVolumes, you also need to manually
+ delete them, as well as release the underlying resources.
+ If you used a dynamic provisioner, it automatically deletes the
+ PersistentVolumes when it sees that you deleted the PersistentVolumeClaims.
+ Some dynamic provisioners (such as those for EBS and PD) also release the
+ underlying resources upon deleting the PersistentVolumes.
+
+{% endcapture %}
+
+{% capture whatsnext %}
+
+* Look in the [Helm Charts repository](https://github.com/kubernetes/charts)
+ for other stateful application examples.
+
+{% endcapture %}
+
+{% include templates/tutorial.md %}
+
diff --git a/docs/tutorials/stateful-application/run-stateful-application.md b/docs/tutorials/stateful-application/run-stateful-application.md
index 443d9cdea5..928aaecacd 100644
--- a/docs/tutorials/stateful-application/run-stateful-application.md
+++ b/docs/tutorials/stateful-application/run-stateful-application.md
@@ -1,4 +1,5 @@
---
+title: Running a Single-Instance Stateful Application
---
{% capture overview %}
diff --git a/docs/tutorials/stateful-application/web.yaml b/docs/tutorials/stateful-application/web.yaml
new file mode 100644
index 0000000000..a583d52655
--- /dev/null
+++ b/docs/tutorials/stateful-application/web.yaml
@@ -0,0 +1,47 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: nginx
+ labels:
+ app: nginx
+spec:
+ ports:
+ - port: 80
+ name: web
+ clusterIP: None
+ selector:
+ app: nginx
+---
+apiVersion: apps/v1beta1
+kind: StatefulSet
+metadata:
+ name: web
+spec:
+ serviceName: "nginx"
+ replicas: 2
+ template:
+ metadata:
+ labels:
+ app: nginx
+ spec:
+ containers:
+ - name: nginx
+ image: gcr.io/google_containers/nginx-slim:0.8
+ ports:
+ - containerPort: 80
+ name: web
+ volumeMounts:
+ - name: www
+ mountPath: /usr/share/nginx/html
+ volumeClaimTemplates:
+ - metadata:
+ name: www
+ annotations:
+ volume.alpha.kubernetes.io/storage-class: anything
+ spec:
+ accessModes: [ "ReadWriteOnce" ]
+ resources:
+ requests:
+ storage: 1Gi
+
diff --git a/docs/tutorials/stateful-application/zookeeper.md b/docs/tutorials/stateful-application/zookeeper.md
new file mode 100644
index 0000000000..90a78fdc31
--- /dev/null
+++ b/docs/tutorials/stateful-application/zookeeper.md
@@ -0,0 +1,1249 @@
+---
+assignees:
+- bprashanth
+- enisoc
+- erictune
+- foxish
+- janetkuo
+- kow3ns
+- smarterclayton
+title: Running ZooKeeper, A CP Distributed System
+---
+
+{% capture overview %}
+This tutorial demonstrates [Apache Zookeeper](https://zookeeper.apache.org) on
+Kubernetes using [StatefulSets](/docs/concepts/abstractions/controllers/statefulsets/),
+[PodDisruptionBudgets](/docs/admin/disruptions/#specifying-a-poddisruptionbudget),
+and [PodAntiAffinity](/docs/user-guide/node-selection/).
+{% endcapture %}
+
+{% capture prerequisites %}
+
+Before starting this tutorial, you should be familiar with the following
+Kubernetes concepts.
+
+* [Pods](/docs/user-guide/pods/single-container/)
+* [Cluster DNS](/docs/admin/dns/)
+* [Headless Services](/docs/user-guide/services/#headless-services)
+* [PersistentVolumes](/docs/user-guide/volumes/)
+* [PersistentVolume Provisioning](http://releases.k8s.io/{{page.githubbranch}}/examples/experimental/persistent-volume-provisioning/)
+* [ConfigMaps](/docs/user-guide/configmap/)
+* [StatefulSets](/docs/concepts/abstractions/controllers/statefulsets/)
+* [PodDisruptionBudgets](/docs/admin/disruptions/#specifying-a-poddisruptionbudget)
+* [PodAntiAffinity](/docs/user-guide/node-selection/)
+* [kubectl CLI](/docs/user-guide/kubectl)
+
+You will require a cluster with at least four nodes, and each node will require
+at least 2 CPUs and 4 GiB of memory. In this tutorial you will cordon and
+drain the cluster's nodes. **This means that all Pods on the cluster's nodes
+will be terminated and evicted, and the nodes will, temporarily, become
+unschedulable.** You should use a dedicated cluster for this tutorial, or you
+should ensure that the disruption you cause will not interfere with other
+tenants.
+
+This tutorial assumes that your cluster is configured to dynamically provision
+PersistentVolumes. If your cluster is not configured to do so, you
+will have to manually provision three 20 GiB volumes prior to starting this
+tutorial.
+{% endcapture %}
+
+{% capture objectives %}
+After this tutorial, you will know the following.
+
+* How to deploy a ZooKeeper ensemble using StatefulSet.
+* How to consistently configure the ensemble using ConfigMaps.
+* How to spread the deployment of ZooKeeper servers in the ensemble.
+* How to use PodDisruptionBudgets to ensure service availability during planned maintenance.
+{% endcapture %}
+
+{% capture lessoncontent %}
+
+#### ZooKeeper Basics
+
+[Apache ZooKeeper](https://zookeeper.apache.org/doc/current/) is a
+distributed, open-source coordination service for distributed applications.
+ZooKeeper allows you to read, write, and observe updates to data. Data are
+organized in a file system like hierarchy and replicated to all ZooKeeper
+servers in the ensemble (a set of ZooKeeper servers). All operations on data
+are atomic and sequentially consistent. ZooKeeper ensures this by using the
+[Zab](https://pdfs.semanticscholar.org/b02c/6b00bd5dbdbd951fddb00b906c82fa80f0b3.pdf)
+consensus protocol to replicate a state machine across all servers in the ensemble.
+
+The ensemble uses the Zab protocol to elect a leader, and
+data can not be written until a leader is elected. Once a leader is
+elected, the ensemble uses Zab to ensure that all writes are replicated to a
+quorum before they are acknowledged and made visible to clients. Without respect
+to weighted quorums, a quorum is a majority component of the ensemble containing
+the current leader. For instance, if the ensemble has three servers, a component
+that contains the leader and one other server constitutes a quorum. If the
+ensemble can not achieve a quorum, data can not be written.
+
+ZooKeeper servers keep their entire state machine in memory, but every mutation
+is written to a durable WAL (Write Ahead Log) on storage media. When a server
+crashes, it can recover its previous state by replaying the WAL. In order to
+prevent the WAL from growing without bound, ZooKeeper servers will periodically
+snapshot their in memory state to storage media. These snapshots can be loaded
+directly into memory, and all WAL entries that preceded the snapshot may be
+safely discarded.
+
+### Creating a ZooKeeper Ensemble
+
+The manifest below contains a
+[Headless Service](/docs/user-guide/services/#headless-services),
+a [ConfigMap](/docs/user-guide/configmap/),
+a [PodDisruptionBudget](/docs/admin/disruptions/#specifying-a-poddisruptionbudget),
+and a [StatefulSet](/docs/concepts/abstractions/controllers/statefulsets/).
+
+{% include code.html language="yaml" file="zookeeper.yaml" ghlink="/docs/tutorials/stateful-application/zookeeper.yaml" %}
+
+Open a command terminal, and use
+[`kubectl create`](/docs/user-guide/kubectl/kubectl_create/) to create the
+manifest.
+
+```shell
+kubectl create -f http://k8s.io/docs/tutorials/stateful-application/zookeeper.yaml
+```
+
+This creates the `zk-headless` Headless Service, the `zk-config` ConfigMap,
+the `zk-budget` PodDisruptionBudget, and the `zk` StatefulSet.
+
+```shell
+service "zk-headless" created
+configmap "zk-config" created
+poddisruptionbudget "zk-budget" created
+statefulset "zk" created
+```
+
+Use [`kubectl get`](/docs/user-guide/kubectl/kubectl_get/) to watch the
+StatefulSet controller create the StatefulSet's Pods.
+
+```shell
+kubectl get pods -w -l app=zk
+```
+
+Once the `zk-2` Pod is Running and Ready, use `CRTL-C` to terminate kubectl.
+
+```shell
+NAME READY STATUS RESTARTS AGE
+zk-0 0/1 Pending 0 0s
+zk-0 0/1 Pending 0 0s
+zk-0 0/1 ContainerCreating 0 0s
+zk-0 0/1 Running 0 19s
+zk-0 1/1 Running 0 40s
+zk-1 0/1 Pending 0 0s
+zk-1 0/1 Pending 0 0s
+zk-1 0/1 ContainerCreating 0 0s
+zk-1 0/1 Running 0 18s
+zk-1 1/1 Running 0 40s
+zk-2 0/1 Pending 0 0s
+zk-2 0/1 Pending 0 0s
+zk-2 0/1 ContainerCreating 0 0s
+zk-2 0/1 Running 0 19s
+zk-2 1/1 Running 0 40s
+```
+
+The StatefulSet controller creates three Pods, and each Pod has a container with
+a [ZooKeeper 3.4.9](http://www-us.apache.org/dist/zookeeper/zookeeper-3.4.9/) server.
+
+#### Facilitating Leader Election
+
+As there is no terminating algorithm for electing a leader in an anonymous
+network, Zab requires explicit membership configuration in order to perform
+leader election. Each server in the ensemble needs to have a unique
+identifier, all servers need to know the global set of identifiers, and each
+identifier needs to be associated with a network address.
+
+Use [`kubectl exec`](/docs/user-guide/kubectl/kubectl_exec/) to get the hostnames
+of the Pods in the `zk` StatefulSet.
+
+```shell
+for i in 0 1 2; do kubectl exec zk-$i -- hostname; done
+```
+
+The StatefulSet controller provides each Pod with a unique hostname based on its
+ordinal index. The hostnames take the form `-`.
+As the `replicas` field of the `zk` StatefulSet is set to `3`, the Set's
+controller creates three Pods with their hostnames set to `zk-0`, `zk-1`, and
+`zk-2`.
+
+```shell
+zk-0
+zk-1
+zk-2
+```
+
+The servers in a ZooKeeper ensemble use natural numbers as unique identifiers, and
+each server's identifier is stored in a file called `myid` in the server’s
+data directory.
+
+Examine the contents of the `myid` file for each server.
+
+```shell
+for i in 0 1 2; do echo "myid zk-$i";kubectl exec zk-$i -- cat /var/lib/zookeeper/data/myid; done
+```
+
+As the identifiers are natural numbers and the ordinal indices are non-negative
+integers, you can generate an identifier by adding one to the ordinal.
+
+```shell
+myid zk-0
+1
+myid zk-1
+2
+myid zk-2
+3
+```
+
+Get the FQDN (Fully Qualified Domain Name) of each Pod in the `zk` StatefulSet.
+
+```shell
+for i in 0 1 2; do kubectl exec zk-$i -- hostname -f; done
+```
+
+The `zk-headless` Service creates a domain for all of the Pods,
+`zk-headless.default.svc.cluster.local`.
+
+```shell
+zk-0.zk-headless.default.svc.cluster.local
+zk-1.zk-headless.default.svc.cluster.local
+zk-2.zk-headless.default.svc.cluster.local
+```
+
+The A records in [Kubernetes DNS](/docs/admin/dns/) resolve the FQDNs to the Pods' IP addresses.
+If the Pods are rescheduled, the A records will be updated with the Pods' new IP
+addresses, but the A record's names will not change.
+
+ZooKeeper stores its application configuration in a file named `zoo.cfg`. Use
+`kubectl exec` to view the contents of the `zoo.cfg` file in the `zk-0` Pod.
+
+```
+kubectl exec zk-0 -- cat /opt/zookeeper/conf/zoo.cfg
+```
+
+For the `server.1`, `server.2`, and `server.3` properties at the bottom of
+the file, the `1`, `2`, and `3` correspond to the identifiers in the
+ZooKeeper servers' `myid` files. They are set to the FQDNs for the Pods in
+the `zk` StatefulSet.
+
+```shell
+clientPort=2181
+dataDir=/var/lib/zookeeper/data
+dataLogDir=/var/lib/zookeeper/log
+tickTime=2000
+initLimit=10
+syncLimit=2000
+maxClientCnxns=60
+minSessionTimeout= 4000
+maxSessionTimeout= 40000
+autopurge.snapRetainCount=3
+autopurge.purgeInteval=0
+server.1=zk-0.zk-headless.default.svc.cluster.local:2888:3888
+server.2=zk-1.zk-headless.default.svc.cluster.local:2888:3888
+server.3=zk-2.zk-headless.default.svc.cluster.local:2888:3888
+```
+
+#### Achieving Consensus
+
+Consensus protocols require that the identifiers of each participant be
+unique. No two participants in the Zab protocol should claim the same unique
+identifier. This is necessary to allow the processes in the system to agree on
+which processes have committed which data. If two Pods were launched with the
+same ordinal, two ZooKeeper servers would both identify themselves as the same
+ server.
+
+When you created the `zk` StatefulSet, the StatefulSet's controller created
+each Pod sequentially, in the order defined by the Pods' ordinal indices, and it
+waited for each Pod to be Running and Ready before creating the next Pod.
+
+```shell
+kubectl get pods -w -l app=zk
+NAME READY STATUS RESTARTS AGE
+zk-0 0/1 Pending 0 0s
+zk-0 0/1 Pending 0 0s
+zk-0 0/1 ContainerCreating 0 0s
+zk-0 0/1 Running 0 19s
+zk-0 1/1 Running 0 40s
+zk-1 0/1 Pending 0 0s
+zk-1 0/1 Pending 0 0s
+zk-1 0/1 ContainerCreating 0 0s
+zk-1 0/1 Running 0 18s
+zk-1 1/1 Running 0 40s
+zk-2 0/1 Pending 0 0s
+zk-2 0/1 Pending 0 0s
+zk-2 0/1 ContainerCreating 0 0s
+zk-2 0/1 Running 0 19s
+zk-2 1/1 Running 0 40s
+```
+
+The A records for each Pod are only entered when the Pod becomes Ready. Therefore,
+the FQDNs of the ZooKeeper servers will only resolve to a single endpoint, and that
+endpoint will be the unique ZooKeeper server claiming the identity configured
+in its `myid` file.
+
+```shell
+zk-0.zk-headless.default.svc.cluster.local
+zk-1.zk-headless.default.svc.cluster.local
+zk-2.zk-headless.default.svc.cluster.local
+```
+
+This ensures that the `servers` properties in the ZooKeepers' `zoo.cfg` files
+represents a correctly configured ensemble.
+
+```shell
+server.1=zk-0.zk-headless.default.svc.cluster.local:2888:3888
+server.2=zk-1.zk-headless.default.svc.cluster.local:2888:3888
+server.3=zk-2.zk-headless.default.svc.cluster.local:2888:3888
+```
+
+When the servers use the Zab protocol to attempt to commit a value, they will
+either achieve consensus and commit the value (if leader election has succeeded
+and at least two of the Pods are Running and Ready), or they will fail to do so
+(if either of the aforementioned conditions are not met). No state will arise
+where one server acknowledges a write on behalf of another.
+
+#### Sanity Testing the Ensemble
+
+The most basic sanity test is to write some data to one ZooKeeper server and
+to read the data from another.
+
+Use the `zkCli.sh` script to write `world` to the path `/hello` on the `zk-0` Pod.
+
+```shell
+kubectl exec zk-0 zkCli.sh create /hello world
+```
+
+This will write `world` to the `/hello` path in the ensemble.
+
+```shell
+WATCHER::
+
+WatchedEvent state:SyncConnected type:None path:null
+Created /hello
+```
+
+Get the data from the `zk-1` Pod.
+
+```shell
+kubectl exec zk-1 zkCli.sh get /hello
+```
+
+The data that you created on `zk-0` is available on all of the servers in the
+ensemble.
+
+```shell
+WATCHER::
+
+WatchedEvent state:SyncConnected type:None path:null
+world
+cZxid = 0x100000002
+ctime = Thu Dec 08 15:13:30 UTC 2016
+mZxid = 0x100000002
+mtime = Thu Dec 08 15:13:30 UTC 2016
+pZxid = 0x100000002
+cversion = 0
+dataVersion = 0
+aclVersion = 0
+ephemeralOwner = 0x0
+dataLength = 5
+numChildren = 0
+```
+
+#### Providing Durable Storage
+
+As mentioned in the [ZooKeeper Basics](#zookeeper-basics) section,
+ZooKeeper commits all entries to a durable WAL, and periodically writes snapshots
+in memory state, to storage media. Using WALs to provide durability is a common
+technique for applications that use consensus protocols to achieve a replicated
+state machine and for storage applications in general.
+
+Use [`kubectl delete`](/docs/user-guide/kubectl/kubectl_delete/) to delete the
+`zk` StatefulSet.
+
+```shell
+kubectl delete statefulset zk
+statefulset "zk" deleted
+```
+
+Watch the termination of the Pods in the StatefulSet.
+
+```shell
+get pods -w -l app=zk
+```
+
+When `zk-0` if fully terminated, use `CRTL-C` to terminate kubectl.
+
+```shell
+zk-2 1/1 Terminating 0 9m
+zk-0 1/1 Terminating 0 11m
+zk-1 1/1 Terminating 0 10m
+zk-2 0/1 Terminating 0 9m
+zk-2 0/1 Terminating 0 9m
+zk-2 0/1 Terminating 0 9m
+zk-1 0/1 Terminating 0 10m
+zk-1 0/1 Terminating 0 10m
+zk-1 0/1 Terminating 0 10m
+zk-0 0/1 Terminating 0 11m
+zk-0 0/1 Terminating 0 11m
+zk-0 0/1 Terminating 0 11m
+```
+Reapply the manifest in `zookeeper.yaml`.
+
+```shell
+kubectl apply -f http://k8s.io/docs/tutorials/stateful-application/zookeeper.yaml
+```
+
+The `zk` StatefulSet will be created, but, as they already exist, the other API
+Objects in the manifest will not be modified.
+
+```shell
+statefulset "zk" created
+Error from server (AlreadyExists): error when creating "zookeeper.yaml": services "zk-headless" already exists
+Error from server (AlreadyExists): error when creating "zookeeper.yaml": configmaps "zk-config" already exists
+Error from server (AlreadyExists): error when creating "zookeeper.yaml": poddisruptionbudgets.policy "zk-budget" already exists
+```
+
+Watch the StatefulSet controller recreate the StatefulSet's Pods.
+
+```shell
+kubectl get pods -w -l app=zk
+```
+
+Once the `zk-2` Pod is Running and Ready, use `CRTL-C` to terminate kubectl.
+
+```shell
+NAME READY STATUS RESTARTS AGE
+zk-0 0/1 Pending 0 0s
+zk-0 0/1 Pending 0 0s
+zk-0 0/1 ContainerCreating 0 0s
+zk-0 0/1 Running 0 19s
+zk-0 1/1 Running 0 40s
+zk-1 0/1 Pending 0 0s
+zk-1 0/1 Pending 0 0s
+zk-1 0/1 ContainerCreating 0 0s
+zk-1 0/1 Running 0 18s
+zk-1 1/1 Running 0 40s
+zk-2 0/1 Pending 0 0s
+zk-2 0/1 Pending 0 0s
+zk-2 0/1 ContainerCreating 0 0s
+zk-2 0/1 Running 0 19s
+zk-2 1/1 Running 0 40s
+```
+
+Get the value you entered during the [sanity test](#sanity-testing-the-ensemble),
+from the `zk-2` Pod.
+
+```shell
+kubectl exec zk-2 zkCli.sh get /hello
+```
+
+Even though all of the Pods in the `zk` StatefulSet have been terminated and
+recreated, the ensemble still serves the original value.
+
+```shell
+WATCHER::
+
+WatchedEvent state:SyncConnected type:None path:null
+world
+cZxid = 0x100000002
+ctime = Thu Dec 08 15:13:30 UTC 2016
+mZxid = 0x100000002
+mtime = Thu Dec 08 15:13:30 UTC 2016
+pZxid = 0x100000002
+cversion = 0
+dataVersion = 0
+aclVersion = 0
+ephemeralOwner = 0x0
+dataLength = 5
+numChildren = 0
+```
+
+The `volumeClaimTemplates` field, of the `zk` StatefulSet's `spec`, specifies a
+PersistentVolume that will be provisioned for each Pod.
+
+```yaml
+volumeClaimTemplates:
+ - metadata:
+ name: datadir
+ annotations:
+ volume.alpha.kubernetes.io/storage-class: anything
+ spec:
+ accessModes: [ "ReadWriteOnce" ]
+ resources:
+ requests:
+ storage: 20Gi
+```
+
+
+The StatefulSet controller generates a PersistentVolumeClaim for each Pod in
+the StatefulSet.
+
+Get the StatefulSet's PersistentVolumeClaims.
+
+```shell
+kubectl get pvc -l app=zk
+```
+
+When the StatefulSet recreated its Pods, the Pods' PersistentVolumes were
+remounted.
+
+```shell
+NAME STATUS VOLUME CAPACITY ACCESSMODES AGE
+datadir-zk-0 Bound pvc-bed742cd-bcb1-11e6-994f-42010a800002 20Gi RWO 1h
+datadir-zk-1 Bound pvc-bedd27d2-bcb1-11e6-994f-42010a800002 20Gi RWO 1h
+datadir-zk-2 Bound pvc-bee0817e-bcb1-11e6-994f-42010a800002 20Gi RWO 1h
+```
+
+The `volumeMounts` section of the StatefulSet's container `template` causes the
+PersistentVolumes to be mounted to the ZooKeeper servers' data directories.
+
+```shell
+volumeMounts:
+ - name: datadir
+ mountPath: /var/lib/zookeeper
+```
+
+When a Pod in the `zk` StatefulSet is (re)scheduled, it will always have the
+same PersistentVolume mounted to the ZooKeeper server's data directory.
+Even when the Pods are rescheduled, all of the writes made to the ZooKeeper
+servers' WALs, and all of their snapshots, remain durable.
+
+### Ensuring Consistent Configuration
+
+As noted in the [Facilitating Leader Election](#facilitating-leader-election) and
+[Achieving Consensus](#achieving-consensus) sections, the servers in a
+ZooKeeper ensemble require consistent configuration in order to elect a leader
+and form a quorum. They also require consistent configuration of the Zab protocol
+in order for the protocol to work correctly over a network. You can use
+ConfigMaps to achieve this.
+
+Get the `zk-config` ConfigMap.
+
+```shell
+ kubectl get cm zk-config -o yaml
+apiVersion: v1
+data:
+ client.cnxns: "60"
+ ensemble: zk-0;zk-1;zk-2
+ init: "10"
+ jvm.heap: 2G
+ purge.interval: "0"
+ snap.retain: "3"
+ sync: "5"
+ tick: "2000"
+```
+
+The `env` field of the `zk` StatefulSet's Pod `template` reads the ConfigMap
+into environment variables. These variables are injected into the containers
+environment.
+
+```yaml
+env:
+ - name : ZK_ENSEMBLE
+ valueFrom:
+ configMapKeyRef:
+ name: zk-config
+ key: ensemble
+ - name : ZK_HEAP_SIZE
+ valueFrom:
+ configMapKeyRef:
+ name: zk-config
+ key: jvm.heap
+ - name : ZK_TICK_TIME
+ valueFrom:
+ configMapKeyRef:
+ name: zk-config
+ key: tick
+ - name : ZK_INIT_LIMIT
+ valueFrom:
+ configMapKeyRef:
+ name: zk-config
+ key: init
+ - name : ZK_SYNC_LIMIT
+ valueFrom:
+ configMapKeyRef:
+ name: zk-config
+ key: tick
+ - name : ZK_MAX_CLIENT_CNXNS
+ valueFrom:
+ configMapKeyRef:
+ name: zk-config
+ key: client.cnxns
+ - name: ZK_SNAP_RETAIN_COUNT
+ valueFrom:
+ configMapKeyRef:
+ name: zk-config
+ key: snap.retain
+ - name: ZK_PURGE_INTERVAL
+ valueFrom:
+ configMapKeyRef:
+ name: zk-config
+ key: purge.interval
+```
+
+The entry point of the container invokes a bash script, `zkConfig.sh`, prior to
+launching the ZooKeeper server process. This bash script generates the
+ZooKeeper configuration files from the supplied environment variables.
+
+```yaml
+ command:
+ - sh
+ - -c
+ - zkGenConfig.sh && zkServer.sh start-foreground
+```
+
+Examine the environment of all of the Pods in the `zk` StatefulSet.
+
+```shell
+for i in 0 1 2; do kubectl exec zk-$i env | grep ZK_*;echo""; done
+```
+
+All of the variables populated from `zk-config` contain identical values. This
+allows the `zkGenConfig.sh` script to create consistent configurations for all
+of the ZooKeeper servers in the ensemble.
+
+```shell
+ZK_ENSEMBLE=zk-0;zk-1;zk-2
+ZK_HEAP_SIZE=2G
+ZK_TICK_TIME=2000
+ZK_INIT_LIMIT=10
+ZK_SYNC_LIMIT=2000
+ZK_MAX_CLIENT_CNXNS=60
+ZK_SNAP_RETAIN_COUNT=3
+ZK_PURGE_INTERVAL=0
+ZK_CLIENT_PORT=2181
+ZK_SERVER_PORT=2888
+ZK_ELECTION_PORT=3888
+ZK_USER=zookeeper
+ZK_DATA_DIR=/var/lib/zookeeper/data
+ZK_DATA_LOG_DIR=/var/lib/zookeeper/log
+ZK_LOG_DIR=/var/log/zookeeper
+
+ZK_ENSEMBLE=zk-0;zk-1;zk-2
+ZK_HEAP_SIZE=2G
+ZK_TICK_TIME=2000
+ZK_INIT_LIMIT=10
+ZK_SYNC_LIMIT=2000
+ZK_MAX_CLIENT_CNXNS=60
+ZK_SNAP_RETAIN_COUNT=3
+ZK_PURGE_INTERVAL=0
+ZK_CLIENT_PORT=2181
+ZK_SERVER_PORT=2888
+ZK_ELECTION_PORT=3888
+ZK_USER=zookeeper
+ZK_DATA_DIR=/var/lib/zookeeper/data
+ZK_DATA_LOG_DIR=/var/lib/zookeeper/log
+ZK_LOG_DIR=/var/log/zookeeper
+
+ZK_ENSEMBLE=zk-0;zk-1;zk-2
+ZK_HEAP_SIZE=2G
+ZK_TICK_TIME=2000
+ZK_INIT_LIMIT=10
+ZK_SYNC_LIMIT=2000
+ZK_MAX_CLIENT_CNXNS=60
+ZK_SNAP_RETAIN_COUNT=3
+ZK_PURGE_INTERVAL=0
+ZK_CLIENT_PORT=2181
+ZK_SERVER_PORT=2888
+ZK_ELECTION_PORT=3888
+ZK_USER=zookeeper
+ZK_DATA_DIR=/var/lib/zookeeper/data
+ZK_DATA_LOG_DIR=/var/lib/zookeeper/log
+ZK_LOG_DIR=/var/log/zookeeper
+```
+
+#### Configuring Logging
+
+One of the files generated by the `zkConfigGen.sh` script controls ZooKeeper's logging.
+ZooKeeper uses [Log4j](http://logging.apache.org/log4j/2.x/), and, by default,
+it uses a time and size based rolling file appender for its logging configuration.
+Get the logging configuration from one of Pods in the `zk` StatefulSet.
+
+```shell
+kubectl exec zk-0 cat /usr/etc/zookeeper/log4j.properties
+```
+
+The logging configuration below will cause the ZooKeeper process to write all
+of its logs to the standard output file stream.
+
+```shell
+zookeeper.root.logger=CONSOLE
+zookeeper.console.threshold=INFO
+log4j.rootLogger=${zookeeper.root.logger}
+log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
+log4j.appender.CONSOLE.Threshold=${zookeeper.console.threshold}
+log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
+log4j.appender.CONSOLE.layout.ConversionPattern=%d{ISO8601} [myid:%X{myid}] - %-5p [%t:%C{1}@%L] - %m%n
+```
+
+This is the simplest possible way to safely log inside the container. As the
+application's logs are being written to standard out, Kubernetes will handle
+log rotation for you. Kubernetes also implements a sane retention policy that
+ensures application logs written to standard out and standard error do not
+exhaust local storage media.
+
+Use [`kubectl logs`](/docs/user-guide/kubectl/kubectl_logs/) to retrieve the last
+few log lines from one of the Pods.
+
+```shell
+kubectl logs zk-0 --tail 20
+```
+
+Application logs that are written to standard out or standard error are viewable
+using `kubectl logs` and from the Kubernetes Dashboard.
+
+```shell
+2016-12-06 19:34:16,236 [myid:1] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxn@827] - Processing ruok command from /127.0.0.1:52740
+2016-12-06 19:34:16,237 [myid:1] - INFO [Thread-1136:NIOServerCnxn@1008] - Closed socket connection for client /127.0.0.1:52740 (no session established for client)
+2016-12-06 19:34:26,155 [myid:1] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxnFactory@192] - Accepted socket connection from /127.0.0.1:52749
+2016-12-06 19:34:26,155 [myid:1] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxn@827] - Processing ruok command from /127.0.0.1:52749
+2016-12-06 19:34:26,156 [myid:1] - INFO [Thread-1137:NIOServerCnxn@1008] - Closed socket connection for client /127.0.0.1:52749 (no session established for client)
+2016-12-06 19:34:26,222 [myid:1] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxnFactory@192] - Accepted socket connection from /127.0.0.1:52750
+2016-12-06 19:34:26,222 [myid:1] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxn@827] - Processing ruok command from /127.0.0.1:52750
+2016-12-06 19:34:26,226 [myid:1] - INFO [Thread-1138:NIOServerCnxn@1008] - Closed socket connection for client /127.0.0.1:52750 (no session established for client)
+2016-12-06 19:34:36,151 [myid:1] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxnFactory@192] - Accepted socket connection from /127.0.0.1:52760
+2016-12-06 19:34:36,152 [myid:1] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxn@827] - Processing ruok command from /127.0.0.1:52760
+2016-12-06 19:34:36,152 [myid:1] - INFO [Thread-1139:NIOServerCnxn@1008] - Closed socket connection for client /127.0.0.1:52760 (no session established for client)
+2016-12-06 19:34:36,230 [myid:1] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxnFactory@192] - Accepted socket connection from /127.0.0.1:52761
+2016-12-06 19:34:36,231 [myid:1] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxn@827] - Processing ruok command from /127.0.0.1:52761
+2016-12-06 19:34:36,231 [myid:1] - INFO [Thread-1140:NIOServerCnxn@1008] - Closed socket connection for client /127.0.0.1:52761 (no session established for client)
+2016-12-06 19:34:46,149 [myid:1] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxnFactory@192] - Accepted socket connection from /127.0.0.1:52767
+2016-12-06 19:34:46,149 [myid:1] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxn@827] - Processing ruok command from /127.0.0.1:52767
+2016-12-06 19:34:46,149 [myid:1] - INFO [Thread-1141:NIOServerCnxn@1008] - Closed socket connection for client /127.0.0.1:52767 (no session established for client)
+2016-12-06 19:34:46,230 [myid:1] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxnFactory@192] - Accepted socket connection from /127.0.0.1:52768
+2016-12-06 19:34:46,230 [myid:1] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxn@827] - Processing ruok command from /127.0.0.1:52768
+2016-12-06 19:34:46,230 [myid:1] - INFO [Thread-1142:NIOServerCnxn@1008] - Closed socket connection for client /127.0.0.1:52768 (no session established for client)
+```
+
+Kubernetes also supports more powerful, but more complex, logging integrations
+with [Google Cloud Logging](https://github.com/kubernetes/contrib/blob/master/logging/fluentd-sidecar-gcp/README.md)
+and [ELK](https://github.com/kubernetes/contrib/blob/master/logging/fluentd-sidecar-es/README.md).
+For cluster level log shipping and aggregation, you should consider deploying a
+[sidecar](http://blog.kubernetes.io/2015/06/the-distributed-system-toolkit-patterns.html)
+container to rotate and ship your logs.
+
+#### Configuring a Non-Privileged User
+
+The best practices with respect to allowing an application to run as a privileged
+user inside of a container are a matter of debate. If your organization requires
+that applications be run as a non-privileged user you can use a
+[SecurityContext](/docs/user-guide/security-context/) to control the user that
+the entry point runs as.
+
+The `zk` StatefulSet's Pod `template` contains a SecurityContext.
+
+```yaml
+securityContext:
+ runAsUser: 1000
+ fsGroup: 1000
+```
+
+In the Pods' containers, UID 1000 corresponds to the zookeeper user and GID 1000
+corresponds to the zookeeper group.
+
+Get the ZooKeeper process information from the `zk-0` Pod.
+
+```shell
+kubectl exec zk-0 -- ps -elf
+```
+
+As the `runAsUser` field of the `securityContext` object is set to 1000,
+instead of running as root, the ZooKeeper process runs as the zookeeper user.
+
+```shell
+F S UID PID PPID C PRI NI ADDR SZ WCHAN STIME TTY TIME CMD
+4 S zookeep+ 1 0 0 80 0 - 1127 - 20:46 ? 00:00:00 sh -c zkGenConfig.sh && zkServer.sh start-foreground
+0 S zookeep+ 27 1 0 80 0 - 1155556 - 20:46 ? 00:00:19 /usr/lib/jvm/java-8-openjdk-amd64/bin/java -Dzookeeper.log.dir=/var/log/zookeeper -Dzookeeper.root.logger=INFO,CONSOLE -cp /usr/bin/../build/classes:/usr/bin/../build/lib/*.jar:/usr/bin/../share/zookeeper/zookeeper-3.4.9.jar:/usr/bin/../share/zookeeper/slf4j-log4j12-1.6.1.jar:/usr/bin/../share/zookeeper/slf4j-api-1.6.1.jar:/usr/bin/../share/zookeeper/netty-3.10.5.Final.jar:/usr/bin/../share/zookeeper/log4j-1.2.16.jar:/usr/bin/../share/zookeeper/jline-0.9.94.jar:/usr/bin/../src/java/lib/*.jar:/usr/bin/../etc/zookeeper: -Xmx2G -Xms2G -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.local.only=false org.apache.zookeeper.server.quorum.QuorumPeerMain /usr/bin/../etc/zookeeper/zoo.cfg
+```
+
+By default, when the Pod's PersistentVolume is mounted to the ZooKeeper server's
+data directory, it is only accessible by the root user. This configuration
+prevents the ZooKeeper process from writing to its WAL and storing its snapshots.
+
+Get the file permissions of the ZooKeeper data directory on the `zk-0` Pod.
+
+```shell
+kubectl exec -ti zk-0 -- ls -ld /var/lib/zookeeper/data
+```
+
+As the `fsGroup` field of the `securityContext` object is set to 1000,
+the ownership of the Pods' PersistentVolumes is set to the zookeeper group,
+and the ZooKeeper process is able to successfully read and write its data.
+
+```shell
+drwxr-sr-x 3 zookeeper zookeeper 4096 Dec 5 20:45 /var/lib/zookeeper/data
+```
+
+### Managing the ZooKeeper Process
+
+The [ZooKeeper documentation](https://zookeeper.apache.org/doc/current/zookeeperAdmin.html#sc_supervision)
+documentation indicates that "You will want to have a supervisory process that
+manages each of your ZooKeeper server processes (JVM)." Utilizing a watchdog
+(supervisory process) to restart failed processes in a distributed system is a
+common pattern. When deploying an application in Kubernetes, rather than using
+an external utility as a supervisory process, you should use Kubernetes as the
+watchdog for your application.
+
+#### Handling Process Failure
+
+
+[Restart Policies](/docs/user-guide/pod-states/#restartpolicy) control how
+Kubernetes handles process failures for the entry point of the container in a Pod.
+For Pods in a StatefulSet, the only appropriate RestartPolicy is Always, and this
+is the default value. For stateful applications you should **never** override
+the default policy.
+
+
+Examine the process tree for the ZooKeeper server running in the `zk-0` Pod.
+
+```shell
+kubectl exec zk-0 -- ps -ef
+```
+
+The command used as the container's entry point has PID 1, and the
+the ZooKeeper process, a child of the entry point, has PID 23.
+
+
+```
+UID PID PPID C STIME TTY TIME CMD
+zookeep+ 1 0 0 15:03 ? 00:00:00 sh -c zkGenConfig.sh && zkServer.sh start-foreground
+zookeep+ 27 1 0 15:03 ? 00:00:03 /usr/lib/jvm/java-8-openjdk-amd64/bin/java -Dzookeeper.log.dir=/var/log/zookeeper -Dzookeeper.root.logger=INFO,CONSOLE -cp /usr/bin/../build/classes:/usr/bin/../build/lib/*.jar:/usr/bin/../share/zookeeper/zookeeper-3.4.9.jar:/usr/bin/../share/zookeeper/slf4j-log4j12-1.6.1.jar:/usr/bin/../share/zookeeper/slf4j-api-1.6.1.jar:/usr/bin/../share/zookeeper/netty-3.10.5.Final.jar:/usr/bin/../share/zookeeper/log4j-1.2.16.jar:/usr/bin/../share/zookeeper/jline-0.9.94.jar:/usr/bin/../src/java/lib/*.jar:/usr/bin/../etc/zookeeper: -Xmx2G -Xms2G -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.local.only=false org.apache.zookeeper.server.quorum.QuorumPeerMain /usr/bin/../etc/zookeeper/zoo.cfg
+```
+
+
+In one terminal watch the Pods in the `zk` StatefulSet.
+
+```shell
+kubectl get pod -w -l app=zk
+```
+
+
+In another terminal, kill the ZooKeeper process in Pod `zk-0`.
+
+```shell
+ kubectl exec zk-0 -- pkill java
+```
+
+
+The death of the ZooKeeper process caused its parent process to terminate. As
+the RestartPolicy of the container is Always, the parent process was relaunched.
+
+
+```shell
+NAME READY STATUS RESTARTS AGE
+zk-0 1/1 Running 0 21m
+zk-1 1/1 Running 0 20m
+zk-2 1/1 Running 0 19m
+NAME READY STATUS RESTARTS AGE
+zk-0 0/1 Error 0 29m
+zk-0 0/1 Running 1 29m
+zk-0 1/1 Running 1 29m
+```
+
+
+If your application uses a script (such as zkServer.sh) to launch the process
+that implements the application's business logic, the script must terminate with the
+child process. This ensures that Kubernetes will restart the application's
+container when the process implementing the application's business logic fails.
+
+
+#### Testing for Liveness
+
+
+Configuring your application to restart failed processes is not sufficient to
+keep a distributed system healthy. There are many scenarios where
+a system's processes can be both alive and unresponsive, or otherwise
+unhealthy. You should use liveness probes in order to notify Kubernetes
+that your application's processes are unhealthy and should be restarted.
+
+
+The Pod `template` for the `zk` StatefulSet specifies a liveness probe.
+
+
+```yaml
+ livenessProbe:
+ exec:
+ command:
+ - "zkOk.sh"
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+```
+
+
+The probe calls a simple bash script that uses the ZooKeeper `ruok` four letter
+word to test the server's health.
+
+
+```bash
+ZK_CLIENT_PORT=${ZK_CLIENT_PORT:-2181}
+OK=$(echo ruok | nc 127.0.0.1 $ZK_CLIENT_PORT)
+if [ "$OK" == "imok" ]; then
+ exit 0
+else
+ exit 1
+fi
+```
+
+
+In one terminal window, watch the Pods in the `zk` StatefulSet.
+
+
+```shell
+kubectl get pod -w -l app=zk
+```
+
+
+In another window, delete the `zkOk.sh` script from the file system of Pod `zk-0`.
+
+
+```shell
+kubectl exec zk-0 -- rm /opt/zookeeper/bin/zkOk.sh
+```
+
+
+When the liveness probe for the ZooKeeper process fails, Kubernetes will
+automatically restart the process for you, ensuring that unhealthy processes in
+the ensemble are restarted.
+
+
+```shell
+kubectl get pod -w -l app=zk
+NAME READY STATUS RESTARTS AGE
+zk-0 1/1 Running 0 1h
+zk-1 1/1 Running 0 1h
+zk-2 1/1 Running 0 1h
+NAME READY STATUS RESTARTS AGE
+zk-0 0/1 Running 0 1h
+zk-0 0/1 Running 1 1h
+zk-0 1/1 Running 1 1h
+```
+
+
+#### Testing for Readiness
+
+
+Readiness is not the same as liveness. If a process is alive, it is scheduled
+and healthy. If a process is ready, it is able to process input. Liveness is
+a necessary, but not sufficient, condition for readiness. There are many cases,
+particularly during initialization and termination, when a process can be
+alive but not ready.
+
+
+If you specify a readiness probe, Kubernetes will ensure that your application's
+processes will not receive network traffic until their readiness checks pass.
+
+
+For a ZooKeeper server, liveness implies readiness. Therefore, the readiness
+probe from the `zookeeper.yaml` manifest is identical to the liveness probe.
+
+
+```yaml
+ readinessProbe:
+ exec:
+ command:
+ - "zkOk.sh"
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+```
+
+
+Even though the liveness and readiness probes are identical, it is important
+to specify both. This ensures that only healthy servers in the ZooKeeper
+ensemble receive network traffic.
+
+
+### Tolerating Node Failure
+
+ZooKeeper needs a quorum of servers in order to successfully commit mutations
+to data. For a three server ensemble, two servers must be healthy in order for
+writes to succeed. In quorum based systems, members are deployed across failure
+domains to ensure availability. In order to avoid an outage, due to the loss of an
+individual machine, best practices preclude co-locating multiple instances of the
+application on the same machine.
+
+By default, Kubernetes may co-locate Pods in a StatefulSet on the same node.
+For the three server ensemble you created, if two servers reside on the same
+node, and that node fails, the clients of your ZooKeeper service will experience
+an outage until at least one of the Pods can be rescheduled.
+
+You should always provision additional capacity to allow the processes of critical
+systems to be rescheduled in the event of node failures. If you do so, then the
+outage will only last until the Kubernetes scheduler reschedules one of the ZooKeeper
+servers. However, if you want your service to tolerate node failures with no downtime,
+you should use a `PodAntiAffinity` annotation.
+
+Get the nodes for Pods in the `zk` Stateful Set.
+
+```shell{% raw %}
+for i in 0 1 2; do kubectl get pod zk-$i --template {{.spec.nodeName}}; echo ""; done
+``` {% endraw %}
+
+All of the Pods in the `zk` StatefulSet are deployed on different nodes.
+
+```shell
+kubernetes-minion-group-cxpk
+kubernetes-minion-group-a5aq
+kubernetes-minion-group-2g2d
+```
+
+This is because the Pods in the `zk` StatefulSet contain a
+[PodAntiAffinity](/docs/user-guide/node-selection/) annotation.
+
+```yaml
+scheduler.alpha.kubernetes.io/affinity: >
+ {
+ "podAntiAffinity": {
+ "requiredDuringSchedulingRequiredDuringExecution": [{
+ "labelSelector": {
+ "matchExpressions": [{
+ "key": "app",
+ "operator": "In",
+ "values": ["zk-headless"]
+ }]
+ },
+ "topologyKey": "kubernetes.io/hostname"
+ }]
+ }
+ }
+```
+
+The `requiredDuringSchedulingRequiredDuringExecution` field tells the
+Kubernetes Scheduler that it should never co-locate two Pods from the `zk-headless`
+Service in the domain defined by the `topologyKey`. The `topologyKey`
+`kubernetes.io/hostname` indicates that the domain is an individual node. Using
+different rules, labels, and selectors, you can extend this technique to spread
+your ensemble across physical, network, and power failure domains.
+
+### Surviving Maintenance
+
+**In this section you will cordon and drain nodes. If you are using this tutorial
+on a shared cluster, be sure that this will not adversely affect other tenants.**
+
+The previous section showed you how to spread your Pods across nodes to survive
+unplanned node failures, but you also need to plan for temporary node failures
+that occur due to planned maintenance.
+
+Get the nodes in your cluster.
+
+```shell
+kubectl get nodes
+```
+
+Use [`kubectl cordon`](/docs/user-guide/kubectl/kubectl_cordon/) to
+cordon all but four of the nodes in your cluster.
+
+```shell{% raw %}
+kubectl cordon < node name >
+```{% endraw %}
+
+Get the `zk-budget` PodDisruptionBudget.
+
+```shell
+kubectl get poddisruptionbudget zk-budget
+```
+
+The `min-available` field indicates to Kubernetes that at least two Pods from
+`zk` StatefulSet must be available at any time.
+
+```yaml
+NAME MIN-AVAILABLE ALLOWED-DISRUPTIONS AGE
+zk-budget 2 1 1h
+
+```
+
+In one terminal, watch the Pods in the `zk` StatefulSet.
+
+```shell
+kubectl get pods -w -l app=zk
+```
+
+In another terminal, get the nodes that the Pods are currently scheduled on.
+
+```shell{% raw %}
+for i in 0 1 2; do kubectl get pod zk-$i --template {{.spec.nodeName}}; echo ""; done
+kubernetes-minion-group-pb41
+kubernetes-minion-group-ixsl
+kubernetes-minion-group-i4c4
+{% endraw %}```
+
+Use [`kubectl drain`](/docs/user-guide/kubectl/kubectl_drain/) to cordon and
+drain the node on which the `zk-0` Pod is scheduled.
+
+```shell {% raw %}
+kubectl drain $(kubectl get pod zk-0 --template {{.spec.nodeName}}) --ignore-daemonsets --force --delete-local-data
+WARNING: Deleting pods not managed by ReplicationController, ReplicaSet, Job, or DaemonSet: fluentd-cloud-logging-kubernetes-minion-group-pb41, kube-proxy-kubernetes-minion-group-pb41; Ignoring DaemonSet-managed pods: node-problem-detector-v0.1-o5elz
+pod "zk-0" deleted
+node "kubernetes-minion-group-pb41" drained
+{% endraw %}```
+
+As there are four nodes in your cluster, `kubectl drain`, succeeds and the
+`zk-0` is rescheduled to another node.
+
+```
+NAME READY STATUS RESTARTS AGE
+zk-0 1/1 Running 2 1h
+zk-1 1/1 Running 0 1h
+zk-2 1/1 Running 0 1h
+NAME READY STATUS RESTARTS AGE
+zk-0 1/1 Terminating 2 2h
+zk-0 0/1 Terminating 2 2h
+zk-0 0/1 Terminating 2 2h
+zk-0 0/1 Terminating 2 2h
+zk-0 0/1 Pending 0 0s
+zk-0 0/1 Pending 0 0s
+zk-0 0/1 ContainerCreating 0 0s
+zk-0 0/1 Running 0 51s
+zk-0 1/1 Running 0 1m
+```
+
+Keep watching the StatefulSet's Pods in the first terminal and drain the node on which
+`zk-1` is scheduled.
+
+```shell{% raw %}
+kubectl drain $(kubectl get pod zk-1 --template {{.spec.nodeName}}) --ignore-daemonsets --force --delete-local-data "kubernetes-minion-group-ixsl" cordoned
+WARNING: Deleting pods not managed by ReplicationController, ReplicaSet, Job, or DaemonSet: fluentd-cloud-logging-kubernetes-minion-group-ixsl, kube-proxy-kubernetes-minion-group-ixsl; Ignoring DaemonSet-managed pods: node-problem-detector-v0.1-voc74
+pod "zk-1" deleted
+node "kubernetes-minion-group-ixsl" drained
+{% endraw %}```
+
+The `zk-1` Pod can not be scheduled. As the `zk` StatefulSet contains a
+`PodAntiAffinity` annotation preventing co-location of the Pods, and as only
+two nodes are schedulable, the Pod will remain in a Pending state.
+
+```shell
+kubectl get pods -w -l app=zk
+NAME READY STATUS RESTARTS AGE
+zk-0 1/1 Running 2 1h
+zk-1 1/1 Running 0 1h
+zk-2 1/1 Running 0 1h
+NAME READY STATUS RESTARTS AGE
+zk-0 1/1 Terminating 2 2h
+zk-0 0/1 Terminating 2 2h
+zk-0 0/1 Terminating 2 2h
+zk-0 0/1 Terminating 2 2h
+zk-0 0/1 Pending 0 0s
+zk-0 0/1 Pending 0 0s
+zk-0 0/1 ContainerCreating 0 0s
+zk-0 0/1 Running 0 51s
+zk-0 1/1 Running 0 1m
+zk-1 1/1 Terminating 0 2h
+zk-1 0/1 Terminating 0 2h
+zk-1 0/1 Terminating 0 2h
+zk-1 0/1 Terminating 0 2h
+zk-1 0/1 Pending 0 0s
+zk-1 0/1 Pending 0 0s
+```
+
+Continue to watch the Pods of the stateful set, and drain the node on which
+`zk-2` is scheduled.
+
+```shell{% raw %}
+kubectl drain $(kubectl get pod zk-2 --template {{.spec.nodeName}}) --ignore-daemonsets --force --delete-local-data
+node "kubernetes-minion-group-i4c4" cordoned
+WARNING: Deleting pods not managed by ReplicationController, ReplicaSet, Job, or DaemonSet: fluentd-cloud-logging-kubernetes-minion-group-i4c4, kube-proxy-kubernetes-minion-group-i4c4; Ignoring DaemonSet-managed pods: node-problem-detector-v0.1-dyrog
+WARNING: Ignoring DaemonSet-managed pods: node-problem-detector-v0.1-dyrog; Deleting pods not managed by ReplicationController, ReplicaSet, Job, or DaemonSet: fluentd-cloud-logging-kubernetes-minion-group-i4c4, kube-proxy-kubernetes-minion-group-i4c4
+There are pending pods when an error occurred: Cannot evict pod as it would violate the pod's disruption budget.
+pod/zk-2
+{% endraw %}```
+
+Use `CRTL-C` to terminate to kubectl.
+
+You can not drain the third node because evicting `zk-2` would violate `zk-budget`. However,
+the node will remain cordoned.
+
+Use `zkCli.sh` to retrieve the value you entered during the sanity test from `zk-0`.
+
+```shell
+kubectl exec zk-0 zkCli.sh get /hello
+```
+
+The service is still available because its PodDisruptionBudget is respected.
+
+```
+WatchedEvent state:SyncConnected type:None path:null
+world
+cZxid = 0x200000002
+ctime = Wed Dec 07 00:08:59 UTC 2016
+mZxid = 0x200000002
+mtime = Wed Dec 07 00:08:59 UTC 2016
+pZxid = 0x200000002
+cversion = 0
+dataVersion = 0
+aclVersion = 0
+ephemeralOwner = 0x0
+dataLength = 5
+numChildren = 0
+```
+
+Use [`kubectl uncordon`](/docs/user-guide/kubectl/kubectl_uncordon/) to uncordon the first node.
+
+```shell
+kubectl uncordon kubernetes-minion-group-pb41
+node "kubernetes-minion-group-pb41" uncordoned
+```
+
+`zk-1` is rescheduled on this node. Wait until `zk-1` is Running and Ready.
+
+```shell
+kubectl get pods -w -l app=zk
+NAME READY STATUS RESTARTS AGE
+zk-0 1/1 Running 2 1h
+zk-1 1/1 Running 0 1h
+zk-2 1/1 Running 0 1h
+NAME READY STATUS RESTARTS AGE
+zk-0 1/1 Terminating 2 2h
+zk-0 0/1 Terminating 2 2h
+zk-0 0/1 Terminating 2 2h
+zk-0 0/1 Terminating 2 2h
+zk-0 0/1 Pending 0 0s
+zk-0 0/1 Pending 0 0s
+zk-0 0/1 ContainerCreating 0 0s
+zk-0 0/1 Running 0 51s
+zk-0 1/1 Running 0 1m
+zk-1 1/1 Terminating 0 2h
+zk-1 0/1 Terminating 0 2h
+zk-1 0/1 Terminating 0 2h
+zk-1 0/1 Terminating 0 2h
+zk-1 0/1 Pending 0 0s
+zk-1 0/1 Pending 0 0s
+zk-1 0/1 Pending 0 12m
+zk-1 0/1 ContainerCreating 0 12m
+zk-1 0/1 Running 0 13m
+zk-1 1/1 Running 0 13m
+```
+
+Attempt to drain the node on which `zk-2` is scheduled.
+
+```shell{% raw %}
+kubectl drain $(kubectl get pod zk-2 --template {{.spec.nodeName}}) --ignore-daemonsets --force --delete-local-data
+node "kubernetes-minion-group-i4c4" already cordoned
+WARNING: Deleting pods not managed by ReplicationController, ReplicaSet, Job, or DaemonSet: fluentd-cloud-logging-kubernetes-minion-group-i4c4, kube-proxy-kubernetes-minion-group-i4c4; Ignoring DaemonSet-managed pods: node-problem-detector-v0.1-dyrog
+pod "heapster-v1.2.0-2604621511-wht1r" deleted
+pod "zk-2" deleted
+node "kubernetes-minion-group-i4c4" drained
+{% endraw %}```
+
+This time `kubectl drain` succeeds.
+
+Uncordon the second node to allow `zk-2` to be rescheduled.
+
+```shell
+kubectl uncordon kubernetes-minion-group-ixsl
+node "kubernetes-minion-group-ixsl" uncordoned
+```
+
+You can use `kubectl drain` in conjunction with PodDisruptionBudgets to ensure that your service
+remains available during maintenance. If drain is used to cordon nodes and evict pods prior to
+taking the node offline for maintenance, services that express a disruption budget will have that
+budget respected. You should always allocate additional capacity for critical services so that
+their Pods can be immediately rescheduled.
+
+{% endcapture %}
+
+{% capture cleanup %}
+* Use `kubectl uncordon` to uncordon all the nodes in your cluster.
+* You will need to delete the persistent storage media for the PersistentVolumes
+used in this tutorial. Follow the necessary steps, based on your environment,
+storage configuration, and provisioning method, to ensure that all storage is
+reclaimed.
+{% endcapture %}
+{% include templates/tutorial.md %}
diff --git a/docs/tutorials/stateful-application/zookeeper.yaml b/docs/tutorials/stateful-application/zookeeper.yaml
new file mode 100644
index 0000000000..75c4220576
--- /dev/null
+++ b/docs/tutorials/stateful-application/zookeeper.yaml
@@ -0,0 +1,164 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: zk-headless
+ labels:
+ app: zk-headless
+spec:
+ ports:
+ - port: 2888
+ name: server
+ - port: 3888
+ name: leader-election
+ clusterIP: None
+ selector:
+ app: zk
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: zk-config
+data:
+ ensemble: "zk-0;zk-1;zk-2"
+ jvm.heap: "2G"
+ tick: "2000"
+ init: "10"
+ sync: "5"
+ client.cnxns: "60"
+ snap.retain: "3"
+ purge.interval: "1"
+---
+apiVersion: policy/v1beta1
+kind: PodDisruptionBudget
+metadata:
+ name: zk-budget
+spec:
+ selector:
+ matchLabels:
+ app: zk
+ minAvailable: 2
+---
+apiVersion: apps/v1beta1
+kind: StatefulSet
+metadata:
+ name: zk
+spec:
+ serviceName: zk-headless
+ replicas: 3
+ template:
+ metadata:
+ labels:
+ app: zk
+ annotations:
+ pod.alpha.kubernetes.io/initialized: "true"
+ scheduler.alpha.kubernetes.io/affinity: >
+ {
+ "podAntiAffinity": {
+ "requiredDuringSchedulingRequiredDuringExecution": [{
+ "labelSelector": {
+ "matchExpressions": [{
+ "key": "app",
+ "operator": "In",
+ "values": ["zk-headless"]
+ }]
+ },
+ "topologyKey": "kubernetes.io/hostname"
+ }]
+ }
+ }
+ spec:
+ containers:
+ - name: k8szk
+ imagePullPolicy: Always
+ image: gcr.io/google_samples/k8szk:v1
+ resources:
+ requests:
+ memory: "4Gi"
+ cpu: "1"
+ ports:
+ - containerPort: 2181
+ name: client
+ - containerPort: 2888
+ name: server
+ - containerPort: 3888
+ name: leader-election
+ env:
+ - name : ZK_ENSEMBLE
+ valueFrom:
+ configMapKeyRef:
+ name: zk-config
+ key: ensemble
+ - name : ZK_HEAP_SIZE
+ valueFrom:
+ configMapKeyRef:
+ name: zk-config
+ key: jvm.heap
+ - name : ZK_TICK_TIME
+ valueFrom:
+ configMapKeyRef:
+ name: zk-config
+ key: tick
+ - name : ZK_INIT_LIMIT
+ valueFrom:
+ configMapKeyRef:
+ name: zk-config
+ key: init
+ - name : ZK_SYNC_LIMIT
+ valueFrom:
+ configMapKeyRef:
+ name: zk-config
+ key: tick
+ - name : ZK_MAX_CLIENT_CNXNS
+ valueFrom:
+ configMapKeyRef:
+ name: zk-config
+ key: client.cnxns
+ - name: ZK_SNAP_RETAIN_COUNT
+ valueFrom:
+ configMapKeyRef:
+ name: zk-config
+ key: snap.retain
+ - name: ZK_PURGE_INTERVAL
+ valueFrom:
+ configMapKeyRef:
+ name: zk-config
+ key: purge.interval
+ - name: ZK_CLIENT_PORT
+ value: "2181"
+ - name: ZK_SERVER_PORT
+ value: "2888"
+ - name: ZK_ELECTION_PORT
+ value: "3888"
+ command:
+ - sh
+ - -c
+ - zkGenConfig.sh && zkServer.sh start-foreground
+ readinessProbe:
+ exec:
+ command:
+ - "zkOk.sh"
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+ livenessProbe:
+ exec:
+ command:
+ - "zkOk.sh"
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+ volumeMounts:
+ - name: datadir
+ mountPath: /var/lib/zookeeper
+ securityContext:
+ runAsUser: 1000
+ fsGroup: 1000
+ volumeClaimTemplates:
+ - metadata:
+ name: datadir
+ annotations:
+ volume.alpha.kubernetes.io/storage-class: anything
+ spec:
+ accessModes: [ "ReadWriteOnce" ]
+ resources:
+ requests:
+ storage: 20Gi
diff --git a/docs/tutorials/stateless-application/expose-external-ip-address-service.md b/docs/tutorials/stateless-application/expose-external-ip-address-service.md
index e9da4f7a37..23bffda9df 100644
--- a/docs/tutorials/stateless-application/expose-external-ip-address-service.md
+++ b/docs/tutorials/stateless-application/expose-external-ip-address-service.md
@@ -1,4 +1,5 @@
---
+title: Using a Service to Access an Application in a Cluster
---
{% capture overview %}
diff --git a/docs/tutorials/stateless-application/expose-external-ip-address.md b/docs/tutorials/stateless-application/expose-external-ip-address.md
index be47728120..2d2e28d594 100644
--- a/docs/tutorials/stateless-application/expose-external-ip-address.md
+++ b/docs/tutorials/stateless-application/expose-external-ip-address.md
@@ -1,4 +1,5 @@
---
+title: Exposing an External IP Address to Access an Application in a Cluster
---
{% capture overview %}
@@ -11,7 +12,15 @@ external IP address.
{% capture prerequisites %}
-{% include task-tutorial-prereqs.md %}
+ * Install [kubectl](http://kubernetes.io/docs/user-guide/prereqs).
+
+ * Use a cloud provider like Google Container Engine or Amazon Web Services to
+ create a Kubernetes cluster. This tutorial creates an
+ [external load balancer](/docs/user-guide/load-balancer/),
+ which requires a cloud provider.
+
+ * Configure `kubectl` to communicate with your Kubernetes API server. For
+ instructions, see the documentation for your cloud provider.
{% endcapture %}
diff --git a/docs/tutorials/stateless-application/run-stateless-application-deployment.md b/docs/tutorials/stateless-application/run-stateless-application-deployment.md
index 7ea6efa408..ce1a713a1c 100644
--- a/docs/tutorials/stateless-application/run-stateless-application-deployment.md
+++ b/docs/tutorials/stateless-application/run-stateless-application-deployment.md
@@ -1,4 +1,5 @@
---
+title: Running a Stateless Application Using a Deployment
---
{% capture overview %}
diff --git a/docs/user-guide/accessing-the-cluster.md b/docs/user-guide/accessing-the-cluster.md
index 63134b4909..8206ee8f85 100644
--- a/docs/user-guide/accessing-the-cluster.md
+++ b/docs/user-guide/accessing-the-cluster.md
@@ -1,10 +1,10 @@
----
-assignees:
-- lavalamp
-- mikedanese
-
----
-
+---
+assignees:
+- lavalamp
+- mikedanese
+title: Accessing Clusters
+---
+
* TOC
{:toc}
diff --git a/docs/user-guide/annotations.md b/docs/user-guide/annotations.md
index 181a1faed0..497706c3ad 100644
--- a/docs/user-guide/annotations.md
+++ b/docs/user-guide/annotations.md
@@ -2,7 +2,7 @@
assignees:
- mikedanese
- thockin
-
+title: Annotations
---
We have [labels](/docs/user-guide/labels) for identifying metadata.
diff --git a/docs/user-guide/application-troubleshooting.md b/docs/user-guide/application-troubleshooting.md
index b88cc4483d..817095f13d 100644
--- a/docs/user-guide/application-troubleshooting.md
+++ b/docs/user-guide/application-troubleshooting.md
@@ -2,7 +2,7 @@
assignees:
- mikedanese
- thockin
-
+title: Troubleshooting Applications
---
This guide is to help users debug applications that are deployed into Kubernetes and not behaving correctly.
diff --git a/docs/user-guide/compute-resources.md b/docs/user-guide/compute-resources.md
index b62dcf4e56..2e524e9117 100644
--- a/docs/user-guide/compute-resources.md
+++ b/docs/user-guide/compute-resources.md
@@ -2,7 +2,7 @@
assignees:
- mikedanese
- thockin
-
+title: Managing Compute Resources
---
* TOC
@@ -28,10 +28,10 @@ server.
Each container of a pod can optionally specify one or more of the following:
-* `spec.container[].resources.limits.cpu`
-* `spec.container[].resources.limits.memory`
-* `spec.container[].resources.requests.cpu`
-* `spec.container[].resources.requests.memory`.
+* `spec.containers[].resources.limits.cpu`
+* `spec.containers[].resources.limits.memory`
+* `spec.containers[].resources.requests.cpu`
+* `spec.containers[].resources.requests.memory`.
Specifying resource requests and/or limits is optional. In some clusters, unset limits or requests
may be replaced with default values when a pod is created or updated. The default value depends on
@@ -53,7 +53,7 @@ One cpu, in Kubernetes, is equivalent to:
- 1 Azure vCore
- 1 *Hyperthread* on a bare-metal Intel processor with Hyperthreading
-Fractional requests are allowed. A container with `spec.container[].resources.requests.cpu` of `0.5` will
+Fractional requests are allowed. A container with `spec.containers[].resources.requests.cpu` of `0.5` will
be guaranteed half as much CPU as one that asks for `1`. The expression `0.1` is equivalent to the expression
`100m`, which can be read as "one hundred millicpu" (some may say "one hundred millicores", and this is understood
to mean the same thing when talking about Kubernetes). A request with a decimal point, like `0.1` is converted to
@@ -121,17 +121,17 @@ runner (Docker or rkt).
When using Docker:
-- The `spec.container[].resources.requests.cpu` is converted to its core value (potentially fractional),
+- The `spec.containers[].resources.requests.cpu` is converted to its core value (potentially fractional),
and multiplied by 1024, and used as the value of the [`--cpu-shares`](
https://docs.docker.com/reference/run/#runtime-constraints-on-resources) flag to the `docker run`
command.
-- The `spec.container[].resources.limits.cpu` is converted to its millicore value,
+- The `spec.containers[].resources.limits.cpu` is converted to its millicore value,
multiplied by 100000, and then divided by 1000, and used as the value of the [`--cpu-quota`](
https://docs.docker.com/reference/run/#runtime-constraints-on-resources) flag to the `docker run`
command. The [`--cpu-period`] flag is set to 100000 which represents the default 100ms period
for measuring quota usage. The kubelet enforces cpu limits if it was started with the
[`--cpu-cfs-quota`] flag set to true. As of version 1.2, this flag will now default to true.
-- The `spec.container[].resources.limits.memory` is converted to an integer, and used as the value
+- The `spec.containers[].resources.limits.memory` is converted to an integer, and used as the value
of the [`--memory`](https://docs.docker.com/reference/run/#runtime-constraints-on-resources) flag
to the `docker run` command.
@@ -269,6 +269,91 @@ LastState: map[terminated:map[exitCode:137 reason:OOM Killed startedAt:2015-07-0
We can see that this container was terminated because `reason:OOM Killed`, where *OOM* stands for Out Of Memory.
+## Opaque Integer Resources (Alpha Feature)
+
+Kubernetes version 1.5 introduces Opaque integer resources. Opaque
+integer resources allow cluster operators to advertise new node-level
+resources that would be otherwise unknown to the system.
+
+Users can consume these resources in pod specs just like CPU and memory.
+The scheduler takes care of the resource accounting so that no more than the
+available amount is simultaneously allocated to pods.
+
+**Note:** Opaque integer resources are Alpha in Kubernetes version 1.5.
+Only resource accounting is implemented; node-level isolation is still
+under active development.
+
+Opaque integer resources are resources that begin with the prefix
+`pod.alpha.kubernetes.io/opaque-int-resource-`. The API server
+restricts quantities of these resources to whole numbers. Examples of
+_valid_ quantities are `3`, `3000m` and `3Ki`. Examples of _invalid_
+quantities are `0.5` and `1500m`.
+
+There are two steps required to use opaque integer resources. First, the
+cluster operator must advertise a per-node opaque resource on one or more
+nodes. Second, users must request the opaque resource in pods.
+
+To advertise a new opaque integer resource, the cluster operator should
+submit a `PATCH` HTTP request to the API server to specify the available
+quantity in the `status.capacity` for a node in the cluster. After this
+operation, the node's `status.capacity` will include a new resource. The
+`status.allocatable` field is updated automatically with the new resource
+asychronously by the Kubelet. Note that since the scheduler uses the
+node `status.allocatable` value when evaluating pod fitness, there may
+be a short delay between patching the node capacity with a new resource and the
+first pod that requests the resource to be scheduled on that node.
+
+**Example:**
+
+The HTTP request below advertises 5 "foo" resources on node `k8s-node-1`.
+
+_NOTE: `~1` is the encoding for the character `/` in the patch path.
+The operation path value in JSON-Patch is interpreted as a JSON-Pointer.
+For more details, please refer to
+[IETF RFC 6901, section 3](https://tools.ietf.org/html/rfc6901#section-3)._
+
+```http
+PATCH /api/v1/nodes/k8s-node-1/status HTTP/1.1
+Accept: application/json
+Content-Type: application/json-patch+json
+Host: k8s-master:8080
+
+[
+ {
+ "op": "add",
+ "path": "/status/capacity/pod.alpha.kubernetes.io~1opaque-int-resource-foo",
+ "value": "5"
+ }
+]
+```
+
+To consume opaque resources in pods, include the name of the opaque
+resource as a key in the `spec.containers[].resources.requests` map.
+
+The pod will be scheduled only if all of the resource requests are
+satisfied (including cpu, memory and any opaque resources.) The pod will
+remain in the `PENDING` state while the resource request cannot be met by any
+node.
+
+**Example:**
+
+The pod below requests 2 cpus and 1 "foo" (an opaque resource.)
+
+```yaml
+apiVersion: v1
+kind: Pod
+metadata:
+ name: my-pod
+spec:
+ containers:
+ - name: my-container
+ image: myimage
+ resources:
+ requests:
+ cpu: 2
+ pod.alpha.kubernetes.io/opaque-int-resource-foo: 1
+```
+
## Planned Improvements
The current system only allows resource quantities to be specified on a container.
diff --git a/docs/user-guide/config-best-practices.md b/docs/user-guide/config-best-practices.md
index 5cafa35f60..2811d84ed0 100644
--- a/docs/user-guide/config-best-practices.md
+++ b/docs/user-guide/config-best-practices.md
@@ -1,7 +1,7 @@
---
assignees:
- mikedanese
-
+title: Best Practices for Configuration
---
This document is meant to highlight and consolidate in one place configuration best practices that are introduced throughout the user-guide and getting-started documentation and examples. This is a living document so if you think of something that is not on this list but might be useful to others, please don't hesitate to file an issue or submit a PR.
diff --git a/docs/user-guide/configmap/index.md b/docs/user-guide/configmap/index.md
index f37c83f4ac..90551dddb1 100644
--- a/docs/user-guide/configmap/index.md
+++ b/docs/user-guide/configmap/index.md
@@ -2,8 +2,9 @@
assignees:
- eparis
- pmorie
-
+title: Using ConfigMap
---
+
Many applications require configuration via some combination of config files, command line
arguments, and environment variables. These configuration artifacts should be decoupled from image
content in order to keep containerized applications portable. The ConfigMap API resource provides
diff --git a/docs/user-guide/configuring-containers.md b/docs/user-guide/configuring-containers.md
index 99dc823375..1fa82f52e9 100644
--- a/docs/user-guide/configuring-containers.md
+++ b/docs/user-guide/configuring-containers.md
@@ -2,7 +2,7 @@
assignees:
- caesarxuchao
- thockin
-
+title: Configuring Containers
---
* TOC
diff --git a/docs/user-guide/connecting-applications.md b/docs/user-guide/connecting-applications.md
index f75187d6c6..95d365bdb1 100644
--- a/docs/user-guide/connecting-applications.md
+++ b/docs/user-guide/connecting-applications.md
@@ -3,7 +3,7 @@ assignees:
- caesarxuchao
- lavalamp
- thockin
-
+title: Connecting Applications with Services
---
* TOC
diff --git a/docs/user-guide/connecting-to-applications-port-forward.md b/docs/user-guide/connecting-to-applications-port-forward.md
index 5876d2ab48..4855994736 100644
--- a/docs/user-guide/connecting-to-applications-port-forward.md
+++ b/docs/user-guide/connecting-to-applications-port-forward.md
@@ -2,7 +2,7 @@
assignees:
- caesarxuchao
- mikedanese
-
+title: Connect with Port Forwarding
---
kubectl port-forward forwards connections to a local port to a port on a pod. Its man page is available [here](/docs/user-guide/kubectl/kubectl_port-forward). Compared to [kubectl proxy](/docs/user-guide/accessing-the-cluster/#using-kubectl-proxy), `kubectl port-forward` is more generic as it can forward TCP traffic while `kubectl proxy` can only forward HTTP traffic. This guide demonstrates how to use `kubectl port-forward` to connect to a Redis database, which may be useful for database debugging.
diff --git a/docs/user-guide/connecting-to-applications-proxy.md b/docs/user-guide/connecting-to-applications-proxy.md
index 5404d2e769..559b06da9f 100644
--- a/docs/user-guide/connecting-to-applications-proxy.md
+++ b/docs/user-guide/connecting-to-applications-proxy.md
@@ -2,7 +2,7 @@
assignees:
- caesarxuchao
- lavalamp
-
+title: Connect with Proxies
---
You have seen the [basics](/docs/user-guide/accessing-the-cluster) about `kubectl proxy` and `apiserver proxy`. This guide shows how to use them together to access a service([kube-ui](/docs/user-guide/ui)) running on the Kubernetes cluster from your workstation.
diff --git a/docs/user-guide/container-environment.md b/docs/user-guide/container-environment.md
index 165d135de2..f3996b2eb5 100644
--- a/docs/user-guide/container-environment.md
+++ b/docs/user-guide/container-environment.md
@@ -2,7 +2,7 @@
assignees:
- mikedanese
- thockin
-
+title: Container Lifecycle Hooks
---
This document describes the environment for Kubelet managed containers on a Kubernetes node (kNode). In contrast to the Kubernetes cluster API, which provides an API for creating and managing containers, the Kubernetes container environment provides the container access to information about what else is going on in the cluster.
diff --git a/docs/user-guide/containers.md b/docs/user-guide/containers.md
index 83246e6fd0..f04b6f87d9 100644
--- a/docs/user-guide/containers.md
+++ b/docs/user-guide/containers.md
@@ -1,7 +1,7 @@
---
assignees:
- mikedanese
-
+title: Commands and Capabilities
---
* TOC
diff --git a/docs/user-guide/cron-jobs.md b/docs/user-guide/cron-jobs.md
index 6d88997cb3..9124852a80 100644
--- a/docs/user-guide/cron-jobs.md
+++ b/docs/user-guide/cron-jobs.md
@@ -3,13 +3,13 @@ assignees:
- erictune
- soltysh
- janetkuo
-
+title: Cron Jobs
---
* TOC
{:toc}
-## What is a _Cron Job_?
+## What is a Cron Job?
A _Cron Job_ manages time based [Jobs](/docs/user-guide/jobs/), namely:
diff --git a/docs/user-guide/debugging-pods-and-replication-controllers.md b/docs/user-guide/debugging-pods-and-replication-controllers.md
index a02de467bd..1242d331c7 100644
--- a/docs/user-guide/debugging-pods-and-replication-controllers.md
+++ b/docs/user-guide/debugging-pods-and-replication-controllers.md
@@ -1,7 +1,7 @@
---
assignees:
- bprashanth
-
+title: Debugging Pods and Replication Controllers
---
* TOC
diff --git a/docs/user-guide/debugging-services.md b/docs/user-guide/debugging-services.md
index d7e13889f4..35d63bb941 100644
--- a/docs/user-guide/debugging-services.md
+++ b/docs/user-guide/debugging-services.md
@@ -3,7 +3,7 @@ assignees:
- bprashanth
- janetkuo
- thockin
-
+title: Debugging Services
---
An issue that comes up rather frequently for new installations of Kubernetes is
diff --git a/docs/user-guide/deploying-applications.md b/docs/user-guide/deploying-applications.md
index 455a3378d2..9bbcd34282 100644
--- a/docs/user-guide/deploying-applications.md
+++ b/docs/user-guide/deploying-applications.md
@@ -3,10 +3,9 @@ assignees:
- bgrant0607
- caesarxuchao
- thockin
-
+title: Deploying Applications
---
-
* TOC
{:toc}
diff --git a/docs/user-guide/deployments.md b/docs/user-guide/deployments.md
index d160cce1e7..c53c1e19ae 100644
--- a/docs/user-guide/deployments.md
+++ b/docs/user-guide/deployments.md
@@ -2,13 +2,13 @@
assignees:
- bgrant0607
- janetkuo
-
+title: Deployments
---
* TOC
{:toc}
-## What is a _Deployment_?
+## What is a Deployment?
A _Deployment_ provides declarative updates for [Pods](/docs/user-guide/pods/) and [Replica Sets](/docs/user-guide/replicasets/) (the next-generation Replication Controller).
You only need to describe the desired state in a Deployment object, and the Deployment
@@ -395,6 +395,75 @@ Events:
You can set `.spec.revisionHistoryLimit` field to specify how much revision history of this deployment you want to keep. By default,
all revision history will be kept; explicitly setting this field to `0` disallows a deployment being rolled back.
+## Scaling a Deployment
+
+You can scale a Deployment by using the following command:
+
+```shell
+$ kubectl scale deployment nginx-deployment --replicas 10
+deployment "nginx-deployment" scaled
+```
+
+Assuming [horizontal pod autoscaling](/docs/user-guide/horizontal-pod-autoscaling/walkthrough.md) is enabled
+in your cluster, you can setup an autoscaler for your Deployment and choose the minimum and maximum number of
+Pods you want to run based on the CPU utilization of your existing Pods.
+
+```shell
+$ kubectl autoscale deployment nginx-deployment --min=10 --max=15 --cpu-percent=80
+deployment "nginx-deployment" autoscaled
+```
+
+RollingUpdate Deployments support running multitple versions of an application at the same time. When you
+or an autoscaler scales a RollingUpdate Deployment that is in the middle of a rollout (either in progress
+or paused), then the Deployment controller will balance the additional replicas in the existing active
+ReplicaSets (ReplicaSets with Pods) in order to mitigate risk. This is called *proportional scaling*.
+
+For example, you are running a Deployment with 10 replicas, [maxSurge](#max-surge)=3, and [maxUnavailable](#max-unavailable)=2.
+
+```shell
+$ kubectl get deploy
+NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
+nginx-deployment 10 10 10 10 50s
+```
+
+You update to a new image which happens to be unresolvable from inside the cluster.
+
+```shell
+$ kubectl set image deploy/nginx-deployment nginx=nginx:sometag
+deployment "nginx-deployment" image updated
+```
+
+The image update starts a new rollout with ReplicaSet nginx-deployment-1989198191 but it's blocked due to the
+maxUnavailable requirement that we mentioned above.
+
+```shell
+$ kubectl get rs
+NAME DESIRED CURRENT READY AGE
+nginx-deployment-1989198191 5 5 0 9s
+nginx-deployment-618515232 8 8 8 1m
+```
+
+Then a new scaling request for the Deployment comes along. The autoscaler increments the Deployment replicas
+to 15. The Deployment controller needs to decide where to add these new 5 replicas. If we weren't using
+proportional scaling, all 5 of them would be added in the new ReplicaSet. With proportional scaling, we
+spread the additional replicas across all ReplicaSets. Bigger proportions go to the ReplicaSets with the
+most replicas and lower proportions go to ReplicaSets with less replicas. Any leftovers are added to the
+ReplicaSet with the most replicas. ReplicaSets with zero replicas are not scaled up.
+
+In our example above, 3 replicas will be added to the old ReplicaSet and 2 replicas will be added to the
+new ReplicaSet. The rollout process should eventually move all replicas to the new ReplicaSet, assuming
+the new replicas become healthy.
+
+```shell
+$ kubectl get deploy
+NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
+nginx-deployment 15 18 7 8 7m
+$ kubectl get rs
+NAME DESIRED CURRENT READY AGE
+nginx-deployment-1989198191 7 7 0 7m
+nginx-deployment-618515232 11 11 11 7m
+```
+
## Pausing and Resuming a Deployment
You can also pause a Deployment mid-way and then resume it. A use case is to support canary deployment.
@@ -454,6 +523,163 @@ nginx-deployment-3066724191 0 0 1h
Note: You cannot rollback a paused Deployment until you resume it.
+## Deployment status
+
+A Deployment enters various states during its lifecycle. It can be [progressing](#progressing-deployment) while rolling out a new ReplicaSet,
+it can be [complete](#complete-deployment), or it can [fail to progress](#failed-deployment).
+
+### Progressing Deployment
+
+Kubernetes marks a Deployment as _progressing_ when one of the following tasks is performed:
+
+* The Deployment is in the process of creating a new ReplicaSet.
+* The Deployment is scaling up an existing ReplicaSet.
+* The Deployment is scaling down an existing ReplicaSet.
+
+You can monitor the progress for a Deployment by using `kubectl rollout status`.
+
+### Complete Deployment
+
+Kubernetes marks a Deployment as _complete_ when it has the following characteristics:
+
+* The Deployment has minimum availability. Minimum availability means that the Deployment's number of available replicas
+equals or exceeds the number required by the Deployment strategy.
+* All of the replicas associated with the Deployment have been updated to the latest version you've specified, meaning any
+updates you've requested have been completed.
+
+You can check if a Deployment has completed by using `kubectl rollout status`. If the rollout completed successfully, `kubectl rollout status` returns a zero exit code.
+
+```
+$ kubectl rollout status deploy/nginx
+Waiting for rollout to finish: 2 of 3 updated replicas are available...
+deployment "nginx" successfully rolled out
+$ echo $?
+0
+```
+
+### Failed Deployment
+
+Your Deployment may get stuck trying to deploy its newest ReplicaSet without ever completing. This can occur due to some of the following factors:
+
+* Insufficient quota
+* Readiness probe failures
+* Image pull errors
+* Insufficient permissions
+* Limit ranges
+* Application runtime misconfiguration
+
+One way you can detect this condition is to specify specify a deadline parameter in your Deployment spec: ([`spec.progressDeadlineSeconds`](#progress-deadline-seconds)). `spec.progressDeadlineSeconds` denotes the number of seconds the Deployment controller waits before indicating (via the Deployment status) that the Deployment progress has stalled.
+
+The following `kubectl` command sets the spec with `progressDeadlineSeconds` to make the controller report lack of progress for a Deployment after 10 minutes:
+
+```shell
+$ kubectl patch deployment/nginx-deployment -p '{"spec":{"progressDeadlineSeconds":600}}'
+"nginx-deployment" patched
+```
+Once the deadline has been exceeded, the Deployment controller adds a DeploymentCondition with the following attributes to
+the Deployment's `status.conditions`:
+
+* Type=Progressing
+* Status=False
+* Reason=ProgressDeadlineExceeded
+
+See the [Kubernetes API conventions](https://github.com/kubernetes/kubernetes/blob/{{page.githubbranch}}/docs/devel/api-conventions.md#typical-status-properties) for more information on status conditions.
+
+Note that in version 1.5, Kubernetes will take no action on a stalled Deployment other than to report a status condition with
+`Reason=ProgressDeadlineExceeded`.
+
+**Note:** If you pause a Deployment, Kubernetes does not check progress against your specified deadline. You can safely pause a Deployment in the middle of a rollout and resume without triggering a the condition for exceeding the deadline.
+
+You may experience transient errors with your Deployments, either due to a low timeout that you have set or due to any other kind
+of error that can be treated as transient. For example, let's suppose you have insufficient quota. If you describe the Deployment
+you will notice the following section:
+
+```
+$ kubectl describe deployment nginx-deployment
+<...>
+Conditions:
+ Type Status Reason
+ ---- ------ ------
+ Available True MinimumReplicasAvailable
+ Progressing True ReplicaSetUpdated
+ ReplicaFailure True FailedCreate
+<...>
+```
+
+If you run `kubectl get deployment nginx-deployment -o yaml`, the Deployement status might look like this:
+
+```
+status:
+ availableReplicas: 2
+ conditions:
+ - lastTransitionTime: 2016-10-04T12:25:39Z
+ lastUpdateTime: 2016-10-04T12:25:39Z
+ message: Replica set "nginx-deployment-4262182780" is progressing.
+ reason: ReplicaSetUpdated
+ status: "True"
+ type: Progressing
+ - lastTransitionTime: 2016-10-04T12:25:42Z
+ lastUpdateTime: 2016-10-04T12:25:42Z
+ message: Deployment has minimum availability.
+ reason: MinimumReplicasAvailable
+ status: "True"
+ type: Available
+ - lastTransitionTime: 2016-10-04T12:25:39Z
+ lastUpdateTime: 2016-10-04T12:25:39Z
+ message: 'Error creating: pods "nginx-deployment-4262182780-" is forbidden: exceeded quota:
+ object-counts, requested: pods=1, used: pods=3, limited: pods=2'
+ reason: FailedCreate
+ status: "True"
+ type: ReplicaFailure
+ observedGeneration: 3
+ replicas: 2
+ unavailableReplicas: 2
+```
+
+Eventually, once the Deployment progress deadline is exceeded, Kubernetes updates the status and the reason for the Progressing condition:
+
+```
+Conditions:
+ Type Status Reason
+ ---- ------ ------
+ Available True MinimumReplicasAvailable
+ Progressing False ProgressDeadlineExceeded
+ ReplicaFailure True FailedCreate
+```
+
+You can address an issue of insufficient quota by scaling down your Deployment, by scaling down other controllers you may be running,
+or by increasing quota in your namespace. If you satisfy the quota conditions and the Deployment controller then completes the Deployment
+rollout, you'll see the Deployment's status update with a successful condition (`Status=True` and `Reason=NewReplicaSetAvailable`).
+
+```
+Conditions:
+ Type Status Reason
+ ---- ------ ------
+ Available True MinimumReplicasAvailable
+ Progressing True NewReplicaSetAvailable
+```
+
+`Type=Available` with `Status=True` means that your Deployment has minimum availability. Minimum availability is dictated
+by the parameters specified in the deployment strategy. `Type=Progressing` with `Status=True` means that your Deployment
+is either in the middle of a rollout and it is progressing or that it has successfully completed its progress and the minimum
+required new replicas are available (see the Reason of the condition for the particulars - in our case
+`Reason=NewReplicaSetAvailable` means that the Deployment is complete).
+
+You can check if a Deployment has failed to progress by using `kubectl rollout status`. `kubectl rollout status` returns a non-zero exit code if the Deployment has exceeded the progression deadline.
+
+```
+$ kubectl rollout status deploy/nginx
+Waiting for rollout to finish: 2 out of 3 new replicas have been updated...
+error: deployment "nginx" exceeded its progress deadline
+$ echo $?
+1
+```
+
+### Operating on a failed deployment
+
+All actions that apply to a complete Deployment also apply to a failed Deployment. You can scale it up/down, roll back
+to a previous revision, or even pause it if you need to apply multiple tweaks in the Deployment pod template.
+
## Use Cases
### Canary Deployment
@@ -556,6 +782,17 @@ the rolling update starts, such that the total number of old and new Pods do not
the new Replica Set can be scaled up further, ensuring that the total number of Pods running
at any time during the update is at most 130% of desired Pods.
+### Progress Deadline Seconds
+
+`.spec.progressDeadlineSeconds` is an optional field that specifies the number of seconds you want
+to wait for your Deployment to progress before the system reports back that the Deployment has
+[failed progressing](#failed-deployment) - surfaced as a condition with `Type=Progressing`, `Status=False`.
+and `Reason=ProgressDeadlineExceeded` in the status of the resource. The deployment controller will keep
+retrying the Deployment. In the future, once automatic rollback will be implemented, the deployment
+controller will roll back a Deployment as soon as it observes such a condition.
+
+If specified, this field needs to be greater than `.spec.minReadySeconds`.
+
### Min Ready Seconds
`.spec.minReadySeconds` is an optional field that specifies the
diff --git a/docs/user-guide/docker-cli-to-kubectl.md b/docs/user-guide/docker-cli-to-kubectl.md
index 8438b2b356..152810e45c 100644
--- a/docs/user-guide/docker-cli-to-kubectl.md
+++ b/docs/user-guide/docker-cli-to-kubectl.md
@@ -3,7 +3,7 @@ assignees:
- bgrant0607
- brendandburns
- thockin
-
+title: kubectl for Docker Users
---
In this doc, we introduce the Kubernetes command line for interacting with the api to docker-cli users. The tool, kubectl, is designed to be familiar to docker-cli users but there are a few necessary differences. Each section of this doc highlights a docker subcommand explains the kubectl equivalent.
diff --git a/docs/user-guide/downward-api/index.md b/docs/user-guide/downward-api/index.md
index b485c98c00..1b4166ae66 100644
--- a/docs/user-guide/downward-api/index.md
+++ b/docs/user-guide/downward-api/index.md
@@ -2,7 +2,7 @@
assignees:
- bgrant0607
- mikedanese
-
+title: Using the Downward API to Convey Pod Properties
---
It is sometimes useful for a container to have information about itself, but we
diff --git a/docs/user-guide/downward-api/volume/index.md b/docs/user-guide/downward-api/volume/index.md
index 46f54d0776..882b2da1e9 100644
--- a/docs/user-guide/downward-api/volume/index.md
+++ b/docs/user-guide/downward-api/volume/index.md
@@ -1,4 +1,5 @@
---
+title: Downward API Volumes
---
Following this example, you will create a pod with a downward API volume.
diff --git a/docs/user-guide/environment-guide/index.md b/docs/user-guide/environment-guide/index.md
index 09657be4fc..64f1e4a019 100644
--- a/docs/user-guide/environment-guide/index.md
+++ b/docs/user-guide/environment-guide/index.md
@@ -1,9 +1,9 @@
----
-assignees:
-- mikedanese
-
----
-
+---
+assignees:
+- mikedanese
+title: Using Environment Variables
+---
+
This example demonstrates running pods, replication controllers, and
services. It shows two types of pods: frontend and backend, with
services on top of both. Accessing the frontend pod will return
diff --git a/docs/user-guide/federation/configmap.md b/docs/user-guide/federation/configmap.md
new file mode 100644
index 0000000000..93c9e75f55
--- /dev/null
+++ b/docs/user-guide/federation/configmap.md
@@ -0,0 +1,87 @@
+---
+title: Federated ConfigMap
+---
+
+This guide explains how to use ConfigMaps in a Federation control plane.
+
+* TOC
+{:toc}
+
+## Prerequisites
+
+This guide assumes that you have a running Kubernetes Cluster
+Federation installation. If not, then head over to the
+[federation admin guide](/docs/admin/federation/) to learn how to
+bring up a cluster federation (or have your cluster administrator do
+this for you).
+Other tutorials, such as Kelsey Hightower's
+[Federated Kubernetes Tutorial](https://github.com/kelseyhightower/kubernetes-cluster-federation),
+might also help you create a Federated Kubernetes cluster.
+
+You should also have a basic
+[working knowledge of Kubernetes](/docs/getting-started-guides/) in
+general and [ConfigMaps](/docs/user-guide/ConfigMaps/) in particular.
+
+## Overview
+
+Federated ConfigMaps are very similar to the traditional [Kubernetes
+ConfigMaps](/docs/user-guide/configmap/) and provide the same functionality.
+Creating them in the federation control plane ensures that they are synchronized
+across all the clusters in federation.
+
+
+## Creating a Federated ConfigMap
+
+The API for Federated ConfigMap is 100% compatible with the
+API for traditional Kubernetes ConfigMap. You can create a ConfigMap by sending
+a request to the federation apiserver.
+
+You can do that using [kubectl](/docs/user-guide/kubectl/) by running:
+
+``` shell
+kubectl --context=federation-cluster create -f myconfigmap.yaml
+```
+
+The `--context=federation-cluster` flag tells kubectl to submit the
+request to the Federation apiserver instead of sending it to a kubernetes
+cluster.
+
+Once a Federated ConfigMap is created, the federation control plane will create
+a matching ConfigMap in all underlying kubernetes clusters.
+You can verify this by checking each of the underlying clusters, for example:
+
+``` shell
+kubectl --context=gce-asia-east1a get configmap myconfigmap
+```
+
+The above assumes that you have a context named 'gce-asia-east1a'
+configured in your client for your cluster in that zone.
+
+These ConfigMaps in underlying clusters will match the Federated ConfigMap.
+
+
+## Updating a Federated ConfigMap
+
+You can update a Federated ConfigMap as you would update a Kubernetes
+ConfigMap; however, for a Federated ConfigMap, you must send the request to
+the federation apiserver instead of sending it to a specific Kubernetes cluster.
+The federation control plane ensures that whenever the Federated ConfigMap is
+updated, it updates the corresponding ConfigMaps in all underlying clusters to
+match it.
+
+## Deleting a Federated ConfigMap
+
+You can delete a Federated ConfigMap as you would delete a Kubernetes
+ConfigMap; however, for a Federated ConfigMap, you must send the request to
+the federation apiserver instead of sending it to a specific Kubernetes cluster.
+
+For example, you can do that using kubectl by running:
+
+```shell
+kubectl --context=federation-cluster delete configmap
+```
+
+Note that at this point, deleting a Federated ConfigMap will not delete the
+corresponding ConfigMaps from underlying clusters.
+You must delete the underlying ConfigMaps manually.
+We intend to fix this in the future.
diff --git a/docs/user-guide/federation/daemonsets.md b/docs/user-guide/federation/daemonsets.md
new file mode 100644
index 0000000000..069afd7ac8
--- /dev/null
+++ b/docs/user-guide/federation/daemonsets.md
@@ -0,0 +1,83 @@
+---
+title: Federated DaemonSet
+---
+
+This guide explains how to use DaemonSets in a federation control plane.
+
+* TOC
+{:toc}
+
+## Prerequisites
+
+This guide assumes that you have a running Kubernetes Cluster
+Federation installation. If not, then head over to the
+[federation admin guide](/docs/admin/federation/) to learn how to
+bring up a cluster federation (or have your cluster administrator do
+this for you).
+Other tutorials, such as Kelsey Hightower's
+[Federated Kubernetes Tutorial](https://github.com/kelseyhightower/kubernetes-cluster-federation),
+might also help you create a Federated Kubernetes cluster.
+
+You should also have a basic
+[working knowledge of Kubernetes](/docs/getting-started-guides/) in
+general and DaemonSets in particular.
+
+## Overview
+
+DaemonSets in federation control plane ("Federated Daemonsets" in
+this guide) are very similar to the traditional [Kubernetes
+DaemonSets](/docs/user-guide/DaemonSets/) and provide the same functionality.
+Creating them in the federation control plane ensures that they are synchronized
+across all the clusters in federation.
+
+
+## Creating a Federated Daemonset
+
+The API for Federated Daemonset is 100% compatible with the
+API for traditional Kubernetes DaemonSet. You can create a DaemonSet by sending
+a request to the federation apiserver.
+
+You can do that using [kubectl](/docs/user-guide/kubectl/) by running:
+
+``` shell
+kubectl --context=federation-cluster create -f mydaemonset.yaml
+```
+
+The `--context=federation-cluster` flag tells kubectl to submit the
+request to the Federation apiserver instead of sending it to a kubernetes
+cluster.
+
+Once a Federated Daemonset is created, the federation control plane will create
+a matching DaemonSet in all underlying kubernetes clusters.
+You can verify this by checking each of the underlying clusters, for example:
+
+``` shell
+kubectl --context=gce-asia-east1a get daemonset mydaemonset
+```
+
+The above assumes that you have a context named 'gce-asia-east1a'
+configured in your client for your cluster in that zone.
+
+These DaemonSets in underlying clusters will match the Federated Daemonset.
+
+
+## Updating a Federated Daemonset
+
+You can update a Federated Daemonset as you would update a Kubernetes
+DaemonSet; however, for a Federated Daemonset, you must send the request to
+the federation apiserver instead of sending it to a specific Kubernetes cluster.
+The federation control plane ensures that whenever the Federated Daemonset is
+updated, it updates the corresponding DaemonSets in all underlying clusters to
+match it.
+
+## Deleting a Federated Daemonset
+
+You can delete a Federated Daemonset as you would delete a Kubernetes
+DaemonSet; however, for a Federated Daemonset, you must send the request to
+the federation apiserver instead of sending it to a specific Kubernetes cluster.
+
+For example, you can do that using kubectl by running:
+
+```shell
+kubectl --context=federation-cluster delete daemonset mydaemonset
+```
\ No newline at end of file
diff --git a/docs/user-guide/federation/deployment.md b/docs/user-guide/federation/deployment.md
new file mode 100644
index 0000000000..b8a47f0a63
--- /dev/null
+++ b/docs/user-guide/federation/deployment.md
@@ -0,0 +1,108 @@
+---
+title: Federated Deployment
+---
+
+This guide explains how to use Deployments in the Federation control plane.
+
+* TOC
+{:toc}
+
+## Prerequisites
+
+This guide assumes that you have a running Kubernetes Cluster
+Federation installation. If not, then head over to the
+[federation admin guide](/docs/admin/federation/) to learn how to
+bring up a cluster federation (or have your cluster administrator do
+this for you).
+Other tutorials, such as Kelsey Hightower's
+[Federated Kubernetes Tutorial](https://github.com/kelseyhightower/kubernetes-cluster-federation),
+might also help you create a Federated Kubernetes cluster.
+
+You should also have a basic
+[working knowledge of Kubernetes](/docs/getting-started-guides/) in
+general and [Deployment](/docs/user-guide/deployment.md) in particular.
+
+## Overview
+
+Deployments in federation control plane (referred to as "Federated Deployments" in
+this guide) are very similar to the traditional [Kubernetes
+Deployment](/docs/user-guide/deployment.md), and provide the same functionality.
+Creating them in the federation control plane ensures that the desired number of
+replicas exist across the registered clusters.
+
+**As of Kubernetes version 1.5, Federated Deployment is an Alpha feature. The core
+functionality of Deployment is present, but some features
+(such as full rollout compatibility) are still in development.**
+
+## Creating a Federated Deployment
+
+The API for Federated Deployment is compatible with the
+API for traditional Kubernetes Deployment. You can create a Deployment by sending
+a request to the federation apiserver.
+
+You can do that using [kubectl](/docs/user-guide/kubectl/) by running:
+
+``` shell
+kubectl --context=federation-cluster create -f mydeployment.yaml
+```
+
+The '--context=federation-cluster' flag tells kubectl to submit the
+request to the Federation apiserver instead of sending it to a kubernetes
+cluster.
+
+Once a Federated Deployment is created, the federation control plane will create
+a Deployment in all underlying kubernetes clusters.
+You can verify this by checking each of the underlying clusters, for example:
+
+``` shell
+kubectl --context=gce-asia-east1a get deployment mydep
+```
+
+The above assumes that you have a context named 'gce-asia-east1a'
+configured in your client for your cluster in that zone.
+
+These Deployments in underlying clusters will match the federation Deployment
+_except_ in the number of replicas and revision-related annotations.
+Federation control plane ensures that the
+sum of replicas in each cluster combined matches the desired number of replicas in the
+Federated Deployment.
+
+### Spreading Replicas in Underlying Clusters
+
+By default, replicas are spread equally in all the underlying clusters. For ex:
+if you have 3 registered clusters and you create a Federated Deployment with
+`spec.replicas = 9`, then each Deployment in the 3 clusters will have
+`spec.replicas=3`.
+To modify the number of replicas in each cluster, you can specify
+[FederatedReplicaSetPreference](https://github.com/kubernetes/kubernetes/blob/{{page.githubbranch}}/federation/apis/federation/types.go)
+as an annotation with key `federation.kubernetes.io/replica-set-preferences`
+on Federated Deployment.
+
+
+## Updating a Federated Deployment
+
+You can update a Federated Deployment as you would update a Kubernetes
+Deployment; however, for a Federated Deployment, you must send the request to
+the federation apiserver instead of sending it to a specific Kubernetes cluster.
+The federation control plane ensures that whenever the Federated Deployment is
+updated, it updates the corresponding Deployments in all underlying clusters to
+match it. So if the rolling update strategy was chosen then the underlying
+cluster will do the rolling update independently and `maxSurge` and `maxUnavailable`
+will apply only to individual clusters. This behavior may change in the future.
+
+If your update includes a change in number of replicas, the federation
+control plane will change the number of replicas in underlying clusters to
+ensure that their sum remains equal to the number of desired replicas in
+Federated Deployment.
+
+## Deleting a Federated Deployment
+
+You can delete a Federated Deployment as you would delete a Kubernetes
+Deployment; however, for a Federated Deployment, you must send the request to
+the federation apiserver instead of sending it to a specific Kubernetes cluster.
+
+For example, you can do that using kubectl by running:
+
+```shell
+kubectl --context=federation-cluster delete deployment mydep
+```
diff --git a/docs/user-guide/federation/events.md b/docs/user-guide/federation/events.md
index a7e2a44a17..f1f8868466 100644
--- a/docs/user-guide/federation/events.md
+++ b/docs/user-guide/federation/events.md
@@ -1,4 +1,5 @@
---
+title: Federated Events
---
This guide explains how to use events in federation control plane to help in debugging.
diff --git a/docs/user-guide/federation/federated-ingress.md b/docs/user-guide/federation/federated-ingress.md
index 6198de1817..ff7638481e 100644
--- a/docs/user-guide/federation/federated-ingress.md
+++ b/docs/user-guide/federation/federated-ingress.md
@@ -1,4 +1,5 @@
---
+title: Federated Ingress
---
This guide explains how to use Kubernetes Federated Ingress to deploy
@@ -250,6 +251,44 @@ kept running, the Federated Ingress ensures that user traffic is
automatically redirected away from the failed cluster to other
available clusters.
+## Known issue
+
+GCE L7 load balancer back-ends and health checks are known to "flap"; this is due
+to conflicting firewall rules in the federation's underlying clusters, which might override one another. To work around this problem, you can
+install the firewall rules manually to expose the targets of all the
+underlying clusters in your federation for each Federated Ingress
+object. This way, the health checks can consistently pass and the GCE L7 load balancer
+can remain stable. You install the rules using the
+[`gcloud`](https://cloud.google.com/sdk/gcloud/) command line tool,
+[Google Cloud Console](https://console.cloud.google.com) or the
+[Google Compute Engine APIs](https://cloud.google.com/compute/docs/reference/latest/).
+
+You can install these rules using
+[`gcloud`](https://cloud.google.com/sdk/gcloud/) as follows:
+
+```shell
+gcloud compute firewall-rules create \
+ --source-ranges 130.211.0.0/22 --allow [] \
+ --target-tags [] \
+ --network
+```
+
+where:
+
+1. `firewall-rule-name` can be any name.
+2. `[]` is the comma separated list of node ports corresponding to the services that back the Federated Ingress.
+3. [] is the comma separated list of the target tags assigned to the nodes in a kubernetes cluster.
+4. is the name of the network where the firewall rule must be installed.
+
+Example:
+```shell
+gcloud compute firewall-rules create my-federated-ingress-firewall-rule \
+ --source-ranges 130.211.0.0/22 --allow tcp:30301, tcp:30061, tcp:34564 \
+ --target-tags my-cluster-1-minion, my-cluster-2-minion \
+ --network default
+```
+
+
## Troubleshooting
#### I cannot connect to my cluster federation API
diff --git a/docs/user-guide/federation/federated-services.md b/docs/user-guide/federation/federated-services.md
index 18c26d4014..354fbeca01 100644
--- a/docs/user-guide/federation/federated-services.md
+++ b/docs/user-guide/federation/federated-services.md
@@ -2,7 +2,7 @@
assignees:
- bprashanth
- quinton-hoole
-
+title: Cross-cluster Service Discovery using Federated Services
---
This guide explains how to use Kubernetes Federated Services to deploy
diff --git a/docs/user-guide/federation/index.md b/docs/user-guide/federation/index.md
index 9a8146d904..0c54a2c922 100644
--- a/docs/user-guide/federation/index.md
+++ b/docs/user-guide/federation/index.md
@@ -1,4 +1,5 @@
---
+title: Federation User Guide
---
This guide explains how we can manage multiple kubernetes clusters using
@@ -46,3 +47,26 @@ The following guides explain some of the resources in detail:
[API reference docs](/federation/docs/api-reference/readme/) lists all the
resources supported by federation apiserver.
+
+## Cascading deletion
+
+Kubernetes version 1.5 includes support for cascading deletion of federated
+resources. With cascading deletion, when you delete a resource from the
+federation control plane, the corresponding resources in all underlying clusters
+are also deleted.
+
+To enable cascading deletion, set the option
+`DeleteOptions.orphanDependents=false` when you delete a resource from the
+federation control plane.
+
+The following Federated resources are affected by cascading deletion:
+
+* Ingress
+* Namespace
+* ReplicaSet
+* Secret
+* Deployment
+* DaemonSet
+
+Note: By default, deleting a resource from federation control plane does not
+delete the corresponding resources from underlying clusters.
diff --git a/docs/user-guide/federation/namespaces.md b/docs/user-guide/federation/namespaces.md
index a64f6d0db6..9090f2a4ec 100644
--- a/docs/user-guide/federation/namespaces.md
+++ b/docs/user-guide/federation/namespaces.md
@@ -1,4 +1,5 @@
---
+title: Federated Namespaces
---
This guide explains how to use namespaces in Federation control plane.
diff --git a/docs/user-guide/federation/replicasets.md b/docs/user-guide/federation/replicasets.md
index d0ceaa8bde..c1213e9f32 100644
--- a/docs/user-guide/federation/replicasets.md
+++ b/docs/user-guide/federation/replicasets.md
@@ -1,4 +1,5 @@
---
+title: Federated ReplicaSets
---
This guide explains how to use replica sets in the Federation control plane.
diff --git a/docs/user-guide/federation/secrets.md b/docs/user-guide/federation/secrets.md
index b796dba56f..372ed30bfd 100644
--- a/docs/user-guide/federation/secrets.md
+++ b/docs/user-guide/federation/secrets.md
@@ -1,4 +1,5 @@
---
+title: Federated Secrets
---
This guide explains how to use secrets in Federation control plane.
diff --git a/docs/user-guide/federation/tmp/a b/docs/user-guide/federation/tmp/a
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/docs/user-guide/garbage-collection.md b/docs/user-guide/garbage-collection.md
index 2dc8e0c36a..fe55949f1f 100644
--- a/docs/user-guide/garbage-collection.md
+++ b/docs/user-guide/garbage-collection.md
@@ -1,7 +1,7 @@
---
assignees:
- caesarxuchao
-
+title: Garbage Collection (Beta)
---
* TOC
@@ -27,7 +27,7 @@ You can set up owner-dependent relationships among other objects by manually set
When deleting an object, you can request the GC to ***asynchronously*** delete its dependents by ***explicitly*** specifying `deleteOptions.orphanDependents=false` in the deletion request that you send to the API server. A 200 OK response from the API server indicates the owner is deleted.
-Synchronous garbage collection will be supported in 1.5 (tracking [issue](https://github.com/kubernetes/kubernetes/issues/29891)).
+In Kubernetes version 1.5, synchronous garbage collection is under active development. See the [tracking [issue](https://github.com/kubernetes/kubernetes/issues/29891) for more details.
If you specify `deleteOptions.orphanDependents=true`, or leave it blank, then the GC will first reset the `ownerReferences` in the dependents, then delete the owner. Note that the deletion of the owner object is asynchronous, that is, a 200 OK response will be sent by the API server before the owner object gets deleted.
diff --git a/docs/user-guide/getting-into-containers.md b/docs/user-guide/getting-into-containers.md
index f45da7b0eb..bf6a5a8a2f 100644
--- a/docs/user-guide/getting-into-containers.md
+++ b/docs/user-guide/getting-into-containers.md
@@ -2,7 +2,7 @@
assignees:
- caesarxuchao
- mikedanese
-
+title: Running Commands in a Container with kubectl exec
---
Developers can use `kubectl exec` to run commands in a container. This guide demonstrates two use cases.
diff --git a/docs/user-guide/horizontal-pod-autoscaling/index.md b/docs/user-guide/horizontal-pod-autoscaling/index.md
index fbdd11360a..76087ceff0 100644
--- a/docs/user-guide/horizontal-pod-autoscaling/index.md
+++ b/docs/user-guide/horizontal-pod-autoscaling/index.md
@@ -2,7 +2,7 @@
assignees:
- fgrzadkowski
- jszczepkowski
-
+title: Horizontal Pod Autoscaling
---
This document describes the current state of Horizontal Pod Autoscaling in Kubernetes.
@@ -90,7 +90,7 @@ The cluster has to be started with `ENABLE_CUSTOM_METRICS` environment variable
### Pod configuration
The pods to be scaled must have cAdvisor-specific custom (aka application) metrics endpoint configured. The configuration format is described [here](https://github.com/google/cadvisor/blob/master/docs/application_metrics.md). Kubernetes expects the configuration to
- be placed in `definition.json` mounted via a [config map](/docs/user-guide/horizontal-pod-autoscaling/configmap/) in `/etc/custom-metrics`. A sample config map may look like this:
+ be placed in `definition.json` mounted via a [config map](/docs/user-guide/configmap/) in `/etc/custom-metrics`. A sample config map may look like this:
```yaml
apiVersion: v1
diff --git a/docs/user-guide/horizontal-pod-autoscaling/walkthrough.md b/docs/user-guide/horizontal-pod-autoscaling/walkthrough.md
index 0f288352a0..af66f7dd8d 100644
--- a/docs/user-guide/horizontal-pod-autoscaling/walkthrough.md
+++ b/docs/user-guide/horizontal-pod-autoscaling/walkthrough.md
@@ -3,7 +3,7 @@ assignees:
- fgrzadkowski
- jszczepkowski
- justinsb
-
+title: Horizontal Pod Autoscaling
---
Horizontal Pod Autoscaling automatically scales the number of pods
diff --git a/docs/user-guide/identifiers.md b/docs/user-guide/identifiers.md
index e28bac0e56..195ff57de4 100644
--- a/docs/user-guide/identifiers.md
+++ b/docs/user-guide/identifiers.md
@@ -2,7 +2,7 @@
assignees:
- mikedanese
- thockin
-
+title: Names
---
All objects in the Kubernetes REST API are unambiguously identified by a Name and a UID.
diff --git a/docs/user-guide/images.md b/docs/user-guide/images.md
index 582961593f..44e7363b89 100644
--- a/docs/user-guide/images.md
+++ b/docs/user-guide/images.md
@@ -2,7 +2,7 @@
assignees:
- erictune
- thockin
-
+title: Images
---
Each container in a pod has its own image. Currently, the only type of image supported is a [Docker Image](https://docs.docker.com/engine/tutorials/dockerimages/).
@@ -39,6 +39,7 @@ Credentials can be provided in several ways:
- Using AWS EC2 Container Registry (ECR)
- use IAM roles and policies to control access to ECR repositories
- automatically refreshes ECR login credentials
+ - Using Azure Container Registry (ACR)
- Configuring Nodes to Authenticate to a Private Registry
- all pods can read any configured private registries
- requires node configuration by cluster administrator
@@ -100,6 +101,25 @@ Troubleshooting:
- `plugins.go:56] Registering credential provider: aws-ecr-key`
- `provider.go:91] Refreshing cache for provider: *aws_credentials.ecrProvider`
+### Using Azure Container Registry (ACR)
+When using [Azure Container Registry](https://azure.microsoft.com/en-us/services/container-registry/)
+you can authenticate using either an admin user or a service principal.
+In either case, authentication is done via standard Docker authentication. These instructions assume the
+[azure-cli](https://github.com/azure/azure-cli) command line tool.
+
+You first need to create a registry and generate credentials, complete documentation for this can be found in
+the [Azure container registry documentation](https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-azure-cli).
+
+Once you have created your container registry, you will use the following credentials to login:
+ * `DOCKER_USER` : service principal, or admin username
+ * `DOCKER_PASSWORD`: service principal password, or admin user password
+ * `DOCKER_REGISTRY_SERVER`: `${some-registry-name}.azurecr.io`
+ * `DOCKER_EMAIL`: `${some-email-address}`
+
+Once you have those variables filled in you can [configure a Kubernetes Secret and use it to deploy a Pod]
+(http://kubernetes.io/docs/user-guide/images/#specifying-imagepullsecrets-on-a-pod).
+
+
### Configuring Nodes to Authenticate to a Private Repository
**Note:** if you are running on Google Container Engine (GKE), there will already be a `.dockercfg` on each node
diff --git a/docs/user-guide/index.md b/docs/user-guide/index.md
index 4a4eb3ab54..394aa3d131 100644
--- a/docs/user-guide/index.md
+++ b/docs/user-guide/index.md
@@ -1,13 +1,13 @@
---
assignees:
- davidopp
-
+title: User Guide
---
The Kubernetes **Guides** can help you work with various aspects of the Kubernetes system.
* The Kubernetes [User Guide](#user-guide-internal) can help you run programs and services on an existing Kubernetes cluster.
-* The [Cluster Admin Guide](/docs/admin/) can help you set up and administrate your own Kubernetes cluster.
+* The [Cluster Admin Guide](/docs/admin/) can help you set up and administrate your own Kubernetes cluster.
* The [Developer Guide](https://github.com/kubernetes/kubernetes/tree/{{page.githubbranch}}/docs/devel) can help you either write code to directly access the Kubernetes API, or to contribute directly to the Kubernetes project.
## Kubernetes User Guide
diff --git a/docs/user-guide/ingress.md b/docs/user-guide/ingress.md
index a8324bea24..c510de1d62 100644
--- a/docs/user-guide/ingress.md
+++ b/docs/user-guide/ingress.md
@@ -1,7 +1,7 @@
---
assignees:
- bprashanth
-
+title: Ingress Resources
---
* TOC
diff --git a/docs/user-guide/introspection-and-debugging.md b/docs/user-guide/introspection-and-debugging.md
index 78b1a44862..a8ff5351f5 100644
--- a/docs/user-guide/introspection-and-debugging.md
+++ b/docs/user-guide/introspection-and-debugging.md
@@ -2,7 +2,7 @@
assignees:
- janetkuo
- thockin
-
+title: Application Introspection and Debugging
---
Once your application is running, you'll inevitably need to debug problems with it.
@@ -108,7 +108,7 @@ The container state is one of Waiting, Running, or Terminated. Depending on the
Ready tells you whether the container passed its last readiness probe. (In this case, the container does not have a readiness probe configured; the container is assumed to be ready if no readiness probe is configured.)
-Restart Count tells you how many times the container has restarted; this information can be useful for detecting crash loops in containers that are configured with a restart policy of 'always.'?
+Restart Count tells you how many times the container has been restarted; this information can be useful for detecting crash loops in containers that are configured with a restart policy of 'always.'
Currently the only Condition associated with a Pod is the binary Ready condition, which indicates that the pod is able to service requests and should be added to the load balancing pools of all matching services.
diff --git a/docs/user-guide/jobs.md b/docs/user-guide/jobs.md
index 89ce8c708c..0d71bc5e56 100644
--- a/docs/user-guide/jobs.md
+++ b/docs/user-guide/jobs.md
@@ -2,13 +2,13 @@
assignees:
- erictune
- soltysh
-
+title: Jobs
---
* TOC
{:toc}
-## What is a _job_?
+## What is a job?
A _job_ creates one or more pods and ensures that a specified number of them successfully terminate.
As pods successfully complete, the _job_ tracks the successful completions. When a specified number
@@ -21,6 +21,12 @@ due to a node hardware failure or a node reboot).
A Job can also be used to run multiple pods in parallel.
+### extensions/v1beta1.Job is deprecated
+
+Starting from version 1.5 `extensions/v1beta1.Job` is being deprecated, with a plan to be removed in
+version 1.6 of kubernetes (see this [issue](https://github.com/kubernetes/kubernetes/issues/32763)).
+Please use `batch/v1.Job` instead.
+
## Running an example Job
Here is an example Job config. It computes π to 2000 places and prints it out.
diff --git a/docs/user-guide/jobs/expansions/index.md b/docs/user-guide/jobs/expansions/index.md
index 9dd2786530..70eb90a623 100644
--- a/docs/user-guide/jobs/expansions/index.md
+++ b/docs/user-guide/jobs/expansions/index.md
@@ -1,4 +1,5 @@
---
+title: Parallel Processing using Expansions
---
* TOC
diff --git a/docs/user-guide/jobs/work-queue-1/index.md b/docs/user-guide/jobs/work-queue-1/index.md
index 9b0735b574..60703a03e3 100644
--- a/docs/user-guide/jobs/work-queue-1/index.md
+++ b/docs/user-guide/jobs/work-queue-1/index.md
@@ -1,4 +1,5 @@
---
+title: Coarse Parallel Processing using a Work Queue
---
* TOC
diff --git a/docs/user-guide/jobs/work-queue-2/index.md b/docs/user-guide/jobs/work-queue-2/index.md
index fc31850c91..98d327d9a9 100644
--- a/docs/user-guide/jobs/work-queue-2/index.md
+++ b/docs/user-guide/jobs/work-queue-2/index.md
@@ -1,4 +1,5 @@
---
+title: Fine Parallel Processing using a Work Queue
---
* TOC
diff --git a/docs/user-guide/jsonpath.md b/docs/user-guide/jsonpath.md
index 01a3e1d03c..74ce7bbc77 100644
--- a/docs/user-guide/jsonpath.md
+++ b/docs/user-guide/jsonpath.md
@@ -1,5 +1,5 @@
---
-
+title: JSONpath Support
---
JSONPath template is composed of JSONPath expressions enclosed by {}.
diff --git a/docs/user-guide/kubeconfig-file.md b/docs/user-guide/kubeconfig-file.md
index 3db16e17de..3f861ef2d2 100644
--- a/docs/user-guide/kubeconfig-file.md
+++ b/docs/user-guide/kubeconfig-file.md
@@ -1,10 +1,10 @@
----
-assignees:
-- mikedanese
-- thockin
-
----
-
+---
+assignees:
+- mikedanese
+- thockin
+title: Authenticating Across Clusters with kubeconfig
+---
+
Authentication in kubernetes can differ for different individuals.
- A running kubelet might have one way of authenticating (i.e. certificates).
diff --git a/docs/user-guide/kubectl-cheatsheet.md b/docs/user-guide/kubectl-cheatsheet.md
index 3a1148c00c..56c4660f18 100644
--- a/docs/user-guide/kubectl-cheatsheet.md
+++ b/docs/user-guide/kubectl-cheatsheet.md
@@ -4,7 +4,7 @@ assignees:
- erictune
- krousey
- clove
-
+title: kubectl Cheat Sheet
---
See also: [Kubectl Overview](/docs/user-guide/kubectl-overview/) and [JsonPath Guide](/docs/user-guide/jsonpath).
diff --git a/docs/user-guide/kubectl-conventions.md b/docs/user-guide/kubectl-conventions.md
index 291eb712fa..fb0c467321 100644
--- a/docs/user-guide/kubectl-conventions.md
+++ b/docs/user-guide/kubectl-conventions.md
@@ -2,7 +2,7 @@
assignees:
- bgrant0607
- janetkuo
-
+title: kubectl Usage Conventions
---
* TOC
@@ -36,7 +36,9 @@ In order for `kubectl run` to satisfy infrastructure as code:
* Pod - use `run-pod/v1`.
* Replication controller - use `run/v1`.
* Deployment - use `deployment/v1beta1`.
-* Job (using `extension/v1beta1` endpoint) - use `job/v1beta1`.
+* Job (using `extension/v1beta1` endpoint) - use `job/v1beta1`. Starting from
+ version 1.5 of kuberentes this generator is deprecated, with a plan to be
+ removed in 1.6. Please use `job/v1` instead.
* Job - use `job/v1`.
* CronJob - use `cronjob/v2alpha1`.
diff --git a/docs/user-guide/kubectl-overview.md b/docs/user-guide/kubectl-overview.md
index cc08e47c68..99c1575e84 100644
--- a/docs/user-guide/kubectl-overview.md
+++ b/docs/user-guide/kubectl-overview.md
@@ -2,7 +2,7 @@
assignees:
- bgrant0607
- hw-qiaolei
-
+title: kubectl Overview
---
`kubectl` is a command line interface for running commands against Kubernetes clusters. This overview covers `kubectl` syntax, describes the command operations, and provides common examples. For details about each command, including all the supported flags and subcommands, see the [kubectl](/docs/user-guide/kubectl) reference documentation. For installation instructions see [prerequisites](/docs/user-guide/prereqs).
@@ -18,7 +18,6 @@ kubectl [command] [TYPE] [NAME] [flags]
```
where `command`, `TYPE`, `NAME`, and `flags` are:
-
* `command`: Specifies the operation that you want to perform on one or more resources, for example `create`, `get`, `describe`, `delete`.
* `TYPE`: Specifies the [resource type](#resource-types). Resource types are case-sensitive and you can specify the singular, plural, or abbreviated forms. For example, the following commands produce the same output:
@@ -27,11 +26,9 @@ where `command`, `TYPE`, `NAME`, and `flags` are:
$ kubectl get pods pod1
$ kubectl get po pod1
```
-
* `NAME`: Specifies the name of the resource. Names are case-sensitive. If the name is omitted, details for all resources are displayed, for example `$ kubectl get pods`.
When performing an operation on multiple resources, you can specify each resource by type and name or specify one or more files:
-
* To specify resources by type and name:
* To group resources if they are all the same type: `TYPE1 name1 name2 name<#>`
Example: `$ kubectl get pod example-pod1 example-pod2`
diff --git a/docs/user-guide/kubectl/index.md b/docs/user-guide/kubectl/index.md
index 53af54780e..75fc6c06bf 100644
--- a/docs/user-guide/kubectl/index.md
+++ b/docs/user-guide/kubectl/index.md
@@ -1,4 +1,5 @@
---
+title: kubectl
---
## kubectl
@@ -19,28 +20,29 @@ kubectl
### Options
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
### SEE ALSO
@@ -50,11 +52,13 @@ kubectl
* [kubectl apply](kubectl_apply.md) - Apply a configuration to a resource by filename or stdin
* [kubectl attach](kubectl_attach.md) - Attach to a running container
* [kubectl autoscale](kubectl_autoscale.md) - Auto-scale a Deployment, ReplicaSet, or ReplicationController
+* [kubectl certificate](kubectl_certificate.md) - Modify certificate resources.
* [kubectl cluster-info](kubectl_cluster-info.md) - Display cluster info
* [kubectl completion](kubectl_completion.md) - Output shell completion code for the given shell (bash or zsh)
* [kubectl config](kubectl_config.md) - Modify kubeconfig files
* [kubectl convert](kubectl_convert.md) - Convert config files between different API versions
* [kubectl cordon](kubectl_cordon.md) - Mark node as unschedulable
+* [kubectl cp](kubectl_cp.md) - Copy files and directories to and from containers.
* [kubectl create](kubectl_create.md) - Create a resource by filename or stdin
* [kubectl delete](kubectl_delete.md) - Delete resources by filenames, stdin, resources and names, or by resources and label selector
* [kubectl describe](kubectl_describe.md) - Show details of a specific resource or group of resources
@@ -66,7 +70,6 @@ kubectl
* [kubectl get](kubectl_get.md) - Display one or many resources
* [kubectl label](kubectl_label.md) - Update the labels on a resource
* [kubectl logs](kubectl_logs.md) - Print the logs for a container in a pod
-* [kubectl namespace](kubectl_namespace.md) - Deprecated: config set-context
* [kubectl options](kubectl_options.md) -
* [kubectl patch](kubectl_patch.md) - Update field(s) of a resource using strategic merge patch
* [kubectl port-forward](kubectl_port-forward.md) - Forward one or more local ports to a pod
@@ -82,11 +85,7 @@ kubectl
* [kubectl uncordon](kubectl_uncordon.md) - Mark node as schedulable
* [kubectl version](kubectl_version.md) - Print the client and server version information
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_annotate.md b/docs/user-guide/kubectl/kubectl_annotate.md
index a6cf10855f..07f2bc5c52 100644
--- a/docs/user-guide/kubectl/kubectl_annotate.md
+++ b/docs/user-guide/kubectl/kubectl_annotate.md
@@ -1,4 +1,5 @@
---
+title: kubectl annotate
---
## kubectl annotate
@@ -8,40 +9,43 @@ Update the annotations on a resource
### Synopsis
-
Update the annotations on one or more resources.
-An annotation is a key/value pair that can hold larger (compared to a label), and possibly not human-readable, data.
-It is intended to store non-identifying auxiliary data, especially data manipulated by tools and system extensions.
-If --overwrite is true, then existing annotations can be overwritten, otherwise attempting to overwrite an annotation will result in an error.
-If --resource-version is specified, then updates will use this resource version, otherwise the existing resource-version will be used.
+ * An annotation is a key/value pair that can hold larger (compared to a label), and possibly not human-readable, data.
+ * It is intended to store non-identifying auxiliary data, especially data manipulated by tools and system extensions.
+ * If --overwrite is true, then existing annotations can be overwritten, otherwise attempting to overwrite an annotation will result in an error.
+ * If --resource-version is specified, then updates will use this resource version, otherwise the existing resource-version will be used.
Valid resource types include:
- * clusters (valid only for federation apiservers)
- * componentstatuses (aka 'cs')
- * configmaps (aka 'cm')
- * daemonsets (aka 'ds')
- * deployments (aka 'deploy')
- * events (aka 'ev')
- * endpoints (aka 'ep')
- * horizontalpodautoscalers (aka 'hpa')
- * ingress (aka 'ing')
- * jobs
- * limitranges (aka 'limits')
- * nodes (aka 'no')
- * namespaces (aka 'ns')
- * petsets (alpha feature, may be unstable)
- * pods (aka 'po')
- * persistentvolumes (aka 'pv')
- * persistentvolumeclaims (aka 'pvc')
- * quota
- * resourcequotas (aka 'quota')
- * replicasets (aka 'rs')
- * replicationcontrollers (aka 'rc')
- * secrets
- * serviceaccounts (aka 'sa')
- * services (aka 'svc')
+ * clusters (valid only for federation apiservers)
+ * componentstatuses (aka 'cs')
+ * configmaps (aka 'cm')
+ * daemonsets (aka 'ds')
+ * deployments (aka 'deploy')
+ * endpoints (aka 'ep')
+ * events (aka 'ev')
+ * horizontalpodautoscalers (aka 'hpa')
+ * ingresses (aka 'ing')
+ * jobs
+ * limitranges (aka 'limits')
+ * namespaces (aka 'ns')
+ * networkpolicies
+ * nodes (aka 'no')
+ * persistentvolumeclaims (aka 'pvc')
+ * persistentvolumes (aka 'pv')
+ * pods (aka 'po')
+ * podsecuritypolicies (aka 'psp')
+ * podtemplates
+ * replicasets (aka 'rs')
+ * replicationcontrollers (aka 'rc')
+ * resourcequotas (aka 'quota')
+ * secrets
+ * serviceaccounts (aka 'sa')
+ * services (aka 'svc')
+ * statefulsets
+ * storageclasses
+ * thirdpartyresources
```
kubectl annotate [--overwrite] (-f FILENAME | TYPE NAME) KEY_1=VAL_1 ... KEY_N=VAL_N [--resource-version=version]
@@ -50,34 +54,34 @@ kubectl annotate [--overwrite] (-f FILENAME | TYPE NAME) KEY_1=VAL_1 ... KEY_N=V
### Examples
```
-
-# Update pod 'foo' with the annotation 'description' and the value 'my frontend'.
-# If the same annotation is set multiple times, only the last value will be applied
-kubectl annotate pods foo description='my frontend'
-
-# Update a pod identified by type and name in "pod.json"
-kubectl annotate -f pod.json description='my frontend'
-
-# Update pod 'foo' with the annotation 'description' and the value 'my frontend running nginx', overwriting any existing value.
-kubectl annotate --overwrite pods foo description='my frontend running nginx'
-
-# Update all pods in the namespace
-kubectl annotate pods --all description='my frontend running nginx'
-
-# Update pod 'foo' only if the resource is unchanged from version 1.
-kubectl annotate pods foo description='my frontend running nginx' --resource-version=1
-
-# Update pod 'foo' by removing an annotation named 'description' if it exists.
-# Does not require the --overwrite flag.
-kubectl annotate pods foo description-
+ # Update pod 'foo' with the annotation 'description' and the value 'my frontend'.
+ # If the same annotation is set multiple times, only the last value will be applied
+ kubectl annotate pods foo description='my frontend'
+
+ # Update a pod identified by type and name in "pod.json"
+ kubectl annotate -f pod.json description='my frontend'
+
+ # Update pod 'foo' with the annotation 'description' and the value 'my frontend running nginx', overwriting any existing value.
+ kubectl annotate --overwrite pods foo description='my frontend running nginx'
+
+ # Update all pods in the namespace
+ kubectl annotate pods --all description='my frontend running nginx'
+
+ # Update pod 'foo' only if the resource is unchanged from version 1.
+ kubectl annotate pods foo description='my frontend running nginx' --resource-version=1
+
+ # Update pod 'foo' by removing an annotation named 'description' if it exists.
+ # Does not require the --overwrite flag.
+ kubectl annotate pods foo description-
```
### Options
```
--all select all resources in the namespace of the specified resource types
- -f, --filename value Filename, directory, or URL to a file identifying the resource to update the annotation (default [])
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
+ --dry-run If true, only print the object that would be sent, without sending it.
+ -f, --filename stringSlice Filename, directory, or URL to files identifying the resource to update the annotation
+ --local If true, annotation will NOT contact api-server but run locally.
--no-headers When using the default or custom-column output format, don't print headers.
-o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
--output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
@@ -95,37 +99,34 @@ kubectl annotate pods foo description-
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_api-versions.md b/docs/user-guide/kubectl/kubectl_api-versions.md
index b6a14e3ba5..cc79a82059 100644
--- a/docs/user-guide/kubectl/kubectl_api-versions.md
+++ b/docs/user-guide/kubectl/kubectl_api-versions.md
@@ -1,4 +1,5 @@
---
+title: kubectl api-versions
---
## kubectl api-versions
@@ -17,37 +18,34 @@ kubectl api-versions
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_apply.md b/docs/user-guide/kubectl/kubectl_apply.md
index ad21e9cbdc..c729263d6c 100644
--- a/docs/user-guide/kubectl/kubectl_apply.md
+++ b/docs/user-guide/kubectl/kubectl_apply.md
@@ -1,4 +1,5 @@
---
+title: kubectl apply
---
## kubectl apply
@@ -8,13 +9,12 @@ Apply a configuration to a resource by filename or stdin
### Synopsis
-
-Apply a configuration to a resource by filename or stdin.
-This resource will be created if it doesn't exist yet.
-To use 'apply', always create the resource initially with either 'apply' or 'create --save-config'.
+Apply a configuration to a resource by filename or stdin. This resource will be created if it doesn't exist yet. To use 'apply', always create the resource initially with either 'apply' or 'create --save-config'.
JSON and YAML formats are accepted.
+Alpha Disclaimer: the --prune functionality is not yet complete. Do not use unless you are aware of what the current state is. See https://issues.k8s.io/34274.
+
```
kubectl apply -f FILENAME
```
@@ -22,61 +22,78 @@ kubectl apply -f FILENAME
### Examples
```
-
-# Apply the configuration in pod.json to a pod.
-kubectl apply -f ./pod.json
-
-# Apply the JSON passed into stdin to a pod.
-cat pod.json | kubectl apply -f -
+ # Apply the configuration in pod.json to a pod.
+ kubectl apply -f ./pod.json
+
+ # Apply the JSON passed into stdin to a pod.
+ cat pod.json | kubectl apply -f -
+
+ # Note: --prune is still in Alpha
+ # Apply the configuration in manifest.yaml that matches label app=nginx and delete all the other resources that are not in the file and match label app=nginx.
+ kubectl apply --prune -f manifest.yaml -l app=nginx
+
+ # Apply the configuration in manifest.yaml and delete all the other configmaps that are not in the file.
+ kubectl apply --prune -f manifest.yaml --all --prune-whitelist=core/v1/ConfigMap
```
### Options
```
- -f, --filename value Filename, directory, or URL to file that contains the configuration to apply (default [])
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
- -o, --output string Output mode. Use "-o name" for shorter output (resource/name).
- --overwrite Automatically resolve conflicts between the modified and live configuration by using values from the modified configuration (default true)
- --record Record current kubectl command in the resource annotation. If set to false, do not record the command. If set to true, record the command. If not set, default to updating the existing annotation value only if one already exists.
- -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
- --schema-cache-dir string If non-empty, load/store cached API schemas in this directory, default is '$HOME/.kube/schema' (default "~/.kube/schema")
- --validate If true, use a schema to validate the input before sending it (default true)
+ --all [-all] to select all the specified resources.
+ --cascade Only relevant during a prune or a force apply. If true, cascade the deletion of the resources managed by pruned or deleted resources (e.g. Pods created by a ReplicationController). (default true)
+ --dry-run If true, only print the object that would be sent, without sending it.
+ -f, --filename stringSlice Filename, directory, or URL to files that contains the configuration to apply
+ --force Delete and re-create the specified resource, when PATCH encounters conflict and has retried for 5 times.
+ --grace-period int Only relevant during a prune or a force apply. Period of time in seconds given to pruned or deleted resources to terminate gracefully. Ignored if negative. (default -1)
+ --no-headers When using the default or custom-column output format, don't print headers.
+ -o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
+ --output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
+ --overwrite Automatically resolve conflicts between the modified and live configuration by using values from the modified configuration (default true)
+ --prune Automatically delete resource objects that do not appear in the configs and are created by either apply or create --save-config. Should be used with either -l or --all.
+ --prune-whitelist stringArray Overwrite the default whitelist with for --prune
+ --record Record current kubectl command in the resource annotation. If set to false, do not record the command. If set to true, record the command. If not set, default to updating the existing annotation value only if one already exists.
+ -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
+ --schema-cache-dir string If non-empty, load/store cached API schemas in this directory, default is '$HOME/.kube/schema' (default "~/.kube/schema")
+ -l, --selector string Selector (label query) to filter on
+ -a, --show-all When printing, show all resources (default hide terminated pods.)
+ --show-labels When printing, show all labels as the last column (default hide labels column)
+ --sort-by string If non-empty, sort list types using this field specification. The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.
+ --template string Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
+ --timeout duration Only relevant during a force apply. The length of time to wait before giving up on a delete of the old resource, zero means determine a timeout from the size of the object. Any other values should contain a corresponding time unit (e.g. 1s, 2m, 3h).
+ --validate If true, use a schema to validate the input before sending it (default true)
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_attach.md b/docs/user-guide/kubectl/kubectl_attach.md
index 0e90db298b..f19e557fc9 100644
--- a/docs/user-guide/kubectl/kubectl_attach.md
+++ b/docs/user-guide/kubectl/kubectl_attach.md
@@ -1,4 +1,5 @@
---
+title: kubectl attach
---
## kubectl attach
@@ -17,16 +18,15 @@ kubectl attach POD -c CONTAINER
### Examples
```
-
-# Get output from running pod 123456-7890, using the first container by default
-kubectl attach 123456-7890
-
-# Get output from ruby-container from pod 123456-7890
-kubectl attach 123456-7890 -c ruby-container
-
-# Switch to raw terminal mode, sends stdin to 'bash' in ruby-container from pod 123456-7890
-# and sends stdout/stderr from 'bash' back to the client
-kubectl attach 123456-7890 -c ruby-container -i -t
+ # Get output from running pod 123456-7890, using the first container by default
+ kubectl attach 123456-7890
+
+ # Get output from ruby-container from pod 123456-7890
+ kubectl attach 123456-7890 -c ruby-container
+
+ # Switch to raw terminal mode, sends stdin to 'bash' in ruby-container from pod 123456-7890
+ # and sends stdout/stderr from 'bash' back to the client
+ kubectl attach 123456-7890 -c ruby-container -i -t
```
### Options
@@ -40,37 +40,34 @@ kubectl attach 123456-7890 -c ruby-container -i -t
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_autoscale.md b/docs/user-guide/kubectl/kubectl_autoscale.md
index b99b9bcc19..d996c94d72 100644
--- a/docs/user-guide/kubectl/kubectl_autoscale.md
+++ b/docs/user-guide/kubectl/kubectl_autoscale.md
@@ -1,4 +1,5 @@
---
+title: kubectl autoscale
---
## kubectl autoscale
@@ -8,11 +9,9 @@ Auto-scale a Deployment, ReplicaSet, or ReplicationController
### Synopsis
-
Creates an autoscaler that automatically chooses and sets the number of pods that run in a kubernetes cluster.
-Looks up a Deployment, ReplicaSet, or ReplicationController by name and creates an autoscaler that uses the given resource as a reference.
-An autoscaler can automatically increase or decrease number of pods deployed within the system as needed.
+Looks up a Deployment, ReplicaSet, or ReplicationController by name and creates an autoscaler that uses the given resource as a reference. An autoscaler can automatically increase or decrease number of pods deployed within the system as needed.
```
kubectl autoscale (-f FILENAME | TYPE NAME | TYPE/NAME) [--min=MINPODS] --max=MAXPODS [--cpu-percent=CPU] [flags]
@@ -21,12 +20,11 @@ kubectl autoscale (-f FILENAME | TYPE NAME | TYPE/NAME) [--min=MINPODS] --max=MA
### Examples
```
-
-# Auto scale a deployment "foo", with the number of pods between 2 and 10, target CPU utilization specified so a default autoscaling policy will be used:
-kubectl autoscale deployment foo --min=2 --max=10
-
-# Auto scale a replication controller "foo", with the number of pods between 1 and 5, target CPU utilization at 80%:
-kubectl autoscale rc foo --max=5 --cpu-percent=80
+ # Auto scale a deployment "foo", with the number of pods between 2 and 10, target CPU utilization specified so a default autoscaling policy will be used:
+ kubectl autoscale deployment foo --min=2 --max=10
+
+ # Auto scale a replication controller "foo", with the number of pods between 1 and 5, target CPU utilization at 80%:
+ kubectl autoscale rc foo --max=5 --cpu-percent=80
```
### Options
@@ -34,9 +32,8 @@ kubectl autoscale rc foo --max=5 --cpu-percent=80
```
--cpu-percent int The target average CPU utilization (represented as a percent of requested CPU) over all the pods. If it's not specified or negative, a default autoscaling policy will be used. (default -1)
--dry-run If true, only print the object that would be sent, without sending it.
- -f, --filename value Filename, directory, or URL to a file identifying the resource to autoscale. (default [])
+ -f, --filename stringSlice Filename, directory, or URL to files identifying the resource to autoscale.
--generator string The name of the API generator to use. Currently there is only 1 generator. (default "horizontalpodautoscaler/v1")
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
--max int The upper limit for the number of pods that can be set by the autoscaler. Required. (default -1)
--min int The lower limit for the number of pods that can be set by the autoscaler. If it's not specified or negative, the server will apply a default value. (default -1)
--name string The name for the newly created object. If not specified, the name of the input resource will be used.
@@ -55,37 +52,34 @@ kubectl autoscale rc foo --max=5 --cpu-percent=80
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_certificate.md b/docs/user-guide/kubectl/kubectl_certificate.md
new file mode 100644
index 0000000000..8cc7080b4b
--- /dev/null
+++ b/docs/user-guide/kubectl/kubectl_certificate.md
@@ -0,0 +1,50 @@
+---
+---
+## kubectl certificate
+
+Modify certificate resources.
+
+### Synopsis
+
+
+Modify certificate resources.
+
+```
+kubectl certificate SUBCOMMAND
+```
+
+### Options inherited from parent commands
+
+```
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
+```
+
+
+
+###### Auto generated by spf13/cobra on 13-Dec-2016
+
+
+[]()
+
diff --git a/docs/user-guide/kubectl/kubectl_certificate_approve.md b/docs/user-guide/kubectl/kubectl_certificate_approve.md
new file mode 100644
index 0000000000..706d77928c
--- /dev/null
+++ b/docs/user-guide/kubectl/kubectl_certificate_approve.md
@@ -0,0 +1,62 @@
+---
+---
+## kubectl certificate approve
+
+Approve a certificate signing request
+
+### Synopsis
+
+
+Approve a certificate signing request.
+
+kubectl certificate approve allows a cluster admin to approve a certificate signing request (CSR). This action tells a certificate signing controller to issue a certificate to the requestor with the attributes requested in the CSR.
+
+SECURITY NOTICE: Depending on the requested attributes, the issued certificate can potentially grant a requester access to cluster resources or to authenticate as a requested identity. Before approving a CSR, ensure you understand what the signed certificate can do.
+
+```
+kubectl certificate approve (-f FILENAME | NAME)
+```
+
+### Options
+
+```
+ -f, --filename stringSlice Filename, directory, or URL to files identifying the resource to update
+ -o, --output string Output mode. Use "-o name" for shorter output (resource/name).
+ -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
+```
+
+### Options inherited from parent commands
+
+```
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
+```
+
+
+
+###### Auto generated by spf13/cobra on 13-Dec-2016
+
+
+[]()
+
diff --git a/docs/user-guide/kubectl/kubectl_certificate_deny.md b/docs/user-guide/kubectl/kubectl_certificate_deny.md
new file mode 100644
index 0000000000..bd691f8795
--- /dev/null
+++ b/docs/user-guide/kubectl/kubectl_certificate_deny.md
@@ -0,0 +1,60 @@
+---
+---
+## kubectl certificate deny
+
+Deny a certificate signing request
+
+### Synopsis
+
+
+Deny a certificate signing request.
+
+kubectl certificate deny allows a cluster admin to deny a certificate signing request (CSR). This action tells a certificate signing controller to not to issue a certificate to the requestor.
+
+```
+kubectl certificate deny (-f FILENAME | NAME)
+```
+
+### Options
+
+```
+ -f, --filename stringSlice Filename, directory, or URL to files identifying the resource to update
+ -o, --output string Output mode. Use "-o name" for shorter output (resource/name).
+ -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
+```
+
+### Options inherited from parent commands
+
+```
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
+```
+
+
+
+###### Auto generated by spf13/cobra on 13-Dec-2016
+
+
+[]()
+
diff --git a/docs/user-guide/kubectl/kubectl_cluster-info.md b/docs/user-guide/kubectl/kubectl_cluster-info.md
index 4d1105b086..46823b69f8 100644
--- a/docs/user-guide/kubectl/kubectl_cluster-info.md
+++ b/docs/user-guide/kubectl/kubectl_cluster-info.md
@@ -1,4 +1,5 @@
---
+title: kubectl cluster-info
---
## kubectl cluster-info
@@ -8,8 +9,7 @@ Display cluster info
### Synopsis
-Display addresses of the master and services with label kubernetes.io/cluster-service=true
-To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
+Display addresses of the master and services with label kubernetes.io/cluster-service=true To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
```
kubectl cluster-info
@@ -18,43 +18,39 @@ kubectl cluster-info
### Options
```
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_cluster-info_dump.md b/docs/user-guide/kubectl/kubectl_cluster-info_dump.md
index d672149697..b6675452f5 100644
--- a/docs/user-guide/kubectl/kubectl_cluster-info_dump.md
+++ b/docs/user-guide/kubectl/kubectl_cluster-info_dump.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl cluster-info dump
Dump lots of relevant info for debugging and diagnosis
@@ -8,15 +7,9 @@ Dump lots of relevant info for debugging and diagnosis
### Synopsis
+Dumps cluster info out suitable for debugging and diagnosing cluster problems. By default, dumps everything to stdout. You can optionally specify a directory with --output-directory. If you specify a directory, kubernetes will build a set of files in that directory. By default only dumps things in the 'kube-system' namespace, but you can switch to a different namespace with the --namespaces flag, or specify --all-namespaces to dump all namespaces.
-Dumps cluster info out suitable for debugging and diagnosing cluster problems. By default, dumps everything to
-stdout. You can optionally specify a directory with --output-directory. If you specify a directory, kubernetes will
-build a set of files in that directory. By default only dumps things in the 'kube-system' namespace, but you can
-switch to a different namespace with the --namespaces flag, or specify --all-namespaces to dump all namespaces.
-
-The command also dumps the logs of all of the pods in the cluster, these logs are dumped into different directories
-based on namespace and pod name.
-
+The command also dumps the logs of all of the pods in the cluster, these logs are dumped into different directories based on namespace and pod name.
```
kubectl cluster-info dump
@@ -25,61 +18,58 @@ kubectl cluster-info dump
### Examples
```
-# Dump current cluster state to stdout
-kubectl cluster-info dump
-
-# Dump current cluster state to /path/to/cluster-state
-kubectl cluster-info dump --output-directory=/path/to/cluster-state
-
-# Dump all namespaces to stdout
-kubectl cluster-info dump --all-namespaces
-
-# Dump a set of namespaces to /path/to/cluster-state
-kubectl cluster-info dump --namespaces default,kube-system --output-directory=/path/to/cluster-state
+ # Dump current cluster state to stdout
+ kubectl cluster-info dump
+
+ # Dump current cluster state to /path/to/cluster-state
+ kubectl cluster-info dump --output-directory=/path/to/cluster-state
+
+ # Dump all namespaces to stdout
+ kubectl cluster-info dump --all-namespaces
+
+ # Dump a set of namespaces to /path/to/cluster-state
+ kubectl cluster-info dump --namespaces default,kube-system --output-directory=/path/to/cluster-state
```
### Options
```
--all-namespaces If true, dump all namespaces. If true, --namespaces is ignored.
- --namespaces value A comma separated list of namespaces to dump. (default [])
+ --namespaces stringSlice A comma separated list of namespaces to dump.
--output-directory string Where to output the files. If empty or '-' uses stdout, otherwise creates a directory hierarchy in that directory
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_completion.md b/docs/user-guide/kubectl/kubectl_completion.md
index bead2c68fd..125b7791cd 100644
--- a/docs/user-guide/kubectl/kubectl_completion.md
+++ b/docs/user-guide/kubectl/kubectl_completion.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl completion
Output shell completion code for the given shell (bash or zsh)
@@ -10,69 +9,57 @@ Output shell completion code for the given shell (bash or zsh)
Output shell completion code for the given shell (bash or zsh).
-This command prints shell code which must be evaluation to provide interactive
-completion of kubectl commands.
+This command prints shell code which must be evaluation to provide interactive completion of kubectl commands.
+ $ source <(kubectl completion bash)
+
+will load the kubectl completion code for bash. Note that this depends on the bash-completion framework. It must be sourced before sourcing the kubectl completion, e.g. on the Mac:
+
+ $ brew install bash-completion
+ $ source $(brew --prefix)/etc/bash_completion
+ $ source <(kubectl completion bash)
+
+If you use zsh [1], the following will load kubectl zsh completion:
+
+ $ source <(kubectl completion zsh)
+
+ [1] zsh completions are only supported in versions of zsh >= 5.2
```
kubectl completion SHELL
```
-### Examples
-
-```
-
-$ source <(kubectl completion bash)
-
-will load the kubectl completion code for bash. Note that this depends on the
-bash-completion framework. It must be sourced before sourcing the kubectl
-completion, e.g. on the Mac:
-
-$ brew install bash-completion
-$ source $(brew --prefix)/etc/bash_completion
-$ source <(kubectl completion bash)
-
-If you use zsh*, the following will load kubectl zsh completion:
-
-$ source <(kubectl completion zsh)
-
-* zsh completions are only supported in versions of zsh >= 5.2
-```
-
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_config.md b/docs/user-guide/kubectl/kubectl_config.md
index a9c41de181..441db2334a 100644
--- a/docs/user-guide/kubectl/kubectl_config.md
+++ b/docs/user-guide/kubectl/kubectl_config.md
@@ -1,4 +1,5 @@
---
+title: kubectl config
---
## kubectl config
@@ -11,10 +12,10 @@ Modify kubeconfig files
Modify kubeconfig files using subcommands like "kubectl config set current-context my-context"
The loading order follows these rules:
-1. If the --kubeconfig flag is set, then only that file is loaded. The flag may only be set once and no merging takes place.
-2. If $KUBECONFIG environment variable is set, then it is used a list of paths (normal path delimitting rules for your system). These paths are merged. When a value is modified, it is modified in the file that defines the stanza. When a value is created, it is created in the first file that exists. If no files in the chain exist, then it creates the last file in the list.
-3. Otherwise, ${HOME}/.kube/config is used and no merging takes place.
+ 1. If the --kubeconfig flag is set, then only that file is loaded. The flag may only be set once and no merging takes place.
+ 2. If $KUBECONFIG environment variable is set, then it is used a list of paths (normal path delimitting rules for your system). These paths are merged. When a value is modified, it is modified in the file that defines the stanza. When a value is created, it is created in the first file that exists. If no files in the chain exist, then it creates the last file in the list.
+ 3. Otherwise, ${HOME}/.kube/config is used and no merging takes place.
```
kubectl config SUBCOMMAND
@@ -29,36 +30,33 @@ kubectl config SUBCOMMAND
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_config_current-context.md b/docs/user-guide/kubectl/kubectl_config_current-context.md
index 64fd7adbdb..0257ce6b58 100644
--- a/docs/user-guide/kubectl/kubectl_config_current-context.md
+++ b/docs/user-guide/kubectl/kubectl_config_current-context.md
@@ -1,4 +1,5 @@
---
+title: kubectl config current-context
---
## kubectl config current-context
@@ -8,7 +9,6 @@ Displays the current-context
### Synopsis
-
Displays the current-context
```
@@ -18,45 +18,41 @@ kubectl config current-context
### Examples
```
-
-# Display the current-context
-kubectl config current-context
+ # Display the current-context
+ kubectl config current-context
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string use a particular kubeconfig file
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string use a particular kubeconfig file
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_config_delete-cluster.md b/docs/user-guide/kubectl/kubectl_config_delete-cluster.md
index b42ad2c6a7..db5ef7013e 100644
--- a/docs/user-guide/kubectl/kubectl_config_delete-cluster.md
+++ b/docs/user-guide/kubectl/kubectl_config_delete-cluster.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl config delete-cluster
Delete the specified cluster from the kubeconfig
@@ -17,37 +16,34 @@ kubectl config delete-cluster NAME
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string use a particular kubeconfig file
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string use a particular kubeconfig file
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_config_delete-context.md b/docs/user-guide/kubectl/kubectl_config_delete-context.md
index 4d3bc05331..aaf1cf4125 100644
--- a/docs/user-guide/kubectl/kubectl_config_delete-context.md
+++ b/docs/user-guide/kubectl/kubectl_config_delete-context.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl config delete-context
Delete the specified context from the kubeconfig
@@ -17,37 +16,34 @@ kubectl config delete-context NAME
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string use a particular kubeconfig file
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string use a particular kubeconfig file
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_config_get-clusters.md b/docs/user-guide/kubectl/kubectl_config_get-clusters.md
index 0a78eb7684..4ab7420856 100644
--- a/docs/user-guide/kubectl/kubectl_config_get-clusters.md
+++ b/docs/user-guide/kubectl/kubectl_config_get-clusters.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl config get-clusters
Display clusters defined in the kubeconfig
@@ -17,37 +16,34 @@ kubectl config get-clusters
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string use a particular kubeconfig file
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string use a particular kubeconfig file
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_config_get-contexts.md b/docs/user-guide/kubectl/kubectl_config_get-contexts.md
index 4a4486f927..6a247bc734 100644
--- a/docs/user-guide/kubectl/kubectl_config_get-contexts.md
+++ b/docs/user-guide/kubectl/kubectl_config_get-contexts.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl config get-contexts
Describe one or many contexts
@@ -17,11 +16,11 @@ kubectl config get-contexts [(-o|--output=)name)]
### Examples
```
-# List all the contexts in your kubeconfig file
-kubectl config get-contexts
-
-# Describe one context in your kubeconfig file.
-kubectl config get-contexts my-context
+ # List all the contexts in your kubeconfig file
+ kubectl config get-contexts
+
+ # Describe one context in your kubeconfig file.
+ kubectl config get-contexts my-context
```
### Options
@@ -34,37 +33,34 @@ kubectl config get-contexts my-context
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string use a particular kubeconfig file
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string use a particular kubeconfig file
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_config_set-cluster.md b/docs/user-guide/kubectl/kubectl_config_set-cluster.md
index 3da8dbc094..c835a0d255 100644
--- a/docs/user-guide/kubectl/kubectl_config_set-cluster.md
+++ b/docs/user-guide/kubectl/kubectl_config_set-cluster.md
@@ -1,4 +1,5 @@
---
+title: kubectl config set-cluster
---
## kubectl config set-cluster
@@ -8,8 +9,8 @@ Sets a cluster entry in kubeconfig
### Synopsis
-
Sets a cluster entry in kubeconfig.
+
Specifying a name that already exists will merge new fields on top of existing values for those fields.
```
@@ -19,58 +20,54 @@ kubectl config set-cluster NAME [--server=server] [--certificate-authority=path/
### Examples
```
-
-# Set only the server field on the e2e cluster entry without touching other values.
-kubectl config set-cluster e2e --server=https://1.2.3.4
-
-# Embed certificate authority data for the e2e cluster entry
-kubectl config set-cluster e2e --certificate-authority=~/.kube/e2e/kubernetes.ca.crt
-
-# Disable cert checking for the dev cluster entry
-kubectl config set-cluster e2e --insecure-skip-tls-verify=true
+ # Set only the server field on the e2e cluster entry without touching other values.
+ kubectl config set-cluster e2e --server=https://1.2.3.4
+
+ # Embed certificate authority data for the e2e cluster entry
+ kubectl config set-cluster e2e --certificate-authority=~/.kube/e2e/kubernetes.ca.crt
+
+ # Disable cert checking for the dev cluster entry
+ kubectl config set-cluster e2e --insecure-skip-tls-verify=true
```
### Options
```
- --api-version value api-version for the cluster entry in kubeconfig
- --certificate-authority value path to certificate-authority file for the cluster entry in kubeconfig
- --embed-certs value[=true] embed-certs for the cluster entry in kubeconfig
- --insecure-skip-tls-verify value[=true] insecure-skip-tls-verify for the cluster entry in kubeconfig
- --server value server for the cluster entry in kubeconfig
+ --api-version string api-version for the cluster entry in kubeconfig
+ --certificate-authority string path to certificate-authority file for the cluster entry in kubeconfig
+ --embed-certs tristate[=true] embed-certs for the cluster entry in kubeconfig
+ --insecure-skip-tls-verify tristate[=true] insecure-skip-tls-verify for the cluster entry in kubeconfig
+ --server string server for the cluster entry in kubeconfig
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --kubeconfig string use a particular kubeconfig file
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --kubeconfig string use a particular kubeconfig file
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_config_set-context.md b/docs/user-guide/kubectl/kubectl_config_set-context.md
index 86db115730..9fcdce00c8 100644
--- a/docs/user-guide/kubectl/kubectl_config_set-context.md
+++ b/docs/user-guide/kubectl/kubectl_config_set-context.md
@@ -1,4 +1,5 @@
---
+title: kubectl config set-context
---
## kubectl config set-context
@@ -8,8 +9,8 @@ Sets a context entry in kubeconfig
### Synopsis
-
Sets a context entry in kubeconfig
+
Specifying a name that already exists will merge new fields on top of existing values for those fields.
```
@@ -19,50 +20,46 @@ kubectl config set-context NAME [--cluster=cluster_nickname] [--user=user_nickna
### Examples
```
-
-# Set the user field on the gce context entry without touching other values
-kubectl config set-context gce --user=cluster-admin
+ # Set the user field on the gce context entry without touching other values
+ kubectl config set-context gce --user=cluster-admin
```
### Options
```
- --cluster value cluster for the context entry in kubeconfig
- --namespace value namespace for the context entry in kubeconfig
- --user value user for the context entry in kubeconfig
+ --cluster string cluster for the context entry in kubeconfig
+ --namespace string namespace for the context entry in kubeconfig
+ --user string user for the context entry in kubeconfig
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string use a particular kubeconfig file
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string use a particular kubeconfig file
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_config_set-credentials.md b/docs/user-guide/kubectl/kubectl_config_set-credentials.md
index 49743220f2..31a3907a71 100644
--- a/docs/user-guide/kubectl/kubectl_config_set-credentials.md
+++ b/docs/user-guide/kubectl/kubectl_config_set-credentials.md
@@ -1,4 +1,5 @@
---
+title: kubectl config set-credentials
---
## kubectl config set-credentials
@@ -8,12 +9,12 @@ Sets a user entry in kubeconfig
### Synopsis
-
Sets a user entry in kubeconfig
+
Specifying a name that already exists will merge new fields on top of existing values.
Client-certificate flags:
- --client-certificate=certfile --client-key=keyfile
+ --client-certificate=certfile --client-key=keyfile
Bearer token flags:
--token=bearer_token
@@ -21,8 +22,7 @@ Specifying a name that already exists will merge new fields on top of existing v
Basic auth flags:
--username=basic_user --password=basic_password
- Bearer token and basic auth are mutually exclusive.
-
+Bearer token and basic auth are mutually exclusive.
```
kubectl config set-credentials NAME [--client-certificate=path/to/certfile] [--client-key=path/to/keyfile] [--token=bearer_token] [--username=basic_user] [--password=basic_password] [--auth-provider=provider_name] [--auth-provider-arg=key=value]
@@ -31,69 +31,65 @@ kubectl config set-credentials NAME [--client-certificate=path/to/certfile] [--c
### Examples
```
-
-# Set only the "client-key" field on the "cluster-admin"
-# entry, without touching other values:
-kubectl config set-credentials cluster-admin --client-key=~/.kube/admin.key
-
-# Set basic auth for the "cluster-admin" entry
-kubectl config set-credentials cluster-admin --username=admin --password=uXFGweU9l35qcif
-
-# Embed client certificate data in the "cluster-admin" entry
-kubectl config set-credentials cluster-admin --client-certificate=~/.kube/admin.crt --embed-certs=true
-
-# Enable the Google Compute Platform auth provider for the "cluster-admin" entry
-kubectl config set-credentials cluster-admin --auth-provider=gcp
-
-# Enable the OpenID Connect auth provider for the "cluster-admin" entry with additional args
-kubectl config set-credentials cluster-admin --auth-provider=oidc --auth-provider-arg=client-id=foo --auth-provider-arg=client-secret=bar
-
-# Remove the "client-secret" config value for the OpenID Connect auth provider for the "cluster-admin" entry
-kubectl config set-credentials cluster-admin --auth-provider=oidc --auth-provider-arg=client-secret-
+ # Set only the "client-key" field on the "cluster-admin"
+ # entry, without touching other values:
+ kubectl config set-credentials cluster-admin --client-key=~/.kube/admin.key
+
+ # Set basic auth for the "cluster-admin" entry
+ kubectl config set-credentials cluster-admin --username=admin --password=uXFGweU9l35qcif
+
+ # Embed client certificate data in the "cluster-admin" entry
+ kubectl config set-credentials cluster-admin --client-certificate=~/.kube/admin.crt --embed-certs=true
+
+ # Enable the Google Compute Platform auth provider for the "cluster-admin" entry
+ kubectl config set-credentials cluster-admin --auth-provider=gcp
+
+ # Enable the OpenID Connect auth provider for the "cluster-admin" entry with additional args
+ kubectl config set-credentials cluster-admin --auth-provider=oidc --auth-provider-arg=client-id=foo --auth-provider-arg=client-secret=bar
+
+ # Remove the "client-secret" config value for the OpenID Connect auth provider for the "cluster-admin" entry
+ kubectl config set-credentials cluster-admin --auth-provider=oidc --auth-provider-arg=client-secret-
```
### Options
```
- --auth-provider value auth provider for the user entry in kubeconfig
- --auth-provider-arg value 'key=value' arugments for the auth provider (default [])
- --client-certificate value path to client-certificate file for the user entry in kubeconfig
- --client-key value path to client-key file for the user entry in kubeconfig
- --embed-certs value[=true] embed client cert/key for the user entry in kubeconfig
- --password value password for the user entry in kubeconfig
- --token value token for the user entry in kubeconfig
- --username value username for the user entry in kubeconfig
+ --auth-provider string auth provider for the user entry in kubeconfig
+ --auth-provider-arg stringSlice 'key=value' arugments for the auth provider
+ --client-certificate string path to client-certificate file for the user entry in kubeconfig
+ --client-key string path to client-key file for the user entry in kubeconfig
+ --embed-certs tristate[=true] embed client cert/key for the user entry in kubeconfig
+ --password string password for the user entry in kubeconfig
+ --token string token for the user entry in kubeconfig
+ --username string username for the user entry in kubeconfig
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string use a particular kubeconfig file
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --user string The name of the kubeconfig user to use
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string use a particular kubeconfig file
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --user string The name of the kubeconfig user to use
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_config_set.md b/docs/user-guide/kubectl/kubectl_config_set.md
index 52d8b6397c..dc82b45c7f 100644
--- a/docs/user-guide/kubectl/kubectl_config_set.md
+++ b/docs/user-guide/kubectl/kubectl_config_set.md
@@ -1,4 +1,5 @@
---
+title: kubectl config set
---
## kubectl config set
@@ -8,10 +9,11 @@ Sets an individual value in a kubeconfig file
### Synopsis
-
Sets an individual value in a kubeconfig file
-PROPERTY_NAME is a dot delimited name where each token represents either an attribute name or a map key. Map keys may not contain dots.
-PROPERTY_VALUE is the new value you wish to set. Binary fields such as 'certificate-authority-data' expect a base64 encoded string unless the --set-raw-bytes flag is used.
+
+PROPERTY _NAME is a dot delimited name where each token represents either an attribute name or a map key. Map keys may not contain dots.
+
+PROPERTY _VALUE is the new value you wish to set. Binary fields such as 'certificate-authority-data' expect a base64 encoded string unless the --set-raw-bytes flag is used.
```
kubectl config set PROPERTY_NAME PROPERTY_VALUE
@@ -20,43 +22,40 @@ kubectl config set PROPERTY_NAME PROPERTY_VALUE
### Options
```
- --set-raw-bytes value[=true] When writing a []byte PROPERTY_VALUE, write the given string directly without base64 decoding.
+ --set-raw-bytes tristate[=true] When writing a []byte PROPERTY_VALUE, write the given string directly without base64 decoding.
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string use a particular kubeconfig file
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string use a particular kubeconfig file
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_config_unset.md b/docs/user-guide/kubectl/kubectl_config_unset.md
index 3ee8de73fc..e435fc1f46 100644
--- a/docs/user-guide/kubectl/kubectl_config_unset.md
+++ b/docs/user-guide/kubectl/kubectl_config_unset.md
@@ -1,4 +1,5 @@
---
+title: kubectl config unset
---
## kubectl config unset
@@ -8,9 +9,9 @@ Unsets an individual value in a kubeconfig file
### Synopsis
-
Unsets an individual value in a kubeconfig file
-PROPERTY_NAME is a dot delimited name where each token represents either an attribute name or a map key. Map keys may not contain dots.
+
+PROPERTY _NAME is a dot delimited name where each token represents either an attribute name or a map key. Map keys may not contain dots.
```
kubectl config unset PROPERTY_NAME
@@ -19,37 +20,34 @@ kubectl config unset PROPERTY_NAME
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string use a particular kubeconfig file
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string use a particular kubeconfig file
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_config_use-context.md b/docs/user-guide/kubectl/kubectl_config_use-context.md
index 66cc439eac..d87130d583 100644
--- a/docs/user-guide/kubectl/kubectl_config_use-context.md
+++ b/docs/user-guide/kubectl/kubectl_config_use-context.md
@@ -1,4 +1,5 @@
---
+title: kubectl config use-context
---
## kubectl config use-context
@@ -17,37 +18,34 @@ kubectl config use-context CONTEXT_NAME
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string use a particular kubeconfig file
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string use a particular kubeconfig file
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_config_view.md b/docs/user-guide/kubectl/kubectl_config_view.md
index aed1c205c8..ef7f6649c1 100644
--- a/docs/user-guide/kubectl/kubectl_config_view.md
+++ b/docs/user-guide/kubectl/kubectl_config_view.md
@@ -1,4 +1,5 @@
---
+title: kubectl config view
---
## kubectl config view
@@ -8,7 +9,6 @@ Display merged kubeconfig settings or a specified kubeconfig file
### Synopsis
-
Display merged kubeconfig settings or a specified kubeconfig file.
You can use --output jsonpath={...} to extract specific values using a jsonpath expression.
@@ -20,19 +20,18 @@ kubectl config view
### Examples
```
-
-# Show Merged kubeconfig settings.
-kubectl config view
-
-# Get the password for the e2e user
-kubectl config view -o jsonpath='{.users[?(@.name == "e2e")].user.password}'
+ # Show Merged kubeconfig settings.
+ kubectl config view
+
+ # Get the password for the e2e user
+ kubectl config view -o jsonpath='{.users[?(@.name == "e2e")].user.password}'
```
### Options
```
--flatten flatten the resulting kubeconfig file into self-contained output (useful for creating portable kubeconfig files)
- --merge value[=true] merge the full hierarchy of kubeconfig files (default true)
+ --merge tristate[=true] merge the full hierarchy of kubeconfig files (default true)
--minify remove all information not used by current-context from the output
--no-headers When using the default or custom-column output format, don't print headers.
-o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
@@ -47,37 +46,34 @@ kubectl config view -o jsonpath='{.users[?(@.name == "e2e")].user.password}'
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string use a particular kubeconfig file
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string use a particular kubeconfig file
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_convert.md b/docs/user-guide/kubectl/kubectl_convert.md
index e46e6fdd15..b37b32ff28 100644
--- a/docs/user-guide/kubectl/kubectl_convert.md
+++ b/docs/user-guide/kubectl/kubectl_convert.md
@@ -1,4 +1,5 @@
---
+title: kubectl convert
---
## kubectl convert
@@ -8,17 +9,11 @@ Convert config files between different API versions
### Synopsis
+Convert config files between different API versions. Both YAML and JSON formats are accepted.
-Convert config files between different API versions. Both YAML
-and JSON formats are accepted.
-
-The command takes filename, directory, or URL as input, and convert it into format
-of version specified by --output-version flag. If target version is not specified or
-not supported, convert to latest version.
-
-The default output will be printed to stdout in YAML format. One can use -o option
-to change to output destination.
+The command takes filename, directory, or URL as input, and convert it into format of version specified by --output-version flag. If target version is not specified or not supported, convert to latest version.
+The default output will be printed to stdout in YAML format. One can use -o option to change to output destination.
```
kubectl convert -f FILENAME
@@ -27,24 +22,21 @@ kubectl convert -f FILENAME
### Examples
```
-
-# Convert 'pod.yaml' to latest version and print to stdout.
-kubectl convert -f pod.yaml
-
-# Convert the live state of the resource specified by 'pod.yaml' to the latest version
-# and print to stdout in json format.
-kubectl convert -f pod.yaml --local -o json
-
-# Convert all files under current directory to latest version and create them all.
-kubectl convert -f . | kubectl create -f -
-
+ # Convert 'pod.yaml' to latest version and print to stdout.
+ kubectl convert -f pod.yaml
+
+ # Convert the live state of the resource specified by 'pod.yaml' to the latest version
+ # and print to stdout in json format.
+ kubectl convert -f pod.yaml --local -o json
+
+ # Convert all files under current directory to latest version and create them all.
+ kubectl convert -f . | kubectl create -f -
```
### Options
```
- -f, --filename value Filename, directory, or URL to file to need to get converted. (default [])
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
+ -f, --filename stringSlice Filename, directory, or URL to files to need to get converted.
--local If true, convert will NOT try to contact api-server but run locally. (default true)
--no-headers When using the default or custom-column output format, don't print headers.
-o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
@@ -61,37 +53,34 @@ kubectl convert -f . | kubectl create -f -
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_cordon.md b/docs/user-guide/kubectl/kubectl_cordon.md
index 5d757265d8..3ca7782fd4 100644
--- a/docs/user-guide/kubectl/kubectl_cordon.md
+++ b/docs/user-guide/kubectl/kubectl_cordon.md
@@ -1,4 +1,5 @@
---
+title: kubectl cordon
---
## kubectl cordon
@@ -8,10 +9,8 @@ Mark node as unschedulable
### Synopsis
-
Mark node as unschedulable.
-
```
kubectl cordon NODE
```
@@ -19,46 +18,41 @@ kubectl cordon NODE
### Examples
```
-
-# Mark node "foo" as unschedulable.
-kubectl cordon foo
-
+ # Mark node "foo" as unschedulable.
+ kubectl cordon foo
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_cp.md b/docs/user-guide/kubectl/kubectl_cp.md
new file mode 100644
index 0000000000..39d0880f12
--- /dev/null
+++ b/docs/user-guide/kubectl/kubectl_cp.md
@@ -0,0 +1,76 @@
+---
+---
+## kubectl cp
+
+Copy files and directories to and from containers.
+
+### Synopsis
+
+
+Copy files and directories to and from containers.
+
+```
+kubectl cp
+```
+
+### Examples
+
+```
+ # !!!Important Note!!!
+ # Requires that the 'tar' binary is present in your container
+ # image. If 'tar' is not present, 'kubectl cp' will fail.
+
+ # Copy /tmp/foo_dir local directory to /tmp/bar_dir in a remote pod in the default namespace
+ kubectl cp /tmp/foo_dir :/tmp/bar_dir
+
+ # Copy /tmp/foo local file to /tmp/bar in a remote pod in a specific container
+ kubectl cp /tmp/foo :/tmp/bar -c
+
+ # Copy /tmp/foo local file to /tmp/bar in a remote pod in namespace
+ kubectl cp /tmp/foo /:/tmp/bar
+
+ # Copy /tmp/foo from a remote pod to /tmp/bar locally
+ kubectl cp /:/tmp/foo /tmp/bar
+```
+
+### Options
+
+```
+ -c, --container string Container name. If omitted, the first container in the pod will be chosen
+```
+
+### Options inherited from parent commands
+
+```
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
+```
+
+
+
+###### Auto generated by spf13/cobra on 13-Dec-2016
+
+
+[]()
+
diff --git a/docs/user-guide/kubectl/kubectl_create.md b/docs/user-guide/kubectl/kubectl_create.md
index 95da4d6775..abadda07f6 100644
--- a/docs/user-guide/kubectl/kubectl_create.md
+++ b/docs/user-guide/kubectl/kubectl_create.md
@@ -1,4 +1,5 @@
---
+title: kubectl create
---
## kubectl create
@@ -8,7 +9,6 @@ Create a resource by filename or stdin
### Synopsis
-
Create a resource by filename or stdin.
JSON and YAML formats are accepted.
@@ -20,61 +20,68 @@ kubectl create -f FILENAME
### Examples
```
-
-# Create a pod using the data in pod.json.
-kubectl create -f ./pod.json
-
-# Create a pod based on the JSON passed into stdin.
-cat pod.json | kubectl create -f -
+ # Create a pod using the data in pod.json.
+ kubectl create -f ./pod.json
+
+ # Create a pod based on the JSON passed into stdin.
+ cat pod.json | kubectl create -f -
+
+ # Edit the data in docker-registry.yaml in JSON using the v1 API format then create the resource using the edited data.
+ kubectl create -f docker-registry.yaml --edit --output-version=v1 -o json
```
### Options
```
- -f, --filename value Filename, directory, or URL to file to use to create the resource (default [])
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
- -o, --output string Output mode. Use "-o name" for shorter output (resource/name).
+ --dry-run If true, only print the object that would be sent, without sending it.
+ --edit Edit the API resource before creating
+ -f, --filename stringSlice Filename, directory, or URL to files to use to create the resource
+ --no-headers When using the default or custom-column output format, don't print headers.
+ -o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
+ --output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
--record Record current kubectl command in the resource annotation. If set to false, do not record the command. If set to true, record the command. If not set, default to updating the existing annotation value only if one already exists.
-R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
--save-config If true, the configuration of current object will be saved in its annotation. This is useful when you want to perform kubectl apply on this object in the future.
--schema-cache-dir string If non-empty, load/store cached API schemas in this directory, default is '$HOME/.kube/schema' (default "~/.kube/schema")
+ -a, --show-all When printing, show all resources (default hide terminated pods.)
+ --show-labels When printing, show all labels as the last column (default hide labels column)
+ --sort-by string If non-empty, sort list types using this field specification. The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.
+ --template string Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
--validate If true, use a schema to validate the input before sending it (default true)
+ --windows-line-endings Only relevant if --edit=true. Use Windows line-endings (default Unix line-endings)
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_create_configmap.md b/docs/user-guide/kubectl/kubectl_create_configmap.md
index 2c733fc055..d5d147b465 100644
--- a/docs/user-guide/kubectl/kubectl_create_configmap.md
+++ b/docs/user-guide/kubectl/kubectl_create_configmap.md
@@ -1,4 +1,5 @@
---
+title: kubectl create configmap
---
## kubectl create configmap
@@ -8,18 +9,13 @@ Create a configmap from a local file, directory or literal value
### Synopsis
-
Create a configmap based on a file, directory, or specified literal value.
A single configmap may package one or more key/value pairs.
-When creating a configmap based on a file, the key will default to the basename of the file, and the value will
-default to the file content. If the basename is an invalid key, you may specify an alternate key.
-
-When creating a configmap based on a directory, each file whose basename is a valid key in the directory will be
-packaged into the configmap. Any directory entries except regular files are ignored (e.g. subdirectories,
-symlinks, devices, pipes, etc).
+When creating a configmap based on a file, the key will default to the basename of the file, and the value will default to the file content. If the basename is an invalid key, you may specify an alternate key.
+When creating a configmap based on a directory, each file whose basename is a valid key in the directory will be packaged into the configmap. Any directory entries except regular files are ignored (e.g. subdirectories, symlinks, devices, pipes, etc).
```
kubectl create configmap NAME [--from-file=[key=]source] [--from-literal=key1=value1] [--dry-run]
@@ -28,70 +24,66 @@ kubectl create configmap NAME [--from-file=[key=]source] [--from-literal=key1=va
### Examples
```
-
-# Create a new configmap named my-config with keys for each file in folder bar
-kubectl create configmap my-config --from-file=path/to/bar
-
-# Create a new configmap named my-config with specified keys instead of names on disk
-kubectl create configmap my-config --from-file=key1=/path/to/bar/file1.txt --from-file=key2=/path/to/bar/file2.txt
-
-# Create a new configmap named my-config with key1=config1 and key2=config2
-kubectl create configmap my-config --from-literal=key1=config1 --from-literal=key2=config2
+ # Create a new configmap named my-config with keys for each file in folder bar
+ kubectl create configmap my-config --from-file=path/to/bar
+
+ # Create a new configmap named my-config with specified keys instead of names on disk
+ kubectl create configmap my-config --from-file=key1=/path/to/bar/file1.txt --from-file=key2=/path/to/bar/file2.txt
+
+ # Create a new configmap named my-config with key1=config1 and key2=config2
+ kubectl create configmap my-config --from-literal=key1=config1 --from-literal=key2=config2
```
### Options
```
- --dry-run If true, only print the object that would be sent, without sending it.
- --from-file value Key files can be specified using their file path, in which case a default name will be given to them, or optionally with a name and file path, in which case the given name will be used. Specifying a directory will iterate each named file in the directory that is a valid configmap key. (default [])
- --from-literal value Specify a key and literal value to insert in configmap (i.e. mykey=somevalue) (default [])
- --generator string The name of the API generator to use. (default "configmap/v1")
- --no-headers When using the default or custom-column output format, don't print headers.
- -o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
- --output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
- --save-config If true, the configuration of current object will be saved in its annotation. This is useful when you want to perform kubectl apply on this object in the future.
- --schema-cache-dir string If non-empty, load/store cached API schemas in this directory, default is '$HOME/.kube/schema' (default "~/.kube/schema")
- -a, --show-all When printing, show all resources (default hide terminated pods.)
- --show-labels When printing, show all labels as the last column (default hide labels column)
- --sort-by string If non-empty, sort list types using this field specification. The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.
- --template string Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
- --validate If true, use a schema to validate the input before sending it (default true)
+ --dry-run If true, only print the object that would be sent, without sending it.
+ --from-file stringSlice Key files can be specified using their file path, in which case a default name will be given to them, or optionally with a name and file path, in which case the given name will be used. Specifying a directory will iterate each named file in the directory that is a valid configmap key.
+ --from-literal stringArray Specify a key and literal value to insert in configmap (i.e. mykey=somevalue)
+ --generator string The name of the API generator to use. (default "configmap/v1")
+ --no-headers When using the default or custom-column output format, don't print headers.
+ -o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
+ --output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
+ --save-config If true, the configuration of current object will be saved in its annotation. This is useful when you want to perform kubectl apply on this object in the future.
+ --schema-cache-dir string If non-empty, load/store cached API schemas in this directory, default is '$HOME/.kube/schema' (default "~/.kube/schema")
+ -a, --show-all When printing, show all resources (default hide terminated pods.)
+ --show-labels When printing, show all labels as the last column (default hide labels column)
+ --sort-by string If non-empty, sort list types using this field specification. The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.
+ --template string Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
+ --validate If true, use a schema to validate the input before sending it (default true)
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_create_deployment.md b/docs/user-guide/kubectl/kubectl_create_deployment.md
index 35c2707cd1..685d2dff2b 100644
--- a/docs/user-guide/kubectl/kubectl_create_deployment.md
+++ b/docs/user-guide/kubectl/kubectl_create_deployment.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl create deployment
Create a deployment with the specified name.
@@ -8,7 +7,6 @@ Create a deployment with the specified name.
### Synopsis
-
Create a deployment with the specified name.
```
@@ -18,9 +16,8 @@ kubectl create deployment NAME --image=image [--dry-run]
### Examples
```
-
-# Create a new deployment named my-dep that runs the busybox image.
-kubectl create deployment my-dep --image=busybox
+ # Create a new deployment named my-dep that runs the busybox image.
+ kubectl create deployment my-dep --image=busybox
```
### Options
@@ -28,7 +25,7 @@ kubectl create deployment my-dep --image=busybox
```
--dry-run If true, only print the object that would be sent, without sending it.
--generator string The name of the API generator to use. (default "deployment-basic/v1beta1")
- --image value Image name to run. (default [])
+ --image stringSlice Image name to run.
--no-headers When using the default or custom-column output format, don't print headers.
-o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
--output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
@@ -44,37 +41,34 @@ kubectl create deployment my-dep --image=busybox
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_create_namespace.md b/docs/user-guide/kubectl/kubectl_create_namespace.md
index fd46a53e5e..4d90219754 100644
--- a/docs/user-guide/kubectl/kubectl_create_namespace.md
+++ b/docs/user-guide/kubectl/kubectl_create_namespace.md
@@ -1,4 +1,5 @@
---
+title: kubectl create namespace
---
## kubectl create namespace
@@ -8,7 +9,6 @@ Create a namespace with the specified name
### Synopsis
-
Create a namespace with the specified name.
```
@@ -18,9 +18,8 @@ kubectl create namespace NAME [--dry-run]
### Examples
```
-
-# Create a new namespace named my-namespace
-kubectl create namespace my-namespace
+ # Create a new namespace named my-namespace
+ kubectl create namespace my-namespace
```
### Options
@@ -43,37 +42,34 @@ kubectl create namespace my-namespace
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_create_quota.md b/docs/user-guide/kubectl/kubectl_create_quota.md
index ec2e31a45b..e65e0725e4 100644
--- a/docs/user-guide/kubectl/kubectl_create_quota.md
+++ b/docs/user-guide/kubectl/kubectl_create_quota.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl create quota
Create a quota with the specified name.
@@ -8,7 +7,6 @@ Create a quota with the specified name.
### Synopsis
-
Create a resourcequota with the specified name, hard limits and optional scopes
```
@@ -18,10 +16,10 @@ kubectl create quota NAME [--hard=key1=value1,key2=value2] [--scopes=Scope1,Scop
### Examples
```
- // Create a new resourcequota named my-quota
+ # Create a new resourcequota named my-quota
$ kubectl create quota my-quota --hard=cpu=1,memory=1G,pods=2,services=3,replicationcontrollers=2,resourcequotas=1,secrets=5,persistentvolumeclaims=10
-
- // Create a new resourcequota named best-effort
+
+ # Create a new resourcequota named best-effort
$ kubectl create quota best-effort --hard=pods=100 --scopes=BestEffort
```
@@ -47,37 +45,34 @@ kubectl create quota NAME [--hard=key1=value1,key2=value2] [--scopes=Scope1,Scop
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_create_secret.md b/docs/user-guide/kubectl/kubectl_create_secret.md
index f9f80c8740..965bb16832 100644
--- a/docs/user-guide/kubectl/kubectl_create_secret.md
+++ b/docs/user-guide/kubectl/kubectl_create_secret.md
@@ -1,4 +1,5 @@
---
+title: kubectl create secret
---
## kubectl create secret
@@ -17,37 +18,34 @@ kubectl create secret
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_create_secret_docker-registry.md b/docs/user-guide/kubectl/kubectl_create_secret_docker-registry.md
index 18c2eba2dd..fa37d3fd48 100644
--- a/docs/user-guide/kubectl/kubectl_create_secret_docker-registry.md
+++ b/docs/user-guide/kubectl/kubectl_create_secret_docker-registry.md
@@ -1,4 +1,5 @@
---
+title: kubectl create secret docker-registry
---
## kubectl create secret docker-registry
@@ -8,19 +9,17 @@ Create a secret for use with a Docker registry
### Synopsis
-
Create a new secret for use with Docker registries.
Dockercfg secrets are used to authenticate against Docker registries.
When using the Docker command line to push images, you can authenticate to a given registry by running
- 'docker login DOCKER_REGISTRY_SERVER --username=DOCKER_USER --password=DOCKER_PASSWORD --email=DOCKER_EMAIL'.
-That produces a ~/.dockercfg file that is used by subsequent 'docker push' and 'docker pull' commands to
-authenticate to the registry.
-When creating applications, you may have a Docker registry that requires authentication. In order for the
-nodes to pull images on your behalf, they have to have the credentials. You can provide this information
-by creating a dockercfg secret and attaching it to your service account.
+ $ docker login DOCKER_REGISTRY_SERVER --username=DOCKER_USER --password=DOCKER_PASSWORD --email=DOCKER_EMAIL'.
+
+That produces a ~/.dockercfg file that is used by subsequent 'docker push' and 'docker pull' commands to authenticate to the registry.
+
+When creating applications, you may have a Docker registry that requires authentication. In order for the nodes to pull images on your behalf, they have to have the credentials. You can provide this information by creating a dockercfg secret and attaching it to your service account.
```
kubectl create secret docker-registry NAME --docker-username=user --docker-password=password --docker-email=email [--docker-server=string] [--from-literal=key1=value1] [--dry-run]
@@ -29,9 +28,8 @@ kubectl create secret docker-registry NAME --docker-username=user --docker-passw
### Examples
```
-
-# If you don't already have a .dockercfg file, you can create a dockercfg secret directly by using:
-kubectl create secret docker-registry my-secret --docker-server=DOCKER_REGISTRY_SERVER --docker-username=DOCKER_USER --docker-password=DOCKER_PASSWORD --docker-email=DOCKER_EMAIL
+ # If you don't already have a .dockercfg file, you can create a dockercfg secret directly by using:
+ kubectl create secret docker-registry my-secret --docker-server=DOCKER_REGISTRY_SERVER --docker-username=DOCKER_USER --docker-password=DOCKER_PASSWORD --docker-email=DOCKER_EMAIL
```
### Options
@@ -43,7 +41,6 @@ kubectl create secret docker-registry my-secret --docker-server=DOCKER_REGISTRY_
--docker-username string Username for Docker registry authentication
--dry-run If true, only print the object that would be sent, without sending it.
--generator string The name of the API generator to use. (default "secret-for-docker-registry/v1")
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
--no-headers When using the default or custom-column output format, don't print headers.
-o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
--output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
@@ -59,37 +56,34 @@ kubectl create secret docker-registry my-secret --docker-server=DOCKER_REGISTRY_
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_create_secret_generic.md b/docs/user-guide/kubectl/kubectl_create_secret_generic.md
index c81404e954..4bddfad2b1 100644
--- a/docs/user-guide/kubectl/kubectl_create_secret_generic.md
+++ b/docs/user-guide/kubectl/kubectl_create_secret_generic.md
@@ -1,4 +1,5 @@
---
+title: kubectl create secret generic
---
## kubectl create secret generic
@@ -8,18 +9,13 @@ Create a secret from a local file, directory or literal value
### Synopsis
-
Create a secret based on a file, directory, or specified literal value.
A single secret may package one or more key/value pairs.
-When creating a secret based on a file, the key will default to the basename of the file, and the value will
-default to the file content. If the basename is an invalid key, you may specify an alternate key.
-
-When creating a secret based on a directory, each file whose basename is a valid key in the directory will be
-packaged into the secret. Any directory entries except regular files are ignored (e.g. subdirectories,
-symlinks, devices, pipes, etc).
+When creating a secret based on a file, the key will default to the basename of the file, and the value will default to the file content. If the basename is an invalid key, you may specify an alternate key.
+When creating a secret based on a directory, each file whose basename is a valid key in the directory will be packaged into the secret. Any directory entries except regular files are ignored (e.g. subdirectories, symlinks, devices, pipes, etc).
```
kubectl create secret generic NAME [--type=string] [--from-file=[key=]source] [--from-literal=key1=value1] [--dry-run]
@@ -28,71 +24,67 @@ kubectl create secret generic NAME [--type=string] [--from-file=[key=]source] [-
### Examples
```
-
-# Create a new secret named my-secret with keys for each file in folder bar
-kubectl create secret generic my-secret --from-file=path/to/bar
-
-# Create a new secret named my-secret with specified keys instead of names on disk
-kubectl create secret generic my-secret --from-file=ssh-privatekey=~/.ssh/id_rsa --from-file=ssh-publickey=~/.ssh/id_rsa.pub
-
-# Create a new secret named my-secret with key1=supersecret and key2=topsecret
-kubectl create secret generic my-secret --from-literal=key1=supersecret --from-literal=key2=topsecret
+ # Create a new secret named my-secret with keys for each file in folder bar
+ kubectl create secret generic my-secret --from-file=path/to/bar
+
+ # Create a new secret named my-secret with specified keys instead of names on disk
+ kubectl create secret generic my-secret --from-file=ssh-privatekey=~/.ssh/id_rsa --from-file=ssh-publickey=~/.ssh/id_rsa.pub
+
+ # Create a new secret named my-secret with key1=supersecret and key2=topsecret
+ kubectl create secret generic my-secret --from-literal=key1=supersecret --from-literal=key2=topsecret
```
### Options
```
- --dry-run If true, only print the object that would be sent, without sending it.
- --from-file value Key files can be specified using their file path, in which case a default name will be given to them, or optionally with a name and file path, in which case the given name will be used. Specifying a directory will iterate each named file in the directory that is a valid secret key. (default [])
- --from-literal value Specify a key and literal value to insert in secret (i.e. mykey=somevalue) (default [])
- --generator string The name of the API generator to use. (default "secret/v1")
- --no-headers When using the default or custom-column output format, don't print headers.
- -o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
- --output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
- --save-config If true, the configuration of current object will be saved in its annotation. This is useful when you want to perform kubectl apply on this object in the future.
- --schema-cache-dir string If non-empty, load/store cached API schemas in this directory, default is '$HOME/.kube/schema' (default "~/.kube/schema")
- -a, --show-all When printing, show all resources (default hide terminated pods.)
- --show-labels When printing, show all labels as the last column (default hide labels column)
- --sort-by string If non-empty, sort list types using this field specification. The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.
- --template string Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
- --type string The type of secret to create
- --validate If true, use a schema to validate the input before sending it (default true)
+ --dry-run If true, only print the object that would be sent, without sending it.
+ --from-file stringSlice Key files can be specified using their file path, in which case a default name will be given to them, or optionally with a name and file path, in which case the given name will be used. Specifying a directory will iterate each named file in the directory that is a valid secret key.
+ --from-literal stringSlice Specify a key and literal value to insert in secret (i.e. mykey=somevalue)
+ --generator string The name of the API generator to use. (default "secret/v1")
+ --no-headers When using the default or custom-column output format, don't print headers.
+ -o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
+ --output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
+ --save-config If true, the configuration of current object will be saved in its annotation. This is useful when you want to perform kubectl apply on this object in the future.
+ --schema-cache-dir string If non-empty, load/store cached API schemas in this directory, default is '$HOME/.kube/schema' (default "~/.kube/schema")
+ -a, --show-all When printing, show all resources (default hide terminated pods.)
+ --show-labels When printing, show all labels as the last column (default hide labels column)
+ --sort-by string If non-empty, sort list types using this field specification. The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.
+ --template string Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
+ --type string The type of secret to create
+ --validate If true, use a schema to validate the input before sending it (default true)
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_create_secret_tls.md b/docs/user-guide/kubectl/kubectl_create_secret_tls.md
index 0e3badb512..06348dfedc 100644
--- a/docs/user-guide/kubectl/kubectl_create_secret_tls.md
+++ b/docs/user-guide/kubectl/kubectl_create_secret_tls.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl create secret tls
Create a TLS secret
@@ -8,7 +7,6 @@ Create a TLS secret
### Synopsis
-
Create a TLS secret from the given public/private key pair.
The public/private key pair must exist before hand. The public key certificate must be .PEM encoded and match the given private key.
@@ -20,9 +18,8 @@ kubectl create secret tls NAME --cert=path/to/cert/file --key=path/to/key/file [
### Examples
```
-
-# Create a new TLS secret named tls-secret with the given key pair:
-kubectl create secret tls tls-secret --cert=path/to/tls.cert --key=path/to/tls.key
+ # Create a new TLS secret named tls-secret with the given key pair:
+ kubectl create secret tls tls-secret --cert=path/to/tls.cert --key=path/to/tls.key
```
### Options
@@ -47,37 +44,34 @@ kubectl create secret tls tls-secret --cert=path/to/tls.cert --key=path/to/tls.k
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_create_service.md b/docs/user-guide/kubectl/kubectl_create_service.md
index 5183e75de7..d172e9fad9 100644
--- a/docs/user-guide/kubectl/kubectl_create_service.md
+++ b/docs/user-guide/kubectl/kubectl_create_service.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl create service
Create a service using specified subcommand.
@@ -17,37 +16,34 @@ kubectl create service
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_create_service_clusterip.md b/docs/user-guide/kubectl/kubectl_create_service_clusterip.md
index d1a86da92b..367f3c8956 100644
--- a/docs/user-guide/kubectl/kubectl_create_service_clusterip.md
+++ b/docs/user-guide/kubectl/kubectl_create_service_clusterip.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl create service clusterip
Create a clusterIP service.
@@ -8,7 +7,6 @@ Create a clusterIP service.
### Synopsis
-
Create a clusterIP service with the specified name.
```
@@ -18,12 +16,11 @@ kubectl create service clusterip NAME [--tcp=:] [--dry-run]
### Examples
```
-
-# Create a new clusterIP service named my-cs
-kubectl create service clusterip my-cs --tcp=5678:8080
-
-# Create a new clusterIP service named my-cs (in headless mode)
-kubectl create service clusterip my-cs --clusterip="None"
+ # Create a new clusterIP service named my-cs
+ kubectl create service clusterip my-cs --tcp=5678:8080
+
+ # Create a new clusterIP service named my-cs (in headless mode)
+ kubectl create service clusterip my-cs --clusterip="None"
```
### Options
@@ -40,7 +37,7 @@ kubectl create service clusterip my-cs --clusterip="None"
-a, --show-all When printing, show all resources (default hide terminated pods.)
--show-labels When printing, show all labels as the last column (default hide labels column)
--sort-by string If non-empty, sort list types using this field specification. The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.
- --tcp value Port pairs can be specified as ':'. (default [])
+ --tcp stringSlice Port pairs can be specified as ':'.
--template string Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
--validate If true, use a schema to validate the input before sending it (default true)
```
@@ -48,37 +45,34 @@ kubectl create service clusterip my-cs --clusterip="None"
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_create_service_loadbalancer.md b/docs/user-guide/kubectl/kubectl_create_service_loadbalancer.md
index 83d60f0584..c8d708c81c 100644
--- a/docs/user-guide/kubectl/kubectl_create_service_loadbalancer.md
+++ b/docs/user-guide/kubectl/kubectl_create_service_loadbalancer.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl create service loadbalancer
Create a LoadBalancer service.
@@ -8,7 +7,6 @@ Create a LoadBalancer service.
### Synopsis
-
Create a LoadBalancer service with the specified name.
```
@@ -18,9 +16,8 @@ kubectl create service loadbalancer NAME [--tcp=port:targetPort] [--dry-run]
### Examples
```
-
-# Create a new nodeport service named my-lbs
-kubectl create service loadbalancer my-lbs --tcp=5678:8080
+ # Create a new LoadBalancer service named my-lbs
+ kubectl create service loadbalancer my-lbs --tcp=5678:8080
```
### Options
@@ -36,7 +33,7 @@ kubectl create service loadbalancer my-lbs --tcp=5678:8080
-a, --show-all When printing, show all resources (default hide terminated pods.)
--show-labels When printing, show all labels as the last column (default hide labels column)
--sort-by string If non-empty, sort list types using this field specification. The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.
- --tcp value Port pairs can be specified as ':'. (default [])
+ --tcp stringSlice Port pairs can be specified as ':'.
--template string Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
--validate If true, use a schema to validate the input before sending it (default true)
```
@@ -44,37 +41,34 @@ kubectl create service loadbalancer my-lbs --tcp=5678:8080
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_create_service_nodeport.md b/docs/user-guide/kubectl/kubectl_create_service_nodeport.md
index 38822d879a..3be99298d1 100644
--- a/docs/user-guide/kubectl/kubectl_create_service_nodeport.md
+++ b/docs/user-guide/kubectl/kubectl_create_service_nodeport.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl create service nodeport
Create a NodePort service.
@@ -8,7 +7,6 @@ Create a NodePort service.
### Synopsis
-
Create a nodeport service with the specified name.
```
@@ -18,9 +16,8 @@ kubectl create service nodeport NAME [--tcp=port:targetPort] [--dry-run]
### Examples
```
-
-# Create a new nodeport service named my-ns
-kubectl create service nodeport my-ns --tcp=5678:8080
+ # Create a new nodeport service named my-ns
+ kubectl create service nodeport my-ns --tcp=5678:8080
```
### Options
@@ -29,6 +26,7 @@ kubectl create service nodeport my-ns --tcp=5678:8080
--dry-run If true, only print the object that would be sent, without sending it.
--generator string The name of the API generator to use. (default "service-nodeport/v1")
--no-headers When using the default or custom-column output format, don't print headers.
+ --node-port int Port used to expose the service on each node in a cluster.
-o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
--output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
--save-config If true, the configuration of current object will be saved in its annotation. This is useful when you want to perform kubectl apply on this object in the future.
@@ -36,7 +34,7 @@ kubectl create service nodeport my-ns --tcp=5678:8080
-a, --show-all When printing, show all resources (default hide terminated pods.)
--show-labels When printing, show all labels as the last column (default hide labels column)
--sort-by string If non-empty, sort list types using this field specification. The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.
- --tcp value Port pairs can be specified as ':'. (default [])
+ --tcp stringSlice Port pairs can be specified as ':'.
--template string Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
--validate If true, use a schema to validate the input before sending it (default true)
```
@@ -44,37 +42,34 @@ kubectl create service nodeport my-ns --tcp=5678:8080
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_create_serviceaccount.md b/docs/user-guide/kubectl/kubectl_create_serviceaccount.md
index 20490abfc2..3deab7f566 100644
--- a/docs/user-guide/kubectl/kubectl_create_serviceaccount.md
+++ b/docs/user-guide/kubectl/kubectl_create_serviceaccount.md
@@ -1,4 +1,5 @@
---
+title: kubectl create serviceaccount
---
## kubectl create serviceaccount
@@ -8,7 +9,6 @@ Create a service account with the specified name
### Synopsis
-
Create a service account with the specified name.
```
@@ -18,9 +18,8 @@ kubectl create serviceaccount NAME [--dry-run]
### Examples
```
-
-# Create a new service account named my-service-account
-$ kubectl create serviceaccount my-service-account
+ # Create a new service account named my-service-account
+ $ kubectl create serviceaccount my-service-account
```
### Options
@@ -28,7 +27,6 @@ $ kubectl create serviceaccount my-service-account
```
--dry-run If true, only print the object that would be sent, without sending it.
--generator string The name of the API generator to use. (default "serviceaccount/v1")
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
--no-headers When using the default or custom-column output format, don't print headers.
-o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
--output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
@@ -44,37 +42,34 @@ $ kubectl create serviceaccount my-service-account
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_delete.md b/docs/user-guide/kubectl/kubectl_delete.md
index 585ccee091..ddca437942 100644
--- a/docs/user-guide/kubectl/kubectl_delete.md
+++ b/docs/user-guide/kubectl/kubectl_delete.md
@@ -1,4 +1,5 @@
---
+title: kubectl delete
---
## kubectl delete
@@ -8,16 +9,15 @@ Delete resources by filenames, stdin, resources and names, or by resources and l
### Synopsis
-
Delete resources by filenames, stdin, resources and names, or by resources and label selector.
-JSON and YAML formats are accepted.
+JSON and YAML formats are accepted. Only one type of the arguments may be specified: filenames, resources and names, or resources and label selector.
-Only one type of the arguments may be specified: filenames, resources and names, or resources and label selector
+Some resources, such as pods, support graceful deletion. These resources define a default period before they are forcibly terminated (the grace period) but you may override that value with the --grace-period flag, or pass --now to set a grace-period of 1. Because these resources often represent entities in the cluster, deletion may not be acknowledged immediately. If the node hosting a pod is down or cannot reach the API server, termination may take significantly longer than the grace period. To force delete a resource, you must pass a grace period of 0 and specify the --force flag.
-Note that the delete command does NOT do resource version checks, so if someone
-submits an update to a resource right when you submit a delete, their update
-will be lost along with the rest of the resource.
+IMPORTANT: Force deleting pods does not wait for confirmation that the pod's processes have been terminated, which can leave those processes running until the node detects the deletion and completes graceful deletion. If your processes use shared storage or talk to a remote API and depend on the name of the pod to identify themselves, force deleting those pods may result in multiple processes running on different machines using the same identification which may lead to data corruption or inconsistency. Only force delete pods when you are sure the pod is terminated, or if your application can tolerate multiple copies of the same pod running at once. Also, if you force delete pods the scheduler may place new pods on those nodes before the node has released those resources and causing those pods to be evicted immediately.
+
+Note that the delete command does NOT do resource version checks, so if someone submits an update to a resource right when you submit a delete, their update will be lost along with the rest of the resource.
```
kubectl delete ([-f FILENAME] | TYPE [(NAME | -l label | --all)])
@@ -26,79 +26,78 @@ kubectl delete ([-f FILENAME] | TYPE [(NAME | -l label | --all)])
### Examples
```
-
-# Delete a pod using the type and name specified in pod.json.
-kubectl delete -f ./pod.json
-
-# Delete a pod based on the type and name in the JSON passed into stdin.
-cat pod.json | kubectl delete -f -
-
-# Delete pods and services with same names "baz" and "foo"
-kubectl delete pod,service baz foo
-
-# Delete pods and services with label name=myLabel.
-kubectl delete pods,services -l name=myLabel
-
-# Delete a pod immediately (no graceful shutdown)
-kubectl delete pod foo --now
-
-# Delete a pod with UID 1234-56-7890-234234-456456.
-kubectl delete pod 1234-56-7890-234234-456456
-
-# Delete all pods
-kubectl delete pods --all
+ # Delete a pod using the type and name specified in pod.json.
+ kubectl delete -f ./pod.json
+
+ # Delete a pod based on the type and name in the JSON passed into stdin.
+ cat pod.json | kubectl delete -f -
+
+ # Delete pods and services with same names "baz" and "foo"
+ kubectl delete pod,service baz foo
+
+ # Delete pods and services with label name=myLabel.
+ kubectl delete pods,services -l name=myLabel
+
+ # Delete a pod with minimal delay
+ kubectl delete pod foo --now
+
+ # Force delete a pod on a dead node
+ kubectl delete pod foo --grace-period=0 --force
+
+ # Delete a pod with UID 1234-56-7890-234234-456456.
+ kubectl delete pod 1234-56-7890-234234-456456
+
+ # Delete all pods
+ kubectl delete pods --all
```
### Options
```
- --all [-all] to select all the specified resources.
- --cascade If true, cascade the deletion of the resources managed by this resource (e.g. Pods created by a ReplicationController). Default true. (default true)
- -f, --filename value Filename, directory, or URL to a file containing the resource to delete. (default [])
- --grace-period int Period of time in seconds given to the resource to terminate gracefully. Ignored if negative. (default -1)
- --ignore-not-found Treat "resource not found" as a successful delete. Defaults to "true" when --all is specified.
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
- --now If true, resources are force terminated without graceful deletion (same as --grace-period=0).
- -o, --output string Output mode. Use "-o name" for shorter output (resource/name).
- -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
- -l, --selector string Selector (label query) to filter on.
- --timeout duration The length of time to wait before giving up on a delete, zero means determine a timeout from the size of the object (default 0s)
+ --all [-all] to select all the specified resources.
+ --cascade If true, cascade the deletion of the resources managed by this resource (e.g. Pods created by a ReplicationController). Default true. (default true)
+ -f, --filename stringSlice Filename, directory, or URL to files containing the resource to delete.
+ --force Immediate deletion of some resources may result in inconsistency or data loss and requires confirmation.
+ --grace-period int Period of time in seconds given to the resource to terminate gracefully. Ignored if negative. (default -1)
+ --ignore-not-found Treat "resource not found" as a successful delete. Defaults to "true" when --all is specified.
+ --now If true, resources are signaled for immediate shutdown (same as --grace-period=1).
+ -o, --output string Output mode. Use "-o name" for shorter output (resource/name).
+ -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
+ -l, --selector string Selector (label query) to filter on.
+ --timeout duration The length of time to wait before giving up on a delete, zero means determine a timeout from the size of the object
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_describe.md b/docs/user-guide/kubectl/kubectl_describe.md
index e34a2e4d9f..a5fd703d73 100644
--- a/docs/user-guide/kubectl/kubectl_describe.md
+++ b/docs/user-guide/kubectl/kubectl_describe.md
@@ -1,4 +1,5 @@
---
+title: kubectl describe
---
## kubectl describe
@@ -8,42 +9,42 @@ Show details of a specific resource or group of resources
### Synopsis
+Show details of a specific resource or group of resources. This command joins many API calls together to form a detailed description of a given resource or group of resources.
-Show details of a specific resource or group of resources.
-This command joins many API calls together to form a detailed description of a
-given resource or group of resources.
+ $ kubectl describe TYPE NAME_PREFIX
-$ kubectl describe TYPE NAME_PREFIX
-
-will first check for an exact match on TYPE and NAME_PREFIX. If no such resource
-exists, it will output details for every resource that has a name prefixed with NAME_PREFIX.
+will first check for an exact match on TYPE and NAME PREFIX. If no such resource exists, it will output details for every resource that has a name prefixed with NAME PREFIX.
Valid resource types include:
- * clusters (valid only for federation apiservers)
- * componentstatuses (aka 'cs')
- * configmaps (aka 'cm')
- * daemonsets (aka 'ds')
- * deployments (aka 'deploy')
- * events (aka 'ev')
- * endpoints (aka 'ep')
- * horizontalpodautoscalers (aka 'hpa')
- * ingress (aka 'ing')
- * jobs
- * limitranges (aka 'limits')
- * nodes (aka 'no')
- * namespaces (aka 'ns')
- * petsets (alpha feature, may be unstable)
- * pods (aka 'po')
- * persistentvolumes (aka 'pv')
- * persistentvolumeclaims (aka 'pvc')
- * quota
- * resourcequotas (aka 'quota')
- * replicasets (aka 'rs')
- * replicationcontrollers (aka 'rc')
- * secrets
- * serviceaccounts (aka 'sa')
- * services (aka 'svc')
+ * clusters (valid only for federation apiservers)
+ * componentstatuses (aka 'cs')
+ * configmaps (aka 'cm')
+ * daemonsets (aka 'ds')
+ * deployments (aka 'deploy')
+ * endpoints (aka 'ep')
+ * events (aka 'ev')
+ * horizontalpodautoscalers (aka 'hpa')
+ * ingresses (aka 'ing')
+ * jobs
+ * limitranges (aka 'limits')
+ * namespaces (aka 'ns')
+ * networkpolicies
+ * nodes (aka 'no')
+ * persistentvolumeclaims (aka 'pvc')
+ * persistentvolumes (aka 'pv')
+ * pods (aka 'po')
+ * podsecuritypolicies (aka 'psp')
+ * podtemplates
+ * replicasets (aka 'rs')
+ * replicationcontrollers (aka 'rc')
+ * resourcequotas (aka 'quota')
+ * secrets
+ * serviceaccounts (aka 'sa')
+ * services (aka 'svc')
+ * statefulsets
+ * storageclasses
+ * thirdpartyresources
```
kubectl describe (-f FILENAME | TYPE [NAME_PREFIX | -l label] | TYPE/NAME)
@@ -52,72 +53,67 @@ kubectl describe (-f FILENAME | TYPE [NAME_PREFIX | -l label] | TYPE/NAME)
### Examples
```
-
-# Describe a node
-kubectl describe nodes kubernetes-minion-emt8.c.myproject.internal
-
-# Describe a pod
-kubectl describe pods/nginx
-
-# Describe a pod identified by type and name in "pod.json"
-kubectl describe -f pod.json
-
-# Describe all pods
-kubectl describe pods
-
-# Describe pods by label name=myLabel
-kubectl describe po -l name=myLabel
-
-# Describe all pods managed by the 'frontend' replication controller (rc-created pods
-# get the name of the rc as a prefix in the pod the name).
-kubectl describe pods frontend
+ # Describe a node
+ kubectl describe nodes kubernetes-node-emt8.c.myproject.internal
+
+ # Describe a pod
+ kubectl describe pods/nginx
+
+ # Describe a pod identified by type and name in "pod.json"
+ kubectl describe -f pod.json
+
+ # Describe all pods
+ kubectl describe pods
+
+ # Describe pods by label name=myLabel
+ kubectl describe po -l name=myLabel
+
+ # Describe all pods managed by the 'frontend' replication controller (rc-created pods
+ # get the name of the rc as a prefix in the pod the name).
+ kubectl describe pods frontend
```
### Options
```
- --all-namespaces If present, list the requested object(s) across all namespaces. Namespace in current context is ignored even if specified with --namespace.
- -f, --filename value Filename, directory, or URL to a file containing the resource to describe (default [])
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
- -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
- -l, --selector string Selector (label query) to filter on
- --show-events If true, display events related to the described object. (default true)
+ --all-namespaces If present, list the requested object(s) across all namespaces. Namespace in current context is ignored even if specified with --namespace.
+ -f, --filename stringSlice Filename, directory, or URL to files containing the resource to describe
+ -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
+ -l, --selector string Selector (label query) to filter on
+ --show-events If true, display events related to the described object. (default true)
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_drain.md b/docs/user-guide/kubectl/kubectl_drain.md
index 26e61779a0..712af40af7 100644
--- a/docs/user-guide/kubectl/kubectl_drain.md
+++ b/docs/user-guide/kubectl/kubectl_drain.md
@@ -1,4 +1,5 @@
---
+title: kubectl drain
---
## kubectl drain
@@ -8,24 +9,15 @@ Drain node in preparation for maintenance
### Synopsis
-
Drain node in preparation for maintenance.
-The given node will be marked unschedulable to prevent new pods from arriving.
-Then drain deletes all pods except mirror pods (which cannot be deleted through
-the API server). If there are DaemonSet-managed pods, drain will not proceed
-without --ignore-daemonsets, and regardless it will not delete any
-DaemonSet-managed pods, because those pods would be immediately replaced by the
-DaemonSet controller, which ignores unschedulable markings. If there are any
-pods that are neither mirror pods nor managed--by ReplicationController,
-ReplicaSet, DaemonSet or Job--, then drain will not delete any pods unless you
-use --force.
+The given node will be marked unschedulable to prevent new pods from arriving. 'drain' evicts the pods if the APIServer supports eviciton (http://kubernetes.io/docs/admin/disruptions/). Otherwise, it will use normal DELETE to delete the pods. The 'drain' evicts or deletes all pods except mirror pods (which cannot be deleted through the API server). If there are DaemonSet-managed pods, drain will not proceed without --ignore-daemonsets, and regardless it will not delete any DaemonSet-managed pods, because those pods would be immediately replaced by the DaemonSet controller, which ignores unschedulable markings. If there are any pods that are neither mirror pods nor managed by ReplicationController, ReplicaSet, DaemonSet, StatefulSet or Job, then drain will not delete any pods unless you use --force.
-When you are ready to put the node back into service, use kubectl uncordon, which
-will make the node schedulable again.
+'drain' waits for graceful termination. You should not operate on the machine until the command completes.
-
+When you are ready to put the node back into service, use kubectl uncordon, which will make the node schedulable again.
+! http://kubernetes.io/images/docs/kubectl_drain.svg
```
kubectl drain NODE
@@ -34,58 +26,54 @@ kubectl drain NODE
### Examples
```
-
-# Drain node "foo", even if there are pods not managed by a ReplicationController, ReplicaSet, Job, or DaemonSet on it.
-$ kubectl drain foo --force
-
-# As above, but abort if there are pods not managed by a ReplicationController, ReplicaSet, Job, or DaemonSet, and use a grace period of 15 minutes.
-$ kubectl drain foo --grace-period=900
-
+ # Drain node "foo", even if there are pods not managed by a ReplicationController, ReplicaSet, Job, DaemonSet or StatefulSet on it.
+ $ kubectl drain foo --force
+
+ # As above, but abort if there are pods not managed by a ReplicationController, ReplicaSet, Job, DaemonSet or StatefulSet, and use a grace period of 15 minutes.
+ $ kubectl drain foo --grace-period=900
```
### Options
```
--delete-local-data Continue even if there are pods using emptyDir (local data that will be deleted when the node is drained).
- --force Continue even if there are pods not managed by a ReplicationController, ReplicaSet, Job, or DaemonSet.
+ --force Continue even if there are pods not managed by a ReplicationController, ReplicaSet, Job, DaemonSet or StatefulSet.
--grace-period int Period of time in seconds given to each pod to terminate gracefully. If negative, the default value specified in the pod will be used. (default -1)
--ignore-daemonsets Ignore DaemonSet-managed pods.
+ --timeout duration The length of time to wait before giving up, zero means infinite
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_edit.md b/docs/user-guide/kubectl/kubectl_edit.md
index dc626b9440..bff3f7cd67 100644
--- a/docs/user-guide/kubectl/kubectl_edit.md
+++ b/docs/user-guide/kubectl/kubectl_edit.md
@@ -1,4 +1,5 @@
---
+title: kubectl edit
---
## kubectl edit
@@ -8,26 +9,13 @@ Edit a resource on the server
### Synopsis
-
Edit a resource from the default editor.
-The edit command allows you to directly edit any API resource you can retrieve via the
-command line tools. It will open the editor defined by your KUBE_EDITOR, or EDITOR
-environment variables, or fall back to 'vi' for Linux or 'notepad' for Windows.
-You can edit multiple objects, although changes are applied one at a time. The command
-accepts filenames as well as command line arguments, although the files you point to must
-be previously saved versions of resources.
+The edit command allows you to directly edit any API resource you can retrieve via the command line tools. It will open the editor defined by your KUBE _EDITOR, or EDITOR environment variables, or fall back to 'vi' for Linux or 'notepad' for Windows. You can edit multiple objects, although changes are applied one at a time. The command accepts filenames as well as command line arguments, although the files you point to must be previously saved versions of resources.
-The files to edit will be output in the default API version, or a version specified
-by --output-version. The default format is YAML - if you would like to edit in JSON
-pass -o json. The flag --windows-line-endings can be used to force Windows line endings,
-otherwise the default for your operating system will be used.
+The files to edit will be output in the default API version, or a version specified by --output-version. The default format is YAML - if you would like to edit in JSON pass -o json. The flag --windows-line-endings can be used to force Windows line endings, otherwise the default for your operating system will be used.
-In the event an error occurs while updating, a temporary file will be created on disk
-that contains your unapplied changes. The most common error when updating a resource
-is another editor changing the resource on the server. When this occurs, you will have
-to apply your changes to the newer version of the resource, or update your temporary
-saved copy to include the latest resource version.
+In the event an error occurs while updating, a temporary file will be created on disk that contains your unapplied changes. The most common error when updating a resource is another editor changing the resource on the server. When this occurs, you will have to apply your changes to the newer version of the resource, or update your temporary saved copy to include the latest resource version.
```
kubectl edit (RESOURCE/NAME | -f FILENAME)
@@ -36,22 +24,20 @@ kubectl edit (RESOURCE/NAME | -f FILENAME)
### Examples
```
-
-# Edit the service named 'docker-registry':
-kubectl edit svc/docker-registry
-
-# Use an alternative editor
-KUBE_EDITOR="nano" kubectl edit svc/docker-registry
-
-# Edit the service 'docker-registry' in JSON using the v1 API format:
-kubectl edit svc/docker-registry --output-version=v1 -o json
+ # Edit the service named 'docker-registry':
+ kubectl edit svc/docker-registry
+
+ # Use an alternative editor
+ KUBE_EDITOR="nano" kubectl edit svc/docker-registry
+
+ # Edit the service 'docker-registry' in JSON using the v1 API format:
+ kubectl edit svc/docker-registry --output-version=v1 -o json
```
### Options
```
- -f, --filename value Filename, directory, or URL to file to use to edit the resource (default [])
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
+ -f, --filename stringSlice Filename, directory, or URL to files to use to edit the resource
-o, --output string Output format. One of: yaml|json. (default "yaml")
--output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
--record Record current kubectl command in the resource annotation. If set to false, do not record the command. If set to true, record the command. If not set, default to updating the existing annotation value only if one already exists.
@@ -65,37 +51,34 @@ kubectl edit svc/docker-registry --output-version=v1 -o json
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_exec.md b/docs/user-guide/kubectl/kubectl_exec.md
index 94bbd4bff0..8a64cd7bcf 100644
--- a/docs/user-guide/kubectl/kubectl_exec.md
+++ b/docs/user-guide/kubectl/kubectl_exec.md
@@ -1,4 +1,5 @@
---
+title: kubectl exec
---
## kubectl exec
@@ -17,16 +18,15 @@ kubectl exec POD [-c CONTAINER] -- COMMAND [args...]
### Examples
```
-
-# Get output from running 'date' from pod 123456-7890, using the first container by default
-kubectl exec 123456-7890 date
-
-# Get output from running 'date' in ruby-container from pod 123456-7890
-kubectl exec 123456-7890 -c ruby-container date
-
-# Switch to raw terminal mode, sends stdin to 'bash' in ruby-container from pod 123456-7890
-# and sends stdout/stderr from 'bash' back to the client
-kubectl exec 123456-7890 -c ruby-container -i -t -- bash -il
+ # Get output from running 'date' from pod 123456-7890, using the first container by default
+ kubectl exec 123456-7890 date
+
+ # Get output from running 'date' in ruby-container from pod 123456-7890
+ kubectl exec 123456-7890 -c ruby-container date
+
+ # Switch to raw terminal mode, sends stdin to 'bash' in ruby-container from pod 123456-7890
+ # and sends stdout/stderr from 'bash' back to the client
+ kubectl exec 123456-7890 -c ruby-container -i -t -- bash -il
```
### Options
@@ -41,37 +41,34 @@ kubectl exec 123456-7890 -c ruby-container -i -t -- bash -il
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_explain.md b/docs/user-guide/kubectl/kubectl_explain.md
index 70f52d6ee4..60523fdc9f 100644
--- a/docs/user-guide/kubectl/kubectl_explain.md
+++ b/docs/user-guide/kubectl/kubectl_explain.md
@@ -1,4 +1,5 @@
---
+title: kubectl explain
---
## kubectl explain
@@ -8,35 +9,38 @@ Documentation of resources
### Synopsis
-
Documentation of resources.
Valid resource types include:
- * clusters (valid only for federation apiservers)
- * componentstatuses (aka 'cs')
- * configmaps (aka 'cm')
- * daemonsets (aka 'ds')
- * deployments (aka 'deploy')
- * events (aka 'ev')
- * endpoints (aka 'ep')
- * horizontalpodautoscalers (aka 'hpa')
- * ingress (aka 'ing')
- * jobs
- * limitranges (aka 'limits')
- * nodes (aka 'no')
- * namespaces (aka 'ns')
- * petsets (alpha feature, may be unstable)
- * pods (aka 'po')
- * persistentvolumes (aka 'pv')
- * persistentvolumeclaims (aka 'pvc')
- * quota
- * resourcequotas (aka 'quota')
- * replicasets (aka 'rs')
- * replicationcontrollers (aka 'rc')
- * secrets
- * serviceaccounts (aka 'sa')
- * services (aka 'svc')
+ * clusters (valid only for federation apiservers)
+ * componentstatuses (aka 'cs')
+ * configmaps (aka 'cm')
+ * daemonsets (aka 'ds')
+ * deployments (aka 'deploy')
+ * endpoints (aka 'ep')
+ * events (aka 'ev')
+ * horizontalpodautoscalers (aka 'hpa')
+ * ingresses (aka 'ing')
+ * jobs
+ * limitranges (aka 'limits')
+ * namespaces (aka 'ns')
+ * networkpolicies
+ * nodes (aka 'no')
+ * persistentvolumeclaims (aka 'pvc')
+ * persistentvolumes (aka 'pv')
+ * pods (aka 'po')
+ * podsecuritypolicies (aka 'psp')
+ * podtemplates
+ * replicasets (aka 'rs')
+ * replicationcontrollers (aka 'rc')
+ * resourcequotas (aka 'quota')
+ * secrets
+ * serviceaccounts (aka 'sa')
+ * services (aka 'svc')
+ * statefulsets
+ * storageclasses
+ * thirdpartyresources
```
kubectl explain RESOURCE
@@ -45,55 +49,50 @@ kubectl explain RESOURCE
### Examples
```
-
-# Get the documentation of the resource and its fields
-kubectl explain pods
-
-# Get the documentation of a specific field of a resource
-kubectl explain pods.spec.containers
+ # Get the documentation of the resource and its fields
+ kubectl explain pods
+
+ # Get the documentation of a specific field of a resource
+ kubectl explain pods.spec.containers
```
### Options
```
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
- --recursive Print the fields of fields (Currently only 1 level deep)
+ --recursive Print the fields of fields (Currently only 1 level deep)
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_expose.md b/docs/user-guide/kubectl/kubectl_expose.md
index 6ecb7e5951..f741313c29 100644
--- a/docs/user-guide/kubectl/kubectl_expose.md
+++ b/docs/user-guide/kubectl/kubectl_expose.md
@@ -1,4 +1,5 @@
---
+title: kubectl expose
---
## kubectl expose
@@ -8,20 +9,13 @@ Take a replication controller, service, deployment or pod and expose it as a new
### Synopsis
-
Expose a resource as a new Kubernetes service.
-Looks up a deployment, service, replica set, replication controller or pod by name and uses the selector
-for that resource as the selector for a new service on the specified port. A deployment or replica set
-will be exposed as a service only if its selector is convertible to a selector that service supports,
-i.e. when the selector contains only the matchLabels component. Note that if no port is specified via
---port and the exposed resource has multiple ports, all will be re-used by the new service. Also if no
-labels are specified, the new service will re-use the labels from the resource it exposes.
+Looks up a deployment, service, replica set, replication controller or pod by name and uses the selector for that resource as the selector for a new service on the specified port. A deployment or replica set will be exposed as a service only if its selector is convertible to a selector that service supports, i.e. when the selector contains only the matchLabels component. Note that if no port is specified via --port and the exposed resource has multiple ports, all will be re-used by the new service. Also if no labels are specified, the new service will re-use the labels from the resource it exposes.
Possible resources include (case insensitive):
-pod (po), service (svc), replicationcontroller (rc),
-deployment (deploy), replicaset (rs)
+pod (po), service (svc), replicationcontroller (rc), deployment (deploy), replicaset (rs)
```
kubectl expose (-f FILENAME | TYPE NAME) [--port=port] [--protocol=TCP|UDP] [--target-port=number-or-name] [--name=name] [--external-ip=external-ip-of-service] [--type=type]
@@ -30,27 +24,26 @@ kubectl expose (-f FILENAME | TYPE NAME) [--port=port] [--protocol=TCP|UDP] [--t
### Examples
```
-
-# Create a service for a replicated nginx, which serves on port 80 and connects to the containers on port 8000.
-kubectl expose rc nginx --port=80 --target-port=8000
-
-# Create a service for a replication controller identified by type and name specified in "nginx-controller.yaml", which serves on port 80 and connects to the containers on port 8000.
-kubectl expose -f nginx-controller.yaml --port=80 --target-port=8000
-
-# Create a service for a pod valid-pod, which serves on port 444 with the name "frontend"
-kubectl expose pod valid-pod --port=444 --name=frontend
-
-# Create a second service based on the above service, exposing the container port 8443 as port 443 with the name "nginx-https"
-kubectl expose service nginx --port=443 --target-port=8443 --name=nginx-https
-
-# Create a service for a replicated streaming application on port 4100 balancing UDP traffic and named 'video-stream'.
-kubectl expose rc streamer --port=4100 --protocol=udp --name=video-stream
-
-# Create a service for a replicated nginx using replica set, which serves on port 80 and connects to the containers on port 8000.
-kubectl expose rs nginx --port=80 --target-port=8000
-
-# Create a service for an nginx deployment, which serves on port 80 and connects to the containers on port 8000.
-kubectl expose deployment nginx --port=80 --target-port=8000
+ # Create a service for a replicated nginx, which serves on port 80 and connects to the containers on port 8000.
+ kubectl expose rc nginx --port=80 --target-port=8000
+
+ # Create a service for a replication controller identified by type and name specified in "nginx-controller.yaml", which serves on port 80 and connects to the containers on port 8000.
+ kubectl expose -f nginx-controller.yaml --port=80 --target-port=8000
+
+ # Create a service for a pod valid-pod, which serves on port 444 with the name "frontend"
+ kubectl expose pod valid-pod --port=444 --name=frontend
+
+ # Create a second service based on the above service, exposing the container port 8443 as port 443 with the name "nginx-https"
+ kubectl expose service nginx --port=443 --target-port=8443 --name=nginx-https
+
+ # Create a service for a replicated streaming application on port 4100 balancing UDP traffic and named 'video-stream'.
+ kubectl expose rc streamer --port=4100 --protocol=udp --name=video-stream
+
+ # Create a service for a replicated nginx using replica set, which serves on port 80 and connects to the containers on port 8000.
+ kubectl expose rs nginx --port=80 --target-port=8000
+
+ # Create a service for an nginx deployment, which serves on port 80 and connects to the containers on port 8000.
+ kubectl expose deployment nginx --port=80 --target-port=8000
```
### Options
@@ -59,7 +52,7 @@ kubectl expose deployment nginx --port=80 --target-port=8000
--cluster-ip string ClusterIP to be assigned to the service. Leave empty to auto-allocate, or set to 'None' to create a headless service.
--dry-run If true, only print the object that would be sent, without sending it.
--external-ip string Additional external IP address (not managed by Kubernetes) to accept for the service. If this IP is routed to a node, the service can be accessed by this IP in addition to its generated service IP.
- -f, --filename value Filename, directory, or URL to a file identifying the resource to expose a service (default [])
+ -f, --filename stringSlice Filename, directory, or URL to files identifying the resource to expose a service
--generator string The name of the API generator to use. There are 2 generators: 'service/v1' and 'service/v2'. The only difference between them is that service port in v1 is named 'default', while it is left unnamed in v2. Default is 'service/v2'. (default "service/v2")
-l, --labels string Labels to apply to the service created by this call.
--load-balancer-ip string IP to assign to the Load Balancer. If empty, an ephemeral IP will be created and used (cloud-provider specific).
@@ -86,37 +79,34 @@ kubectl expose deployment nginx --port=80 --target-port=8000
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_get.md b/docs/user-guide/kubectl/kubectl_get.md
index 275a9b620b..7e973d7bc9 100644
--- a/docs/user-guide/kubectl/kubectl_get.md
+++ b/docs/user-guide/kubectl/kubectl_get.md
@@ -1,4 +1,5 @@
---
+title: kubectl get
---
## kubectl get
@@ -8,41 +9,42 @@ Display one or many resources
### Synopsis
-
Display one or many resources.
Valid resource types include:
- * clusters (valid only for federation apiservers)
- * componentstatuses (aka 'cs')
- * configmaps (aka 'cm')
- * daemonsets (aka 'ds')
- * deployments (aka 'deploy')
- * events (aka 'ev')
- * endpoints (aka 'ep')
- * horizontalpodautoscalers (aka 'hpa')
- * ingress (aka 'ing')
- * jobs
- * limitranges (aka 'limits')
- * nodes (aka 'no')
- * namespaces (aka 'ns')
- * petsets (alpha feature, may be unstable)
- * pods (aka 'po')
- * persistentvolumes (aka 'pv')
- * persistentvolumeclaims (aka 'pvc')
- * quota
- * resourcequotas (aka 'quota')
- * replicasets (aka 'rs')
- * replicationcontrollers (aka 'rc')
- * secrets
- * serviceaccounts (aka 'sa')
- * services (aka 'svc')
+ * clusters (valid only for federation apiservers)
+ * componentstatuses (aka 'cs')
+ * configmaps (aka 'cm')
+ * daemonsets (aka 'ds')
+ * deployments (aka 'deploy')
+ * endpoints (aka 'ep')
+ * events (aka 'ev')
+ * horizontalpodautoscalers (aka 'hpa')
+ * ingresses (aka 'ing')
+ * jobs
+ * limitranges (aka 'limits')
+ * namespaces (aka 'ns')
+ * networkpolicies
+ * nodes (aka 'no')
+ * persistentvolumeclaims (aka 'pvc')
+ * persistentvolumes (aka 'pv')
+ * pods (aka 'po')
+ * podsecuritypolicies (aka 'psp')
+ * podtemplates
+ * replicasets (aka 'rs')
+ * replicationcontrollers (aka 'rc')
+ * resourcequotas (aka 'quota')
+ * secrets
+ * serviceaccounts (aka 'sa')
+ * services (aka 'svc')
+ * statefulsets
+ * storageclasses
+ * thirdpartyresources
-This command will hide resources that have completed. For instance, pods that are in the Succeeded or Failed phases.
-You can see the full results for any resource by providing the '--show-all' flag.
+This command will hide resources that have completed. For instance, pods that are in the Succeeded or Failed phases. You can see the full results for any resource by providing the '--show-all' flag.
-By specifying the output as 'template' and providing a Go template as the value
-of the --template flag, you can filter the attributes of the fetched resource(s).
+By specifying the output as 'template' and providing a Go template as the value of the --template flag, you can filter the attributes of the fetched resource(s).
```
kubectl get [(-o|--output=)json|yaml|wide|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=...] (TYPE [NAME | -l label] | TYPE/NAME ...) [flags]
@@ -50,90 +52,85 @@ kubectl get [(-o|--output=)json|yaml|wide|custom-columns=...|custom-columns-file
### Examples
-```
+```{% raw %}
+ # List all pods in ps output format.
+ kubectl get pods
-# List all pods in ps output format.
-kubectl get pods
+ # List all pods in ps output format with more information (such as node name).
+ kubectl get pods -o wide
-# List all pods in ps output format with more information (such as node name).
-kubectl get pods -o wide
+ # List a single replication controller with specified NAME in ps output format.
+ kubectl get replicationcontroller web
-# List a single replication controller with specified NAME in ps output format.
-kubectl get replicationcontroller web
+ # List a single pod in JSON output format.
+ kubectl get -o json pod web-pod-13je7
-# List a single pod in JSON output format.
-kubectl get -o json pod web-pod-13je7
+ # List a pod identified by type and name specified in "pod.yaml" in JSON output format.
+ kubectl get -f pod.yaml -o json
-# List a pod identified by type and name specified in "pod.yaml" in JSON output format.
-kubectl get -f pod.yaml -o json
+ # Return only the phase value of the specified pod.
+ kubectl get -o template pod/web-pod-13je7 --template={{.status.phase}}
-# Return only the phase value of the specified pod.
-kubectl get -o template pod/web-pod-13je7 --template={{.status.phase}}
+ # List all replication controllers and services together in ps output format.
+ kubectl get rc,services
-# List all replication controllers and services together in ps output format.
-kubectl get rc,services
-
-# List one or more resources by their type and names.
-kubectl get rc/web service/frontend pods/web-pod-13je7
-```
+ # List one or more resources by their type and names.
+ kubectl get rc/web service/frontend pods/web-pod-13je7
+{% endraw %}```
### Options
```
- --all-namespaces If present, list the requested object(s) across all namespaces. Namespace in current context is ignored even if specified with --namespace.
- --export If true, use 'export' for the resources. Exported resources are stripped of cluster-specific information.
- -f, --filename value Filename, directory, or URL to a file identifying the resource to get from a server. (default [])
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
- -L, --label-columns value Accepts a comma separated list of labels that are going to be presented as columns. Names are case-sensitive. You can also use multiple flag options like -L label1 -L label2... (default [])
- --no-headers When using the default or custom-column output format, don't print headers.
- -o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
- --output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
- --raw string Raw URI to request from the server. Uses the transport specified by the kubeconfig file.
- -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
- -l, --selector string Selector (label query) to filter on
- -a, --show-all When printing, show all resources (default hide terminated pods.)
- --show-kind If present, list the resource type for the requested object(s).
- --show-labels When printing, show all labels as the last column (default hide labels column)
- --sort-by string If non-empty, sort list types using this field specification. The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.
- --template string Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
- -w, --watch After listing/getting the requested object, watch for changes.
- --watch-only Watch for changes to the requested object(s), without listing/getting first.
+ --all-namespaces If present, list the requested object(s) across all namespaces. Namespace in current context is ignored even if specified with --namespace.
+ --export If true, use 'export' for the resources. Exported resources are stripped of cluster-specific information.
+ -f, --filename stringSlice Filename, directory, or URL to files identifying the resource to get from a server.
+ -L, --label-columns stringSlice Accepts a comma separated list of labels that are going to be presented as columns. Names are case-sensitive. You can also use multiple flag options like -L label1 -L label2...
+ --no-headers When using the default or custom-column output format, don't print headers.
+ -o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
+ --output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
+ --raw string Raw URI to request from the server. Uses the transport specified by the kubeconfig file.
+ -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
+ -l, --selector string Selector (label query) to filter on
+ -a, --show-all When printing, show all resources (default hide terminated pods.)
+ --show-kind If present, list the resource type for the requested object(s).
+ --show-labels When printing, show all labels as the last column (default hide labels column)
+ --sort-by string If non-empty, sort list types using this field specification. The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.
+ --template string Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
+ -w, --watch After listing/getting the requested object, watch for changes.
+ --watch-only Watch for changes to the requested object(s), without listing/getting first.
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_label.md b/docs/user-guide/kubectl/kubectl_label.md
index 8a01e1c4e4..be186a6515 100644
--- a/docs/user-guide/kubectl/kubectl_label.md
+++ b/docs/user-guide/kubectl/kubectl_label.md
@@ -1,4 +1,5 @@
---
+title: kubectl label
---
## kubectl label
@@ -8,12 +9,11 @@ Update the labels on a resource
### Synopsis
-
Update the labels on a resource.
-A label must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and underscores, up to 63 characters.
-If --overwrite is true, then existing labels can be overwritten, otherwise attempting to overwrite a label will result in an error.
-If --resource-version is specified, then updates will use this resource version, otherwise the existing resource-version will be used.
+ * A label must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and underscores, up to 63 characters.
+ * If --overwrite is true, then existing labels can be overwritten, otherwise attempting to overwrite a label will result in an error.
+ * If --resource-version is specified, then updates will use this resource version, otherwise the existing resource-version will be used.
```
kubectl label [--overwrite] (-f FILENAME | TYPE NAME) KEY_1=VAL_1 ... KEY_N=VAL_N [--resource-version=version]
@@ -22,25 +22,24 @@ kubectl label [--overwrite] (-f FILENAME | TYPE NAME) KEY_1=VAL_1 ... KEY_N=VAL_
### Examples
```
-
-# Update pod 'foo' with the label 'unhealthy' and the value 'true'.
-kubectl label pods foo unhealthy=true
-
-# Update pod 'foo' with the label 'status' and the value 'unhealthy', overwriting any existing value.
-kubectl label --overwrite pods foo status=unhealthy
-
-# Update all pods in the namespace
-kubectl label pods --all status=unhealthy
-
-# Update a pod identified by the type and name in "pod.json"
-kubectl label -f pod.json status=unhealthy
-
-# Update pod 'foo' only if the resource is unchanged from version 1.
-kubectl label pods foo status=unhealthy --resource-version=1
-
-# Update pod 'foo' by removing a label named 'bar' if it exists.
-# Does not require the --overwrite flag.
-kubectl label pods foo bar-
+ # Update pod 'foo' with the label 'unhealthy' and the value 'true'.
+ kubectl label pods foo unhealthy=true
+
+ # Update pod 'foo' with the label 'status' and the value 'unhealthy', overwriting any existing value.
+ kubectl label --overwrite pods foo status=unhealthy
+
+ # Update all pods in the namespace
+ kubectl label pods --all status=unhealthy
+
+ # Update a pod identified by the type and name in "pod.json"
+ kubectl label -f pod.json status=unhealthy
+
+ # Update pod 'foo' only if the resource is unchanged from version 1.
+ kubectl label pods foo status=unhealthy --resource-version=1
+
+ # Update pod 'foo' by removing a label named 'bar' if it exists.
+ # Does not require the --overwrite flag.
+ kubectl label pods foo bar-
```
### Options
@@ -48,8 +47,8 @@ kubectl label pods foo bar-
```
--all select all resources in the namespace of the specified resource types
--dry-run If true, only print the object that would be sent, without sending it.
- -f, --filename value Filename, directory, or URL to a file identifying the resource to update the labels (default [])
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
+ -f, --filename stringSlice Filename, directory, or URL to files identifying the resource to update the labels
+ --local If true, label will NOT contact api-server but run locally.
--no-headers When using the default or custom-column output format, don't print headers.
-o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
--output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
@@ -67,37 +66,34 @@ kubectl label pods foo bar-
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_logs.md b/docs/user-guide/kubectl/kubectl_logs.md
index a09a291797..cfc418eb59 100644
--- a/docs/user-guide/kubectl/kubectl_logs.md
+++ b/docs/user-guide/kubectl/kubectl_logs.md
@@ -1,4 +1,5 @@
---
+title: kubectl logs
---
## kubectl logs
@@ -17,71 +18,66 @@ kubectl logs [-f] [-p] POD [-c CONTAINER]
### Examples
```
-
-# Return snapshot logs from pod nginx with only one container
-kubectl logs nginx
-
-# Return snapshot of previous terminated ruby container logs from pod web-1
-kubectl logs -p -c ruby web-1
-
-# Begin streaming the logs of the ruby container in pod web-1
-kubectl logs -f -c ruby web-1
-
-# Display only the most recent 20 lines of output in pod nginx
-kubectl logs --tail=20 nginx
-
-# Show all logs from pod nginx written in the last hour
-kubectl logs --since=1h nginx
+ # Return snapshot logs from pod nginx with only one container
+ kubectl logs nginx
+
+ # Return snapshot of previous terminated ruby container logs from pod web-1
+ kubectl logs -p -c ruby web-1
+
+ # Begin streaming the logs of the ruby container in pod web-1
+ kubectl logs -f -c ruby web-1
+
+ # Display only the most recent 20 lines of output in pod nginx
+ kubectl logs --tail=20 nginx
+
+ # Show all logs from pod nginx written in the last hour
+ kubectl logs --since=1h nginx
```
### Options
```
- -c, --container string Print the logs of this container
- -f, --follow Specify if the logs should be streamed.
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
- --limit-bytes int Maximum bytes of logs to return. Defaults to no limit.
- -p, --previous If true, print the logs for the previous instance of the container in a pod if it exists.
- --since duration Only return logs newer than a relative duration like 5s, 2m, or 3h. Defaults to all logs. Only one of since-time / since may be used. (default 0s)
- --since-time string Only return logs after a specific date (RFC3339). Defaults to all logs. Only one of since-time / since may be used.
- --tail int Lines of recent log file to display. Defaults to -1, showing all log lines. (default -1)
- --timestamps Include timestamps on each line in the log output
+ -c, --container string Print the logs of this container
+ -f, --follow Specify if the logs should be streamed.
+ --limit-bytes int Maximum bytes of logs to return. Defaults to no limit.
+ -p, --previous If true, print the logs for the previous instance of the container in a pod if it exists.
+ --since duration Only return logs newer than a relative duration like 5s, 2m, or 3h. Defaults to all logs. Only one of since-time / since may be used.
+ --since-time string Only return logs after a specific date (RFC3339). Defaults to all logs. Only one of since-time / since may be used.
+ --tail int Lines of recent log file to display. Defaults to -1, showing all log lines. (default -1)
+ --timestamps Include timestamps on each line in the log output
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_namespace.md b/docs/user-guide/kubectl/kubectl_namespace.md
deleted file mode 100644
index c5b7d60883..0000000000
--- a/docs/user-guide/kubectl/kubectl_namespace.md
+++ /dev/null
@@ -1,54 +0,0 @@
----
----
-
-## kubectl namespace
-
-Deprecated: config set-context
-
-### Synopsis
-
-
-Deprecated: This command is deprecated, all its functionalities are covered by "kubectl config set-context"
-
-```
-kubectl namespace [namespace]
-```
-
-### Options inherited from parent commands
-
-```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
-```
-
-
-
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
-
-
-[]()
-
diff --git a/docs/user-guide/kubectl/kubectl_options.md b/docs/user-guide/kubectl/kubectl_options.md
index c82e556ec8..994f9e83f8 100644
--- a/docs/user-guide/kubectl/kubectl_options.md
+++ b/docs/user-guide/kubectl/kubectl_options.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl options
@@ -17,37 +16,34 @@ kubectl options
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_patch.md b/docs/user-guide/kubectl/kubectl_patch.md
index 3497852c34..fb6c4299ad 100644
--- a/docs/user-guide/kubectl/kubectl_patch.md
+++ b/docs/user-guide/kubectl/kubectl_patch.md
@@ -1,4 +1,5 @@
---
+title: kubectl patch
---
## kubectl patch
@@ -8,12 +9,11 @@ Update field(s) of a resource using strategic merge patch
### Synopsis
-
Update field(s) of a resource using strategic merge patch
JSON and YAML formats are accepted.
-Please refer to the models in https://htmlpreview.github.io/?https://github.com/kubernetes/kubernetes/blob/release-1.4/docs/api-reference/v1/definitions.html to find if a field is mutable.
+Please refer to the models in https://htmlpreview.github.io/?https://github.com/kubernetes/kubernetes/blob/HEAD/docs/api-reference/v1/definitions.html to find if a field is mutable.
```
kubectl patch (-f FILENAME | TYPE NAME) -p PATCH
@@ -22,26 +22,23 @@ kubectl patch (-f FILENAME | TYPE NAME) -p PATCH
### Examples
```
-
-
-# Partially update a node using strategic merge patch
-kubectl patch node k8s-node-1 -p '{"spec":{"unschedulable":true}}'
-
-# Partially update a node identified by the type and name specified in "node.json" using strategic merge patch
-kubectl patch -f node.json -p '{"spec":{"unschedulable":true}}'
-
-# Update a container's image; spec.containers[*].name is required because it's a merge key
-kubectl patch pod valid-pod -p '{"spec":{"containers":[{"name":"kubernetes-serve-hostname","image":"new image"}]}}'
-
-# Update a container's image using a json patch with positional arrays
-kubectl patch pod valid-pod --type='json' -p='[{"op": "replace", "path": "/spec/containers/0/image", "value":"new image"}]'
+ # Partially update a node using strategic merge patch
+ kubectl patch node k8s-node-1 -p '{"spec":{"unschedulable":true}}'
+
+ # Partially update a node identified by the type and name specified in "node.json" using strategic merge patch
+ kubectl patch -f node.json -p '{"spec":{"unschedulable":true}}'
+
+ # Update a container's image; spec.containers[*].name is required because it's a merge key
+ kubectl patch pod valid-pod -p '{"spec":{"containers":[{"name":"kubernetes-serve-hostname","image":"new image"}]}}'
+
+ # Update a container's image using a json patch with positional arrays
+ kubectl patch pod valid-pod --type='json' -p='[{"op": "replace", "path": "/spec/containers/0/image", "value":"new image"}]'
```
### Options
```
- -f, --filename value Filename, directory, or URL to a file identifying the resource to update (default [])
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
+ -f, --filename stringSlice Filename, directory, or URL to files identifying the resource to update
--local If true, patch will operate on the content of the file, not the server-side resource.
--no-headers When using the default or custom-column output format, don't print headers.
-o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
@@ -59,37 +56,34 @@ kubectl patch pod valid-pod --type='json' -p='[{"op": "replace", "path": "/spec/
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_port-forward.md b/docs/user-guide/kubectl/kubectl_port-forward.md
index 3a0b6f548b..feb00cf258 100644
--- a/docs/user-guide/kubectl/kubectl_port-forward.md
+++ b/docs/user-guide/kubectl/kubectl_port-forward.md
@@ -1,4 +1,5 @@
---
+title: kubectl port-forward
---
## kubectl port-forward
@@ -17,18 +18,17 @@ kubectl port-forward POD [LOCAL_PORT:]REMOTE_PORT [...[LOCAL_PORT_N:]REMOTE_PORT
### Examples
```
-
-# Listen on ports 5000 and 6000 locally, forwarding data to/from ports 5000 and 6000 in the pod
-kubectl port-forward mypod 5000 6000
-
-# Listen on port 8888 locally, forwarding to 5000 in the pod
-kubectl port-forward mypod 8888:5000
-
-# Listen on a random port locally, forwarding to 5000 in the pod
-kubectl port-forward mypod :5000
-
-# Listen on a random port locally, forwarding to 5000 in the pod
-kubectl port-forward mypod 0:5000
+ # Listen on ports 5000 and 6000 locally, forwarding data to/from ports 5000 and 6000 in the pod
+ kubectl port-forward mypod 5000 6000
+
+ # Listen on port 8888 locally, forwarding to 5000 in the pod
+ kubectl port-forward mypod 8888:5000
+
+ # Listen on a random port locally, forwarding to 5000 in the pod
+ kubectl port-forward mypod :5000
+
+ # Listen on a random port locally, forwarding to 5000 in the pod
+ kubectl port-forward mypod 0:5000
```
### Options
@@ -40,37 +40,34 @@ kubectl port-forward mypod 0:5000
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_proxy.md b/docs/user-guide/kubectl/kubectl_proxy.md
index 62f0417c2e..d3713ae52f 100644
--- a/docs/user-guide/kubectl/kubectl_proxy.md
+++ b/docs/user-guide/kubectl/kubectl_proxy.md
@@ -1,4 +1,5 @@
---
+title: kubectl proxy
---
## kubectl proxy
@@ -8,24 +9,22 @@ Run a proxy to the Kubernetes API server
### Synopsis
-
To proxy all of the kubernetes api and nothing else, use:
-kubectl proxy --api-prefix=/
+ $ kubectl proxy --api-prefix=/
To proxy only part of the kubernetes api and also some static files:
-kubectl proxy --www=/my/files --www-prefix=/static/ --api-prefix=/api/
+ $ kubectl proxy --www=/my/files --www-prefix=/static/ --api-prefix=/api/
The above lets you 'curl localhost:8001/api/v1/pods'.
To proxy the entire kubernetes api at a different root, use:
-kubectl proxy --api-prefix=/custom/
+ $ kubectl proxy --api-prefix=/custom/
The above lets you 'curl localhost:8001/custom/api/v1/pods'
-
```
kubectl proxy [--port=PORT] [--www=static-dir] [--www-prefix=prefix] [--api-prefix=prefix]
```
@@ -33,23 +32,22 @@ kubectl proxy [--port=PORT] [--www=static-dir] [--www-prefix=prefix] [--api-pref
### Examples
```
-
-# Run a proxy to kubernetes apiserver on port 8011, serving static content from ./local/www/
-kubectl proxy --port=8011 --www=./local/www/
-
-# Run a proxy to kubernetes apiserver on an arbitrary local port.
-# The chosen port for the server will be output to stdout.
-kubectl proxy --port=0
-
-# Run a proxy to kubernetes apiserver, changing the api prefix to k8s-api
-# This makes e.g. the pods api available at localhost:8011/k8s-api/v1/pods/
-kubectl proxy --api-prefix=/k8s-api
+ # Run a proxy to kubernetes apiserver on port 8011, serving static content from ./local/www/
+ kubectl proxy --port=8011 --www=./local/www/
+
+ # Run a proxy to kubernetes apiserver on an arbitrary local port.
+ # The chosen port for the server will be output to stdout.
+ kubectl proxy --port=0
+
+ # Run a proxy to kubernetes apiserver, changing the api prefix to k8s-api
+ # This makes e.g. the pods api available at localhost:8011/k8s-api/v1/pods/
+ kubectl proxy --api-prefix=/k8s-api
```
### Options
```
- --accept-hosts string Regular expression for hosts that the proxy should accept. (default "^localhost$,^127\\.0\\.0\\.1$,^\\[::1\\]$")
+ --accept-hosts string Regular expression for hosts that the proxy should accept. (default "^localhost$,^127\.0\.0\.1$,^\[::1\]$")
--accept-paths string Regular expression for paths that the proxy should accept. (default "^/.*")
--address string The IP address on which to serve on. (default "127.0.0.1")
--api-prefix string Prefix to serve the proxied API under. (default "/")
@@ -65,37 +63,34 @@ kubectl proxy --api-prefix=/k8s-api
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_replace.md b/docs/user-guide/kubectl/kubectl_replace.md
index 6816704c17..5e0ee378de 100644
--- a/docs/user-guide/kubectl/kubectl_replace.md
+++ b/docs/user-guide/kubectl/kubectl_replace.md
@@ -1,4 +1,5 @@
---
+title: kubectl replace
---
## kubectl replace
@@ -8,14 +9,13 @@ Replace a resource by filename or stdin
### Synopsis
-
Replace a resource by filename or stdin.
-JSON and YAML formats are accepted. If replacing an existing resource, the
-complete resource spec must be provided. This can be obtained by
-$ kubectl get TYPE NAME -o yaml
+JSON and YAML formats are accepted. If replacing an existing resource, the complete resource spec must be provided. This can be obtained by
-Please refer to the models in https://htmlpreview.github.io/?https://github.com/kubernetes/kubernetes/blob/release-1.4/docs/api-reference/v1/definitions.html to find if a field is mutable.
+ $ kubectl get TYPE NAME -o yaml
+
+Please refer to the models in https://htmlpreview.github.io/?https://github.com/kubernetes/kubernetes/blob/HEAD/docs/api-reference/v1/definitions.html to find if a field is mutable.
```
kubectl replace -f FILENAME
@@ -24,71 +24,66 @@ kubectl replace -f FILENAME
### Examples
```
-
-# Replace a pod using the data in pod.json.
-kubectl replace -f ./pod.json
-
-# Replace a pod based on the JSON passed into stdin.
-cat pod.json | kubectl replace -f -
-
-# Update a single-container pod's image version (tag) to v4
-kubectl get pod mypod -o yaml | sed 's/\(image: myimage\):.*$/\1:v4/' | kubectl replace -f -
-
-# Force replace, delete and then re-create the resource
-kubectl replace --force -f ./pod.json
+ # Replace a pod using the data in pod.json.
+ kubectl replace -f ./pod.json
+
+ # Replace a pod based on the JSON passed into stdin.
+ cat pod.json | kubectl replace -f -
+
+ # Update a single-container pod's image version (tag) to v4
+ kubectl get pod mypod -o yaml | sed 's/\(image: myimage\):.*$/\1:v4/' | kubectl replace -f -
+
+ # Force replace, delete and then re-create the resource
+ kubectl replace --force -f ./pod.json
```
### Options
```
--cascade Only relevant during a force replace. If true, cascade the deletion of the resources managed by this resource (e.g. Pods created by a ReplicationController).
- -f, --filename value Filename, directory, or URL to file to use to replace the resource. (default [])
+ -f, --filename stringSlice Filename, directory, or URL to files to use to replace the resource.
--force Delete and re-create the specified resource
--grace-period int Only relevant during a force replace. Period of time in seconds given to the old resource to terminate gracefully. Ignored if negative. (default -1)
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
-o, --output string Output mode. Use "-o name" for shorter output (resource/name).
--record Record current kubectl command in the resource annotation. If set to false, do not record the command. If set to true, record the command. If not set, default to updating the existing annotation value only if one already exists.
-R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
--save-config If true, the configuration of current object will be saved in its annotation. This is useful when you want to perform kubectl apply on this object in the future.
--schema-cache-dir string If non-empty, load/store cached API schemas in this directory, default is '$HOME/.kube/schema' (default "~/.kube/schema")
- --timeout duration Only relevant during a force replace. The length of time to wait before giving up on a delete of the old resource, zero means determine a timeout from the size of the object. Any other values should contain a corresponding time unit (e.g. 1s, 2m, 3h). (default 0s)
+ --timeout duration Only relevant during a force replace. The length of time to wait before giving up on a delete of the old resource, zero means determine a timeout from the size of the object. Any other values should contain a corresponding time unit (e.g. 1s, 2m, 3h).
--validate If true, use a schema to validate the input before sending it (default true)
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_rolling-update.md b/docs/user-guide/kubectl/kubectl_rolling-update.md
index 3b9dcb7fb7..382e630c78 100644
--- a/docs/user-guide/kubectl/kubectl_rolling-update.md
+++ b/docs/user-guide/kubectl/kubectl_rolling-update.md
@@ -1,4 +1,5 @@
---
+title: kubectl rolling-update
---
## kubectl rolling-update
@@ -8,15 +9,11 @@ Perform a rolling update of the given ReplicationController
### Synopsis
-
Perform a rolling update of the given ReplicationController.
-Replaces the specified replication controller with a new replication controller by updating one pod at a time to use the
-new PodTemplate. The new-controller.json must specify the same namespace as the
-existing replication controller and overwrite at least one (common) label in its replicaSelector.
-
-
+Replaces the specified replication controller with a new replication controller by updating one pod at a time to use the new PodTemplate. The new-controller.json must specify the same namespace as the existing replication controller and overwrite at least one (common) label in its replicaSelector.
+! http://kubernetes.io/images/docs/kubectl_rollingupdate.svg
```
kubectl rolling-update OLD_CONTROLLER_NAME ([NEW_CONTROLLER_NAME] --image=NEW_CONTAINER_IMAGE | -f NEW_CONTROLLER_SPEC)
@@ -25,23 +22,21 @@ kubectl rolling-update OLD_CONTROLLER_NAME ([NEW_CONTROLLER_NAME] --image=NEW_CO
### Examples
```
-
-# Update pods of frontend-v1 using new replication controller data in frontend-v2.json.
-kubectl rolling-update frontend-v1 -f frontend-v2.json
-
-# Update pods of frontend-v1 using JSON data passed into stdin.
-cat frontend-v2.json | kubectl rolling-update frontend-v1 -f -
-
-# Update the pods of frontend-v1 to frontend-v2 by just changing the image, and switching the
-# name of the replication controller.
-kubectl rolling-update frontend-v1 frontend-v2 --image=image:v2
-
-# Update the pods of frontend by just changing the image, and keeping the old name.
-kubectl rolling-update frontend --image=image:v2
-
-# Abort and reverse an existing rollout in progress (from frontend-v1 to frontend-v2).
-kubectl rolling-update frontend-v1 frontend-v2 --rollback
-
+ # Update pods of frontend-v1 using new replication controller data in frontend-v2.json.
+ kubectl rolling-update frontend-v1 -f frontend-v2.json
+
+ # Update pods of frontend-v1 using JSON data passed into stdin.
+ cat frontend-v2.json | kubectl rolling-update frontend-v1 -f -
+
+ # Update the pods of frontend-v1 to frontend-v2 by just changing the image, and switching the
+ # name of the replication controller.
+ kubectl rolling-update frontend-v1 frontend-v2 --image=image:v2
+
+ # Update the pods of frontend by just changing the image, and keeping the old name.
+ kubectl rolling-update frontend --image=image:v2
+
+ # Abort and reverse an existing rollout in progress (from frontend-v1 to frontend-v2).
+ kubectl rolling-update frontend-v1 frontend-v2 --rollback
```
### Options
@@ -50,10 +45,9 @@ kubectl rolling-update frontend-v1 frontend-v2 --rollback
--container string Container name which will have its image upgraded. Only relevant when --image is specified, ignored otherwise. Required when using --image on a multi-container pod
--deployment-label-key string The key to use to differentiate between two different controllers, default 'deployment'. Only relevant when --image is specified, ignored otherwise (default "deployment")
--dry-run If true, only print the object that would be sent, without sending it.
- -f, --filename value Filename or URL to file to use to create the new replication controller. (default [])
+ -f, --filename stringSlice Filename or URL to file to use to create the new replication controller.
--image string Image to use for upgrading the replication controller. Must be distinct from the existing image (either new image or new image tag). Can not be used with --filename/-f
--image-pull-policy string Explicit policy for when to pull container images. Required when --image is same as existing image, ignored otherwise.
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
--no-headers When using the default or custom-column output format, don't print headers.
-o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
--output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
@@ -72,37 +66,34 @@ kubectl rolling-update frontend-v1 frontend-v2 --rollback
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_rollout.md b/docs/user-guide/kubectl/kubectl_rollout.md
index 6b3c2709c6..fb8ab9fdd9 100644
--- a/docs/user-guide/kubectl/kubectl_rollout.md
+++ b/docs/user-guide/kubectl/kubectl_rollout.md
@@ -1,4 +1,5 @@
---
+title: kubectl rollout
---
## kubectl rollout
@@ -8,7 +9,6 @@ Manage a deployment rollout
### Synopsis
-
Manage a deployment using subcommands like "kubectl rollout undo deployment/abc"
```
@@ -18,45 +18,41 @@ kubectl rollout SUBCOMMAND
### Examples
```
-
-# Rollback to the previous deployment
-kubectl rollout undo deployment/abc
+ # Rollback to the previous deployment
+ kubectl rollout undo deployment/abc
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_rollout_history.md b/docs/user-guide/kubectl/kubectl_rollout_history.md
index f660162cd2..440e76de06 100644
--- a/docs/user-guide/kubectl/kubectl_rollout_history.md
+++ b/docs/user-guide/kubectl/kubectl_rollout_history.md
@@ -1,4 +1,5 @@
---
+title: kubectl rollout history
---
## kubectl rollout history
@@ -8,7 +9,6 @@ View rollout history
### Synopsis
-
View previous rollout revisions and configurations.
```
@@ -18,56 +18,52 @@ kubectl rollout history (TYPE NAME | TYPE/NAME) [flags]
### Examples
```
-
-# View the rollout history of a deployment
-kubectl rollout history deployment/abc
-
-# View the details of deployment revision 3
-kubectl rollout history deployment/abc --revision=3
+ # View the rollout history of a deployment
+ kubectl rollout history deployment/abc
+
+ # View the details of deployment revision 3
+ kubectl rollout history deployment/abc --revision=3
```
### Options
```
- -f, --filename value Filename, directory, or URL to a file identifying the resource to get from a server. (default [])
- -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
- --revision int See the details, including podTemplate of the revision specified
+ -f, --filename stringSlice Filename, directory, or URL to files identifying the resource to get from a server.
+ -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
+ --revision int See the details, including podTemplate of the revision specified
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_rollout_pause.md b/docs/user-guide/kubectl/kubectl_rollout_pause.md
index 3e85d3b629..012914c878 100644
--- a/docs/user-guide/kubectl/kubectl_rollout_pause.md
+++ b/docs/user-guide/kubectl/kubectl_rollout_pause.md
@@ -1,4 +1,5 @@
---
+title: kubectl rollout pause
---
## kubectl rollout pause
@@ -8,12 +9,9 @@ Mark the provided resource as paused
### Synopsis
-
Mark the provided resource as paused
-Paused resources will not be reconciled by a controller.
-Use \"kubectl rollout resume\" to resume a paused resource.
-Currently only deployments support being paused.
+Paused resources will not be reconciled by a controller. Use \"kubectl rollout resume \" to resume a paused resource. Currently only deployments support being paused.
```
kubectl rollout pause RESOURCE
@@ -22,54 +20,50 @@ kubectl rollout pause RESOURCE
### Examples
```
-
-# Mark the nginx deployment as paused. Any current state of
-# the deployment will continue its function, new updates to the deployment will not
-# have an effect as long as the deployment is paused.
-kubectl rollout pause deployment/nginx
+ # Mark the nginx deployment as paused. Any current state of
+ # the deployment will continue its function, new updates to the deployment will not
+ # have an effect as long as the deployment is paused.
+ kubectl rollout pause deployment/nginx
```
### Options
```
- -f, --filename value Filename, directory, or URL to a file identifying the resource to get from a server. (default [])
- -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
+ -f, --filename stringSlice Filename, directory, or URL to files identifying the resource to get from a server.
+ -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_rollout_resume.md b/docs/user-guide/kubectl/kubectl_rollout_resume.md
index 6460f30622..193a3f0081 100644
--- a/docs/user-guide/kubectl/kubectl_rollout_resume.md
+++ b/docs/user-guide/kubectl/kubectl_rollout_resume.md
@@ -1,4 +1,5 @@
---
+title: kubectl rollout resume
---
## kubectl rollout resume
@@ -8,12 +9,9 @@ Resume a paused resource
### Synopsis
-
Resume a paused resource
-Paused resources will not be reconciled by a controller. By resuming a
-resource, we allow it to be reconciled again.
-Currently only deployments support being resumed.
+Paused resources will not be reconciled by a controller. By resuming a resource, we allow it to be reconciled again. Currently only deployments support being resumed.
```
kubectl rollout resume RESOURCE
@@ -22,52 +20,48 @@ kubectl rollout resume RESOURCE
### Examples
```
-
-# Resume an already paused deployment
-kubectl rollout resume deployment/nginx
+ # Resume an already paused deployment
+ kubectl rollout resume deployment/nginx
```
### Options
```
- -f, --filename value Filename, directory, or URL to a file identifying the resource to get from a server. (default [])
- -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
+ -f, --filename stringSlice Filename, directory, or URL to files identifying the resource to get from a server.
+ -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_rollout_status.md b/docs/user-guide/kubectl/kubectl_rollout_status.md
index e611dfe6f7..befc51e54d 100644
--- a/docs/user-guide/kubectl/kubectl_rollout_status.md
+++ b/docs/user-guide/kubectl/kubectl_rollout_status.md
@@ -1,15 +1,15 @@
---
---
-
## kubectl rollout status
-Watch rollout status until it's done
+Show the status of the rollout
### Synopsis
+Show the status of the rollout.
-Watch the status of current rollout, until it's done.
+By default 'rollout status' will watch the status of the latest rollout until it's done. If you don't want to wait for the rollout to finish then you can use --watch=false. Note that if a new rollout starts in-between, then 'rollout status' will continue watching the latest revision. If you want to pin to a specific revision and abort if it is rolled over by another revision, use --revision=N where N is the revision you need to watch for.
```
kubectl rollout status (TYPE NAME | TYPE/NAME) [flags]
@@ -18,52 +18,50 @@ kubectl rollout status (TYPE NAME | TYPE/NAME) [flags]
### Examples
```
-
-# Watch the rollout status of a deployment
-kubectl rollout status deployment/nginx
+ # Watch the rollout status of a deployment
+ kubectl rollout status deployment/nginx
```
### Options
```
- -f, --filename value Filename, directory, or URL to a file identifying the resource to get from a server. (default [])
- -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
+ -f, --filename stringSlice Filename, directory, or URL to files identifying the resource to get from a server.
+ -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
+ --revision int Pin to a specific revision for showing its status. Defaults to 0 (last revision).
+ -w, --watch Watch the status of the rollout until it's done. (default true)
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_rollout_undo.md b/docs/user-guide/kubectl/kubectl_rollout_undo.md
index 3e302c7db6..7dcb287be4 100644
--- a/docs/user-guide/kubectl/kubectl_rollout_undo.md
+++ b/docs/user-guide/kubectl/kubectl_rollout_undo.md
@@ -1,4 +1,5 @@
---
+title: kubectl rollout undo
---
## kubectl rollout undo
@@ -8,7 +9,6 @@ Undo a previous rollout
### Synopsis
-
Rollback to a previous rollout.
```
@@ -18,56 +18,56 @@ kubectl rollout undo (TYPE NAME | TYPE/NAME) [flags]
### Examples
```
-
-# Rollback to the previous deployment
-kubectl rollout undo deployment/abc
-
-# Rollback to deployment revision 3
-kubectl rollout undo deployment/abc --to-revision=3
+ # Rollback to the previous deployment
+ kubectl rollout undo deployment/abc
+
+ # Rollback to deployment revision 3
+ kubectl rollout undo deployment/abc --to-revision=3
+
+ # Rollback to the previous deployment with dry-run
+ kubectl rollout undo --dry-run=true deployment/abc
```
### Options
```
- -f, --filename value Filename, directory, or URL to a file identifying the resource to get from a server. (default [])
- -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
- --to-revision int The revision to rollback to. Default to 0 (last revision).
+ --dry-run If true, only print the object that would be sent, without sending it.
+ -f, --filename stringSlice Filename, directory, or URL to files identifying the resource to get from a server.
+ -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
+ --to-revision int The revision to rollback to. Default to 0 (last revision).
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_run.md b/docs/user-guide/kubectl/kubectl_run.md
index 9b3dfb409e..5a468401d3 100644
--- a/docs/user-guide/kubectl/kubectl_run.md
+++ b/docs/user-guide/kubectl/kubectl_run.md
@@ -1,4 +1,5 @@
---
+title: kubectl run
---
## kubectl run
@@ -8,8 +9,8 @@ Run a particular image on the cluster
### Synopsis
-
Create and run a particular image, possibly replicated.
+
Creates a deployment or job to manage the created container(s).
```
@@ -19,39 +20,38 @@ kubectl run NAME --image=image [--env="key=value"] [--port=port] [--replicas=rep
### Examples
```
-
-# Start a single instance of nginx.
-kubectl run nginx --image=nginx
-
-# Start a single instance of hazelcast and let the container expose port 5701 .
-kubectl run hazelcast --image=hazelcast --port=5701
-
-# Start a single instance of hazelcast and set environment variables "DNS_DOMAIN=cluster" and "POD_NAMESPACE=default" in the container.
-kubectl run hazelcast --image=hazelcast --env="DNS_DOMAIN=cluster" --env="POD_NAMESPACE=default"
-
-# Start a replicated instance of nginx.
-kubectl run nginx --image=nginx --replicas=5
-
-# Dry run. Print the corresponding API objects without creating them.
-kubectl run nginx --image=nginx --dry-run
-
-# Start a single instance of nginx, but overload the spec of the deployment with a partial set of values parsed from JSON.
-kubectl run nginx --image=nginx --overrides='{ "apiVersion": "v1", "spec": { ... } }'
-
-# Start a pod of busybox and keep it in the foreground, don't restart it if it exits.
-kubectl run -i -t busybox --image=busybox --restart=Never
-
-# Start the nginx container using the default command, but use custom arguments (arg1 .. argN) for that command.
-kubectl run nginx --image=nginx -- ...
-
-# Start the nginx container using a different command and custom arguments.
-kubectl run nginx --image=nginx --command -- ...
-
-# Start the perl container to compute π to 2000 places and print it out.
-kubectl run pi --image=perl --restart=OnFailure -- perl -Mbignum=bpi -wle 'print bpi(2000)'
-
-# Start the cron job to compute π to 2000 places and print it out every 5 minutes.
-kubectl run pi --schedule="0/5 * * * ?" --image=perl --restart=OnFailure -- perl -Mbignum=bpi -wle 'print bpi(2000)'
+ # Start a single instance of nginx.
+ kubectl run nginx --image=nginx
+
+ # Start a single instance of hazelcast and let the container expose port 5701 .
+ kubectl run hazelcast --image=hazelcast --port=5701
+
+ # Start a single instance of hazelcast and set environment variables "DNS_DOMAIN=cluster" and "POD_NAMESPACE=default" in the container.
+ kubectl run hazelcast --image=hazelcast --env="DNS_DOMAIN=cluster" --env="POD_NAMESPACE=default"
+
+ # Start a replicated instance of nginx.
+ kubectl run nginx --image=nginx --replicas=5
+
+ # Dry run. Print the corresponding API objects without creating them.
+ kubectl run nginx --image=nginx --dry-run
+
+ # Start a single instance of nginx, but overload the spec of the deployment with a partial set of values parsed from JSON.
+ kubectl run nginx --image=nginx --overrides='{ "apiVersion": "v1", "spec": { ... } }'
+
+ # Start a pod of busybox and keep it in the foreground, don't restart it if it exits.
+ kubectl run -i -t busybox --image=busybox --restart=Never
+
+ # Start the nginx container using the default command, but use custom arguments (arg1 .. argN) for that command.
+ kubectl run nginx --image=nginx -- ...
+
+ # Start the nginx container using a different command and custom arguments.
+ kubectl run nginx --image=nginx --command -- ...
+
+ # Start the perl container to compute π to 2000 places and print it out.
+ kubectl run pi --image=perl --restart=OnFailure -- perl -Mbignum=bpi -wle 'print bpi(2000)'
+
+ # Start the cron job to compute π to 2000 places and print it out every 5 minutes.
+ kubectl run pi --schedule="0/5 * * * ?" --image=perl --restart=OnFailure -- perl -Mbignum=bpi -wle 'print bpi(2000)'
```
### Options
@@ -60,13 +60,12 @@ kubectl run pi --schedule="0/5 * * * ?" --image=perl --restart=OnFailure -- perl
--attach If true, wait for the Pod to start running, and then attach to the Pod as if 'kubectl attach ...' were called. Default false, unless '-i/--stdin' is set, in which case the default is true. With '--restart=Never' the exit code of the container process is returned.
--command If true and extra arguments are present, use them as the 'command' field in the container, rather than the 'args' field which is the default.
--dry-run If true, only print the object that would be sent, without sending it.
- --env value Environment variables to set in the container (default [])
+ --env stringSlice Environment variables to set in the container
--expose If true, a public, external service is created for the container(s) which are run
- --generator string The name of the API generator to use. Default is 'deployment/v1beta1' if --restart=Always, 'job/v1' for OnFailure and 'run-pod/v1' for Never. This will happen only for cluster version at least 1.3, for 1.2 we will fallback to 'deployment/v1beta1' for --restart=Always, 'job/v1' for others, for olders we will fallback to 'run/v1' for --restart=Always, 'run-pod/v1' for others.
+ --generator string The name of the API generator to use, see http://kubernetes.io/docs/user-guide/kubectl-conventions/#generators for a list.
--hostport int The host port mapping for the container port. To demonstrate a single-machine container. (default -1)
--image string The image for the container to run.
--image-pull-policy string The image pull policy for the container. If left empty, this value will not be specified by the client and defaulted by the server
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
-l, --labels string Labels to apply to the pod(s).
--leave-stdin-open If the pod is started in interactive mode or with stdin, leave stdin open after the first attach completes. By default, stdin will be closed after the first attach completes.
--limits string The resource requirement limits for this container. For example, 'cpu=200m,memory=512Mi'. Note that server side components may assign limits depending on the server configuration, such as limit ranges.
@@ -74,12 +73,12 @@ kubectl run pi --schedule="0/5 * * * ?" --image=perl --restart=OnFailure -- perl
-o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
--output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
--overrides string An inline JSON override for the generated object. If this is non-empty, it is used to override the generated object. Requires that the object supply a valid apiVersion field.
- --port int The port that this container exposes. If --expose is true, this is also the port used by the service that is created. (default -1)
+ --port string The port that this container exposes. If --expose is true, this is also the port used by the service that is created.
--quiet If true, suppress prompt messages.
--record Record current kubectl command in the resource annotation. If set to false, do not record the command. If set to true, record the command. If not set, default to updating the existing annotation value only if one already exists.
-r, --replicas int Number of replicas to create for this container. Default is 1. (default 1)
--requests string The resource requirement requests for this container. For example, 'cpu=100m,memory=256Mi'. Note that server side components may assign requests depending on the server configuration, such as limit ranges.
- --restart string The restart policy for this Pod. Legal values [Always, OnFailure, Never]. If set to 'Always' a deployment is created for this pod, if set to 'OnFailure', a job is created for this pod, if set to 'Never', a regular pod is created. For the latter two --replicas must be 1. Default 'Always' (default "Always")
+ --restart Never The restart policy for this Pod. Legal values [Always, OnFailure, Never]. If set to 'Always' a deployment is created, if set to 'OnFailure' a job is created, if set to 'Never', a regular pod is created. For the latter two --replicas must be 1. Default 'Always', for ScheduledJobs Never. (default "Always")
--rm If true, delete resources created in this command for attached containers.
--save-config If true, the configuration of current object will be saved in its annotation. This is useful when you want to perform kubectl apply on this object in the future.
--schedule string A schedule in the Cron format the job should be run with.
@@ -96,37 +95,34 @@ kubectl run pi --schedule="0/5 * * * ?" --image=perl --restart=OnFailure -- perl
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_scale.md b/docs/user-guide/kubectl/kubectl_scale.md
index 4f97fce9ff..93e82ac37b 100644
--- a/docs/user-guide/kubectl/kubectl_scale.md
+++ b/docs/user-guide/kubectl/kubectl_scale.md
@@ -1,4 +1,5 @@
---
+title: kubectl scale
---
## kubectl scale
@@ -8,13 +9,11 @@ Set a new size for a Deployment, ReplicaSet, Replication Controller, or Job
### Synopsis
-
Set a new size for a Deployment, ReplicaSet, Replication Controller, or Job.
Scale also allows users to specify one or more preconditions for the scale action.
-If --current-replicas or --resource-version is specified, it is validated before the
-scale is attempted, and it is guaranteed that the precondition holds true when the
-scale is sent to the server.
+
+If --current-replicas or --resource-version is specified, it is validated before the scale is attempted, and it is guaranteed that the precondition holds true when the scale is sent to the server.
```
kubectl scale [--resource-version=version] [--current-replicas=count] --replicas=COUNT (-f FILENAME | TYPE NAME)
@@ -23,71 +22,66 @@ kubectl scale [--resource-version=version] [--current-replicas=count] --replicas
### Examples
```
-
-# Scale a replicaset named 'foo' to 3.
-kubectl scale --replicas=3 rs/foo
-
-# Scale a resource identified by type and name specified in "foo.yaml" to 3.
-kubectl scale --replicas=3 -f foo.yaml
-
-# If the deployment named mysql's current size is 2, scale mysql to 3.
-kubectl scale --current-replicas=2 --replicas=3 deployment/mysql
-
-# Scale multiple replication controllers.
-kubectl scale --replicas=5 rc/foo rc/bar rc/baz
-
-# Scale job named 'cron' to 3.
-kubectl scale --replicas=3 job/cron
+ # Scale a replicaset named 'foo' to 3.
+ kubectl scale --replicas=3 rs/foo
+
+ # Scale a resource identified by type and name specified in "foo.yaml" to 3.
+ kubectl scale --replicas=3 -f foo.yaml
+
+ # If the deployment named mysql's current size is 2, scale mysql to 3.
+ kubectl scale --current-replicas=2 --replicas=3 deployment/mysql
+
+ # Scale multiple replication controllers.
+ kubectl scale --replicas=5 rc/foo rc/bar rc/baz
+
+ # Scale job named 'cron' to 3.
+ kubectl scale --replicas=3 job/cron
```
### Options
```
--current-replicas int Precondition for current size. Requires that the current size of the resource match this value in order to scale. (default -1)
- -f, --filename value Filename, directory, or URL to a file identifying the resource to set a new size (default [])
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
+ -f, --filename stringSlice Filename, directory, or URL to files identifying the resource to set a new size
-o, --output string Output mode. Use "-o name" for shorter output (resource/name).
--record Record current kubectl command in the resource annotation. If set to false, do not record the command. If set to true, record the command. If not set, default to updating the existing annotation value only if one already exists.
-R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
--replicas int The new desired number of replicas. Required. (default -1)
--resource-version string Precondition for resource version. Requires that the current resource version match this value in order to scale.
- --timeout duration The length of time to wait before giving up on a scale operation, zero means don't wait. Any other values should contain a corresponding time unit (e.g. 1s, 2m, 3h). (default 0s)
+ --timeout duration The length of time to wait before giving up on a scale operation, zero means don't wait. Any other values should contain a corresponding time unit (e.g. 1s, 2m, 3h).
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_set.md b/docs/user-guide/kubectl/kubectl_set.md
index dad43a25fc..a3ae525a8a 100644
--- a/docs/user-guide/kubectl/kubectl_set.md
+++ b/docs/user-guide/kubectl/kubectl_set.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl set
Set specific features on objects
@@ -8,7 +7,6 @@ Set specific features on objects
### Synopsis
-
Configure application resources
These commands help you make changes to existing application resources.
@@ -20,37 +18,34 @@ kubectl set SUBCOMMAND
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_set_image.md b/docs/user-guide/kubectl/kubectl_set_image.md
index 6e7a40c903..c1b339ca6d 100644
--- a/docs/user-guide/kubectl/kubectl_set_image.md
+++ b/docs/user-guide/kubectl/kubectl_set_image.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl set image
Update image of a pod template
@@ -8,10 +7,10 @@ Update image of a pod template
### Synopsis
-
Update existing container image(s) of resources.
Possible resources include (case insensitive):
+
pod (po), replicationcontroller (rc), deployment (deploy), daemonset (ds), job, replicaset (rs)
```
@@ -21,25 +20,24 @@ kubectl set image (-f FILENAME | TYPE NAME) CONTAINER_NAME_1=CONTAINER_IMAGE_1 .
### Examples
```
-
-# Set a deployment's nginx container image to 'nginx:1.9.1', and its busybox container image to 'busybox'.
-kubectl set image deployment/nginx busybox=busybox nginx=nginx:1.9.1
-
-# Update all deployments' and rc's nginx container's image to 'nginx:1.9.1'
-kubectl set image deployments,rc nginx=nginx:1.9.1 --all
-
-# Update image of all containers of daemonset abc to 'nginx:1.9.1'
-kubectl set image daemonset abc *=nginx:1.9.1
-
-# Print result (in yaml format) of updating nginx container image from local file, without hitting the server
-kubectl set image -f path/to/file.yaml nginx=nginx:1.9.1 --local -o yaml
+ # Set a deployment's nginx container image to 'nginx:1.9.1', and its busybox container image to 'busybox'.
+ kubectl set image deployment/nginx busybox=busybox nginx=nginx:1.9.1
+
+ # Update all deployments' and rc's nginx container's image to 'nginx:1.9.1'
+ kubectl set image deployments,rc nginx=nginx:1.9.1 --all
+
+ # Update image of all containers of daemonset abc to 'nginx:1.9.1'
+ kubectl set image daemonset abc *=nginx:1.9.1
+
+ # Print result (in yaml format) of updating nginx container image from local file, without hitting the server
+ kubectl set image -f path/to/file.yaml nginx=nginx:1.9.1 --local -o yaml
```
### Options
```
--all select all resources in the namespace of the specified resource types
- -f, --filename value Filename, directory, or URL to a file identifying the resource to get from a server. (default [])
+ -f, --filename stringSlice Filename, directory, or URL to files identifying the resource to get from a server.
--local If true, set image will NOT contact api-server but run locally.
--no-headers When using the default or custom-column output format, don't print headers.
-o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
@@ -56,37 +54,34 @@ kubectl set image -f path/to/file.yaml nginx=nginx:1.9.1 --local -o yaml
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_set_resources.md b/docs/user-guide/kubectl/kubectl_set_resources.md
new file mode 100644
index 0000000000..880137113d
--- /dev/null
+++ b/docs/user-guide/kubectl/kubectl_set_resources.md
@@ -0,0 +1,92 @@
+---
+---
+## kubectl set resources
+
+update resource requests/limits on objects with pod templates
+
+### Synopsis
+
+
+Specify compute resource requirements (cpu, memory) for any resource that defines a pod template. If a pod is successfully scheduled, it is guaranteed the amount of resource requested, but may burst up to its specified limits.
+
+for each compute resource, if a limit is specified and a request is omitted, the request will default to the limit.
+
+Possible resources include (case insensitive): replicationcontroller, deployment, daemonset, job, replicaset.
+
+```
+kubectl set resources (-f FILENAME | TYPE NAME) ([--limits=LIMITS & --requests=REQUESTS]
+```
+
+### Examples
+
+```
+ # Set a deployments nginx container cpu limits to "200m" and memory to "512Mi"
+ kubectl set resources deployment nginx -c=nginx --limits=cpu=200m,memory=512Mi
+
+ # Set the resource request and limits for all containers in nginx
+ kubectl set resources deployment nginx --limits=cpu=200m,memory=512Mi --requests=cpu=100m,memory=256Mi
+
+ # Remove the resource requests for resources on containers in nginx
+ kubectl set resources deployment nginx --limits=cpu=0,memory=0 --requests=cpu=0,memory=0
+
+ # Print the result (in yaml format) of updating nginx container limits from a local, without hitting the server
+ kubectl set resources -f path/to/file.yaml --limits=cpu=200m,memory=512Mi --local -o yaml
+```
+
+### Options
+
+```
+ --all select all resources in the namespace of the specified resource types
+ -c, --containers string The names of containers in the selected pod templates to change, all containers are selected by default - may use wildcards (default "*")
+ --dry-run If true, only print the object that would be sent, without sending it.
+ -f, --filename stringSlice Filename, directory, or URL to files identifying the resource to get from a server.
+ --limits string The resource requirement requests for this container. For example, 'cpu=100m,memory=256Mi'. Note that server side components may assign requests depending on the server configuration, such as limit ranges.
+ --local If true, set resources will NOT contact api-server but run locally.
+ --no-headers When using the default or custom-column output format, don't print headers.
+ -o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
+ --output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
+ --record Record current kubectl command in the resource annotation. If set to false, do not record the command. If set to true, record the command. If not set, default to updating the existing annotation value only if one already exists.
+ -R, --recursive Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory.
+ --requests string The resource requirement requests for this container. For example, 'cpu=100m,memory=256Mi'. Note that server side components may assign requests depending on the server configuration, such as limit ranges.
+ -l, --selector string Selector (label query) to filter on
+ -a, --show-all When printing, show all resources (default hide terminated pods.)
+ --show-labels When printing, show all labels as the last column (default hide labels column)
+ --sort-by string If non-empty, sort list types using this field specification. The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.
+ --template string Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
+```
+
+### Options inherited from parent commands
+
+```
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
+```
+
+
+
+###### Auto generated by spf13/cobra on 13-Dec-2016
+
+
+[]()
+
diff --git a/docs/user-guide/kubectl/kubectl_stop.md b/docs/user-guide/kubectl/kubectl_stop.md
index f46e281c7c..d11142c7ed 100644
--- a/docs/user-guide/kubectl/kubectl_stop.md
+++ b/docs/user-guide/kubectl/kubectl_stop.md
@@ -1,4 +1,5 @@
---
+title: kubectl stop
---
## kubectl stop
@@ -80,10 +81,6 @@ $ kubectl stop -f path/to/resources
###### Auto generated by spf13/cobra on 24-Nov-2015
-
-
-
-
[]()
diff --git a/docs/user-guide/kubectl/kubectl_taint.md b/docs/user-guide/kubectl/kubectl_taint.md
index 3c4bb20b52..6aff265c33 100644
--- a/docs/user-guide/kubectl/kubectl_taint.md
+++ b/docs/user-guide/kubectl/kubectl_taint.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl taint
Update the taints on one or more nodes
@@ -8,14 +7,13 @@ Update the taints on one or more nodes
### Synopsis
-
Update the taints on one or more nodes.
-A taint consists of a key, value, and effect. As an argument here, it is expressed as key=value:effect.
-The key must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and underscores, up to 253 characters.
-The value must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and underscores, up to 253 characters.
-The effect must be NoSchedule or PreferNoSchedule.
-Currently taint can only apply to node.
+ * A taint consists of a key, value, and effect. As an argument here, it is expressed as key=value:effect.
+ * The key must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and underscores, up to 253 characters.
+ * The value must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and underscores, up to 253 characters.
+ * The effect must be NoSchedule or PreferNoSchedule.
+ * Currently taint can only apply to node.
```
kubectl taint NODE NAME KEY_1=VAL_1:TAINT_EFFECT_1 ... KEY_N=VAL_N:TAINT_EFFECT_N
@@ -24,23 +22,21 @@ kubectl taint NODE NAME KEY_1=VAL_1:TAINT_EFFECT_1 ... KEY_N=VAL_N:TAINT_EFFECT_
### Examples
```
-
-# Update node 'foo' with a taint with key 'dedicated' and value 'special-user' and effect 'NoSchedule'.
-# If a taint with that key and effect already exists, its value is replaced as specified.
-kubectl taint nodes foo dedicated=special-user:NoSchedule
-
-# Remove from node 'foo' the taint with key 'dedicated' and effect 'NoSchedule' if one exists.
-kubectl taint nodes foo dedicated:NoSchedule-
-
-# Remove from node 'foo' all the taints with key 'dedicated'
-kubectl taint nodes foo dedicated-
+ # Update node 'foo' with a taint with key 'dedicated' and value 'special-user' and effect 'NoSchedule'.
+ # If a taint with that key and effect already exists, its value is replaced as specified.
+ kubectl taint nodes foo dedicated=special-user:NoSchedule
+
+ # Remove from node 'foo' the taint with key 'dedicated' and effect 'NoSchedule' if one exists.
+ kubectl taint nodes foo dedicated:NoSchedule-
+
+ # Remove from node 'foo' all the taints with key 'dedicated'
+ kubectl taint nodes foo dedicated-
```
### Options
```
--all select all nodes in the cluster
- --include-extended-apis If true, include definitions of new APIs via calls to the API server. [default true] (default true)
--no-headers When using the default or custom-column output format, don't print headers.
-o, --output string Output format. One of: json|yaml|wide|name|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See custom columns [http://kubernetes.io/docs/user-guide/kubectl-overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://kubernetes.io/docs/user-guide/jsonpath].
--output-version string Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
@@ -57,37 +53,34 @@ kubectl taint nodes foo dedicated-
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_top-node.md b/docs/user-guide/kubectl/kubectl_top-node.md
index 8005933965..72e6b47239 100644
--- a/docs/user-guide/kubectl/kubectl_top-node.md
+++ b/docs/user-guide/kubectl/kubectl_top-node.md
@@ -1,14 +1,9 @@
---
---
-
This file is autogenerated, but we've stopped checking such files into the
repository to reduce the need for rebases. Please run hack/generate-docs.sh to
populate this file.
-
-
-
-
[]()
diff --git a/docs/user-guide/kubectl/kubectl_top-pod.md b/docs/user-guide/kubectl/kubectl_top-pod.md
index 329174b0d9..344b1c2b44 100644
--- a/docs/user-guide/kubectl/kubectl_top-pod.md
+++ b/docs/user-guide/kubectl/kubectl_top-pod.md
@@ -1,14 +1,9 @@
---
---
-
This file is autogenerated, but we've stopped checking such files into the
repository to reduce the need for rebases. Please run hack/generate-docs.sh to
populate this file.
-
-
-
-
[]()
diff --git a/docs/user-guide/kubectl/kubectl_top.md b/docs/user-guide/kubectl/kubectl_top.md
index 8721c3fa41..fbbf5aa477 100644
--- a/docs/user-guide/kubectl/kubectl_top.md
+++ b/docs/user-guide/kubectl/kubectl_top.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl top
Display Resource (CPU/Memory/Storage) usage
@@ -8,7 +7,6 @@ Display Resource (CPU/Memory/Storage) usage
### Synopsis
-
Display Resource (CPU/Memory/Storage) usage.
The top command allows you to see the resource consumption for nodes or pods.
@@ -20,37 +18,34 @@ kubectl top
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_top_node.md b/docs/user-guide/kubectl/kubectl_top_node.md
index 70737e905e..5864e5b820 100644
--- a/docs/user-guide/kubectl/kubectl_top_node.md
+++ b/docs/user-guide/kubectl/kubectl_top_node.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl top node
Display Resource (CPU/Memory/Storage) usage of nodes
@@ -8,7 +7,6 @@ Display Resource (CPU/Memory/Storage) usage of nodes
### Synopsis
-
Display Resource (CPU/Memory/Storage) usage of nodes.
The top-node command allows you to see the resource consumption of nodes.
@@ -20,12 +18,11 @@ kubectl top node [NAME | -l label]
### Examples
```
-
-# Show metrics for all nodes
-kubectl top node
-
-# Show metrics for a given node
-kubectl top node NODE_NAME
+ # Show metrics for all nodes
+ kubectl top node
+
+ # Show metrics for a given node
+ kubectl top node NODE_NAME
```
### Options
@@ -37,37 +34,34 @@ kubectl top node NODE_NAME
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_top_pod.md b/docs/user-guide/kubectl/kubectl_top_pod.md
index 04cf73524f..d0d596de76 100644
--- a/docs/user-guide/kubectl/kubectl_top_pod.md
+++ b/docs/user-guide/kubectl/kubectl_top_pod.md
@@ -1,6 +1,5 @@
---
---
-
## kubectl top pod
Display Resource (CPU/Memory/Storage) usage of pods
@@ -8,13 +7,11 @@ Display Resource (CPU/Memory/Storage) usage of pods
### Synopsis
-
Display Resource (CPU/Memory/Storage) usage of pods.
The 'top pod' command allows you to see the resource consumption of pods.
-Due to the metrics pipeline delay, they may be unavailable for a few minutes
-since pod creation.
+Due to the metrics pipeline delay, they may be unavailable for a few minutes since pod creation.
```
kubectl top pod [NAME | -l label]
@@ -23,18 +20,17 @@ kubectl top pod [NAME | -l label]
### Examples
```
-
-# Show metrics for all pods in the default namespace
-kubectl top pod
-
-# Show metrics for all pods in the given namespace
-kubectl top pod --namespace=NAMESPACE
-
-# Show metrics for a given pod and its containers
-kubectl top pod POD_NAME --containers
-
-# Show metrics for the pods defined by label name=myLabel
-kubectl top pod -l name=myLabel
+ # Show metrics for all pods in the default namespace
+ kubectl top pod
+
+ # Show metrics for all pods in the given namespace
+ kubectl top pod --namespace=NAMESPACE
+
+ # Show metrics for a given pod and its containers
+ kubectl top pod POD_NAME --containers
+
+ # Show metrics for the pods defined by label name=myLabel
+ kubectl top pod -l name=myLabel
```
### Options
@@ -48,37 +44,34 @@ kubectl top pod -l name=myLabel
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_uncordon.md b/docs/user-guide/kubectl/kubectl_uncordon.md
index 8e1722f223..ce4dcc38ab 100644
--- a/docs/user-guide/kubectl/kubectl_uncordon.md
+++ b/docs/user-guide/kubectl/kubectl_uncordon.md
@@ -1,4 +1,5 @@
---
+title: kubectl uncordon
---
## kubectl uncordon
@@ -8,10 +9,8 @@ Mark node as schedulable
### Synopsis
-
Mark node as schedulable.
-
```
kubectl uncordon NODE
```
@@ -19,46 +18,41 @@ kubectl uncordon NODE
### Examples
```
-
-# Mark node "foo" as schedulable.
-$ kubectl uncordon foo
-
+ # Mark node "foo" as schedulable.
+ $ kubectl uncordon foo
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/kubectl/kubectl_version.md b/docs/user-guide/kubectl/kubectl_version.md
index 66e582c4c7..a86115d790 100644
--- a/docs/user-guide/kubectl/kubectl_version.md
+++ b/docs/user-guide/kubectl/kubectl_version.md
@@ -1,4 +1,5 @@
---
+title: kubectl version
---
## kubectl version
@@ -18,42 +19,40 @@ kubectl version
```
--client Client version only (no server required).
+ --short Print just the version number.
```
### Options inherited from parent commands
```
- --alsologtostderr value log to standard error as well as files
- --as string Username to impersonate for the operation
- --certificate-authority string Path to a cert. file for the certificate authority
- --client-certificate string Path to a client certificate file for TLS
- --client-key string Path to a client key file for TLS
- --cluster string The name of the kubeconfig cluster to use
- --context string The name of the kubeconfig context to use
- --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- --kubeconfig string Path to the kubeconfig file to use for CLI requests.
- --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0)
- --log-dir value If non-empty, write log files in this directory
- --logtostderr value log to standard error instead of files
- --match-server-version Require server version to match client version
- -n, --namespace string If present, the namespace scope for this CLI request
- --password string Password for basic authentication to the API server
- -s, --server string The address and port of the Kubernetes API server
- --stderrthreshold value logs at or above this threshold go to stderr (default 2)
- --token string Bearer token for authentication to the API server
- --user string The name of the kubeconfig user to use
- --username string Username for basic authentication to the API server
- -v, --v value log level for V logs
- --vmodule value comma-separated list of pattern=N settings for file-filtered logging
+ --alsologtostderr log to standard error as well as files
+ --as string Username to impersonate for the operation
+ --certificate-authority string Path to a cert. file for the certificate authority
+ --client-certificate string Path to a client certificate file for TLS
+ --client-key string Path to a client key file for TLS
+ --cluster string The name of the kubeconfig cluster to use
+ --context string The name of the kubeconfig context to use
+ --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+ --kubeconfig string Path to the kubeconfig file to use for CLI requests.
+ --log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
+ --log-dir string If non-empty, write log files in this directory
+ --logtostderr log to standard error instead of files
+ --match-server-version Require server version to match client version
+ -n, --namespace string If present, the namespace scope for this CLI request
+ --password string Password for basic authentication to the API server
+ --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+ -s, --server string The address and port of the Kubernetes API server
+ --stderrthreshold severity logs at or above this threshold go to stderr (default 2)
+ --token string Bearer token for authentication to the API server
+ --user string The name of the kubeconfig user to use
+ --username string Username for basic authentication to the API server
+ -v, --v Level log level for V logs
+ --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
```
-###### Auto generated by spf13/cobra on 24-Oct-2016
-
-
-
-
+###### Auto generated by spf13/cobra on 13-Dec-2016
[]()
diff --git a/docs/user-guide/labels.md b/docs/user-guide/labels.md
index 583af0b806..a13e160089 100644
--- a/docs/user-guide/labels.md
+++ b/docs/user-guide/labels.md
@@ -1,7 +1,7 @@
---
assignees:
- mikedanese
-
+title: Labels and Selectors
---
_Labels_ are key/value pairs that are attached to objects, such as pods.
diff --git a/docs/user-guide/liveness/index.md b/docs/user-guide/liveness/index.md
index 44272f28ae..5e77f07768 100644
--- a/docs/user-guide/liveness/index.md
+++ b/docs/user-guide/liveness/index.md
@@ -2,7 +2,7 @@
assignees:
- mikedanese
- thockin
-
+title: Checking Pod Health
---
This example shows two types of pod [health checks](/docs/user-guide/production-pods/#liveness-and-readiness-probes-aka-health-checks): HTTP checks and container execution checks.
diff --git a/docs/user-guide/load-balancer.md b/docs/user-guide/load-balancer.md
index c129190248..d8540d98e5 100644
--- a/docs/user-guide/load-balancer.md
+++ b/docs/user-guide/load-balancer.md
@@ -1,5 +1,5 @@
---
-
+title: Creating an External Load Balancer
---
* TOC
@@ -89,13 +89,13 @@ The IP address is listed next to `LoadBalancer Ingress`.
## Loss of client source IP for external traffic
-Due to the implementation of this feature, the source IP for sessions as seen in the target container will *not be the original source IP* of the client. This is the default behavior as of Kubernetes v1.4. However, starting in v1.4, an optional alpha feature has been added
+Due to the implementation of this feature, the source IP for sessions as seen in the target container will *not be the original source IP* of the client. This is the default behavior as of Kubernetes v1.5. However, starting in v1.5, an optional beta feature has been added
that will preserve the client Source IP for GCE/GKE environments. This feature will be phased in for other cloud providers in subsequent releases.
## Annotation to modify the LoadBalancer behavior for preservation of Source IP
-In 1.4, an Alpha feature has been added that changes the behavior of the external LoadBalancer feature.
+In 1.5, an Beta feature has been added that changes the behavior of the external LoadBalancer feature.
-This feature can be activated by adding the alpha annotation below to the metadata section of the Service Configuration file.
+This feature can be activated by adding the beta annotation below to the metadata section of the Service Configuration file.
```json
{
@@ -104,7 +104,7 @@ This feature can be activated by adding the alpha annotation below to the metada
"metadata": {
"name": "example-service",
"annotations": {
- "service.alpha.kubernetes.io/external-traffic": "OnlyLocal"
+ "service.beta.kubernetes.io/external-traffic": "OnlyLocal"
}
},
"spec": {
@@ -120,18 +120,7 @@ This feature can be activated by adding the alpha annotation below to the metada
}
```
-### Alpha Feature Gate for the 'service.alpha.kubernetes.io/external-traffic' annotation
-
-Alpha features are not enabled by default, they must be enabled using the release gate command line flags
-for kube-controller-manager and kube-proxy.
-See [https://github.com/kubernetes/kubernetes/blob/master/docs/proposals/runtimeconfig.md](Runtime feature flags proposal) for more details on feature gate flags.
-
-If this feature is not enabled in your cluster, this annotation in your service configuration will be rejected.
-
-### Implementation across different cloudproviders/environments
-
-Note that this feature is not currently implemented for all cloudproviders/environments.
-This feature does not work for nodePorts yet, so environments/cloud providers with proxy-style load-balancers cannot use it yet.
+**Note that this feature is not currently implemented for all cloudproviders/environments.**
### Caveats and Limitations when preserving source IPs
diff --git a/docs/user-guide/logging.md b/docs/user-guide/logging.md
index d329016c7b..5df73928e0 100644
--- a/docs/user-guide/logging.md
+++ b/docs/user-guide/logging.md
@@ -1,7 +1,7 @@
---
assignees:
- mikedanese
-
+title: Retrieving Logs
---
This page is designed to help you use logs to troubleshoot issues with your Kubernetes solution.
diff --git a/docs/user-guide/managing-deployments.md b/docs/user-guide/managing-deployments.md
index a2e32c4b6c..2555e5601c 100644
--- a/docs/user-guide/managing-deployments.md
+++ b/docs/user-guide/managing-deployments.md
@@ -3,8 +3,9 @@ assignees:
- bgrant0607
- janetkuo
- mikedanese
-
+title: Managing Resources
---
+
You've deployed your application and exposed it via a service. Now what? Kubernetes provides a number of tools to help you manage your application deployment, including scaling and updating. Among the features we'll discuss in more depth are [configuration files](/docs/user-guide/configuring-containers/#configuration-in-kubernetes) and [labels](/docs/user-guide/deploying-applications/#labels).
You can find all the files for this example [in our docs
diff --git a/docs/user-guide/monitoring.md b/docs/user-guide/monitoring.md
index 0c5f673708..9bf778124b 100644
--- a/docs/user-guide/monitoring.md
+++ b/docs/user-guide/monitoring.md
@@ -1,7 +1,7 @@
---
assignees:
- mikedanese
-
+title: Resource Usage Monitoring
---
Understanding how an application behaves when deployed is crucial to scaling the application and providing a reliable service. In a Kubernetes cluster, application performance can be examined at many different levels: containers, [pods](/docs/user-guide/pods), [services](/docs/user-guide/services), and whole clusters. As part of Kubernetes we want to provide users with detailed resource usage information about their running applications at all these levels. This will give users deep insights into how their applications are performing and where possible application bottlenecks may be found. In comes [Heapster](https://github.com/kubernetes/heapster), a project meant to provide a base monitoring platform on Kubernetes.
diff --git a/docs/user-guide/namespaces.md b/docs/user-guide/namespaces.md
index 8fc9ac4735..11c4c1a95d 100644
--- a/docs/user-guide/namespaces.md
+++ b/docs/user-guide/namespaces.md
@@ -3,7 +3,7 @@ assignees:
- derekwaynecarr
- mikedanese
- thockin
-
+title: Namespaces
---
Kubernetes supports multiple virtual clusters backed by the same physical cluster.
diff --git a/docs/user-guide/networkpolicies.md b/docs/user-guide/networkpolicies.md
index 7cd7ee0765..1c8575d4ab 100644
--- a/docs/user-guide/networkpolicies.md
+++ b/docs/user-guide/networkpolicies.md
@@ -2,7 +2,7 @@
assignees:
- thockin
- caseydavenport
-
+title: Network Policies
---
* TOC
diff --git a/docs/user-guide/node-selection/index.md b/docs/user-guide/node-selection/index.md
index 725848b544..b2f13bd5ae 100644
--- a/docs/user-guide/node-selection/index.md
+++ b/docs/user-guide/node-selection/index.md
@@ -2,11 +2,9 @@
assignees:
- davidopp
- kevin-wangzefeng
-
+title: Assigning Pods to Nodes
---
-# Constraining pods to run on particular nodes
-
You can constrain a [pod](/docs/user-guide/pods/) to only be able to run on particular [nodes](/docs/admin/node/) or to prefer to
run on particular nodes. There are several ways to do this, and they all use
[label selectors](/docs/user-guide/labels/) to make the selection.
diff --git a/docs/user-guide/persistent-volumes/index.md b/docs/user-guide/persistent-volumes/index.md
index ffab80a61b..fc4b74b629 100644
--- a/docs/user-guide/persistent-volumes/index.md
+++ b/docs/user-guide/persistent-volumes/index.md
@@ -4,7 +4,7 @@ assignees:
- mikedanese
- saad-ali
- thockin
-
+title: Persistent Volumes
---
This document describes the current state of `PersistentVolumes` in Kubernetes. Familiarity with [volumes](/docs/user-guide/volumes/) is suggested.
@@ -362,7 +362,7 @@ parameters:
* `type`: `pd-standard` or `pd-ssd`. Default: `pd-ssd`
* `zone`: GCE zone. If not specified, a random zone in the same region as controller-manager will be chosen.
-#### GLUSTERFS
+#### Glusterfs
```yaml
apiVersion: storage.k8s.io/v1beta1
@@ -371,18 +371,23 @@ metadata:
name: slow
provisioner: kubernetes.io/glusterfs
parameters:
- endpoint: "glusterfs-cluster"
resturl: "http://127.0.0.1:8081"
restauthenabled: "true"
restuser: "admin"
- restuserkey: "password"
+ secretNamespace: "default"
+ secretName: "heketi-secret"
+
```
-* `endpoint`: `glusterfs-cluster` is the endpoint/service name which includes GlusterFS trusted pool IP addresses and this parameter is mandatory.
-* `resturl` : Gluster REST service url which provisions gluster volumes on demand. The format should be `http://IPaddress:Port` and this parameter is mandatory when using the GlusterFS dynamic provisioner.
-* `restauthenabled` : A boolean value that indicates whether Gluster REST service authentication is enabled on the REST server. If this value is 'true', you must supply values for the 'restuser' and 'restuserkey' parameters."
-* `restuser` : Gluster REST service user, who has access to create volumes in the Gluster Trusted Pool.
-* `restuserkey` : Gluster REST service user's password, will be used for authentication to the REST server.
+* `resturl`: Gluster REST service/Heketi service url which provision gluster volumes on demand. The general format should be `IPaddress:Port` and this is a mandatory parameter for GlusterFS dynamic provisioner. If Heketi service is exposed as a routable service in openshift/kubernetes setup, this can have a format similar to
+`http://heketi-storage-project.cloudapps.mystorage.com` where the fqdn is a resolvable heketi service url.
+* `restauthenabled` : Gluster REST service authentication boolean that enables authentication to the REST server. If this value is 'true', `restuser` and `restuserkey` or `secretNamespace` + `secretName` have to be filled. This option is deprecated, authentication is enabled when any of `restuser`, `restuserkey`, `secretName` or `secretNamespace` is specified.
+* `restuser` : Gluster REST service/Heketi user who has access to create volumes in the Gluster Trusted Pool.
+* `restuserkey` : Gluster REST service/Heketi user's password which will be used for authentication to the REST server. This parameter is deprecated in favor of `secretNamespace` + `secretName`.
+* `secretNamespace` + `secretName` : Identification of Secret instance that containes user password to use when talking to Gluster REST service. These parameters are optional, empty password will be used when both `secretNamespace` and `secretName` are omitted. The provided secret must have type "kubernetes.io/glusterfs", e.g. created in this way:
+ ```
+ $ kubectl create secret heketi-secret --type="kubernetes.io/glusterfs" --from-literal=key='opensesame' --namespace=default
+ ```
#### OpenStack Cinder
@@ -414,6 +419,67 @@ parameters:
* `diskformat`: `thin`, `zeroedthick` and `eagerzeroedthick`. Default: `"thin"`.
+#### Ceph RBD
+
+```yaml
+ apiVersion: storage.k8s.io/v1beta1
+ kind: StorageClass
+ metadata:
+ name: fast
+ provisioner: kubernetes.io/rbd
+ parameters:
+ monitors: 10.16.153.105:6789
+ adminId: kube
+ adminSecretName: ceph-secret
+ adminSecretNamespace: kube-system
+ pool: kube
+ userId: kube
+ userSecretName: ceph-secret-user
+```
+
+* `monitors`: Ceph monitors, comma delimited. This parameter is required.
+* `adminId`: Ceph client ID that is capable of creating images in the pool. Default is "admin".
+* `adminSecretNamespace`: The namespace for `adminSecret`. Default is "default".
+* `adminSecret`: Secret Name for `adminId`. This parameter is required. The provided secret must have type "kubernetes.io/rbd".
+* `pool`: Ceph RBD pool. Default is "rbd".
+* `userId`: Ceph client ID that is used to map the RBD image. Default is the same as `adminId`.
+* `userSecretName`: The name of Ceph Secret for `userId` to map RBD image. It must exist in the same namespace as PVCs. This parameter is required. The provided secret must have type "kubernetes.io/rbd", e.g. created in this way:
+ ```
+ $ kubectl create secret ceph-secret --type="kubernetes.io/rbd" --from-literal=key='QVFEQ1pMdFhPUnQrSmhBQUFYaERWNHJsZ3BsMmNjcDR6RFZST0E9PQ==' --namespace=kube-system
+ ```
+
+#### Quobyte
+
+```yaml
+apiVersion: storage.k8s.io/v1beta1
+kind: StorageClass
+metadata:
+ name: slow
+provisioner: kubernetes.io/quobyte
+parameters:
+ quobyteAPIServer: "http://138.68.74.142:7860"
+ registry: "138.68.74.142:7861"
+ adminSecretName: "quobyte-admin-secret"
+ adminSecretNamespace: "kube-system"
+ user: "root"
+ group: "root"
+ quobyteConfig: "BASE"
+ quobyteTenant: "DEFAULT"
+```
+
+* `quobyteAPIServer`: API Server of Quobyte in the format `http(s)://api-server:7860`
+* `registry`: Quobyte registry to use to mount the volume. You can specifiy the registry as ``:`` pair or if you want to specify multiple registries you just have to put a comma between them e.q. ``:,:,:``. The host can be an IP address or if you have a working DNS you can also provide the DNS names.
+* `adminSecretNamespace`: The namespace for `adminSecretName`. Default is "default".
+* `adminSecretName`: secret that holds information about the Quobyte user and the password to authenticate agains the API server. The provided secret must have type "kubernetes.io/quobyte", e.g. created in this way:
+ ```
+ $ kubectl create secret quobyte-admin-secret --type="kubernetes.io/quobyte" --from-literal=key='opensesame' --namespace=kube-system
+ ```
+* `user`: maps all access to this user. Default is "root".
+* `group`: maps all access to this group. Default is "nfsnobody".
+* `quobyteConfig`: use the specified configuration to create the volume. You can create a new configuration or modify an existing one with the Web console or the quobyte CLI. Default is "BASE".
+* `quobyteTenant`: use the specified tenant ID to create/delete the volume. This Quobyte tenant has to be already present in Quobyte. Default is "DEFAULT".
+
+
## Writing Portable Configuration
If you're writing configuration templates or examples that run on a wide range of clusters
diff --git a/docs/user-guide/persistent-volumes/walkthrough.md b/docs/user-guide/persistent-volumes/walkthrough.md
index c82a37f7d0..d1cd6a5812 100644
--- a/docs/user-guide/persistent-volumes/walkthrough.md
+++ b/docs/user-guide/persistent-volumes/walkthrough.md
@@ -2,7 +2,7 @@
assignees:
- jsafrane
- saad-ali
-
+title: Persistent Volumes Walkthrough
---
The purpose of this guide is to help you become familiar with [Kubernetes Persistent Volumes](/docs/user-guide/persistent-volumes/). By the end of the guide, we'll have
diff --git a/docs/user-guide/petset.md b/docs/user-guide/petset.md
index c3a2085a97..3cba1fb31e 100644
--- a/docs/user-guide/petset.md
+++ b/docs/user-guide/petset.md
@@ -1,10 +1,23 @@
---
assignees:
- bprashanth
+- enisoc
+- erictune
- foxish
-
+- janetkuo
+- kow3ns
+- smarterclayton
+title: Pet Sets
---
+__Warning:__ Starting in Kubernetes version 1.5, PetSet has been renamed to
+[StatefulSet](/docs/concepts/abstractions/controllers/statefulsets/).
+To use (or continue to use) PetSet in Kubernetes 1.5 or higher, you must
+[migrate your existing PetSets to StatefulSets](/docs/tasks/manage-stateful-set/upgrade-pet-set-to-stateful-set/).
+
+__This document has been deprecated__, but can still apply if you're using
+ Kubernetes version 1.4 or earlier.
+
* TOC
{:toc}
@@ -424,4 +437,8 @@ Deploying one RC of size 1/Service per pod is a popular alternative, as is simpl
## Next steps
-The deployment and maintenance of stateful applications is a vast topic. The next step is to explore cluster bootstrapping and initialization, [here](/docs/user-guide/petset/bootstrapping/).
+* Learn about [StatefulSet](/docs/concepts/abstractions/controllers/statefulsets/),
+ the replacement for PetSet introduced in Kubernetes version 1.5.
+* [Migrate your existing PetSets to StatefulSets](/docs/tasks/manage-stateful-set/upgrade-pet-set-to-stateful-set/)
+ when upgrading to Kubernetes version 1.5 or higher.
+
diff --git a/docs/user-guide/petset/bootstrapping/index.md b/docs/user-guide/petset/bootstrapping/index.md
index 9dc4f7e899..de3ccb4bd8 100644
--- a/docs/user-guide/petset/bootstrapping/index.md
+++ b/docs/user-guide/petset/bootstrapping/index.md
@@ -1,243 +1,16 @@
---
+assignees:
+- bprashanth
+- enisoc
+- erictune
+- foxish
+- janetkuo
+- kow3ns
+- smarterclayton
+title: Bootstrapping Pet Sets
---
-* TOC
-{:toc}
+__Warning:__ Starting in Kubernetes version 1.5, PetSet has been renamed to [StatefulSet](/docs/concepts/abstractions/controllers/statefulsets). To use (or continue to use) PetSet in Kubernetes 1.5, you _must_ [migrate](/docs/tasks/manage-stateful-set/upgrade-pet-set-to-stateful-set/) your existing PetSets to StatefulSets. For information on working with StatefulSet, see the tutorial on [how to run replicated stateful applications](/docs/tutorials/stateful-application/run-replicated-stateful-application).
-## Overview
+__This document has been deprecated__.
-This purpose of this guide is to help you become familiar with the runtime initialization of [Pet Sets](/docs/user-guide/petset). This guide assumes the same prerequisites, and uses the same terminology as the [Pet Set user document](/docs/user-guide/petset).
-
-The most common way to initialize the runtime in a containerized environment, is through a custom [entrypoint](https://docs.docker.com/engine/reference/builder/#entrypoint). While this is not necessarily bad, making your application pid 1, and treating containers as processes in general is good for a few reasons outside the scope of this document. Doing so allows you to run docker images from third-party vendors without modification. We will not be writing custom entrypoints for this example, but using a feature called [init containers](http://kubernetes.io/docs/user-guide/production-pods/#handling-initialization), to explain 2 common patterns that come up deploying Pet Sets.
-
-1. Transferring state across Pet restart, so that a future Pet is initialized with the computations of its past incarnation
-2. Initializing the runtime environment of a Pet based on existing conditions, like a list of currently healthy peers
-
-## Example I: transferring state across Pet restart
-
-This example shows you how to "carry over" runtime state across Pet restart by simulating virtual machines with a Pet Set.
-
-### Background
-
-Applications that incrementally build state usually need strong guarantees that they will not restart for extended durations. This is tricky to achieve with containers, so instead, we will ensure that the results of previous computations are transferred to future pets. Doing so is straightforward using vanilla Persistent Volumes (which Pet Set already gives you), unless the volume mount point itself needs to be initialized for the Pet to start. This is exactly the case with "virtual machine" docker images, like those based on ubuntu or fedora. Such images embed the entire rootfs of the distro, including package managers like `apt-get` that assume a certain layout of the filesystem. Meaning:
-
-* If you mount an empty volume under `/usr`, you won't be able to `apt-get`
-* If you mount an empty volume under `/lib`, all your `apt-gets` will fail because there are no system libraries
-* If you clobber either of those, previous `apt-get` results will be dysfunctional
-
-### Simulating Virtual Machines
-
-Since Pet Set already gives each Pet a consistent identity, all we need is a way to initialize the user environment before allowing tools like `kubectl exec` to enter the application container.
-
-Download [this](petset_vm.yaml) petset into a file called petset_vm.yaml, and create it:
-
-```shell
-$ kubectl create -f petset_vm.yaml
-service "ub" created
-petset "vm" created
-```
-
-This should give you 2 pods.
-
-```shell
-$ kubectl get po
-NAME READY STATUS RESTARTS AGE
-vm-0 1/1 Running 0 37s
-vm-1 1/1 Running 0 2m
-```
-
-We can exec into one and install nginx
-
-```shell
-$ kubectl exec -it vm-0 /bin/sh
-vm-0 # apt-get update
-...
-vm-0 # apt-get install nginx -y
-```
-
-On killing this pod we need it to come back with all the Pet Set properties, as well as the installed nginx packages.
-
-```shell
-$ kubectl delete po vm-0
-pod "vm-0" deleted
-
-$ kubectl get po
-NAME READY STATUS RESTARTS AGE
-vm-0 1/1 Running 0 1m
-vm-1 1/1 Running 0 4m
-```
-
-Now you can exec back into vm-0 and start nginx
-
-```shell
-$ kubectl exec -it vm-0 /bin/sh
-vm-0 # mkdir -p /var/log/nginx /var/lib/nginx; nginx -g 'daemon off;'
-
-```
-
-And access it from anywhere in the cluster (and because this is an example that simulates vms, we're going to apt-get install netcat too)
-
-```shell
-$ kubectl exec -it vm-1 /bin/sh
-vm-1 # apt-get update
-...
-vm-1 # apt-get install netcat -y
-vm-1 # printf "GET / HTTP/1.0\r\n\r\n" | netcat vm-0.ub 80
-```
-
-It's worth exploring what just happened. Init containers run sequentially *before* the application container. In this example we used the init container to copy shared libraries from the rootfs, while preserving user installed packages across container restart.
-
-```yaml
-pod.beta.kubernetes.io/init-containers: '[
- {
- "name": "rootfs",
- "image": "ubuntu:15.10",
- "command": [
- "/bin/sh",
- "-c",
- "for d in usr lib etc; do cp -vnpr /$d/* /${d}mnt; done;"
- ],
- "volumeMounts": [
- {
- "name": "usr",
- "mountPath": "/usrmnt"
- },
- {
- "name": "lib",
- "mountPath": "/libmnt"
- },
- {
- "name": "etc",
- "mountPath": "/etcmnt"
- }
- ]
- }
-]'
-```
-
-**It's important to note that the init container, when used this way, must be idempotent, or it'll end up clobbering data stored by a previous incarnation.**
-
-
-## Example II: initializing state based on environment
-
-In this example we are going to setup a cluster of nginx servers, just like we did in the Pet Set [user guide](/docs/user-guide/petset), but make one of them a master. All the other nginx servers will simply proxy requests to the master. This is a common deployment pattern for databases like Mysql, but we're going to replace the database with a stateless webserver to simplify the problem.
-
-### Background
-
-Most clustered applications, such as mysql, require an admin to create a config file based on the current state of the world. The most common dynamic variable in such config files is a list of peers, or other Pets running similar database servers that are currently serving requests. The Pet Set user guide already [touched on this topic](/docs/user-guide/petset#peer-discovery), we'll explore it in greater depth in the context of writing a config file with a list of peers.
-
-Here's a tiny peer finder helper script that handles peer discovery, [available here](https://github.com/kubernetes/contrib/tree/master/pets/peer-finder). The peer finder takes 3 important arguments:
-
-* A DNS domain
-* An `on-start` script to run with the initial constituency of the given domain as input
-* An `on-change` script to run every time the constituency of the given domain changes
-
-The role of the peer finder:
-
-* Poll DNS for SRV records of a given domain till the `hostname` of the pod it's running in shows up as a subdomain
-* Pipe the sorted list of subdomains to the script specified by its `--on-start` argument
-* Exit with the appropriate error code if no `--on-change` script is specified
-* Loop invoking `--on-change` for every change
-
-You can invoke the peer finder inside the Pets we created in the last example:
-
-```shell
-$ kubectl exec -it vm-0 /bin/sh
-vm-0 # apt-get update
-...
-vm-0 # apt-get install curl -y
-vm-0 # curl -sSL -o /peer-finder https://storage.googleapis.com/kubernetes-release/pets/peer-finder
-vm-0 # chmod -c 755 peer-finder
-
-vm-0 # ./peer-finder
-2016/06/23 21:25:46 Incomplete args, require -on-change and/or -on-start, -service and -ns or an env var for POD_NAMESPACE.
-
-vm-0 # ./peer-finder -on-start 'tee' -service ub -ns default
-
-2016/06/23 21:30:21 Peer list updated
-was []
-now [vm-0.ub.default.svc.cluster.local vm-1.ub.default.svc.cluster.local]
-2016/06/23 21:30:21 execing: tee with stdin: vm-0.ub.default.svc.cluster.local
-vm-1.ub.default.svc.cluster.local
-2016/06/23 21:30:21 vm-0.ub.default.svc.cluster.local
-vm-1.ub.default.svc.cluster.local
-2016/06/23 21:30:22 Peer finder exiting
-```
-
-### Nginx master/slave cluster
-
-Lets create a Pet Set that writes out its own config based on a list of peers at initialization time, as described above.
-
-Download and create [this](petset_peers.yaml) petset. It will setup 2 nginx webservers, but the second one will proxy all requests to the first:
-
-```shell
-$ kubectl create -f petset_peers.yaml
-service "nginx" created
-petset "web" created
-
-$ kubectl get po --watch-only
-NAME READY STATUS RESTARTS AGE
-web-0 0/1 Pending 0 7s
-web-0 0/1 Init:0/1 0 18s
-web-0 0/1 PodInitializing 0 20s
-web-0 1/1 Running 0 21s
-web-1 0/1 Pending 0 0s
-web-1 0/1 Init:0/1 0 0s
-web-1 0/1 PodInitializing 0 20s
-web-1 1/1 Running 0 21s
-
-$ kubectl get po
-NAME READY STATUS RESTARTS AGE
-web-0 1/1 Running 0 1m
-web-1 1/1 Running 0 47s
-```
-
-web-1 will redirect all requests to its "master":
-
-```shell
-$ kubectl exec -it web-1 -- curl localhost
-web-0
-```
-
-If you scale the cluster, the new pods parent themselves to the same master. To test this you can `kubectl edit` the petset and change the `replicas` field to 5:
-
-```shell
-$ kubectl edit petset web
-...
-
-$ kubectl get po -l app=nginx
-NAME READY STATUS RESTARTS AGE
-web-0 1/1 Running 0 2h
-web-1 1/1 Running 0 2h
-web-2 1/1 Running 0 1h
-web-3 1/1 Running 0 1h
-web-4 1/1 Running 0 1h
-
-$ for i in $(seq 0 4); do kubectl exec -it web-$i -- curl localhost; done | sort | uniq
-web-0
-```
-
-Understanding how we generated the nginx config is important, we did so by passing an init script to the peer finder:
-
-```shell
-echo `
-readarray PEERS;
-if [ 1 = ${#PEERS[@]} ]; then
- echo \"events{} http { server{ } }\";
-else
- echo \"events{} http { server{ location / { proxy_pass http://${PEERS[0]}; } } }\";
-fi;` > /conf/nginx.conf
-```
-
-All that does is:
-
-* read in a list of peers from stdin
-* if there's only 1, promote it to master
-* if there's more than 1, proxy requests to the 0th member of the list
-* write the config to a `hostPath` volume shared with the parent PetSet
-
-**It's important to note that in practice all Pets should query their peers for the current master, instead of making assumptions based on the index.**
-
-## Next Steps
-
-You can deploy some example Pet Sets found [here](https://github.com/kubernetes/kubernetes/tree/master/test/e2e/testing-manifests/petset), or write your own.
diff --git a/docs/user-guide/petset/bootstrapping/petset_peers.yaml b/docs/user-guide/petset/bootstrapping/petset_peers.yaml
index 4f992ead71..197ef9d2dc 100644
--- a/docs/user-guide/petset/bootstrapping/petset_peers.yaml
+++ b/docs/user-guide/petset/bootstrapping/petset_peers.yaml
@@ -16,8 +16,8 @@ spec:
selector:
app: nginx
---
-apiVersion: apps/v1alpha1
-kind: PetSet
+apiVersion: apps/v1beta1
+kind: StatefulSet
metadata:
name: web
spec:
@@ -28,7 +28,6 @@ spec:
labels:
app: nginx
annotations:
- pod.alpha.kubernetes.io/initialized: "true"
pod.beta.kubernetes.io/init-containers: '[
{
"name": "peerfinder",
@@ -68,7 +67,6 @@ spec:
}
]'
spec:
- terminationGracePeriodSeconds: 0
containers:
- name: nginx
image: gcr.io/google_containers/nginx-slim:0.8
diff --git a/docs/user-guide/petset/bootstrapping/petset_vm.yaml b/docs/user-guide/petset/bootstrapping/petset_vm.yaml
index a3da5211a3..402a17022f 100644
--- a/docs/user-guide/petset/bootstrapping/petset_vm.yaml
+++ b/docs/user-guide/petset/bootstrapping/petset_vm.yaml
@@ -14,8 +14,8 @@ spec:
selector:
app: ub
---
-apiVersion: apps/v1alpha1
-kind: PetSet
+apiVersion: apps/v1beta1
+kind: StatefulSet
metadata:
name: vm
spec:
@@ -26,7 +26,6 @@ spec:
labels:
app: ub
annotations:
- pod.alpha.kubernetes.io/initialized: "true"
pod.beta.kubernetes.io/init-containers: '[
{
"name": "rootfs",
@@ -53,7 +52,6 @@ spec:
}
]'
spec:
- terminationGracePeriodSeconds: 0
containers:
- name: ub
image: ubuntu:15.10
diff --git a/docs/user-guide/pod-security-policy/index.md b/docs/user-guide/pod-security-policy/index.md
index 6fb1d4cebf..c2de42162c 100644
--- a/docs/user-guide/pod-security-policy/index.md
+++ b/docs/user-guide/pod-security-policy/index.md
@@ -1,7 +1,7 @@
---
assignees:
- pweil-
-
+title: Pod Security Policies
---
Objects of type `podsecuritypolicy` govern the ability
@@ -13,7 +13,7 @@ See [PodSecurityPolicy proposal](https://github.com/kubernetes/kubernetes/blob/{
* TOC
{:toc}
-## What is a _Pod Security Policy_?
+## What is a Pod Security Policy?
A _Pod Security Policy_ is a cluster-level resource that controls the
actions that a pod can perform and what it has the ability to access. The
@@ -156,3 +156,8 @@ following
1. You have enabled the api type `extensions/v1beta1/podsecuritypolicy`
1. You have enabled the admission controller `PodSecurityPolicy`
1. You have defined your policies
+
+## Working With RBAC
+
+Use PodSecurityPolicy to control access to privileged containers based on role and groups.
+(see [more details](https://github.com/kubernetes/kubernetes/blob/master/examples/podsecuritypolicy/rbac/README.md)).
diff --git a/docs/user-guide/pod-states.md b/docs/user-guide/pod-states.md
index 8f745e9f56..462f8b65bd 100644
--- a/docs/user-guide/pod-states.md
+++ b/docs/user-guide/pod-states.md
@@ -1,7 +1,7 @@
---
assignees:
- mikedanese
-
+title: The Lifecycle of a Pod
---
Updated: 4/14/2015
diff --git a/docs/user-guide/pods/index.md b/docs/user-guide/pods/index.md
index b5de192d83..b18ae485e3 100644
--- a/docs/user-guide/pods/index.md
+++ b/docs/user-guide/pods/index.md
@@ -1,6 +1,6 @@
---
-assignees:
-
+assignees:
+title: Pods
---
* TOC
@@ -10,7 +10,7 @@ assignees:
_pods_ are the smallest deployable units of computing that can be created and
managed in Kubernetes.
-## What is a _pod_?
+## What is a pod?
A _pod_ (as in a pod of whales or pea pod) is a group of one or more containers
(such as Docker containers), the shared storage for those containers, and
@@ -47,7 +47,7 @@ ephemeral (rather than durable) entities. As discussed in [life of a
pod](/docs/user-guide/pod-states/), pods are created, assigned a unique ID (UID), and
scheduled to nodes where they remain until termination (according to restart
policy) or deletion. If a node dies, the pods scheduled to that node are
-deleted, after a timeout period. A given pod (as defined by a UID) is not
+scheduled for deletion, after a timeout period. A given pod (as defined by a UID) is not
"rescheduled" to a new node; instead, it can be replaced by an identical pod,
with even the same name if desired, but with a new UID (see [replication
controller](/docs/user-guide/replication-controller/) for more details). (In the future, a
@@ -135,9 +135,9 @@ simplified management.
## Durability of pods (or lack thereof)
-Pods aren't intended to be treated as durable [pets](https://blog.engineyard.com/2014/pets-vs-cattle). They won't survive scheduling failures, node failures, or other evictions, such as due to lack of resources, or in the case of node maintenance.
+Pods aren't intended to be treated as durable entities. They won't survive scheduling failures, node failures, or other evictions, such as due to lack of resources, or in the case of node maintenance.
-In general, users shouldn't need to create pods directly. They should almost always use controllers (e.g., [replication controller](/docs/user-guide/replication-controller/)), even for singletons. Controllers provide self-healing with a cluster scope, as well as replication and rollout management.
+In general, users shouldn't need to create pods directly. They should almost always use controllers (e.g., [Deployments](/docs/user-guide/deployments/)), even for singletons. Controllers provide self-healing with a cluster scope, as well as replication and rollout management.
The use of collective APIs as the primary user-facing primitive is relatively common among cluster scheduling systems, including [Borg](https://research.google.com/pubs/pub43438.html), [Marathon](https://mesosphere.github.io/marathon/docs/rest-api.html), [Aurora](http://aurora.apache.org/documentation/latest/configuration-reference/#job-schema), and [Tupperware](http://www.slideshare.net/Docker/aravindnarayanan-facebook140613153626phpapp02-37588997).
@@ -150,9 +150,7 @@ Pod is exposed as a primitive in order to facilitate:
* clean composition of Kubelet-level functionality with cluster-level functionality — Kubelet is effectively the "pod controller"
* high-availability applications, which will expect pods to be replaced in advance of their termination and certainly in advance of deletion, such as in the case of planned evictions, image prefetching, or live pod migration [#3949](http://issue.k8s.io/3949)
-There is new first-class support for pet-like pods with the [PetSet](/docs/user-guide/petset/) feature (currently in alpha).
-For prior versions of Kubernetes, best practice for pets is to create a replication controller with `replicas` equal to `1` and a corresponding service.
-
+There is new first-class support for stateful pods with the [StatefulSet](/docs/concepts/controllers/statefulsets/) controller (currently in beta). The feature was alpha in 1.4 and was called [PetSet](/docs/user-guide/petset/). For prior versions of Kubernetes, best practice for having stateful pods is to create a replication controller with `replicas` equal to `1` and a corresponding service, see [this MySQL deployment example](/docs/tutorials/stateful-application/run-stateful-application/).
## Termination of Pods
@@ -170,7 +168,13 @@ An example flow:
6. When the grace period expires, any processes still running in the Pod are killed with SIGKILL.
7. The Kubelet will finish deleting the Pod on the API server by setting grace period 0 (immediate deletion). The Pod disappears from the API and is no longer visible from the client.
-By default, all deletes are graceful within 30 seconds. The `kubectl delete` command supports the `--grace-period=` option which allows a user to override the default and specify their own value. The value `0` indicates that delete should be immediate, and removes the pod in the API immediately so a new pod can be created with the same name. On the node pods that are set to terminate immediately will still be given a small grace period before being force killed.
+By default, all deletes are graceful within 30 seconds. The `kubectl delete` command supports the `--grace-period=` option which allows a user to override the default and specify their own value. The value `0` [force deletes](/docs/user-guide/pods/#force-termination-of-pods) the pod. In kubectl version >= 1.5, you must specify an additional flag `--force` along with `--grace-period=0` in order to perform force deletions.
+
+### Force deletion of pods
+
+Force deletion of a pod is defined as deletion of a pod from the cluster state and etcd immediately. When a force deletion is performed, the apiserver does not wait for confirmation from the kubelet that the pod has been terminated on the node it was running on. It removes the pod in the API immediately so a new pod can be created with the same name. On the node, pods that are set to terminate immediately will still be given a small grace period before being force killed.
+
+Force deletions can be potentially dangerous for some pods and should be performed with caution. In case of StatefulSet pods, please refer to the task documentation for [deleting Pods from a StatefulSet](/docs/tasks/stateful-sets/deleting-pods/).
## Privileged mode for pod containers
diff --git a/docs/user-guide/pods/multi-container.md b/docs/user-guide/pods/multi-container.md
index 6c166af20d..55e0e56f84 100644
--- a/docs/user-guide/pods/multi-container.md
+++ b/docs/user-guide/pods/multi-container.md
@@ -1,7 +1,7 @@
---
assignees:
- janetkuo
-
+title: Creating Multi-Container Pods
---
* TOC
diff --git a/docs/user-guide/pods/single-container.md b/docs/user-guide/pods/single-container.md
index 605534acda..1b238be826 100644
--- a/docs/user-guide/pods/single-container.md
+++ b/docs/user-guide/pods/single-container.md
@@ -1,7 +1,7 @@
---
assignees:
- janetkuo
-
+title: Creating Single-Container Pods
---
* TOC
diff --git a/docs/user-guide/prereqs.md b/docs/user-guide/prereqs.md
index 1902e3315a..4be0d6a188 100644
--- a/docs/user-guide/prereqs.md
+++ b/docs/user-guide/prereqs.md
@@ -2,7 +2,7 @@
assignees:
- bgrant0607
- mikedanese
-
+title: Installing and Setting up kubectl
---
To deploy and manage applications on Kubernetes, you’ll use the Kubernetes command-line tool, [kubectl](/docs/user-guide/kubectl/). It lets you inspect your cluster resources, create, delete, and update components, and much more. You will use it to look at your new cluster and bring up example apps.
diff --git a/docs/user-guide/production-pods.md b/docs/user-guide/production-pods.md
index 5a6c56dc11..bd3724cc5e 100644
--- a/docs/user-guide/production-pods.md
+++ b/docs/user-guide/production-pods.md
@@ -3,7 +3,7 @@ assignees:
- bgrant0607
- janetkuo
- thockin
-
+title: Working with Containers in Production
---
You've seen [how to configure and deploy pods and containers](/docs/user-guide/configuring-containers), using some of the most common configuration parameters. This section dives into additional features that are especially useful for running applications in production.
@@ -11,11 +11,11 @@ You've seen [how to configure and deploy pods and containers](/docs/user-guide/c
* TOC
{:toc}
-## Persistent storage
+## Using a Volume for storage
-The container file system only lives as long as the container does, so when a container crashes and restarts, changes to the filesystem will be lost and the container will restart from a clean slate. To access more-persistent storage, outside the container file system, you need a [*volume*](/docs/user-guide/volumes). This is especially important to stateful applications, such as key-value stores and databases.
+The container file system only lives as long as the container does, so when a container crashes and restarts, changes to the filesystem will be lost and the container will restart from a clean slate. For more consistent storage that lasts for the life of a Pod, you need a [*volume*](/docs/user-guide/volumes). This is especially important to stateful applications, such as key-value stores and databases.
-For example, [Redis](http://redis.io/) is a key-value cache and store, which we use in the [guestbook](https://github.com/kubernetes/kubernetes/tree/{{page.githubbranch}}/examples/guestbook/) and other examples. We can add a volume to it to store persistent data as follows:
+For example, [Redis](http://redis.io/) is a key-value cache and store, which we use in the [guestbook](https://github.com/kubernetes/kubernetes/tree/{{page.githubbranch}}/examples/guestbook/) and other examples. We can add a volume to it to store data as follows:
{% include code.html language="yaml" file="redis-deployment.yaml" ghlink="/docs/user-guide/redis-deployment.yaml" %}
diff --git a/docs/user-guide/quick-start.md b/docs/user-guide/quick-start.md
index 9e9e59dbd8..913614ac2e 100644
--- a/docs/user-guide/quick-start.md
+++ b/docs/user-guide/quick-start.md
@@ -2,7 +2,7 @@
assignees:
- bgrant0607
- janetkuo
-
+title: Launching, Exposing, and Killing Applications
---
This guide will help you get oriented to Kubernetes and running your first containers on the cluster. If you are already familiar with the docker-cli, you can also checkout the docker-cli to kubectl migration guide [here](/docs/user-guide/docker-cli-to-kubectl).
diff --git a/docs/user-guide/replicasets.md b/docs/user-guide/replicasets.md
index cd7f620b15..f0aa08bf04 100644
--- a/docs/user-guide/replicasets.md
+++ b/docs/user-guide/replicasets.md
@@ -3,13 +3,13 @@ assignees:
- Kashomon
- bprashanth
- madhusudancs
-
+title: Replica Sets
---
* TOC
{:toc}
-## What is a _Replica Set_?
+## What is a Replica Set?
Replica Set is the next-generation Replication Controller. The only difference
between a _Replica Set_ and a
diff --git a/docs/user-guide/replication-controller/index.md b/docs/user-guide/replication-controller/index.md
index 61263d4994..e69c55231b 100644
--- a/docs/user-guide/replication-controller/index.md
+++ b/docs/user-guide/replication-controller/index.md
@@ -2,13 +2,13 @@
assignees:
- bprashanth
- janetkuo
-
+title: Replication Controller
---
* TOC
{:toc}
-## What is a _replication controller_?
+## What is a replication controller?
A _replication controller_ ensures that a specified number of pod "replicas" are running at any one
time. In other words, a replication controller makes sure that a pod or homogeneous set of pods are
diff --git a/docs/user-guide/replication-controller/operations.md b/docs/user-guide/replication-controller/operations.md
index 1d33f352c2..b3bd6115cc 100644
--- a/docs/user-guide/replication-controller/operations.md
+++ b/docs/user-guide/replication-controller/operations.md
@@ -1,8 +1,9 @@
---
assignees:
- bprashanth
-
+title: Replication Controller Operations
---
+
* TOC
{:toc}
diff --git a/docs/user-guide/resizing-a-replication-controller.md b/docs/user-guide/resizing-a-replication-controller.md
index 8c3c8dc288..c60ce8e60b 100644
--- a/docs/user-guide/resizing-a-replication-controller.md
+++ b/docs/user-guide/resizing-a-replication-controller.md
@@ -1,7 +1,7 @@
---
assignees:
- bprashanth
-
+title: Resizing a Replication Controller
---
To increase or decrease the number of pods under a replication controller's
diff --git a/docs/user-guide/rolling-updates.md b/docs/user-guide/rolling-updates.md
index c9ba5d3d27..6bd3c469c8 100644
--- a/docs/user-guide/rolling-updates.md
+++ b/docs/user-guide/rolling-updates.md
@@ -1,7 +1,7 @@
---
assignees:
- janetkuo
-
+title: Rolling Updates
---
* TOC
diff --git a/docs/user-guide/secrets/index.md b/docs/user-guide/secrets/index.md
index c55868f1f1..5995c1fad1 100644
--- a/docs/user-guide/secrets/index.md
+++ b/docs/user-guide/secrets/index.md
@@ -1,7 +1,7 @@
---
assignees:
- mikedanese
-
+title: Secrets
---
Objects of type `secret` are intended to hold sensitive information, such as
diff --git a/docs/user-guide/secrets/walkthrough.md b/docs/user-guide/secrets/walkthrough.md
index 001be6add4..11ca7672df 100644
--- a/docs/user-guide/secrets/walkthrough.md
+++ b/docs/user-guide/secrets/walkthrough.md
@@ -1,6 +1,6 @@
---
-assignees:
-
+assignees:
+title: Secrets Walkthrough
---
Following this example, you will create a secret and a [pod](/docs/user-guide/pods/) that consumes that secret in a [volume](/docs/user-guide/volumes/). See [Secrets design document](https://github.com/kubernetes/kubernetes/blob/{{page.githubbranch}}/docs/design/secrets.md) for more information.
diff --git a/docs/user-guide/security-context.md b/docs/user-guide/security-context.md
index 2d5807a449..3d216447ca 100644
--- a/docs/user-guide/security-context.md
+++ b/docs/user-guide/security-context.md
@@ -3,7 +3,7 @@ assignees:
- erictune
- mikedanese
- thockin
-
+title: Security Context
---
A security context defines the operating system security settings (uid, gid, capabilities, SELinux role, etc..) applied to a container. See [security context design](https://github.com/kubernetes/kubernetes/blob/{{page.githubbranch}}/docs/design/security_context.md) for more details.
diff --git a/docs/user-guide/service-accounts.md b/docs/user-guide/service-accounts.md
index 1df4635da9..d1129a1983 100644
--- a/docs/user-guide/service-accounts.md
+++ b/docs/user-guide/service-accounts.md
@@ -3,7 +3,7 @@ assignees:
- bprashanth
- liggitt
- thockin
-
+title: Service Accounts
---
A service account provides an identity for processes that run in a Pod.
diff --git a/docs/user-guide/services-firewalls.md b/docs/user-guide/services-firewalls.md
index 8755d222a5..0c87cc7598 100644
--- a/docs/user-guide/services-firewalls.md
+++ b/docs/user-guide/services-firewalls.md
@@ -2,7 +2,7 @@
assignees:
- bprashanth
- davidopp
-
+title: Configuring Your Cloud Provider's Firewalls
---
Many cloud providers (e.g. Google Compute Engine) define firewalls that help prevent inadvertent
diff --git a/docs/user-guide/services/index.md b/docs/user-guide/services/index.md
index cad2b22328..8151eebab9 100644
--- a/docs/user-guide/services/index.md
+++ b/docs/user-guide/services/index.md
@@ -1,10 +1,10 @@
---
assignees:
- bprashanth
-
+title: Services
---
-Kubernetes [`Pods`](/docs/user-guide/pods) are mortal. They are born and they die, and they
+Kubernetes [`Pods`](/docs/user-guide/pods) are mortal. They are born and when they die, they
are not resurrected. [`ReplicationControllers`](/docs/user-guide/replication-controller) in
particular create and destroy `Pods` dynamically (e.g. when scaling up or down
or when doing [rolling updates](/docs/user-guide/kubectl/kubectl_rolling-update)). While each `Pod` gets its own IP address, even
@@ -353,59 +353,57 @@ Sometimes you don't need or want load-balancing and a single service IP. In
this case, you can create "headless" services by specifying `"None"` for the
cluster IP (`spec.clusterIP`).
-This option allows developers to reduce coupling to the Kubernetes system, if
-they desire, but leaves them freedom to do discovery in their own way.
-Applications can still use a self-registration pattern and adapters for other
-discovery systems could easily be built upon this API.
+This option allows developers to reduce coupling to the Kubernetes system by
+allowing them freedom to do discovery their own way. Applications can still use
+a self-registration pattern and adapters for other discovery systems could easily
+be built upon this API.
-For such `Services` a cluster IP is not allocated, the kube proxy does not handle
+For such `Services`, a cluster IP is not allocated, kube-proxy does not handle
these services, and there is no load balancing or proxying done by the platform
-for them. How DNS is automatically configured depends on if the service has
-selectors or not.
+for them. How DNS is automatically configured depends on whether the service has
+selectors defined.
### With selectors
For headless services that define selectors, the endpoints controller creates
`Endpoints` records in the API, and modifies the DNS configuration to return A
-records (addresses) which point directly to the `Pods` backing the `Service`.
+records (addresses) that point directly to the `Pods` backing the `Service`.
### Without selectors
For headless services that do not define selectors, the endpoints controller does
not create `Endpoints` records. However, the DNS system looks for and configures
either:
- - CNAME records for `ExternalName`-type services
- - A records for any `Endpoints` that share a name with the service, for all
+
+ * CNAME records for `ExternalName`-type services
+ * A records for any `Endpoints` that share a name with the service, for all
other types
## Publishing services - service types
For some parts of your application (e.g. frontends) you may want to expose a
-Service onto an external (outside of your cluster, maybe public internet) IP
-address, other services should be visible only from inside of the cluster.
+Service onto an external (outside of your cluster) IP address.
Kubernetes `ServiceTypes` allow you to specify what kind of service you want.
-The default and base type is `ClusterIP`, which exposes a service to connection
-from inside the cluster. `NodePort` and `LoadBalancer` are two types that expose
-services to external traffic.
+The default is `ClusterIP`.
-Valid values for the `ServiceType` field are:
+`ServiceType` values and their behaviors are:
- * `ExternalName`: map the service to the contents of the `externalName` field
+ * `ClusterIP`: Exposes the service on a cluster-internal IP. Choosing this value
+ makes the service only reachable from within the cluster. This is the
+ default `ServiceType`.
+ * `NodePort`: Exposes the service on each Node's IP at a static port (the `NodePort`).
+ A `ClusterIP` service, to which the NodePort service will route, is automatically
+ created. You'll be able to contact the `NodePort` service, from outside the cluster,
+ by requesting `:`.
+ * `LoadBalancer`: Exposes the service externally using a cloud provider's load balancer.
+ `NodePort` and `ClusterIP` services, to which the external load balancer will route,
+ are automatically created.
+ * `ExternalName`: Maps the service to the contents of the `externalName` field
(e.g. `foo.bar.example.com`), by returning a `CNAME` record with its value.
No proxying of any kind is set up. This requires version 1.7 or higher of
`kube-dns`.
- * `ClusterIP`: use a cluster-internal IP only - this is the default and is
- discussed above. Choosing this value means that you want this service to be
- reachable only from inside of the cluster.
- * `NodePort`: on top of having a cluster-internal IP, expose the service on a
- port on each node of the cluster (the same port on each node). You'll be able
- to contact the service on any `:NodePort` address.
- * `LoadBalancer`: on top of having a cluster-internal IP and exposing service
- on a NodePort also, ask the cloud provider for a load balancer
- which forwards to the `Service` exposed as a `:NodePort`
- for each Node.
### Type NodePort
@@ -420,7 +418,7 @@ will fail (i.e. you need to take care about possible port collisions yourself).
The value you specify must be in the configured range for node ports.
This gives developers the freedom to set up their own load balancers, to
-configure cloud environments that are not fully supported by Kubernetes, or
+configure environments that are not fully supported by Kubernetes, or
even to just expose one or more nodes' IPs directly.
Note that this Service will be visible as both `:spec.ports[*].nodePort`
diff --git a/docs/user-guide/services/operations.md b/docs/user-guide/services/operations.md
index 6fa6d61bdd..ffeb3e6d05 100644
--- a/docs/user-guide/services/operations.md
+++ b/docs/user-guide/services/operations.md
@@ -2,8 +2,9 @@
assignees:
- bprashanth
- freehan
-
+title: Service Operations
---
+
* TOC
{:toc}
diff --git a/docs/user-guide/sharing-clusters.md b/docs/user-guide/sharing-clusters.md
index 723f54fa14..c21acca84a 100644
--- a/docs/user-guide/sharing-clusters.md
+++ b/docs/user-guide/sharing-clusters.md
@@ -2,7 +2,7 @@
assignees:
- mikedanese
- thockin
-
+title: Sharing Cluster Access with kubeconfig
---
Client access to a running Kubernetes cluster can be shared by copying
diff --git a/docs/user-guide/simple-nginx.md b/docs/user-guide/simple-nginx.md
index 4a40d3df06..eba8702857 100644
--- a/docs/user-guide/simple-nginx.md
+++ b/docs/user-guide/simple-nginx.md
@@ -1,7 +1,7 @@
---
assignees:
- mikedanese
-
+title: Running Your First Containers
---
Ok, you've run one of the [getting started guides](/docs/getting-started-guides/) and you have
diff --git a/docs/user-guide/thirdpartyresources.md b/docs/user-guide/thirdpartyresources.md
index a1035d44c4..e76c64e295 100644
--- a/docs/user-guide/thirdpartyresources.md
+++ b/docs/user-guide/thirdpartyresources.md
@@ -1,7 +1,7 @@
---
assignees:
- IanLewis
-
+title: Third Party Resources
---
* TOC
diff --git a/docs/user-guide/ui.md b/docs/user-guide/ui.md
index 84e0adabc6..20a0e7b3bc 100644
--- a/docs/user-guide/ui.md
+++ b/docs/user-guide/ui.md
@@ -2,60 +2,53 @@
assignees:
- bryk
- mikedanese
-
+- rf232
+title: Web UI (Dashboard)
---
+Dashboard is a web-based Kubernetes user interface. You can use Dashboard to deploy containerized applications to a Kubernetes cluster, troubleshoot your containerized application, and manage the cluster itself along with its attendant resources. You can use Dashboard to get an overview of applications running on your cluster, as well as for creating or modifying individual Kubernetes resources (such as Deployments, Jobs, DaemonSets, etc). For example, you can scale a Deployment, initiate a rolling update, restart a pod or deploy new applications using a deploy wizard.
-Dashboard (the web-based user interface of Kubernetes) allows you to deploy containerized applications to a Kubernetes cluster, troubleshoot them, and manage the cluster and its resources itself. You can use it for getting an overview of applications running on the cluster, as well as for creating or modifying individual Kubernetes resources and workloads, such as Daemon sets, Pet sets, Replica sets, Jobs, Replication controllers and corresponding Services, or Pods.
+Dashboard also provides information on the state of Kubernetes resources in your cluster, and on any errors that may have occurred.
-Dashboard also provides information on the state of Pods, Replication controllers, etc. and on any errors that might have occurred. You can inspect and manage the Kubernetes resources, as well as your deployed containerized applications. You can also change the number of replicated Pods, delete Pods, and deploy new applications using a deploy wizard.
-
-By default, Dashboard is installed as a cluster addon. It is enabled by default as of Kubernetes 1.2 clusters.
+
* TOC
{:toc}
-## Dashboard access
+## Accessing the Dashboard UI
-Navigate in your Browser to the following URL:
-```
-https:///ui
-```
-This redirects to the following URL:
-```
-https:///api/v1/proxy/namespaces/kube-system/services/kubernetes-dashboard
-```
-The Dashboard UI lives in the `kube-system` [namespace](/docs/admin/namespaces/), but shows all resources from all namespaces in your environment.
+There are multiple ways you can access the Dashboard UI; either by using the kubectl command-line interface, or by accessing the Kubernetes master apiserver using your web browser.
-If you find that you are not able to access Dashboard, you can install and open the latest stable release by running the following command:
+### Command line proxy
+You can access Dashboard using the kubectl command-line tool by running the following command:
```
-kubectl create -f https://rawgit.com/kubernetes/dashboard/master/src/deploy/kubernetes-dashboard.yaml
+$ kubectl proxy
```
-Then, navigate to
+kubectl will handle authentication with apiserver and make Dashboard available at [http://localhost:8001/ui](http://localhost:8001/ui)
-```
-https:///ui
-```
+The UI can _only_ be accessed from the machine where the command is executed. See `kubectl proxy --help` for more options.
-In case you have to provide a password, use the following command to find it out:
+### Master server
+You may access the UI directly via the Kubernetes master apiserver. Open a browser and navigate to `https:///ui`, where `` is IP address or domain name of the Kubernetes
+master.
-```
-kubectl config view
-```
+Please note, this works only if the apiserver is set up to allow authentication with username and password. This is not currently the case with the some setup tools (e.g., `kubeadm`). Refer to the [authentication admin documentation](/docs/admin/authentication/) for information on how to configure authentication manually.
-## Welcome page
+If the username and password is configured but unknown to you, then use `kubectl config view` to find it.
-When accessing Dashboard on an empty cluster for the first time, the Welcome page is displayed. This page contains a link to this document as well as a button to deploy your first application. In addition, you can view which system applications are running by **default** in the `kube-system` [namespace](/docs/admin/namespaces/) of your cluster, for example monitoring applications such as Heapster.
+## Welcome view
+
+When you access Dashboard on an empty cluster, you'll see the welcome page. This page contains a link to this document as well as a button to deploy your first application. In addition, you can view which system applications are running by default in the `kube-system` [namespace](/docs/admin/namespaces/) of your cluster, for example the Dashboard itself.
## Deploying containerized applications
-Dashboard lets you create and deploy a containerized application as a Replication Controller and corresponding Service with a simple wizard. You can either manually specify application details, or upload a YAML or JSON file containing the required information.
+Dashboard lets you create and deploy a containerized application as a Deployment and optional Service with a simple wizard. You can either manually specify application details, or upload a YAML or JSON file containing application configuration.
-To access the deploy wizard from the Welcome page, click the respective button. To access the wizard at a later point in time, click the **DEPLOY APP** or **UPLOAD YAML** link in the upper right corner of any page listing workloads.
+To access the deploy wizard from the Welcome page, click the respective button. To access the wizard at a later point in time, click the **CREATE** button in the upper right corner of any page.
@@ -63,7 +56,7 @@ To access the deploy wizard from the Welcome page, click the respective button.
The deploy wizard expects that you provide the following information:
-- **App name** (mandatory): Name for your application. A [label](/docs/user-guide/labels/) with the name will be added to the Replication Controller and Service, if any, that will be deployed.
+- **App name** (mandatory): Name for your application. A [label](/docs/user-guide/labels/) with the name will be added to the Deployment and Service, if any, that will be deployed.
The application name must be unique within the selected Kubernetes [namespace](/docs/admin/namespaces/). It must start and end with a lowercase character, and contain only lowercase letters, numbers and dashes (-). It is limited to 24 characters. Leading and trailing spaces are ignored.
@@ -71,7 +64,7 @@ The deploy wizard expects that you provide the following information:
- **Number of pods** (mandatory): The target number of Pods you want your application to be deployed in. The value must be a positive integer.
- A [Replication Controller](/docs/user-guide/replication-controller/) will be created to maintain the desired number of Pods across your cluster.
+ A [Deployment](/docs/user-guide/deployment/) will be created to maintain the desired number of Pods across your cluster.
- **Service** (optional): For some parts of your application (e.g. frontends) you may want to expose a [Service](http://kubernetes.io/docs/user-guide/services/) onto an external, maybe public IP address outside of your cluster (external Service). For external Services, you may need to open up one or more ports to do so. Find more details [here](/docs/user-guide/services-firewalls/).
@@ -81,11 +74,9 @@ The deploy wizard expects that you provide the following information:
If needed, you can expand the **Advanced options** section where you can specify more settings:
-
+- **Description**: The text you enter here will be added as an [annotation](/docs/user-guide/annotations/) to the Deployment and displayed in the application's details.
-- **Description**: The text you enter here will be added as an [annotation](/docs/user-guide/annotations/) to the Replication Controller and displayed in the application's details.
-
-- **Labels**: Default [labels](/docs/user-guide/labels/) to be used for your application are application name and version. You can specify additional labels to be applied to the Replication Controller, Service (if any), and Pods, such as release, environment, tier, partition, and release track.
+- **Labels**: Default [labels](/docs/user-guide/labels/) to be used for your application are application name and version. You can specify additional labels to be applied to the Deployment, Service (if any), and Pods, such as release, environment, tier, partition, and release track.
Example:
@@ -118,89 +109,54 @@ track=stable
### Uploading a YAML or JSON file
-Kubernetes supports declarative configuration. In this style, all configuration is stored in YAML or JSON configuration files using the Kubernetes' [API](http://kubernetes.io/docs/api/) resource schemas as the configuration schemas.
+Kubernetes supports declarative configuration. In this style, all configuration is stored in YAML or JSON configuration files using the Kubernetes [API](http://kubernetes.io/docs/api/) resource schemas.
-As an alternative to specifying application details in the deploy wizard, you can define your Replication Controllers and Services in YAML or JSON files, and upload the files to your Pods:
+As an alternative to specifying application details in the deploy wizard, you can define your application in YAML or JSON files, and upload the files using Dashboard:
-## Managing resources
+## Using Dashboard
+Following sections describe views of the Kubernetes Dashboard UI; what they provide and how can they be used.
-### List view
+### Navigation
-As soon as applications are running on your cluster, Dashboard's initial view defaults to showing all resources available in all namespaces in a list view, for example:
+When there are Kubernetes objects defined in the cluster, Dashboard shows them in the initial view. By default only objects from the _default_ namespace are shown and this can be changed using the namespace selector located in the navigation menu.
+
+Dashboard shows most Kubernetes object kinds and groups them in a few menu categories.
+
+#### Admin
+View for cluster and namespace administrators. It lists Nodes, Namespaces and Persistent Volumes and has detail views for them. Node list view contains CPU and memory usage metrics aggregated across all Nodes. The details view shows the metrics for a Node, its specification, status, allocated resources, events and pods running on the node.
+
+
+
+#### Workloads
+Entry point view that shows all applications running in the selected namespace. The view lists applications by workload kind (e.g., Deployments, Replica Sets, Stateful Sets, etc.) and each workload kind can be viewed separately. The lists summarize actionable information about the workloads, such as the number of ready pods for a Replica Set or current memory usage for a Pod.
-For every resource, the list view shows the following information:
+Detail views for workloads show status and specification information and surface relationships between objects. For example, Pods that Replica Set is controlling or New Replica Sets and Horizontal Pod Autoscalers for Deployments.
-* Name of the resource
-* All labels assigned to the resource
-* Number of pods assigned to the resource
-* Age, i.e. amount of time passed since the resource has been created
-* Docker container image
+
-To filter the resources and only show those of a specific namespace, select it from the dropdown list in the right corner of the title bar:
+#### Services and discovery
+Services and discovery view shows Kubernetes resources that allow for exposing services to external world and discovering them within a cluster. For that reason, Service and Ingress views show Pods targeted by them, internal endpoints for cluster connections and endpoints for external users.
-
+
-### Details view
+#### Storage
+Storage view shows Persistent Volume Claim resources which are used by applications for storing data.
-When clicking a resource, the details view is opened, for example:
+#### Config
+Config view show all Kubernetes resources that are used for live configuration of applications running in clusters. This is now Config Maps and Secrets. Thie views allows for editing and managing config objects and displays secrets hidden by default.
-
+
-The **OVERVIEW** tab shows the actual resource details as well as the Pods the resource is running in.
+#### Logs viewer
+Pod lists and detail pages link to logs viewer that is built into Dashboard. The viewer allows for drilling down logs from containers belonging to a single Pod.
-The **EVENTS** tab can be useful for debugging applications.
-
-To go back to the workloads overview, click the Kubernetes logo.
-
-### Workload categories
-
-Workloads are categorized as follows:
-
-* [Daemon Sets](http://kubernetes.io/docs/admin/daemons/) which ensure that all or some of the nodes in your cluster run a copy of a Pod.
-* [Deployments](http://kubernetes.io/docs/user-guide/deployments/) which provide declarative updates for Pods and Replica Sets (the next-generation [Replication Controller](http://kubernetes.io/docs/user-guide/replication-controller/))
- The Details page for a Deployment lists resource details, as well as new and old Replica Sets. The resource details also include information on the [RollingUpdate](http://kubernetes.io/docs/user-guide/rolling-updates/) strategy, if any.
-* [Pet Sets](http://kubernetes.io/docs/user-guide/petset/) (nominal Services, also known as load-balanced Services) for legacy application support.
-* [Replica Sets](http://kubernetes.io/docs/user-guide/replicasets/) for using label selectors.
-* [Jobs](http://kubernetes.io/docs/user-guide/jobs/) for creating one or more Pods, ensuring that a specified number of them successfully terminate, and tracking the completions.
-* [Replication Controllers](http://kubernetes.io/docs/user-guide/replication-controller/)
-* [Pods](http://kubernetes.io/docs/user-guide/pods/)
-
-You can display the resources of a specific category in two ways:
-
-* Click the category name, e.g. **Deployments**
-* Edit the Dashboard URL and add the name of a desired category. For example, to display the list of Replication Controllers, specify the following URL:
-
- ```
-http://:9090/#/replicationcontroller
-```
-
-### Actions
-
-Every list view offers an action menu to the right of the listed resources. The related details view provides the same actions as buttons in the upper right corner of the page.
-
-* **Edit**
-
- Opens a text editor so that you can instantly view or update the JSON or YAML file of the respective resource.
-
-* **Delete**
-
- After confirmation, deletes the respective resource.
-
- When deleting a Replication Controller, the Pods managed by it are also deleted. You have the option to also delete Services related to the Replication Controller.
-
-* **View details**
-
- For Replication Controllers only. Takes you to the details page where you can view more information about the Pods that make up your application.
-
-* **Scale**
-
- For Replication Controllers only. Changes the number of Pods your application runs in. The respective Replication Controller will be updated to reflect the newly specified number. Be aware that setting a high number of Pods may result in a decrease of performance of the cluster or Dashboard itself.
+
## More information
For more information, see the
-[Kubernetes Dashboard repository](https://github.com/kubernetes/dashboard).
+[Kubernetes Dashboard project page](https://github.com/kubernetes/dashboard).
diff --git a/docs/user-guide/update-demo/index.md b/docs/user-guide/update-demo/index.md
index d51bcffc08..3ecd743855 100644
--- a/docs/user-guide/update-demo/index.md
+++ b/docs/user-guide/update-demo/index.md
@@ -1,11 +1,10 @@
----
-assignees:
-- lavalamp
-- mikedanese
-
----
-
-
+---
+assignees:
+- lavalamp
+- mikedanese
+title: Rolling Update Demo
+---
+
This example demonstrates the usage of Kubernetes to perform a [rolling update](/docs/user-guide/kubectl/kubectl_rolling-update/) on a running group of [pods](/docs/user-guide/pods/). See [here](/docs/user-guide/managing-deployments/#updating-your-application-without-a-service-outage) to understand why you need a rolling update. Also check [rolling update design document](https://github.com/kubernetes/kubernetes/blob/{{page.githubbranch}}/docs/design/simple-rolling-update.md) for more information.
The files for this example are viewable in [our docs repo
diff --git a/docs/user-guide/volumes.md b/docs/user-guide/volumes.md
index e11f0ca44b..f2b5ff88a0 100644
--- a/docs/user-guide/volumes.md
+++ b/docs/user-guide/volumes.md
@@ -4,7 +4,7 @@ assignees:
- mikedanese
- saad-ali
- thockin
-
+title: Volumes
---
On-disk files in a container are ephemeral, which presents some problems for
diff --git a/docs/user-guide/working-with-resources.md b/docs/user-guide/working-with-resources.md
index d2aeeb621e..07a9bd55b7 100644
--- a/docs/user-guide/working-with-resources.md
+++ b/docs/user-guide/working-with-resources.md
@@ -2,7 +2,7 @@
assignees:
- mikedanese
- thockin
-
+title: Using kubectl to Manage Resources
---
*This document is aimed at users who have worked through some of the examples,
diff --git a/docs/whatisk8s.md b/docs/whatisk8s.md
index ca398edf58..7c1e637b6d 100644
--- a/docs/whatisk8s.md
+++ b/docs/whatisk8s.md
@@ -2,10 +2,9 @@
assignees:
- bgrant0607
- mikedanese
-
+title: What is Kubernetes?
---
-
Kubernetes is an [open-source platform for automating deployment, scaling, and operations of application containers](http://www.slideshare.net/BrianGrant11/wso2con-us-2015-kubernetes-a-platform-for-automating-deployment-scaling-and-operations) across clusters of hosts, providing container-centric infrastructure.
With Kubernetes, you are able to quickly and efficiently respond to customer demand:
diff --git a/editdocs.md b/editdocs.md
index 0291912aca..b089db1c43 100644
--- a/editdocs.md
+++ b/editdocs.md
@@ -1,5 +1,6 @@
---
layout: docwithnav
+title: Contributing to the Kubernetes Documentation
---
@@ -22,7 +23,7 @@ $( document ).ready(function() {
Continue your edit
-
Click the below link to edit the page you were just on. When you are done, press "Commit Changes" at the bottom of the screen. This will create a copy of our site on your GitHub account called a "fork." You can make other changes in your fork after it is created, if you want. When you are ready to send us all your changes, go to the index page for your fork and click "New Pull Request" to let us know about it.
+
Click the button below to edit the page you were just on. When you are done, click Commit Changes at the bottom of the screen. This creates a copy of our site in your GitHub account called a fork. You can make other changes in your fork after it is created, if you want. When you are ready to send us all your changes, go to the index page for your fork and click New Pull Request to let us know about it.
Click the below button to visit the repo for our site. You can then click the "Fork" button in the upper-right area of the screen to create a copy of our site on your GitHub account called a "fork." Make any changes you want in your fork, and when you are ready to send those changes to us, go to the index page for your fork and click "New Pull Request" to let us know about it.
+
Click the button below to visit the repo for our site. You can then click the Fork button in the upper-right area of the screen to create a copy of our site in your GitHub account called a fork. Make any changes you want in your fork, and when you are ready to send those changes to us, go to the index page for your fork and click New Pull Request to let us know about it.
+
-{% include_relative README.md %}
+For more information about contributing to the Kubernetes documentation, see:
+
+* [Creating a Documentation Pull Request](http://kubernetes.io/docs/contribute/create-pull-request/)
+* [Writing a New Topic](http://kubernetes.io/docs/contribute/write-new-topic/)
+* [Staging Your Documentation Changes](http://kubernetes.io/docs/contribute/stage-documentation-changes/)
+* [Using Page Templates](http://kubernetes.io/docs/contribute/page-templates/)
+* [Documentation Style Guide](http://kubernetes.io/docs/contribute/style-guide/)
diff --git a/feed.xml b/feed.xml
deleted file mode 100644
index ae253f98b5..0000000000
--- a/feed.xml
+++ /dev/null
@@ -1,29 +0,0 @@
----
----
-
-
-
- {{ site.title | xml_escape }}
- {{ site.description | xml_escape }}
- {{ site.url }}{{ site.baseurl }}/
-
- {{ site.time | date_to_rfc822 }}
- {{ site.time | date_to_rfc822 }}
- Jekyll v{{ jekyll.version }}
- {% for post in site.posts limit:10 %}
-
- {{ post.title | xml_escape }}
- {{ post.content | xml_escape }}
- {{ post.date | date_to_rfc822 }}
- {{ post.url | prepend: site.baseurl | prepend: site.url }}
- {{ post.url | prepend: site.baseurl | prepend: site.url }}
- {% for tag in post.tags %}
- {{ tag | xml_escape }}
- {% endfor %}
- {% for cat in post.categories %}
- {{ cat | xml_escape }}
- {% endfor %}
-
- {% endfor %}
-
-
diff --git a/images/case_studies/buffer_logo.png b/images/case_studies/buffer_logo.png
new file mode 100644
index 0000000000..1b4b3b7e52
Binary files /dev/null and b/images/case_studies/buffer_logo.png differ
diff --git a/images/case_studies/comcast_logo.png b/images/case_studies/comcast_logo.png
new file mode 100644
index 0000000000..3f0ef76645
Binary files /dev/null and b/images/case_studies/comcast_logo.png differ
diff --git a/images/case_studies/monzo_logo.png b/images/case_studies/monzo_logo.png
new file mode 100644
index 0000000000..854409d17e
Binary files /dev/null and b/images/case_studies/monzo_logo.png differ
diff --git a/images/case_studies/philips_logo.png b/images/case_studies/philips_logo.png
new file mode 100644
index 0000000000..9ba3421a61
Binary files /dev/null and b/images/case_studies/philips_logo.png differ
diff --git a/images/case_studies/pokemon_go_logo.png b/images/case_studies/pokemon_go_logo.png
new file mode 100644
index 0000000000..3cf2b5c7ef
Binary files /dev/null and b/images/case_studies/pokemon_go_logo.png differ
diff --git a/images/docs/initial_cluster.png b/images/docs/initial_cluster.png
deleted file mode 100644
index 99646a3fd0..0000000000
Binary files a/images/docs/initial_cluster.png and /dev/null differ
diff --git a/images/docs/k8s-ui-explore-filter.png b/images/docs/k8s-ui-explore-filter.png
deleted file mode 100644
index a9a53d0edf..0000000000
Binary files a/images/docs/k8s-ui-explore-filter.png and /dev/null differ
diff --git a/images/docs/k8s-ui-explore-groupby.png b/images/docs/k8s-ui-explore-groupby.png
deleted file mode 100644
index 4f313af850..0000000000
Binary files a/images/docs/k8s-ui-explore-groupby.png and /dev/null differ
diff --git a/images/docs/k8s-ui-explore-poddetail.png b/images/docs/k8s-ui-explore-poddetail.png
deleted file mode 100644
index ddcf6918c7..0000000000
Binary files a/images/docs/k8s-ui-explore-poddetail.png and /dev/null differ
diff --git a/images/docs/k8s-ui-explore.png b/images/docs/k8s-ui-explore.png
deleted file mode 100644
index cd6b8b7bf5..0000000000
Binary files a/images/docs/k8s-ui-explore.png and /dev/null differ
diff --git a/images/docs/k8s-ui-nodes.png b/images/docs/k8s-ui-nodes.png
deleted file mode 100644
index 123b0267a2..0000000000
Binary files a/images/docs/k8s-ui-nodes.png and /dev/null differ
diff --git a/images/docs/k8s-ui-overview.png b/images/docs/k8s-ui-overview.png
deleted file mode 100644
index ca98b28255..0000000000
Binary files a/images/docs/k8s-ui-overview.png and /dev/null differ
diff --git a/images/docs/ui-dashboard-deploy-file.png b/images/docs/ui-dashboard-deploy-file.png
index 8f4ab5ae37..4e6fb56335 100644
Binary files a/images/docs/ui-dashboard-deploy-file.png and b/images/docs/ui-dashboard-deploy-file.png differ
diff --git a/images/docs/ui-dashboard-deploy-more.png b/images/docs/ui-dashboard-deploy-more.png
deleted file mode 100644
index 22cf7de320..0000000000
Binary files a/images/docs/ui-dashboard-deploy-more.png and /dev/null differ
diff --git a/images/docs/ui-dashboard-deploy-simple.png b/images/docs/ui-dashboard-deploy-simple.png
index c85356765b..d6f7669169 100644
Binary files a/images/docs/ui-dashboard-deploy-simple.png and b/images/docs/ui-dashboard-deploy-simple.png differ
diff --git a/images/docs/ui-dashboard-deployment-detail.png b/images/docs/ui-dashboard-deployment-detail.png
new file mode 100644
index 0000000000..4168e35a37
Binary files /dev/null and b/images/docs/ui-dashboard-deployment-detail.png differ
diff --git a/images/docs/ui-dashboard-logs-view.png b/images/docs/ui-dashboard-logs-view.png
new file mode 100644
index 0000000000..9547eae6f0
Binary files /dev/null and b/images/docs/ui-dashboard-logs-view.png differ
diff --git a/images/docs/ui-dashboard-namespace.png b/images/docs/ui-dashboard-namespace.png
deleted file mode 100644
index 4271c92b73..0000000000
Binary files a/images/docs/ui-dashboard-namespace.png and /dev/null differ
diff --git a/images/docs/ui-dashboard-node.png b/images/docs/ui-dashboard-node.png
new file mode 100644
index 0000000000..2a59fd4751
Binary files /dev/null and b/images/docs/ui-dashboard-node.png differ
diff --git a/images/docs/ui-dashboard-secret-detail.png b/images/docs/ui-dashboard-secret-detail.png
new file mode 100644
index 0000000000..186144b4d0
Binary files /dev/null and b/images/docs/ui-dashboard-secret-detail.png differ
diff --git a/images/docs/ui-dashboard-service-list.png b/images/docs/ui-dashboard-service-list.png
new file mode 100644
index 0000000000..9acb740703
Binary files /dev/null and b/images/docs/ui-dashboard-service-list.png differ
diff --git a/images/docs/ui-dashboard-workloadview.png b/images/docs/ui-dashboard-workloadview.png
index 1099da765f..d4b07873fb 100644
Binary files a/images/docs/ui-dashboard-workloadview.png and b/images/docs/ui-dashboard-workloadview.png differ
diff --git a/images/docs/ui-dashboard-zerostate.png b/images/docs/ui-dashboard-zerostate.png
old mode 100755
new mode 100644
index 5e37138294..1fa2ed910e
Binary files a/images/docs/ui-dashboard-zerostate.png and b/images/docs/ui-dashboard-zerostate.png differ
diff --git a/images/docs/ui-dashboard.png b/images/docs/ui-dashboard.png
new file mode 100644
index 0000000000..04a6999685
Binary files /dev/null and b/images/docs/ui-dashboard.png differ
diff --git a/images/kub_video_banner.jpg b/images/kub_video_banner.jpg
new file mode 100644
index 0000000000..6188481756
Binary files /dev/null and b/images/kub_video_banner.jpg differ
diff --git a/images/nav_logo.svg b/images/nav_logo.svg
index 666997a143..982c04f4aa 100644
--- a/images/nav_logo.svg
+++ b/images/nav_logo.svg
@@ -1 +1,110 @@
-
\ No newline at end of file
+
+
+
diff --git a/images/nav_logo2.svg b/images/nav_logo2.svg
index 1c88bd436a..92b8d19ac4 100644
--- a/images/nav_logo2.svg
+++ b/images/nav_logo2.svg
@@ -1 +1,108 @@
-
\ No newline at end of file
+
+
+
diff --git a/images/search-icon.svg b/images/search-icon.svg
new file mode 100644
index 0000000000..285f57caff
--- /dev/null
+++ b/images/search-icon.svg
@@ -0,0 +1,13 @@
+
+
+
+
diff --git a/images/square-logos/harbur.png b/images/square-logos/harbur.png
new file mode 100644
index 0000000000..ed09fe4227
Binary files /dev/null and b/images/square-logos/harbur.png differ
diff --git a/images/square-logos/kubernetic.png b/images/square-logos/kubernetic.png
new file mode 100644
index 0000000000..e5f4265158
Binary files /dev/null and b/images/square-logos/kubernetic.png differ
diff --git a/index.html b/index.html
index cf01ad2e92..728100db84 100644
--- a/index.html
+++ b/index.html
@@ -1,9 +1,8 @@
---
-title: Production-Grade Container Orchestration
---
-
+
{% include head-header.html %}
@@ -22,7 +21,7 @@ title: Production-Grade Container Orchestration
-
+
@@ -61,9 +60,8 @@ title: Production-Grade Container Orchestration
-
A technical overview of Kubernetes
-
Brendan Burns, Software Engineer and a founder of Kubernetes at Google, gives a technical overview of Kubernetes in this
- 30-minute presentation from CoreOS Fest.
+
Kubernetes: Finally… A True Cloud Platform
+
Sam Ghods, Co-Founder and Services Architect at Box, gives a passionate talk showing that with Kubernetes, we have for first time a universal interface that one can build real deployment tooling against.
@@ -111,7 +109,7 @@ title: Production-Grade Container Orchestration
exposing secrets in your stack configuration.
-
+
@@ -199,9 +197,8 @@ title: Production-Grade Container Orchestration
ga('create', 'UA-36037335-10', 'auto');
ga('send', 'pageview');
-
-
diff --git a/js/redirects.js b/js/redirects.js
index dc3cbb56ed..32b45c2c68 100644
--- a/js/redirects.js
+++ b/js/redirects.js
@@ -6,10 +6,6 @@ $( document ).ready(function() {
var forwardingURL=window.location.href;
var redirects = [{
- "from": "third_party/swagger-ui",
- "to": "http://kubernetes.io/kubernetes/third_party/swagger-ui/"
- },
- {
"from": "resource-quota",
"to": "http://kubernetes.io/docs/admin/resourcequota/"
},
diff --git a/js/script.js b/js/script.js
index 22eff0a1b4..b944d91175 100755
--- a/js/script.js
+++ b/js/script.js
@@ -503,3 +503,21 @@ var pushmenu = (function(){
show: show
};
})();
+
+$(function() {
+
+ // Make global nav be active based on pathname
+ if ((location.pathname.split("/")[1]) !== ""){
+ $('.global-nav li a[href^="/' + location.pathname.split("/")[1] + '"]').addClass('active');
+ }
+
+ // If vendor strip doesn't exist add className
+ if ( !$('#vendorStrip').length > 0 ) {
+ $('#hero').addClass('bot-bar');
+ }
+
+ // If is not homepage add class to hero section
+ if (!$('#home').length > 0 ) {
+ $('#hero').addClass('no-sub');
+ }
+});
\ No newline at end of file
diff --git a/kubernetes/third_party/swagger-ui/index.md b/kubernetes/third_party/swagger-ui/index.md
new file mode 100644
index 0000000000..425a061477
--- /dev/null
+++ b/kubernetes/third_party/swagger-ui/index.md
@@ -0,0 +1,8 @@
+---
+title: Kubernetes API Swagger Spec
+---
+
+---
+
+Kubernetes swagger UI has now been replaced by our generated API reference docs
+which can be accessed at http://kubernetes.io/docs/api-reference/README/.
diff --git a/partners/index.html b/partners/index.html
index c30a335401..5a8da670a9 100644
--- a/partners/index.html
+++ b/partners/index.html
@@ -14,7 +14,7 @@ title: Partners
-
We are working with a broad group of partners who contribute to the Kubernetes core codebase, making it stronger and richer. There partners create a vibrant Kubernetes ecosystem supporting a spectrum of complementing platforms, from open source solutions to market-leading technologies.
+
We are working with a broad group of partners who contribute to the Kubernetes core codebase, making it stronger and richer. These partners create a vibrant Kubernetes ecosystem supporting a spectrum of complementing platforms, from open source solutions to market-leading technologies. Partners can get their services and offerings added to this page by completing and submitting the partner request form.
