mirror of https://github.com/k3s-io/k3s
115 lines
5.6 KiB
Markdown
115 lines
5.6 KiB
Markdown
<!-- BEGIN MUNGE: UNVERSIONED_WARNING -->
|
|
|
|
<!-- BEGIN STRIP_FOR_RELEASE -->
|
|
|
|
<img src="http://kubernetes.io/img/warning.png" alt="WARNING"
|
|
width="25" height="25">
|
|
<img src="http://kubernetes.io/img/warning.png" alt="WARNING"
|
|
width="25" height="25">
|
|
<img src="http://kubernetes.io/img/warning.png" alt="WARNING"
|
|
width="25" height="25">
|
|
<img src="http://kubernetes.io/img/warning.png" alt="WARNING"
|
|
width="25" height="25">
|
|
<img src="http://kubernetes.io/img/warning.png" alt="WARNING"
|
|
width="25" height="25">
|
|
|
|
<h2>PLEASE NOTE: This document applies to the HEAD of the source tree</h2>
|
|
|
|
If you are using a released version of Kubernetes, you should
|
|
refer to the docs that go with that version.
|
|
|
|
Documentation for other releases can be found at
|
|
[releases.k8s.io](http://releases.k8s.io).
|
|
</strong>
|
|
--
|
|
|
|
<!-- END STRIP_FOR_RELEASE -->
|
|
|
|
<!-- END MUNGE: UNVERSIONED_WARNING -->
|
|
|
|
## kubectl create secret docker-registry
|
|
|
|
Create a secret for use with a Docker registry.
|
|
|
|
### Synopsis
|
|
|
|
|
|
|
|
Create a new secret for use with Docker registries.
|
|
|
|
Dockercfg secrets are used to authenticate against Docker registries.
|
|
|
|
When using the Docker command line to push images, you can authenticate to a given registry by running
|
|
'docker login DOCKER_REGISTRY_SERVER --username=DOCKER_USER --password=DOCKER_PASSWORD --email=DOCKER_EMAIL'.
|
|
That produces a ~/.dockercfg file that is used by subsequent 'docker push' and 'docker pull' commands to
|
|
authenticate to the registry.
|
|
|
|
When creating applications, you may have a Docker registry that requires authentication. In order for the
|
|
nodes to pull images on your behalf, they have to have the credentials. You can provide this information
|
|
by creating a dockercfg secret and attaching it to your service account.
|
|
|
|
```
|
|
kubectl create secret docker-registry NAME --docker-username=user --docker-password=password --docker-email=email [--docker-server=string] [--from-literal=key1=value1] [--dry-run]
|
|
```
|
|
|
|
### Examples
|
|
|
|
```
|
|
# If you don't already have a .dockercfg file, you can create a dockercfg secret directly by using:
|
|
$ kubectl create secret docker-registry my-secret --docker-server=DOCKER_REGISTRY_SERVER --docker-username=DOCKER_USER --docker-password=DOCKER_PASSWORD --docker-email=DOCKER_EMAIL
|
|
```
|
|
|
|
### Options
|
|
|
|
```
|
|
--docker-email="": Email for Docker registry
|
|
--docker-password="": Password for Docker registry authentication
|
|
--docker-server="https://index.docker.io/v1/": Server location for Docker registry
|
|
--docker-username="": Username for Docker registry authentication
|
|
--dry-run[=false]: If true, only print the object that would be sent, without sending it.
|
|
--generator="secret-for-docker-registry/v1": The name of the API generator to use.
|
|
-o, --output="": Output format. One of: json|yaml|wide|name|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://releases.k8s.io/HEAD/docs/user-guide/jsonpath.md].
|
|
--output-version="": Output the formatted object with the given version (default api-version).
|
|
--save-config[=false]: If true, the configuration of current object will be saved in its annotation. This is useful when you want to perform kubectl apply on this object in the future.
|
|
--schema-cache-dir="~/.kube/schema": If non-empty, load/store cached API schemas in this directory, default is '$HOME/.kube/schema'
|
|
--validate[=true]: If true, use a schema to validate the input before sending it
|
|
```
|
|
|
|
### Options inherited from parent commands
|
|
|
|
```
|
|
--alsologtostderr[=false]: log to standard error as well as files
|
|
--api-version="": The API version to use when talking to the server
|
|
--certificate-authority="": Path to a cert. file for the certificate authority.
|
|
--client-certificate="": Path to a client certificate file for TLS.
|
|
--client-key="": Path to a client key file for TLS.
|
|
--cluster="": The name of the kubeconfig cluster to use
|
|
--context="": The name of the kubeconfig context to use
|
|
--insecure-skip-tls-verify[=false]: If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure.
|
|
--kubeconfig="": Path to the kubeconfig file to use for CLI requests.
|
|
--log-backtrace-at=:0: when logging hits line file:N, emit a stack trace
|
|
--log-dir="": If non-empty, write log files in this directory
|
|
--log-flush-frequency=5s: Maximum number of seconds between log flushes
|
|
--logtostderr[=true]: log to standard error instead of files
|
|
--match-server-version[=false]: Require server version to match client version
|
|
--namespace="": If present, the namespace scope for this CLI request.
|
|
--password="": Password for basic authentication to the API server.
|
|
-s, --server="": The address and port of the Kubernetes API server
|
|
--stderrthreshold=2: logs at or above this threshold go to stderr
|
|
--token="": Bearer token for authentication to the API server.
|
|
--user="": The name of the kubeconfig user to use
|
|
--username="": Username for basic authentication to the API server.
|
|
--v=0: log level for V logs
|
|
--vmodule=: comma-separated list of pattern=N settings for file-filtered logging
|
|
```
|
|
|
|
### SEE ALSO
|
|
|
|
* [kubectl create secret](kubectl_create_secret.md) - Create a secret using specified subcommand.
|
|
|
|
###### Auto generated by spf13/cobra on 14-Dec-2015
|
|
|
|
<!-- BEGIN MUNGE: GENERATED_ANALYTICS -->
|
|
[]()
|
|
<!-- END MUNGE: GENERATED_ANALYTICS -->
|