github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-05 11:12:03 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #24719 from bprashanth/kubectl_tls

Browse Source 
Automatic merge from submit-queue

Add a kubectl create secret tls command

A somewhat hasty implementation that enables progress along: https://github.com/kubernetes/kubernetes/issues/20176#issuecomment-177409516, https://github.com/kubernetes/kubernetes/issues/24669, https://github.com/kubernetes/kubernetes/issues/20176#issuecomment-198142836 if associated parties have spare cycles. @kubernetes/kubectl

<!-- Reviewable:start -->
---
This change is [<img src="http://reviewable.k8s.io/review_button.svg" height="35" align="absmiddle" alt="Reviewable"/>](http://reviewable.k8s.io/reviews/kubernetes/kubernetes/24719)
<!-- Reviewable:end -->
This commit is contained in:
k8s-merge-robot
2016-05-22 09:40:42 -07:00
parent a503bb828a daa8e29c5b
commit 39f0c6ba25
15 changed files with 835 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/user-guide/kubectl/kubectl_create_secret.md
View File

@@ -78,8 +78,9 @@ kubectl create secret
* [kubectl create](kubectl_create.md) - Create a resource by filename or stdin
* [kubectl create secret docker-registry](kubectl_create_secret_docker-registry.md) - Create a secret for use with a Docker registry.
* [kubectl create secret generic](kubectl_create_secret_generic.md) - Create a secret from a local file, directory or literal value.
* [kubectl create secret tls](kubectl_create_secret_tls.md) - Create a TLS secret.
###### Auto generated by spf13/cobra on 5-Apr-2016
###### Auto generated by spf13/cobra on 25-Apr-2016
<!-- BEGIN MUNGE: GENERATED_ANALYTICS -->
[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/docs/user-guide/kubectl/kubectl_create_secret.md?pixel)]()

4
docs/user-guide/kubectl/kubectl_create_secret_docker-registry.md
View File

@@ -61,7 +61,7 @@ kubectl create secret docker-registry NAME --docker-username=user --docker-passw
```
# If you don't already have a .dockercfg file, you can create a dockercfg secret directly by using:
$ kubectl create secret docker-registry my-secret --docker-server=DOCKER_REGISTRY_SERVER --docker-username=DOCKER_USER --docker-password=DOCKER_PASSWORD --docker-email=DOCKER_EMAIL
kubectl create secret docker-registry my-secret --docker-server=DOCKER_REGISTRY_SERVER --docker-username=DOCKER_USER --docker-password=DOCKER_PASSWORD --docker-email=DOCKER_EMAIL
```
### Options
@@ -118,7 +118,7 @@ kubectl create secret docker-registry NAME --docker-username=user --docker-passw
* [kubectl create secret](kubectl_create_secret.md) - Create a secret using specified subcommand.
###### Auto generated by spf13/cobra on 5-Apr-2016
###### Auto generated by spf13/cobra on 16-May-2016
<!-- BEGIN MUNGE: GENERATED_ANALYTICS -->
[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/docs/user-guide/kubectl/kubectl_create_secret_docker-registry.md?pixel)]()

108
docs/user-guide/kubectl/kubectl_create_secret_tls.md Normal file
View File

@@ -0,0 +1,108 @@
<!-- BEGIN MUNGE: UNVERSIONED_WARNING -->
<!-- BEGIN STRIP_FOR_RELEASE -->
<img src="http://kubernetes.io/img/warning.png" alt="WARNING"
width="25" height="25">
<img src="http://kubernetes.io/img/warning.png" alt="WARNING"
width="25" height="25">
<img src="http://kubernetes.io/img/warning.png" alt="WARNING"
width="25" height="25">
<img src="http://kubernetes.io/img/warning.png" alt="WARNING"
width="25" height="25">
<img src="http://kubernetes.io/img/warning.png" alt="WARNING"
width="25" height="25">
<h2>PLEASE NOTE: This document applies to the HEAD of the source tree</h2>
If you are using a released version of Kubernetes, you should
refer to the docs that go with that version.
Documentation for other releases can be found at
[releases.k8s.io](http://releases.k8s.io).
</strong>
--
<!-- END STRIP_FOR_RELEASE -->
<!-- END MUNGE: UNVERSIONED_WARNING -->
## kubectl create secret tls
Create a TLS secret.
### Synopsis
Create a TLS secret from the given public/private key pair.
The public/private key pair must exist before hand. The public key certificate must be .PEM encoded and match the given private key.
```
kubectl create secret tls NAME --cert=path/to/cert/file --key=path/to/key/file [--dry-run]
```
### Examples
```
# Create a new TLS secret named tls-secret with the given key pair:
kubectl create secret tls tls-secret --cert=path/to/tls.cert --key=path/to/tls.key
```
### Options
```
--cert="": Path to PEM encoded public key certificate.
--dry-run[=false]: If true, only print the object that would be sent, without sending it.
--generator="secret-for-tls/v1": The name of the API generator to use.
--key="": Path to private key associated with given certificate.
--no-headers[=false]: When using the default output, don't print headers.
-o, --output="": Output format. One of: json|yaml|wide|name|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://releases.k8s.io/HEAD/docs/user-guide/jsonpath.md].
--output-version="": Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
--save-config[=false]: If true, the configuration of current object will be saved in its annotation. This is useful when you want to perform kubectl apply on this object in the future.
--schema-cache-dir="~/.kube/schema": If non-empty, load/store cached API schemas in this directory, default is '$HOME/.kube/schema'
-a, --show-all[=false]: When printing, show all resources (default hide terminated pods.)
--show-labels[=false]: When printing, show all labels as the last column (default hide labels column)
--sort-by="": If non-empty, sort list types using this field specification. The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.
--template="": Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
--validate[=true]: If true, use a schema to validate the input before sending it
```
### Options inherited from parent commands
```
--alsologtostderr[=false]: log to standard error as well as files
--as="": Username to impersonate for the operation.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client certificate file for TLS.
--client-key="": Path to a client key file for TLS.
--cluster="": The name of the kubeconfig cluster to use
--context="": The name of the kubeconfig context to use
--insecure-skip-tls-verify[=false]: If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure.
--kubeconfig="": Path to the kubeconfig file to use for CLI requests.
--log-backtrace-at=:0: when logging hits line file:N, emit a stack trace
--log-dir="": If non-empty, write log files in this directory
--log-flush-frequency=5s: Maximum number of seconds between log flushes
--logtostderr[=true]: log to standard error instead of files
--match-server-version[=false]: Require server version to match client version
--namespace="": If present, the namespace scope for this CLI request.
--password="": Password for basic authentication to the API server.
-s, --server="": The address and port of the Kubernetes API server
--stderrthreshold=2: logs at or above this threshold go to stderr
--token="": Bearer token for authentication to the API server.
--user="": The name of the kubeconfig user to use
--username="": Username for basic authentication to the API server.
--v=0: log level for V logs
--vmodule=: comma-separated list of pattern=N settings for file-filtered logging
```
### SEE ALSO
* [kubectl create secret](kubectl_create_secret.md) - Create a secret using specified subcommand.
###### Auto generated by spf13/cobra on 16-May-2016
<!-- BEGIN MUNGE: GENERATED_ANALYTICS -->
[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/docs/user-guide/kubectl/kubectl_create_secret_tls.md?pixel)]()
<!-- END MUNGE: GENERATED_ANALYTICS -->