mirror of
				https://github.com/k3s-io/kubernetes.git
				synced 2025-10-25 10:00:53 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			109 lines
		
	
	
		
			5.3 KiB
		
	
	
	
		
			Markdown
		
	
	
	
	
	
			
		
		
	
	
			109 lines
		
	
	
		
			5.3 KiB
		
	
	
	
		
			Markdown
		
	
	
	
	
	
| <!-- BEGIN MUNGE: UNVERSIONED_WARNING -->
 | |
| 
 | |
| <!-- BEGIN STRIP_FOR_RELEASE -->
 | |
| 
 | |
| <img src="http://kubernetes.io/img/warning.png" alt="WARNING"
 | |
|      width="25" height="25">
 | |
| <img src="http://kubernetes.io/img/warning.png" alt="WARNING"
 | |
|      width="25" height="25">
 | |
| <img src="http://kubernetes.io/img/warning.png" alt="WARNING"
 | |
|      width="25" height="25">
 | |
| <img src="http://kubernetes.io/img/warning.png" alt="WARNING"
 | |
|      width="25" height="25">
 | |
| <img src="http://kubernetes.io/img/warning.png" alt="WARNING"
 | |
|      width="25" height="25">
 | |
| 
 | |
| <h2>PLEASE NOTE: This document applies to the HEAD of the source tree</h2>
 | |
| 
 | |
| If you are using a released version of Kubernetes, you should
 | |
| refer to the docs that go with that version.
 | |
| 
 | |
| Documentation for other releases can be found at
 | |
| [releases.k8s.io](http://releases.k8s.io).
 | |
| </strong>
 | |
| --
 | |
| 
 | |
| <!-- END STRIP_FOR_RELEASE -->
 | |
| 
 | |
| <!-- END MUNGE: UNVERSIONED_WARNING -->
 | |
| 
 | |
| ## kubectl create secret tls
 | |
| 
 | |
| Create a TLS secret.
 | |
| 
 | |
| ### Synopsis
 | |
| 
 | |
| 
 | |
| 
 | |
| Create a TLS secret from the given public/private key pair.
 | |
| 
 | |
| The public/private key pair must exist before hand. The public key certificate must be .PEM encoded and match the given private key.
 | |
| 
 | |
| ```
 | |
| kubectl create secret tls NAME --cert=path/to/cert/file --key=path/to/key/file [--dry-run]
 | |
| ```
 | |
| 
 | |
| ### Examples
 | |
| 
 | |
| ```
 | |
|   # Create a new TLS secret named tls-secret with the given key pair:
 | |
|   kubectl create secret tls tls-secret --cert=path/to/tls.cert --key=path/to/tls.key
 | |
| ```
 | |
| 
 | |
| ### Options
 | |
| 
 | |
| ```
 | |
|       --cert="": Path to PEM encoded public key certificate.
 | |
|       --dry-run[=false]: If true, only print the object that would be sent, without sending it.
 | |
|       --generator="secret-for-tls/v1": The name of the API generator to use.
 | |
|       --key="": Path to private key associated with given certificate.
 | |
|       --no-headers[=false]: When using the default output, don't print headers.
 | |
|   -o, --output="": Output format. One of: json|yaml|wide|name|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [http://releases.k8s.io/HEAD/docs/user-guide/jsonpath.md].
 | |
|       --output-version="": Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
 | |
|       --save-config[=false]: If true, the configuration of current object will be saved in its annotation. This is useful when you want to perform kubectl apply on this object in the future.
 | |
|       --schema-cache-dir="~/.kube/schema": If non-empty, load/store cached API schemas in this directory, default is '$HOME/.kube/schema'
 | |
|   -a, --show-all[=false]: When printing, show all resources (default hide terminated pods.)
 | |
|       --show-labels[=false]: When printing, show all labels as the last column (default hide labels column)
 | |
|       --sort-by="": If non-empty, sort list types using this field specification.  The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.
 | |
|       --template="": Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
 | |
|       --validate[=true]: If true, use a schema to validate the input before sending it
 | |
| ```
 | |
| 
 | |
| ### Options inherited from parent commands
 | |
| 
 | |
| ```
 | |
|       --alsologtostderr[=false]: log to standard error as well as files
 | |
|       --as="": Username to impersonate for the operation.
 | |
|       --certificate-authority="": Path to a cert. file for the certificate authority.
 | |
|       --client-certificate="": Path to a client certificate file for TLS.
 | |
|       --client-key="": Path to a client key file for TLS.
 | |
|       --cluster="": The name of the kubeconfig cluster to use
 | |
|       --context="": The name of the kubeconfig context to use
 | |
|       --insecure-skip-tls-verify[=false]: If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure.
 | |
|       --kubeconfig="": Path to the kubeconfig file to use for CLI requests.
 | |
|       --log-backtrace-at=:0: when logging hits line file:N, emit a stack trace
 | |
|       --log-dir="": If non-empty, write log files in this directory
 | |
|       --log-flush-frequency=5s: Maximum number of seconds between log flushes
 | |
|       --logtostderr[=true]: log to standard error instead of files
 | |
|       --match-server-version[=false]: Require server version to match client version
 | |
|       --namespace="": If present, the namespace scope for this CLI request.
 | |
|       --password="": Password for basic authentication to the API server.
 | |
|   -s, --server="": The address and port of the Kubernetes API server
 | |
|       --stderrthreshold=2: logs at or above this threshold go to stderr
 | |
|       --token="": Bearer token for authentication to the API server.
 | |
|       --user="": The name of the kubeconfig user to use
 | |
|       --username="": Username for basic authentication to the API server.
 | |
|       --v=0: log level for V logs
 | |
|       --vmodule=: comma-separated list of pattern=N settings for file-filtered logging
 | |
| ```
 | |
| 
 | |
| ### SEE ALSO
 | |
| 
 | |
| * [kubectl create secret](kubectl_create_secret.md)	 - Create a secret using specified subcommand.
 | |
| 
 | |
| ###### Auto generated by spf13/cobra on 16-May-2016
 | |
| 
 | |
| <!-- BEGIN MUNGE: GENERATED_ANALYTICS -->
 | |
| []()
 | |
| <!-- END MUNGE: GENERATED_ANALYTICS -->
 |