kubernetes/docs/man/man1/kubectl-create-secret-docker-registry.1

.TH "KUBERNETES" "1" " kubernetes User Manuals" "Eric Paris" "Jan 2015"  ""


.SH NAME
.PP
kubectl create secret docker\-registry \- Create a secret for use with a Docker registry.


.SH SYNOPSIS
.PP
\fBkubectl create secret docker\-registry\fP [OPTIONS]


.SH DESCRIPTION
.PP
Create a new secret for use with Docker registries.

.PP
Dockercfg secrets are used to authenticate against Docker registries.

.PP
When using the Docker command line to push images, you can authenticate to a given registry by running
  'docker login DOCKER\_REGISTRY\_SERVER \-\-username=DOCKER\_USER \-\-password=DOCKER\_PASSWORD \-\-email=DOCKER\_EMAIL'.
That produces a \~/.dockercfg file that is used by subsequent 'docker push' and 'docker pull' commands to
authenticate to the registry.

.PP
When creating applications, you may have a Docker registry that requires authentication.  In order for the
nodes to pull images on your behalf, they have to have the credentials.  You can provide this information
by creating a dockercfg secret and attaching it to your service account.


.SH OPTIONS
.PP
\fB\-\-docker\-email\fP=""
    Email for Docker registry

.PP
\fB\-\-docker\-password\fP=""
    Password for Docker registry authentication

.PP
\fB\-\-docker\-server\fP="
\[la]https://index.docker.io/v1/"\[ra]
    Server location for Docker registry

.PP
\fB\-\-docker\-username\fP=""
    Username for Docker registry authentication

.PP
\fB\-\-dry\-run\fP=false
    If true, only print the object that would be sent, without sending it.

.PP
\fB\-\-generator\fP="secret\-for\-docker\-registry/v1"
    The name of the API generator to use.

.PP
\fB\-\-no\-headers\fP=false
    When using the default output, don't print headers.

.PP
\fB\-o\fP, \fB\-\-output\fP=""
    Output format. One of: json|yaml|wide|name|go\-template=...|go\-template\-file=...|jsonpath=...|jsonpath\-file=... See golang template [
\[la]http://golang.org/pkg/text/template/#pkg-overview\[ra]] and jsonpath template [
\[la]http://releases.k8s.io/HEAD/docs/user-guide/jsonpath.md\[ra]].

.PP
\fB\-\-output\-version\fP=""
    Output the formatted object with the given version (default api\-version).

.PP
\fB\-\-save\-config\fP=false
    If true, the configuration of current object will be saved in its annotation. This is useful when you want to perform kubectl apply on this object in the future.

.PP
\fB\-\-schema\-cache\-dir\fP="\~/.kube/schema"
    If non\-empty, load/store cached API schemas in this directory, default is '$HOME/.kube/schema'

.PP
\fB\-a\fP, \fB\-\-show\-all\fP=false
    When printing, show all resources (default hide terminated pods.)

.PP
\fB\-\-show\-labels\fP=false
    When printing, show all labels as the last column (default hide labels column)

.PP
\fB\-\-sort\-by\fP=""
    If non\-empty, sort list types using this field specification.  The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.

.PP
\fB\-\-template\fP=""
    Template string or path to template file to use when \-o=go\-template, \-o=go\-template\-file. The template format is golang templates [
\[la]http://golang.org/pkg/text/template/#pkg-overview\[ra]].

.PP
\fB\-\-validate\fP=true
    If true, use a schema to validate the input before sending it


.SH OPTIONS INHERITED FROM PARENT COMMANDS
.PP
\fB\-\-alsologtostderr\fP=false
    log to standard error as well as files

.PP
\fB\-\-api\-version\fP=""
    The API version to use when talking to the server

.PP
\fB\-\-certificate\-authority\fP=""
    Path to a cert. file for the certificate authority.

.PP
\fB\-\-client\-certificate\fP=""
    Path to a client certificate file for TLS.

.PP
\fB\-\-client\-key\fP=""
    Path to a client key file for TLS.

.PP
\fB\-\-cluster\fP=""
    The name of the kubeconfig cluster to use

.PP
\fB\-\-context\fP=""
    The name of the kubeconfig context to use

.PP
\fB\-\-insecure\-skip\-tls\-verify\fP=false
    If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure.

.PP
\fB\-\-kubeconfig\fP=""
    Path to the kubeconfig file to use for CLI requests.

.PP
\fB\-\-log\-backtrace\-at\fP=:0
    when logging hits line file:N, emit a stack trace

.PP
\fB\-\-log\-dir\fP=""
    If non\-empty, write log files in this directory

.PP
\fB\-\-log\-flush\-frequency\fP=5s
    Maximum number of seconds between log flushes

.PP
\fB\-\-logtostderr\fP=true
    log to standard error instead of files

.PP
\fB\-\-match\-server\-version\fP=false
    Require server version to match client version

.PP
\fB\-\-namespace\fP=""
    If present, the namespace scope for this CLI request.

.PP
\fB\-\-password\fP=""
    Password for basic authentication to the API server.

.PP
\fB\-s\fP, \fB\-\-server\fP=""
    The address and port of the Kubernetes API server

.PP
\fB\-\-stderrthreshold\fP=2
    logs at or above this threshold go to stderr

.PP
\fB\-\-token\fP=""
    Bearer token for authentication to the API server.

.PP
\fB\-\-user\fP=""
    The name of the kubeconfig user to use

.PP
\fB\-\-username\fP=""
    Username for basic authentication to the API server.

.PP
\fB\-\-v\fP=0
    log level for V logs

.PP
\fB\-\-vmodule\fP=
    comma\-separated list of pattern=N settings for file\-filtered logging


.SH EXAMPLE
.PP
.RS

.nf
  # If you don't already have a .dockercfg file, you can create a dockercfg secret directly by using:
  $ kubectl create secret docker\-registry my\-secret \-\-docker\-server=DOCKER\_REGISTRY\_SERVER \-\-docker\-username=DOCKER\_USER \-\-docker\-password=DOCKER\_PASSWORD \-\-docker\-email=DOCKER\_EMAIL

.fi
.RE


.SH SEE ALSO
.PP
\fBkubectl\-create\-secret(1)\fP,


.SH HISTORY
.PP
January 2015, Originally compiled by Eric Paris (eparis at redhat dot com) based on the kubernetes source material, but hopefully they have been automatically generated since!