kubectl-create-secret-docker-registry man page

kubectl create secret docker-registry — Create a secret for use with a Docker registry.

Synopsis

kubectl create secret docker-registry [Options]

Description

Create a new secret for use with Docker registries.

Dockercfg secrets are used to authenticate against Docker registries.

When using the Docker command line to push images, you can authenticate to a given registry by running
'docker login DOCKER_REGISTRY_SERVER --username=DOCKER_USER --password=DOCKER_PASSWORD --email=DOCKER_EMAIL'. That produces a  /.dockercfg file that is used by subsequent 'docker push' and 'docker pull' commands to authenticate to the registry.

When creating applications, you may have a Docker registry that requires authentication. In order for the nodes to pull images on your behalf, they have to have the credentials. You can provide this information by creating a dockercfg secret and attaching it to your service account.

Options

--docker-email=""
Email for Docker registry
--docker-password=""
Password for Docker registry authentication
--docker-server=" ⟨https://index.docker.io/v1/"⟩
Server location for Docker registry
--docker-username=""
Username for Docker registry authentication
--dry-run=false
If true, only print the object that would be sent, without sending it.
--generator="secret-for-docker-registry/v1"
The name of the API generator to use.
--include-extended-apis=true
If true, include definitions of new APIs via calls to the API server. [default true]
--no-headers=false
When using the default output, don't print headers.
-o, --output=""
Output format. One of: json|yaml|wide|name|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=... See golang template [ ⟨http://golang.org/pkg/text/template/#pk…⟩] and jsonpath template [ ⟨http://releases.k8s.io/release-1.3/docs…⟩].
--output-version=""
Output the formatted object with the given group version (for ex: 'extensions/v1beta1').
--save-config=false
If true, the configuration of current object will be saved in its annotation. This is useful when you want to perform kubectl apply on this object in the future.
--schema-cache-dir=" /.kube/schema"
If non-empty, load/store cached API schemas in this directory, default is '$HOME/.kube/schema'
-a, --show-all=false
When printing, show all resources (default hide terminated pods.)
--show-labels=false
When printing, show all labels as the last column (default hide labels column)
--sort-by=""
If non-empty, sort list types using this field specification. The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.
--template=""
Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [ ⟨http://golang.org/pkg/text/template/#pk…⟩].
--validate=true
If true, use a schema to validate the input before sending it

Options Inherited from Parent Commands

--alsologtostderr=false
log to standard error as well as files

--api-version=""
DEPRECATED: The API version to use when talking to the server

--as=""
Username to impersonate for the operation.

--certificate-authority=""
Path to a cert. file for the certificate authority.

--client-certificate=""
Path to a client certificate file for TLS.

--client-key=""
Path to a client key file for TLS.

--cluster=""
The name of the kubeconfig cluster to use

--context=""
The name of the kubeconfig context to use

--insecure-skip-tls-verify=false
If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure.

--kubeconfig=""
Path to the kubeconfig file to use for CLI requests.

--log-backtrace-at=:0
when logging hits line file:N, emit a stack trace

--log-dir=""
If non-empty, write log files in this directory

--log-flush-frequency=5s
Maximum number of seconds between log flushes

--logtostderr=true
log to standard error instead of files

--match-server-version=false
Require server version to match client version

--namespace=""
If present, the namespace scope for this CLI request.

--password=""
Password for basic authentication to the API server.

-s, --server=""
The address and port of the Kubernetes API server

--stderrthreshold=2
logs at or above this threshold go to stderr

--token=""
Bearer token for authentication to the API server.

--user=""
The name of the kubeconfig user to use

--username=""
Username for basic authentication to the API server.

--v=0
log level for V logs

--vmodule=
comma-separated list of pattern=N settings for file-filtered logging

Example

# If you don't already have a .dockercfg file, you can create a dockercfg secret directly by using:
kubectl create secret docker-registry my-secret --docker-server=DOCKER_REGISTRY_SERVER --docker-username=DOCKER_USER --docker-password=DOCKER_PASSWORD --docker-email=DOCKER_EMAIL

See Also

kubectl-create-secret(1),

History

January 2015, Originally compiled by Eric Paris (eparis at redhat dot com) based on the kubernetes source material, but hopefully they have been automatically generated since!

Referenced By

kubectl-create-secret(1).

kubernetes User Manuals Eric Paris Jan 2015