oc image extract [Options]
Extract the contents of an image to disk
Download an image or parts of an image to the filesystem. Allows users to access the contents of images without requiring a container runtime engine running.
Pass images to extract as arguments. The --paths flag allows you to define multiple source to destination directory mappings. The source section may be either a file, a directory (ends with a '/'), or a file pattern within a directory. The destination section is a directory to extract to. Both source and destination must be specified.
If the specified image supports multiple operating systems, the image that matches the current operating system will be chosen. Otherwise you must pass --filter-by-os to select the desired image.
You may further qualify the image by adding a layer selector to the end of the image string to only extract specific layers within an image. The supported selectors are:
[ <index>] - select the layer at the provided index (zero-indexed) [ <from_index>, <to_index>] - select layers by index, exclusive [ <prefix>] - select the layer with the matching prefix or return an error
Negative indices are counted from the end of the list, e.g. [-1] selects the last layer.
Experimental: This command is under active development and may change without notice.
Print the actions that would be taken and exit without writing any contents.
A regular expression to control which images are mirrored. Images will be passed as '<platform>/<architecture>[/<variant>]'.
Allow pull operations to registries to be made over HTTP
Only extract regular files and directories from the image.
Extract only part of an image. Must be SRC:DST where SRC is the path within the image and DST a local directory. If not specified the default is to extract everything to the current directory.
Options Inherited from Parent Commands
Allow a SignatureVerifier to use keys which are technically non-compliant with RFC6962.
log to standard error as well as files
Max number of application metrics to store (per container)
Username to impersonate for the operation
Group to impersonate for the operation, this flag can be repeated to specify multiple groups.
Path to the file containing Azure container registry configuration information.
Comma-separated list of files to check for boot-id. Use the first one that exists.
Default HTTP cache directory
Path to a cert file for the certificate authority
Path to a client certificate file for TLS
Path to a client key file for TLS
CIDRs opened in GCE firewall for LB traffic proxy health checks
The name of the kubeconfig cluster to use
location of the container hints file
The name of the kubeconfig context to use
Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration.
Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration.
use TLS to connect to docker
path to trusted CA
path to client certificate
path to private key
a comma-separated list of environment variable keys that needs to be collected for docker containers
Only report docker containers in addition to root stats
DEPRECATED: docker root is read from docker info (this is a fallback, default: /var/lib/docker)
Whether to enable cpu load reader
Max length of time for which to store events (per type). Value is a comma separated list of key values, where the keys are event types (e.g.: creation, oom) or "default" and the value is a duration. Default is applied to all non-specified event types
Max number of events to store (per type). Value is a comma separated list of key values, where the keys are event types (e.g.: creation, oom) or "default" and the value is an integer. Default is applied to all non-specified event types
Interval between global housekeepings
Interval between container housekeepings
If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
Path to the kubeconfig file to use for CLI requests.
Maximum number of seconds between log flushes
when logging hits line file:N, emit a stack trace
Whether to log the usage of the cAdvisor container
If non-empty, write log files in this directory
log to standard error instead of files
Comma-separated list of files to check for machine-id. Use the first one that exists.
Require server version to match client version
- -n, --namespace=""
If present, the namespace scope for this CLI request
The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests.
- -s, --server=""
The address and port of the Kubernetes API server
logs at or above this threshold go to stderr
Writes in the storage driver will be buffered for this duration, and committed to the non memory backends as a single transaction
use secure connection with database
Bearer token for authentication to the API server
The name of the kubeconfig user to use
- -v, --v=0
log level for V logs
Print version information and quit
comma-separated list of pattern=N settings for file-filtered logging
# Extract the busybox image into the current directory oc image docker.io/library/busybox:latest # Extract the busybox image to a temp directory (must exist) oc image docker.io/library/busybox:latest --path /:/tmp/busybox # Extract a single file from the image into the current directory oc image docker.io/library/centos:7 --path /bin/bash:. # Extract all .repo files from the image's /etc/yum.repos.d/ folder. oc image docker.io/library/centos:7 --path /etc/yum.repos.d/*.repo:. # Extract the last layer in the image oc image docker.io/library/centos:7[-1] # Extract the first three layers of the image oc image docker.io/library/centos:7[:3] # Extract the last three layers of the image oc image docker.io/library/centos:7[-3:]
June 2016, Ported from the Kubernetes man-doc generator