config

The loading order follows these rules:

  1. If the —kubeconfig flag is set, then only that file is loaded. The flag may only be set once and no merging takes place.
  2. If $KUBECONFIG environment variable is set, then it is used as a list of paths (normal path delimiting rules for your system). These paths are merged. When a value is modified, it is modified in the file that defines the stanza. When a value is created, it is created in the first file that exists. If no files in the chain exist, then it creates the last file in the list.
  3. Otherwise, ${HOME}/.kube/config is used and no merging takes place.

Display the current-context.

Usage

$ kubectl config current-context

delete-cluster

Delete the minikube cluster

  1. kubectl config delete-cluster minikube

Delete the specified cluster from the kubeconfig.

Usage

$ kubectl config delete-cluster NAME

delete-context

Delete the context for the minikube cluster

  1. kubectl config delete-context minikube

Delete the specified context from the kubeconfig.

Usage

$ kubectl config delete-context NAME

delete-user

Delete the minikube user

  1. kubectl config delete-user minikube

Delete the specified user from the kubeconfig.

Usage

$ kubectl config delete-user NAME

get-clusters

List the clusters that kubectl knows about

  1. kubectl config get-clusters

Display clusters defined in the kubeconfig.

Usage

$ kubectl config get-clusters

List all the contexts in your kubeconfig file

  1. kubectl config get-contexts

Describe one context in your kubeconfig file

    Display one or many contexts from the kubeconfig file.

    Usage

    $ kubectl config get-contexts [(-o|--output=)name)]

    get-users

    List the users that kubectl knows about

    1. kubectl config get-users

    Display users defined in the kubeconfig.

    Usage

    $ kubectl config get-users

    rename-context

    Rename the context ‘old-name’ to ‘new-name’ in your kubeconfig file

    Renames a context from the kubeconfig file.

    NEW_NAME is the new name you want to set.

    Note: If the context being renamed is the ‘current-context’, this field will also be updated.

    Usage

    $ kubectl config rename-context CONTEXT_NAME NEW_NAME

    set

    Set the server field on the my-cluster cluster to https://1.2.3.4

    1. kubectl config set clusters.my-cluster.server https://1.2.3.4

    Set the certificate-authority-data field on the my-cluster cluster

    1. kubectl config set clusters.my-cluster.certificate-authority-data $(echo "cert_data_here" | base64 -i -)

    Set the client-key-data field in the cluster-admin user using —set-raw-bytes option

    1. kubectl config set users.cluster-admin.client-key-data cert_data_here --set-raw-bytes=true

    Set an individual value in a kubeconfig file.

    PROPERTY_NAME is a dot delimited name where each token represents either an attribute name or a map key. Map keys may not contain dots.

    PROPERTY_VALUE is the new value you want to set. Binary fields such as ‘certificate-authority-data’ expect a base64 encoded string unless the —set-raw-bytes flag is used.

    Specifying an attribute name that already exists will merge new fields on top of existing values.

    Usage

    $ kubectl config set PROPERTY_NAME PROPERTY_VALUE

    Flags

    NameShorthandDefaultUsage
    set-raw-bytesfalseWhen writing a []byte PROPERTY_VALUE, write the given string directly without base64 decoding.

    set-cluster

    Set only the server field on the e2e cluster entry without touching other values

    1. kubectl config set-cluster e2e --server=https://1.2.3.4

    Embed certificate authority data for the e2e cluster entry

    1. kubectl config set-cluster e2e --embed-certs --certificate-authority=~/.kube/e2e/kubernetes.ca.crt

    Disable cert checking for the dev cluster entry

    1. kubectl config set-cluster e2e --insecure-skip-tls-verify=true

    Set custom TLS server name to use for validation for the e2e cluster entry

    1. kubectl config set-cluster e2e --tls-server-name=my-cluster-name

    Set a cluster entry in kubeconfig.

    Specifying a name that already exists will merge new fields on top of existing values for those fields.

    Usage

    $ kubectl config set-cluster NAME [--server=server] [--certificate-authority=path/to/certificate/authority] [--insecure-skip-tls-verify=true] [--tls-server-name=example.com]

    Flags

    Set the user field on the gce context entry without touching other values

    1. kubectl config set-context gce --user=cluster-admin

    Set a context entry in kubeconfig.

    Specifying a name that already exists will merge new fields on top of existing values for those fields.

    $ kubectl config set-context [NAME | --current] [--cluster=cluster_nickname] [--user=user_nickname] [--namespace=namespace]

    Flags

    NameShorthandDefaultUsage
    currentfalseModify the current context

    set-credentials

    Set only the “client-key” field on the “cluster-admin” # entry, without touching other values

    1. kubectl config set-credentials cluster-admin --client-key=~/.kube/admin.key

    Set basic auth for the “cluster-admin” entry

    1. kubectl config set-credentials cluster-admin --username=admin --password=uXFGweU9l35qcif

    Embed client certificate data in the “cluster-admin” entry

    1. kubectl config set-credentials cluster-admin --auth-provider=gcp

    Remove the “client-secret” config value for the OpenID Connect auth provider for the “cluster-admin” entry

    1. kubectl config set-credentials cluster-admin --auth-provider=oidc --auth-provider-arg=client-secret-

    Enable new exec auth plugin for the “cluster-admin” entry

    1. kubectl config set-credentials cluster-admin --exec-command=/path/to/the/executable --exec-api-version=client.authentication.k8s.io/v1beta1

    Define new exec auth plugin args for the “cluster-admin” entry

    1. kubectl config set-credentials cluster-admin --exec-arg=arg1 --exec-arg=arg2

    Create or update exec auth plugin environment variables for the “cluster-admin” entry

    1. kubectl config set-credentials cluster-admin --exec-env=key1=val1 --exec-env=key2=val2

    Remove exec auth plugin environment variables for the “cluster-admin” entry

    1. kubectl config set-credentials cluster-admin --exec-env=var-to-remove-

    Set a user entry in kubeconfig.

    Specifying a name that already exists will merge new fields on top of existing values.

    Client-certificate flags: —client-certificate=certfile —client-key=keyfile

    Bearer token flags: —token=bearer_token

    Basic auth flags: —username=basic_user —password=basic_password

    Bearer token and basic auth are mutually exclusive.

    Usage

    $ kubectl config set-credentials NAME [--client-certificate=path/to/certfile] [--client-key=path/to/keyfile] [--token=bearer_token] [--username=basic_user] [--password=basic_password] [--auth-provider=provider_name] [--auth-provider-arg=key=value] [--exec-command=exec_command] [--exec-api-version=exec_api_version] [--exec-arg=arg] [--exec-env=key=value]

    Flags

    unset

    Unset the current-context

    1. kubectl config unset current-context

    Unset namespace in foo context

    1. kubectl config unset contexts.foo.namespace

    Unset an individual value in a kubeconfig file.

    PROPERTY_NAME is a dot delimited name where each token represents either an attribute name or a map key. Map keys may not contain dots.

    Usage

    $ kubectl config unset PROPERTY_NAME

    use-context

    Use the context for the minikube cluster

    1. kubectl config use-context minikube

    Set the current-context in a kubeconfig file.

    Usage

    $ kubectl config use-context CONTEXT_NAME

    view

    Show merged kubeconfig settings

      Show merged kubeconfig settings and raw certificate data

      1. kubectl config view --raw

      Display merged kubeconfig settings or a specified kubeconfig file.

      You can use —output jsonpath={…} to extract specific values using a jsonpath expression.

      Usage

      NameShorthandDefaultUsage
      allow-missing-template-keystrueIf true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats.
      flattenfalseFlatten the resulting kubeconfig file into self-contained output (useful for creating portable kubeconfig files)
      mergetrueMerge the full hierarchy of kubeconfig files
      minifyfalseRemove all information not used by current-context from the output
      outputoyamlOutput format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file.
      rawfalseDisplay raw byte data
      show-managed-fieldsfalseIf true, keep the managedFields when printing objects in JSON or YAML format.
      templateTemplate string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].