openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity

Merge pull request #40830 from openshift-cherrypick-robot/cherry-pick-40656-to-enterprise-4.10

Browse Source 
[enterprise-4.10] OSDOCS-2906: Initial run of generating CLI docs for 4.10
This commit is contained in:
Gaurav Nelson
2022-01-21 05:37:48 +10:00
committed by GitHub
parent ba38ff78e3 ae9b8841a0
commit d904eb7b0e
2 changed files with 52 additions and 305 deletions
Download Patch File Download Diff File Expand all files Collapse all files

308
modules/oc-adm-by-example-content.adoc
View File

@@ -78,281 +78,6 @@ Deny a certificate signing request
== oc adm completion
Output shell completion code for the specified shell (bash or zsh)
.Example usage
[source,bash,options="nowrap"]
----
# Installing bash completion on macOS using homebrew
## If running Bash 3.2 included with macOS
brew install bash-completion
## or, if running Bash 4.1+
brew install bash-completion@2
## If oc is installed via homebrew, this should start working immediately
## If you've installed via other means, you may need add the completion to your completion directory
oc completion bash > $(brew --prefix)/etc/bash_completion.d/oc
# Installing bash completion on Linux
## If bash-completion is not installed on Linux, install the 'bash-completion' package
## via your distribution's package manager.
## Load the oc completion code for bash into the current shell
source <(oc completion bash)
## Write bash completion code to a file and source it from .bash_profile
oc completion bash > ~/.kube/completion.bash.inc
printf "
# Kubectl shell completion
source '$HOME/.kube/completion.bash.inc'
" >> $HOME/.bash_profile
source $HOME/.bash_profile
# Load the oc completion code for zsh[1] into the current shell
source <(oc completion zsh)
# Set the oc completion code for zsh[1] to autoload on startup
oc completion zsh > "${fpath[1]}/_oc"
----
== oc adm config current-context
Display the current-context
.Example usage
[source,bash,options="nowrap"]
----
# Display the current-context
oc config current-context
----
== oc adm config delete-cluster
Delete the specified cluster from the kubeconfig
.Example usage
[source,bash,options="nowrap"]
----
# Delete the minikube cluster
oc config delete-cluster minikube
----
== oc adm config delete-context
Delete the specified context from the kubeconfig
.Example usage
[source,bash,options="nowrap"]
----
# Delete the context for the minikube cluster
oc config delete-context minikube
----
== oc adm config delete-user
Delete the specified user from the kubeconfig
.Example usage
[source,bash,options="nowrap"]
----
# Delete the minikube user
oc config delete-user minikube
----
== oc adm config get-clusters
Display clusters defined in the kubeconfig
.Example usage
[source,bash,options="nowrap"]
----
# List the clusters that oc knows about
oc config get-clusters
----
== oc adm config get-contexts
Describe one or many contexts
.Example usage
[source,bash,options="nowrap"]
----
# List all the contexts in your kubeconfig file
oc config get-contexts
# Describe one context in your kubeconfig file
oc config get-contexts my-context
----
== oc adm config get-users
Display users defined in the kubeconfig
.Example usage
[source,bash,options="nowrap"]
----
# List the users that oc knows about
oc config get-users
----
== oc adm config rename-context
Rename a context from the kubeconfig file
.Example usage
[source,bash,options="nowrap"]
----
# Rename the context 'old-name' to 'new-name' in your kubeconfig file
oc config rename-context old-name new-name
----
== oc adm config set
Set an individual value in a kubeconfig file
.Example usage
[source,bash,options="nowrap"]
----
# Set the server field on the my-cluster cluster to https://1.2.3.4
oc config set clusters.my-cluster.server https://1.2.3.4
# Set the certificate-authority-data field on the my-cluster cluster
oc config set clusters.my-cluster.certificate-authority-data $(echo "cert_data_here" | base64 -i -)
# Set the cluster field in the my-context context to my-cluster
oc config set contexts.my-context.cluster my-cluster
# Set the client-key-data field in the cluster-admin user using --set-raw-bytes option
oc config set users.cluster-admin.client-key-data cert_data_here --set-raw-bytes=true
----
== oc adm config set-cluster
Set a cluster entry in kubeconfig
.Example usage
[source,bash,options="nowrap"]
----
# Set only the server field on the e2e cluster entry without touching other values
oc config set-cluster e2e --server=https://1.2.3.4
# Embed certificate authority data for the e2e cluster entry
oc config set-cluster e2e --embed-certs --certificate-authority=~/.kube/e2e/kubernetes.ca.crt
# Disable cert checking for the dev cluster entry
oc config set-cluster e2e --insecure-skip-tls-verify=true
# Set custom TLS server name to use for validation for the e2e cluster entry
oc config set-cluster e2e --tls-server-name=my-cluster-name
----
== oc adm config set-context
Set a context entry in kubeconfig
.Example usage
[source,bash,options="nowrap"]
----
# Set the user field on the gce context entry without touching other values
oc config set-context gce --user=cluster-admin
----
== oc adm config set-credentials
Set a user entry in kubeconfig
.Example usage
[source,bash,options="nowrap"]
----
# Set only the "client-key" field on the "cluster-admin"
# entry, without touching other values
oc config set-credentials cluster-admin --client-key=~/.kube/admin.key
# Set basic auth for the "cluster-admin" entry
oc config set-credentials cluster-admin --username=admin --password=uXFGweU9l35qcif
# Embed client certificate data in the "cluster-admin" entry
oc config set-credentials cluster-admin --client-certificate=~/.kube/admin.crt --embed-certs=true
# Enable the Google Compute Platform auth provider for the "cluster-admin" entry
oc config set-credentials cluster-admin --auth-provider=gcp
# Enable the OpenID Connect auth provider for the "cluster-admin" entry with additional args
oc config set-credentials cluster-admin --auth-provider=oidc --auth-provider-arg=client-id=foo --auth-provider-arg=client-secret=bar
# Remove the "client-secret" config value for the OpenID Connect auth provider for the "cluster-admin" entry
oc config set-credentials cluster-admin --auth-provider=oidc --auth-provider-arg=client-secret-
# Enable new exec auth plugin for the "cluster-admin" entry
oc config set-credentials cluster-admin --exec-command=/path/to/the/executable --exec-api-version=client.authentication.k8s.io/v1beta1
# Define new exec auth plugin args for the "cluster-admin" entry
oc config set-credentials cluster-admin --exec-arg=arg1 --exec-arg=arg2
# Create or update exec auth plugin environment variables for the "cluster-admin" entry
oc config set-credentials cluster-admin --exec-env=key1=val1 --exec-env=key2=val2
# Remove exec auth plugin environment variables for the "cluster-admin" entry
oc config set-credentials cluster-admin --exec-env=var-to-remove-
----
== oc adm config unset
Unset an individual value in a kubeconfig file
.Example usage
[source,bash,options="nowrap"]
----
# Unset the current-context
oc config unset current-context
# Unset namespace in foo context
oc config unset contexts.foo.namespace
----
== oc adm config use-context
Set the current-context in a kubeconfig file
.Example usage
[source,bash,options="nowrap"]
----
# Use the context for the minikube cluster
oc config use-context minikube
----
== oc adm config view
Display merged kubeconfig settings or a specified kubeconfig file
.Example usage
[source,bash,options="nowrap"]
----
# Show merged kubeconfig settings
oc config view
# Show merged kubeconfig settings and raw certificate data
oc config view --raw
# Get the password for the e2e user
oc config view -o jsonpath='{.users[?(@.name == "e2e")].user.password}'
----
== oc adm cordon
Mark node as unschedulable
@@ -660,10 +385,10 @@ Add a role to users or service accounts for the current project
[source,bash,options="nowrap"]
----
# Add the 'view' role to user1 for the current project
oc policy add-role-to-user view user1
oc adm policy add-role-to-user view user1
# Add the 'edit' role to serviceaccount1 for the current project
oc policy add-role-to-user edit -z serviceaccount1
oc adm policy add-role-to-user edit -z serviceaccount1
----
@@ -703,16 +428,16 @@ Check which service account can create a pod
----
# Check whether service accounts sa1 and sa2 can admit a pod with a template pod spec specified in my_resource.yaml
# Service Account specified in myresource.yaml file is ignored
oc policy scc-review -z sa1,sa2 -f my_resource.yaml
oc adm policy scc-review -z sa1,sa2 -f my_resource.yaml
# Check whether service accounts system:serviceaccount:bob:default can admit a pod with a template pod spec specified in my_resource.yaml
oc policy scc-review -z system:serviceaccount:bob:default -f my_resource.yaml
oc adm policy scc-review -z system:serviceaccount:bob:default -f my_resource.yaml
# Check whether the service account specified in my_resource_with_sa.yaml can admit the pod
oc policy scc-review -f my_resource_with_sa.yaml
oc adm policy scc-review -f my_resource_with_sa.yaml
# Check whether the default service account can admit the pod; default is taken since no service account is defined in myresource_with_no_sa.yaml
oc policy scc-review -f myresource_with_no_sa.yaml
oc adm policy scc-review -f myresource_with_no_sa.yaml
----
@@ -724,13 +449,13 @@ Check whether a user or a service account can create a pod
[source,bash,options="nowrap"]
----
# Check whether user bob can create a pod specified in myresource.yaml
oc policy scc-subject-review -u bob -f myresource.yaml
oc adm policy scc-subject-review -u bob -f myresource.yaml
# Check whether user bob who belongs to projectAdmin group can create a pod specified in myresource.yaml
oc policy scc-subject-review -u bob -g projectAdmin -f myresource.yaml
oc adm policy scc-subject-review -u bob -g projectAdmin -f myresource.yaml
# Check whether a service account specified in the pod template spec in myresourcewithsa.yaml can create the pod
oc policy scc-subject-review -f myresourcewithsa.yaml
oc adm policy scc-subject-review -f myresourcewithsa.yaml
----
@@ -1000,6 +725,21 @@ Mark node as schedulable
== oc adm upgrade
Upgrade a cluster
.Example usage
[source,bash,options="nowrap"]
----
# Review the available cluster updates
oc adm upgrade
# Update to the latest version
oc adm upgrade --to-latest=true
----
== oc adm verify-image-signature
Verify the image identity contained in the image signature

49
modules/oc-by-example-content.adoc
View File

@@ -286,7 +286,7 @@ Dump relevant information for debugging and diagnosis
== oc completion
Output shell completion code for the specified shell (bash or zsh)
Output shell completion code for the specified shell (bash, zsh or fish)
.Example usage
[source,bash,options="nowrap"]
@@ -318,6 +318,25 @@ Output shell completion code for the specified shell (bash or zsh)
source <(oc completion zsh)
# Set the oc completion code for zsh[1] to autoload on startup
oc completion zsh > "${fpath[1]}/_oc"
# Load the oc completion code for fish[2] into the current shell
oc completion fish | source
# To load completions for each session, execute once:
oc completion fish > ~/.config/fish/completions/oc.fish
# Load the oc completion code for powershell into the current shell
oc completion powershell | Out-String | Invoke-Expression
# Set oc completion code for powershell to run on startup
## Save completion code to a script and execute in the profile
oc completion powershell > $HOME\.kube\completion.ps1
Add-Content $PROFILE "$HOME\.kube\completion.ps1"
## Execute completion code in the profile
Add-Content $PROFILE "if (Get-Command oc -ErrorAction SilentlyContinue) {
oc completion powershell | Out-String | Invoke-Expression
}"
## Add completion code directly to the $PROFILE script
oc completion powershell >> $PROFILE
----
@@ -694,7 +713,7 @@ Create a config map from a local file, directory or literal value
oc create configmap my-config --from-file=path/to/bar
# Create a new config map named my-config from an env file
oc create configmap my-config --from-env-file=path/to/bar.env
oc create configmap my-config --from-env-file=path/to/foo.env --from-env-file=path/to/bar.env
----
@@ -1023,8 +1042,8 @@ Create a secret from a local file, directory, or literal value
# Create a new secret named my-secret using a combination of a file and a literal
oc create secret generic my-secret --from-file=ssh-privatekey=path/to/id_rsa --from-literal=passphrase=topsecret
# Create a new secret named my-secret from an env file
oc create secret generic my-secret --from-env-file=path/to/bar.env
# Create a new secret named my-secret from env files
oc create secret generic my-secret --from-env-file=path/to/foo.env --from-env-file=path/to/bar.env
----
@@ -1218,8 +1237,8 @@ Show details of a specific resource or group of resources
# Describe pods by label name=myLabel
oc describe po -l name=myLabel
# Describe all pods managed by the 'frontend' replication controller (rc-created pods
# get the name of the rc as a prefix in the pod the name)
# Describe all pods managed by the 'frontend' replication controller
# (rc-created pods get the name of the rc as a prefix in the pod name)
oc describe pods frontend
----
@@ -1261,18 +1280,6 @@ Edit a resource on the server
== oc ex dockergc
Perform garbage collection to free space in docker storage
.Example usage
[source,bash,options="nowrap"]
----
# Perform garbage collection with the default settings
oc ex dockergc
----
== oc exec
Execute a command in a container
@@ -2345,9 +2352,6 @@ Link secrets to a service account
# Add an image pull secret to a service account to automatically use it for both pulling and pushing build images
oc secrets link builder builder-image-secret --for=pull,mount
# If the cluster's serviceAccountConfig is operating with limitSecretReferences: True, secrets must be added to the pod's service account whitelist in order to be available to the pod
oc secrets link pod-sa pod-secret
----
@@ -2869,6 +2873,9 @@ Experimental: Wait for a specific condition on one or many resources
# The default value of status condition is true; you can set it to false
oc wait --for=condition=Ready=false pod/busybox1
# Wait for the pod "busybox1" to contain the status phase to be "Running".
oc wait --for=jsonpath='{.status.phase}'=Running pod/busybox1
# Wait for the pod "busybox1" to be deleted, with a timeout of 60s, after having issued the "delete" command
oc delete pod/busybox1
oc wait --for=delete pod/busybox1 --timeout=60s