Synopsis Check whether an action is allowed. VERB is a logical Kubernetes API verb like 'get', 'list', 'watch', 'delete', etc. TYPE is a Kubernetes resource. Shortcuts and groups will be resolved. NONRESOURCEURL is a partial URL that starts with "/". NAME is the name of a particular Kubernetes resource. This command pairs nicely with impersonation. See --as global flag. kubectl auth can-i VERB [TYPE | TYPE/NAME | NONRESOURCEURL] Examples # Check to see if I can create pods in any namespace kubectl auth can-i create pods --all-namespaces # Check to see if I can list deployments in my current namespace kubectl auth can-i list deployments.

Production-Grade Container Orchestration

Caution:kubeadm alpha provides a preview of a set of features made available for gathering feedback from the community. Please try it out and give us feedback! Currently there are no experimental commands under kubeadm alpha. What's next kubeadm init to bootstrap a Kubernetes control-plane node kubeadm join to connect a node to the cluster kubeadm reset to revert any changes made to this host by kubeadm init or kubeadm join

Production-Grade Container Orchestration

Synopsis Roll back to a previous rollout. kubectl rollout undo (TYPE NAME | TYPE/NAME) [flags] Examples # Roll back to the previous deployment kubectl rollout undo deployment/abc # Roll back to daemonset revision 3 kubectl rollout undo daemonset/abc --to-revision=3 # Roll back to the previous deployment with dry-run kubectl rollout undo --dry-run=server deployment/abc Options --allow-missing-template-keys     Default: true If true, ignore any errors in templates when a field or map key is missing in the template.

Synopsis Display merged kubeconfig settings or a specified kubeconfig file. You can use --output jsonpath={...} to extract specific values using a jsonpath expression. kubectl config view [flags] Examples # Show merged kubeconfig settings kubectl config view # Show merged kubeconfig settings, raw certificate data, and exposed secrets kubectl config view --raw # Get the password for the e2e user kubectl config view -o jsonpath='{.users[?(@.name == "e2e")].user.password}' Options --allow-missing-template-keys     Default: true If true, ignore any errors in templates when a field or map key is missing in the template.

Synopsis Set an individual value in a kubeconfig file. PROPERTY_NAME is a dot delimited name where each token represents either an attribute name or a map key. Map keys may not contain dots. PROPERTY_VALUE is the new value you want to set. Binary fields such as 'certificate-authority-data' expect a base64 encoded string unless the --set-raw-bytes flag is used. Specifying an attribute name that already exists will merge new fields on top of existing values.

Note: This section links to third party projects that provide functionality required by Kubernetes. The Kubernetes project authors aren't responsible for these projects, which are listed alphabetically. To add a project to this list, read the content guide before submitting a change. More information. Many features rely on specific kernel functionalities and have minimum kernel version requirements. However, relying solely on kernel version numbers may not be sufficient for certain operating system distributions, as maintainers for distributions such as RHEL, Ubuntu and SUSE often backport selected features to older kernel releases (retaining the older kernel version).

This page shows how to contribute to the upstream kubernetes/kubernetes project. You can fix bugs found in the Kubernetes API documentation or the content of the Kubernetes components such as kubeadm, kube-apiserver, and kube-controller-manager. If you instead want to regenerate the reference documentation for the Kubernetes API or the kube-* components from the upstream code, see the following instructions: Generating Reference Documentation for the Kubernetes API Generating Reference Documentation for the Kubernetes Components and Tools Before you begin You need to have these tools installed:

FEATURE STATE: Kubernetes v1.32 [alpha] (enabled by default: false) This page shows how to specify CPU and memory resources for a Pod at pod-level in addition to container-level resource specifications. A Kubernetes node allocates resources to a pod based on the pod's resource requests. These requests can be defined at the pod level or individually for containers within the pod. When both are present, the pod-level requests take precedence.