Synopsis Create a job with the specified name. kubectl create job NAME --image=image [--from=cronjob/name] -- [COMMAND] [args...] Examples # Create a job kubectl create job my-job --image=busybox # Create a job with a command kubectl create job my-job --image=busybox -- date # Create a job from a cron job named "a-cronjob" kubectl create job test-job --from=cronjob/a-cronjob Options --allow-missing-template-keys     Default: true If true, ignore any errors in templates when a field or map key is missing in the template.

Production-Grade Container Orchestration

This command prints the version of kubeadm. Synopsis Print the version of kubeadm kubeadm version [flags] Options -h, --help help for version -o, --output string Output format; available options are 'yaml', 'json' and 'short' Options inherited from parent commands --rootfs string The path to the 'real' host root filesystem. This will cause kubeadm to chroot into the provided path.

FEATURE STATE: Kubernetes v1.10 [stable] kubeadm init and kubeadm join together provide a nice user experience for creating a bare Kubernetes cluster from scratch, that aligns with the best-practices. However, it might not be obvious how kubeadm does that. This document provides additional details on what happens under the hood, with the aim of sharing knowledge on the best practices for a Kubernetes cluster. Core design principles The cluster that kubeadm init and kubeadm join set up should be:

Synopsis Create a new secret for use with Docker registries. Dockercfg secrets are used to authenticate against Docker registries. When using the Docker command line to push images, you can authenticate to a given registry by running: '$ docker login DOCKER_REGISTRY_SERVER --username=DOCKER_USER --password=DOCKER_PASSWORD --email=DOCKER_EMAIL'. That produces a ~/.dockercfg file that is used by subsequent 'docker push' and 'docker pull' commands to authenticate to the registry. The email address is optional.

Production-Grade Container Orchestration

Synopsis Create a secret with specified type. A docker-registry type secret is for accessing a container registry. A generic type secret indicate an Opaque secret type. A tls type secret holds TLS certificate and its associated key. kubectl create secret (docker-registry | generic | tls) Options -h, --help help for secret Parent Options Inherited --as string Username to impersonate for the operation. User could be a regular user or a service account in a namespace.

Production-Grade Container Orchestration

Kubernetes has various types of probes: Liveness probe Readiness probe Startup probe Liveness probe Liveness probes determine when to restart a container. For example, liveness probes could catch a deadlock when an application is running but unable to make progress. If a container fails its liveness probe repeatedly, the kubelet restarts the container. Liveness probes do not wait for readiness probes to succeed. If you want to wait before executing a liveness probe, you can either define initialDelaySeconds or use a startup probe.

Labels are key/value pairs that are attached to objects such as Pods. Labels are intended to be used to specify identifying attributes of objects that are meaningful and relevant to users, but do not directly imply semantics to the core system. Labels can be used to organize and to select subsets of objects. Labels can be attached to objects at creation time and subsequently added and modified at any time.