Created
August 24, 2017 18:59
-
-
Save ncameronbritt/f8cd75015724a9a67f242a315de55358 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Camerons-MacBook-Pro:origin cbritt$ oc logs apiserver-1l1h5 -p -n openshift-template-service-broker | |
Error: unknown flag: --template-namespace | |
Usage: | |
openshift start template-service-broker [options] | |
Options: | |
--audit-log-maxage=0: The maximum number of days to retain old audit log files based on the timestamp encoded in their filename. | |
--audit-log-maxbackup=0: The maximum number of old audit log files to retain. | |
--audit-log-maxsize=0: The maximum size in megabytes of the audit log file before it gets rotated. | |
--audit-log-path='': If set, all requests coming to the apiserver will be logged to this file. '-' means standard out. | |
--audit-policy-file='': Path to the file that defines the audit policy configuration. Requires the 'AdvancedAuditing' feature gate. With AdvancedAuditing, a profile is required to enable auditing. | |
--audit-webhook-config-file='': Path to a kubeconfig formatted file that defines the audit webhook configuration. Requires the 'AdvancedAuditing' feature gate. | |
--audit-webhook-mode='batch': Strategy for sending audit events. Blocking indicates sending events should block server responses. Batch causes the webhook to buffer and send events asynchronously. Known modes are batch,blocking. | |
--authentication-kubeconfig='': kubeconfig file pointing at the 'core' kubernetes server with enough rights to create tokenaccessreviews.authentication.k8s.io. | |
--authentication-skip-lookup=false: If false, the authentication-kubeconfig will be used to lookup missing authentication configuration from the cluster. | |
--authentication-token-webhook-cache-ttl=10s: The duration to cache responses from the webhook token authenticator. | |
--authorization-kubeconfig='': kubeconfig file pointing at the 'core' kubernetes server with enough rights to create subjectaccessreviews.authorization.k8s.io. | |
--authorization-webhook-cache-authorized-ttl=10s: The duration to cache 'authorized' responses from the webhook authorizer. | |
--authorization-webhook-cache-unauthorized-ttl=10s: The duration to cache 'unauthorized' responses from the webhook authorizer. | |
--bind-address=0.0.0.0: The IP address on which to listen for the --secure-port port. The associated interface(s) must be reachable by the rest of the cluster, and by CLI/web clients. If blank, all interfaces will be used (0.0.0.0). | |
--cert-dir='apiserver.local.config/certificates': The directory where the TLS certs are located. If --tls-cert-file and --tls-private-key-file are provided, this flag will be ignored. | |
--client-ca-file='': If set, any request presenting a client certificate signed by one of the authorities in the client-ca-file is authenticated with an identity corresponding to the CommonName of the client certificate. | |
--config='': filename containing the TemplateServiceBrokerConfig | |
--contention-profiling=false: Enable lock contention profiling, if profiling is enabled | |
--enable-swagger-ui=false: Enables swagger ui on the apiserver at /swagger-ui | |
--profiling=true: Enable profiling via web interface host:port/debug/pprof/ | |
--requestheader-allowed-names=[]: List of client certificate common names to allow to provide usernames in headers specified by --requestheader-username-headers. If empty, any client certificate validated by the authorities in --requestheader-client-ca-file is allowed. | |
--requestheader-client-ca-file='': Root certificate bundle to use to verify client certificates on incoming requests before trusting usernames in headers specified by --requestheader-username-headers | |
--requestheader-extra-headers-prefix=[x-remote-extra-]: List of request header prefixes to inspect. X-Remote-Extra- is suggested. | |
--requestheader-group-headers=[x-remote-group]: List of request headers to inspect for groups. X-Remote-Group is suggested. | |
--requestheader-username-headers=[x-remote-user]: List of request headers to inspect for usernames. X-Remote-User is common. | |
--secure-port=443: The port on which to serve HTTPS with authentication and authorization. If 0, don't serve HTTPS at all. | |
--tls-ca-file='': If set, this certificate authority will used for secure access from Admission Controllers. This must be a valid PEM-encoded CA bundle. Altneratively, the certificate authority can be appended to the certificate provided by --tls-cert-file. | |
--tls-cert-file='': File containing the default x509 Certificate for HTTPS. (CA cert, if any, concatenated after server cert). If HTTPS serving is enabled, and --tls-cert-file and --tls-private-key-file are not provided, a self-signed certificate and key are generated for the public address and saved to /var/run/kubernetes. | |
--tls-private-key-file='': File containing the default x509 private key matching --tls-cert-file. | |
--tls-sni-cert-key=[]: A pair of x509 certificate and private key file paths, optionally suffixed with a list of domain patterns which are fully qualified domain names, possibly with prefixed wildcard segments. If no domain patterns are provided, the names of the certificate are extracted. Non-wildcard matches trump over wildcard matches, explicit domain patterns trump over extracted names. For multiple key/certificate pairs, use the --tls-sni-cert-key multiple times. Examples: "example.crt,example.key" or "foo.crt,foo.key:*.foo.com,foo.com". | |
Use "openshift options" for a list of global command-line options (applies to all commands). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment