kctl CLI reference
kctl is the command-line interface for managing kcore clusters. Global flags: -s / --controller (controller address, repeatable for HA), -k / --insecure (skip TLS verification), -c / --config (path to config file), --node (node address for direct node commands).
You are browsing in YAML mode. This page lists CLI commands; for manifest kinds and fields see the YAML manifest reference.
create
| Subcommand | Description |
|---|
vm | Create a VM from CLI flags or -f YAML manifest |
container | Create a container on a node |
network | Create a network |
cluster | Initialise PKI and mTLS context for a new cluster |
get
| Subcommand | Aliases |
|---|
vms | vm |
containers | container |
nodes | node |
networks | network |
storage-classes | storage-class |
compliance-report | compliance |
conflicts | |
replication-status | |
describe
| Subcommand | Aliases |
|---|
vm | vms |
node | nodes |
network | networks |
storage-class | storage-classes |
ssh-key | sshkey |
compliance-report | compliance |
delete
| Subcommand | Description |
|---|
vm | Delete a VM |
network | Delete a network |
image | Delete a stored image |
container | Delete a container |
start / stop
| Subcommand | Description |
|---|
vm | Start or stop a VM |
container | Start or stop a container |
set
| Subcommand | Description |
|---|
vm | Set desired state (running / stopped). Supports --target-node. |
update
| Subcommand | Description |
|---|
vm | Resize CPU / memory of a VM. Supports --target-node. |
node
| Subcommand | Description |
|---|
disks | List disks on a node |
nics | List network interfaces on a node |
install | Install kcore on a bare-metal node |
approve | Approve a pending node join request |
reject | Reject a pending node join request |
apply-nix | Apply NixOS configuration to a node |
apply-disko | Apply Disko disk layout to a node |
upload-image | Upload a VM image to a node |
ssh-key
| Subcommand | Description |
|---|
create | Register a new SSH public key |
delete | Remove an SSH key |
list | List all SSH keys |
get | Show details for an SSH key |
drain
| Subcommand | Description |
|---|
node | Live-migrate all VMs off a node. Use --target-node to specify the destination node. |
rotate
| Subcommand | Description |
|---|
certs | Rotate the controller TLS certificate |
sub-ca | Generate a new sub-CA |
apply
Apply a NixOS configuration to the controller. Flags: -f (config file), --dry-run (preview without applying).
workload
| Subcommand | Description |
|---|
create | Create a workload. Use --kind container or --kind vm. |
list | List all workloads |
get | Show workload details |
delete | Delete a workload |
start | Start a workload |
stop | Stop a workload |
security-group (alias: sg)
| Subcommand | Description |
|---|
create | Create a security group from -f YAML |
apply | Apply / update a security group from -f YAML |
list | List all security groups |
get | Show security group details |
delete | Delete a security group |
attach | Attach a security group to a VM or network |
detach | Detach a security group from a VM or network |