cluster

ca

scopable

False

required

False

default

system/sec/ca-<clustername>

scope order

specific > generic

convert

list

A whitespace-separated list of paths of the secrets hosting the ca certificates that the listener use to validate clients certificates.

cert

scopable

False

required

False

default

system/sec/cert-<clustername>

scope order

specific > generic

The path of the secret hosting the certificate that the listener use for its tls socket.

default_mon_format

scopable

True

required

False

default

None

scope order

specific > generic

candidates

compact | matrix

The renderer to use with monitor commands, if not explicitely set by the –format option. The compact renderer is optimized for large clusters.

dns

scopable

True

required

False

default

scope order

specific > generic

convert

list

The list of nodes to set as dns in the containers resolvers. If set, the search will also be set to <name>.<namespace>.svc.<clustername>, <namespace>.svc.<clustername> and <clustername>.

drpnodes

scopable

False

required

False

default

None

scope order

specific > generic

convert

list

This list is fetched from the join command payload received from the joined node. The service configuration {clusterdrpnodes} is resolved to this keyword value.

id

scopable

True

required

False

default

<auto-generated>

scope order

specific > generic

This information is fetched from the join command payload received from the joined node.

name

scopable

True

required

False

default

default

scope order

specific > generic

The cluster name is used as the zone name in the cluster dns records, in the {fqdn} configuration reference, in the aes secret encryption metadata, in the default name of the secret storing the listener certificate authority (system/sec/ca-<clustername>), in the default name of the secret storing the listener certificate and private key (system/sec/cert-<clustername>). The cluster name should be unique site-wide and be set right before populating secrets. It is always lowercased, so better to set it to a lowercase value to avoid confusion. This information is fetched from the join command payload received from the joined node.

nodes

scopable

False

required

False

default

None

scope order

specific > generic

convert

list

This list is fetched from the join command payload received from the joined node. The service configuration {clusternodes} is resolved to this keyword value.

quorum

scopable

False

required

False

default

False

scope order

specific > generic

convert

boolean

Should a split segment of the cluster commit suicide. Default is False. If set to true, please set at least 2 arbitrators so you can rolling upgrade the opensvc daemons.

secret

scopable

True

required

False

default

<random autogenerated on first use>

scope order

specific > generic

The cluster shared secret. Used to encrypt/decrypt data with AES256. This secret is either autogenerated or fetched from a join command.

vip

scopable

True

required

False

default

None

scope order

specific > generic

The cluster virtual ip. If configured, the daemon creates a system/svc/vip failover service to manage this ip.