cluster¶
ca¶
scopable |
False |
required |
False |
default |
system/sec/ca-<clustername> |
scope order |
specific > generic |
convert |
list |
A whitespace-separated list of paths of the secrets hosting the ca certificates that the listener use to validate clients certificates.
cert¶
scopable |
False |
required |
False |
default |
system/sec/cert-<clustername> |
scope order |
specific > generic |
The path of the secret hosting the certificate that the listener use for its tls socket.
default_mon_format¶
scopable |
True |
required |
False |
default |
None |
scope order |
specific > generic |
candidates |
compact | matrix |
The renderer to use with monitor commands, if not explicitely set by the –format option. The compact renderer is optimized for large clusters.
dns¶
scopable |
True |
required |
False |
default |
|
scope order |
specific > generic |
convert |
list |
The list of nodes to set as dns in the containers resolvers. If set, the search will also be set to <name>.<namespace>.svc.<clustername>, <namespace>.svc.<clustername> and <clustername>.
drpnodes¶
scopable |
False |
required |
False |
default |
None |
scope order |
specific > generic |
convert |
list |
This list is fetched from the join command payload received from the joined node. The service configuration {clusterdrpnodes} is resolved to this keyword value.
id¶
scopable |
True |
required |
False |
default |
<auto-generated> |
scope order |
specific > generic |
This information is fetched from the join command payload received from the joined node.
name¶
scopable |
True |
required |
False |
default |
default |
scope order |
specific > generic |
The cluster name is used as the zone name in the cluster dns records, in the {fqdn} configuration reference, in the aes secret encryption metadata, in the default name of the secret storing the listener certificate authority (system/sec/ca-<clustername>), in the default name of the secret storing the listener certificate and private key (system/sec/cert-<clustername>). The cluster name should be unique site-wide and be set right before populating secrets. It is always lowercased, so better to set it to a lowercase value to avoid confusion. This information is fetched from the join command payload received from the joined node.
nodes¶
scopable |
False |
required |
False |
default |
None |
scope order |
specific > generic |
convert |
list |
This list is fetched from the join command payload received from the joined node. The service configuration {clusternodes} is resolved to this keyword value.
quorum¶
scopable |
False |
required |
False |
default |
False |
scope order |
specific > generic |
convert |
boolean |
Should a split segment of the cluster commit suicide. Default is False. If set to true, please set at least 2 arbitrators so you can rolling upgrade the opensvc daemons.
secret¶
scopable |
True |
required |
False |
default |
<random autogenerated on first use> |
scope order |
specific > generic |
The cluster shared secret. Used to encrypt/decrypt data with AES256. This secret is either autogenerated or fetched from a join command.
vip¶
scopable |
True |
required |
False |
default |
None |
scope order |
specific > generic |
The cluster virtual ip. If configured, the daemon creates a system/svc/vip failover service to manage this ip.