DEFAULT¶
alt_names¶
scopable |
True |
required |
False |
default |
None |
scope order |
specific > generic |
convert |
list |
Certificate Signing Request Alternative Domain Names.
bits¶
scopable |
True |
required |
False |
default |
4096 |
scope order |
specific > generic |
convert |
size |
Certificate Private Key Length.
c¶
scopable |
True |
required |
False |
default |
None |
scope order |
specific > generic |
Certificate Signing Request Country.
ca¶
scopable |
True |
required |
False |
default |
None |
scope order |
specific > generic |
The name of secret containing a certificate to use as a Certificate Authority. This secret must be in the same namespace.
cn¶
scopable |
True |
required |
False |
default |
None |
scope order |
specific > generic |
Certificate Signing Request Common Name.
comment¶
scopable |
False |
required |
False |
default |
|
scope order |
specific > generic |
Helps users understand the role of the service and resources, which is nice to on-call support people having to operate on a service they are not usually responsible for.
disable¶
scopable |
True |
required |
False |
default |
False |
scope order |
specific > generic |
candidates |
True | False |
convert |
boolean |
A disabled resource will be ignored on service startup and shutdown. Its status is always reported n/a
.
Set in DEFAULT, the whole service is disabled. A disabled service does not honor start and stop actions. These actions immediately return success.
om <path> disable only sets DEFAULT.disable. As resources disabled state is not changed, om <path> enable does not enable disabled resources.
drpnodes¶
scopable |
True |
required |
False |
default |
|
scope order |
specific > generic |
convert |
list_lower |
Alternate backup nodes, where the service could be activated in a DRP situation if the “drpnode” is not available. These nodes are also data synchronization targets for sync resources.
email¶
scopable |
True |
required |
False |
default |
None |
scope order |
specific > generic |
Certificate Signing Request Email.
env¶
scopable |
False |
required |
False |
default |
<same as node env> |
scope order |
specific > generic |
candidates |
CERT | DEV | DRP | FOR | INT | MUS | POC | PRA | PRD | PRJ | PPR | PPRD | QUAL | RCT | REC | STG | TMP | TST | UAT |
A non-PRD service can not be brought up on a PRD node, but a PRD service can be startup on a non-PRD node (in a DRP situation). The default value is the node env.
id¶
scopable |
False |
required |
False |
default |
<random uuid> |
scope order |
specific > generic |
A RFC 4122 random uuid generated by the agent. To use as reference in resources definitions instead of the service name, so the service can be renamed without affecting the resources.
l¶
scopable |
True |
required |
False |
default |
None |
scope order |
specific > generic |
Certificate Signing Request Location.
lock_timeout¶
scopable |
False |
required |
False |
default |
60 |
scope order |
specific > generic |
convert |
duration |
A duration expression, like 1m30s
. The maximum wait time for the action lock acquire. The –waitlock option overrides this parameter.
nodes¶
scopable |
True |
required |
False |
default |
<hostname of the current node> |
scope order |
specific > generic |
convert |
nodes_selector |
A node selector expression specifying the list of cluster nodes hosting service instances.
o¶
scopable |
True |
required |
False |
default |
None |
scope order |
specific > generic |
Certificate Signing Request Organization.
ou¶
scopable |
True |
required |
False |
default |
None |
scope order |
specific > generic |
Certificate Signing Request Organizational Unit.
st¶
scopable |
True |
required |
False |
default |
None |
scope order |
specific > generic |
Certificate Signing Request State.
validity¶
scopable |
True |
required |
False |
default |
365d |
scope order |
specific > generic |
convert |
duration_to_day |
Certificate Validity duration.