ip.netns¶
Simplest configuration:
[ip#0]
type = netns
ipdev = foo
netns = container#0
;for provisioning
svcmgr -s <svcname> set --kw ip#0.type=netns --kw ip#0.ipdev=foo --kw ip#0.netns=container#0
alias¶
scopable |
True |
required |
False |
provisioning |
False |
default |
True |
inheritance |
leaf > head |
scope order |
specific > generic |
convert |
boolean |
Use ip aliasing. Modern ip stack support multiple ip/mask per interface, so alias should be set to false when possible.
check_carrier¶
scopable |
True |
required |
False |
provisioning |
False |
default |
True |
inheritance |
leaf > head |
scope order |
specific > generic |
convert |
boolean |
Activate the link carrier check. Set to false if ipdev is a backend bridge or switch
del_net_route¶
scopable |
True |
required |
False |
provisioning |
False |
default |
False |
inheritance |
leaf > head |
scope order |
specific > generic |
Some docker ip configuration requires dropping the network route autoconfigured when installing the ip address. In this case set this parameter to true, and also set the network parameter.
dns_name_suffix¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
Add the value as a suffix to the DNS record name. The record created is thus formatted as <name>-<dns_name_suffix>.<app>.<managed zone>
.
dns_update¶
scopable |
True |
required |
False |
provisioning |
False |
default |
False |
inheritance |
leaf > head |
scope order |
specific > generic |
candidates |
True | False |
convert |
boolean |
Setting this parameter triggers a DNS update. The record created is formatted as <name>.<app>.<managed zone>
, unless dns_record_name is specified.
expose¶
scopable |
True |
required |
False |
provisioning |
False |
default |
[] |
inheritance |
leaf > head |
scope order |
specific > generic |
convert |
list |
A whitespace-separated list of <port>/<protocol>[:<host port>]
describing socket services that mandate a SRV exposition. With <host_port> set, the ip.cni driver configures port mappings too.
ipdev¶
scopable |
True |
required |
True |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
The interface name over which OpenSVC will try to stack the service ip. Can be different from one node to the other, in which case the @nodename
can be specified. If the value is expressed as “<intf>:<alias>, the stacked interface index is forced to <alias> instead of the lowest free integer. If the value is expressed as <name>@<intf>, a macvtap interface named <name> is created and attached to <intf>.
ipname¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
The DNS name or IP address of the ip resource. Can be different from one node to the other, in which case @nodename
can be specified. This is most useful to specify a different ip when the service starts in DRP mode, where subnets are likely to be different than those of the production datacenter. With the amazon driver, the special <allocate>
value tells the provisioner to assign a new private address.
macaddr¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
If specified, use this mac address in the netns.
mode¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
candidates |
bridge | dedicated | macvlan | ipvlan-l2 | ipvlan-l3 | ovs |
The ip link mode. If ipdev is set to a bridge interface the mode defaults to bridge, else defaults to macvlan. ipvlan requires a 4.2+ kernel.
netmask¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
If an ip is already plumbed on the root interface (in which case the netmask is deduced from this ip). Mandatory if the interface is dedicated to the service (dummy interface are likely to be in this case). The format is either dotted or octal for IPv4, ex: 255.255.252.0 or 22, and octal for IPv6, ex: 64.
netns¶
scopable |
True |
required |
True |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
The resource id of the container to plumb the ip into.
network¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
The network, in dotted notation, from where the ip provisioner allocates. Also used by the docker ip driver to delete the network route if del_net_route is set to true
.
nsdev¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
If specified, use this interface name in the netns. If not specified the first free eth<n>
is chosen.
vlan_mode¶
scopable |
True |
required |
False |
provisioning |
False |
default |
native-untagged |
inheritance |
leaf > head |
scope order |
specific > generic |
candidates |
access | native-tagged | native-untagged |
depends |
mode in ovs |
The VLAN port mode.
vlan_tag¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
depends |
mode in ovs |
The VLAN tag the switch port will relay.
wait_dns¶
scopable |
True |
required |
False |
provisioning |
False |
default |
0 |
inheritance |
leaf > head |
scope order |
specific > generic |
convert |
duration |
Wait for the cluster DNS records associated to the resource to appear after a resource start and before the next resource can be started. This can be used for apps or containers that require the ip or ip name to be resolvable to provision or execute properly.
gateway¶
scopable |
True |
required |
False |
provisioning |
True |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A zone ip provisioning parameter used in the sysidcfg formatting. The format is decimal for IPv4, ex: 255.255.252.0, and octal for IPv6, ex: 64.
provisioner¶
scopable |
True |
required |
False |
provisioning |
True |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
candidates |
collector | None |
The IPAM driver to use to provision the ip.
blocking_post_provision¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute after the resource provision action. Errors interrupt the action.
blocking_post_start¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute after the resource start action. Errors interrupt the action.
blocking_post_startstandby¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute after the resource startstandby action. Errors interrupt the action.
blocking_post_stop¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute after the resource stop action. Errors interrupt the action.
blocking_post_unprovision¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute after the resource unprovision action. Errors interrupt the action.
blocking_pre_provision¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute before the resource provision action. Errors interrupt the action.
blocking_pre_start¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute before the resource start action. Errors interrupt the action.
blocking_pre_startstandby¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute before the resource startstandby action. Errors interrupt the action.
blocking_pre_stop¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute before the resource stop action. Errors interrupt the action.
blocking_pre_unprovision¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute before the resource unprovision action. Errors interrupt the action.
comment¶
scopable |
False |
required |
False |
provisioning |
False |
default |
|
inheritance |
leaf > head |
scope order |
specific > generic |
Helps users understand the role of the service and resources, which is nice to on-call support people having to operate on a service they are not usually responsible for.
disable¶
scopable |
True |
required |
False |
provisioning |
False |
default |
False |
inheritance |
leaf |
scope order |
specific > generic |
candidates |
True | False |
convert |
boolean |
A disabled resource will be ignored on service startup and shutdown. Its status is always reported n/a
.
Set in DEFAULT, the whole service is disabled. A disabled service does not honor start and stop actions. These actions immediately return success.
om <path> disable only sets DEFAULT.disable. As resources disabled state is not changed, om <path> enable does not enable disabled resources.
encap¶
scopable |
True |
required |
False |
provisioning |
False |
default |
False |
inheritance |
leaf > head |
scope order |
specific > generic |
candidates |
True | False |
convert |
boolean |
Set to true
to ignore this resource in the nodes context and consider it in the encapnodes context. The resource is thus handled by the agents deployed in the service containers.
monitor¶
scopable |
True |
required |
False |
provisioning |
False |
default |
False |
inheritance |
leaf > head |
scope order |
specific > generic |
candidates |
True | False |
convert |
boolean |
A down monitored resource will trigger a node suicide if the monitor thinks it should be up and the resource can not be restarted.
optional¶
scopable |
True |
required |
False |
provisioning |
False |
default |
true for tasks, syncs and resources tagged “noaction”, else false |
inheritance |
leaf > head |
scope order |
specific > generic |
convert |
tristate |
Action failures on optional resources are logged but do not stop the action sequence. Also the optional resource status is not aggregated to the instance “availstatus”, but aggregated to the “overallstatus”. Resource tagged noaction and sync resources are automatically considered optional. Useful for resources like dump filesystems for example.
pg_blkio_weight¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf |
scope order |
specific > generic |
depends |
create_pg in [True] |
convert |
integer |
Block IO relative weight. Value: between 10 and 1000. Kernel default: 1000.
pg_cpu_quota¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf |
scope order |
specific > generic |
depends |
create_pg in [True] |
The percent ratio of one core to allocate to the process group if % is specified, else the absolute value to set in the process group parameter. For example, on Linux cgroups, -1
means unlimited, and a positive absolute value means the number of microseconds to allocate each period. 50%@all
means 50% of all cores, and 50%@2
means 50% of two cores.
pg_cpus¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf |
scope order |
specific > generic |
depends |
create_pg in [True] |
Allow service process to bind only the specified cpus. Cpus are specified as list or range : 0,1,2 or 0-2
pg_mem_limit¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf |
scope order |
specific > generic |
depends |
create_pg in [True] |
convert |
size |
Ensures the service does not use more than specified memory (in bytes). The Out-Of-Memory killer get triggered in case of tresspassing.
pg_mem_oom_control¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf |
scope order |
specific > generic |
depends |
create_pg in [True] |
convert |
integer |
A flag (0 or 1) that enables or disables the Out of Memory killer for a cgroup. If enabled (0), tasks that attempt to consume more memory than they are allowed are immediately killed by the OOM killer. The OOM killer is enabled by default in every cgroup using the memory subsystem; to disable it, write 1.
pg_mem_swappiness¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf |
scope order |
specific > generic |
depends |
create_pg in [True] |
convert |
integer |
Set a swappiness value for the process group.
pg_mems¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf |
scope order |
specific > generic |
depends |
create_pg in [True] |
Allow service process to bind only the specified memory nodes. Memory nodes are specified as list or range : 0,1,2 or 0-2
pg_vmem_limit¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf |
scope order |
specific > generic |
depends |
create_pg in [True] |
convert |
size |
Ensures the service does not use more than specified memory+swap (in bytes). The Out-Of-Memory killer get triggered in case of tresspassing. The specified value must be greater than pg_mem_limit.
post_provision¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute after the resource provision action. Errors do not interrupt the action.
post_start¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute after the resource start action. Errors do not interrupt the action.
post_startstandby¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute after the resource startstandby action. Errors do not interrupt the action.
post_stop¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute after the resource stop action. Errors do not interrupt the action.
post_unprovision¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute after the resource unprovision action. Errors do not interrupt the action.
pre_provision¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute before the resource provision action. Errors do not interrupt the action.
pre_start¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute before the resource start action. Errors do not interrupt the action.
pre_startstandby¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute before the resource startstandby action. Errors do not interrupt the action.
pre_stop¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute before the resource stop action. Errors do not interrupt the action.
pre_unprovision¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
A command or script to execute before the resource unprovision action. Errors do not interrupt the action.
provision¶
scopable |
True |
required |
False |
provisioning |
False |
default |
True |
inheritance |
leaf > head |
scope order |
specific > generic |
candidates |
True | False |
convert |
boolean |
Set to false to skip the resource on provision and unprovision actions. Warning: Provision implies destructive operations like formating. Unprovision destroys service data.
provision_requires¶
scopable |
True |
required |
False |
provisioning |
False |
default |
|
inheritance |
leaf > head |
scope order |
specific > generic |
A whitespace-separated list of conditions to meet to accept running a “provision” action. A condition is expressed as <rid>(<state>,...)
. If states are omitted, up,stdby up
is used as the default expected states.
restart¶
scopable |
True |
required |
False |
provisioning |
False |
default |
0 |
inheritance |
leaf > head |
scope order |
specific > generic |
convert |
integer |
The agent will try to restart a resource <n> times before falling back to the monitor action. A resource restart is triggered if :the resource is not disabled and its status is not up, and the node is not frozen, and the service instance is not frozen and its local expect is set to started
. If a resource has a restart set to a value >0, its status is evaluated at the frequency defined by DEFAULT.monitor_schedule instead of the frequency defined by DEFAULT.status_schedule. restart_delay defines the interval between two restarts. Standby resources have a particular value to ensure best effort to restart standby resources, default value is 2, and value lower than 2 are changed to 2.
restart_delay¶
scopable |
True |
required |
False |
provisioning |
False |
default |
0 |
inheritance |
leaf > head |
scope order |
specific > generic |
convert |
duration |
Define minimum delay between two triggered restarts of a same resource (used when :kw:`restart`is defined). Default value is 0 (no delay).
standby¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf > head |
scope order |
specific > generic |
convert |
tristate |
Always start the resource, even on standby instances. The daemon is responsible for starting standby resources. A resource can be set standby on a subset of nodes using keyword scoping.
A typical use-case is sync’ed fs on non-shared disks: the remote fs must be mounted to not overflow the underlying fs.
Avertissement
Don’t set shared resources standby: fs on shared disks for example.
start_requires¶
scopable |
True |
required |
False |
provisioning |
False |
default |
|
inheritance |
leaf > head |
scope order |
specific > generic |
A whitespace-separated list of conditions to meet to accept running a “start” action. A condition is expressed as <rid>(<state>,...)
. If states are omitted, up,stdby up
is used as the default expected states.
stop_requires¶
scopable |
True |
required |
False |
provisioning |
False |
default |
|
inheritance |
leaf > head |
scope order |
specific > generic |
A whitespace-separated list of conditions to meet to accept running a “stop” action. A condition is expressed as <rid>(<state>,...)
. If states are omitted, up,stdby up
is used as the default expected states.
subset¶
scopable |
True |
required |
False |
provisioning |
False |
default |
None |
inheritance |
leaf |
scope order |
specific > generic |
Assign the resource to a specific subset.
tags¶
scopable |
True |
required |
False |
provisioning |
False |
default |
|
inheritance |
leaf > head |
scope order |
specific > generic |
convert |
set |
A list of tags. Arbitrary tags can be used to limit action scope to resources with a specific tag. Some tags can influence the driver behaviour. For example noaction avoids any state changing action from the driver and implies optional=true
, nostatus forces the status to n/a.
unprovision¶
scopable |
True |
required |
False |
provisioning |
False |
default |
True |
inheritance |
leaf > head |
scope order |
specific > generic |
candidates |
True | False |
convert |
boolean |
Set to false to skip the resource on unprovision actions. Warning: Unprovision destroys service data.
unprovision_requires¶
scopable |
True |
required |
False |
provisioning |
False |
default |
|
inheritance |
leaf > head |
scope order |
specific > generic |
A whitespace-separated list of conditions to meet to accept running a “unprovision” action. A condition is expressed as <rid>(<state>,...)
. If states are omitted, up,stdby up
is used as the default expected states.