central.adminPasswordSecret
|
Specify a secret that contains the administrator password in the password data item. If omitted, the operator autogenerates a password and stores it in the password item in the central-htpasswd secret. |
central.defaultTLSSecret
|
By default, Central only serves an internal TLS certificate, which means that you need to handle TLS termination at the ingress or load balancer level. If you want to terminate TLS in Central and serve a custom server certificate, you can specify a secret containing the certificate and private key. |
central.adminPasswordGenerationDisabled
|
Set this parameter to true to disable the automatic administrator password generation. Use this only after you perform the first-time setup of alternative authentication methods.
Do not use this for initial installation.
Otherwise, you must reinstall the custom resource to log back in. |
central.tolerations
|
If the node selector selects tainted nodes, use this parameter to specify a taint toleration key, value, and effect for Central. This parameter is mainly used for infrastructure nodes. |
central.hostAliases
|
Use this parameter to inject hosts and IP addresses into the pod’s hosts file. |
central.exposure.loadBalancer.enabled
|
Set this to true to expose Central through a load balancer. |
central.exposure.loadBalancer.port
|
Use this parameter to specify a custom port for your load balancer. |
central.exposure.loadBalancer.ip
|
Use this parameter to specify a static IP address reserved for your load balancer. |
central.exposure.route.enabled
|
Set this to true to expose Central through a Red Hat OpenShift route. The default value is false . |
central.exposure.route.host
|
Specify a custom hostname to use for Central’s route. Leave this unset to accept the default value that OpenShift Container Platform provides. |
central.exposure.nodeport.enabled
|
Set this to true to expose Central through a node port. The default value is false . |
central.exposure.nodeport.port
|
Use this to specify an explicit node port. |
central.monitoring.exposeEndpoint
|
Use Enabled to enable monitoring for Central. When you enable monitoring, RHACS creates a new monitoring service on port number 9090 . The default value is Disabled . |
central.nodeSelector
|
If you want this component to only run on specific nodes, you can use this parameter to configure a node selector. |
central.persistence.hostPath.path
|
Specify a host path to store persistent data in a directory on the host. Red Hat does not recommend using this. If you need to use host path, you must use it with a node selector. |
central.persistence.persistentVolumeClaim.claimName
|
The name of the PVC to manage persistent data.
If no PVC with the given name exists, it is created. The default value is stackrox-db if not set. To prevent data loss, the PVC is not removed automatically when Central is deleted. |
central.persistence.persistentVolumeClaim.size
|
The size of the persistent volume when created through the claim. This is automatically generated by default. |
central.persistence.persistentVolumeClaim.storageClassName
|
The name of the storage class to use for the PVC. If your cluster is not configured with a default storage class, you must provide a value for this parameter. |
central.resources.limits
|
Use this parameter to override the default resource limits for the Central. |
central.resources.requests
|
Use this parameter to override the default resource requests for the Central. |
central.imagePullSecrets
|
Use this parameter to specify the image pull secrets for the Central image. |
central.db.passwordSecret.name
|
Specify a secret that has the database password in the password data item. Only use this parameter if you want to specify a connection string manually. If omitted, the operator auto-generates a password and stores it in the password item in the central-db-password secret. |
central.db.connectionString
|
Setting this parameter will not deploy Central DB, and Central will connect using the specified connection string. If you specify a value for this parameter, you must also specify a value for central.db.passwordSecret.name .
This parameter has the following constraints:
-
Connection string must be in keyword/value format as described in the PostgreSQL documentation. For more information, see the links in the Additional resources section.
-
Only PostgreSQL 13 is supported.
-
Connections through PGBouncer are not supported.
-
User must be a superuser who can create and delete databases.
|
central.db.tolerations
|
If the node selector selects tainted nodes, use this parameter to specify a taint toleration key, value, and effect for Central DB. This parameter is mainly used for infrastructure nodes. |
central.db.hostAliases
|
Use this parameter to inject hosts and IP addresses into the pod’s hosts file. |
central.db.persistence.hostPath.path
|
Specify a host path to store persistent data in a directory on the host. Red Hat does not recommend using this. If you need to use host path, you must use it with a node selector. |
central.db.persistence.persistentVolumeClaim.claimName
|
The name of the PVC to manage persistent data.
If no PVC with the given name exists, it is created. The default value is central-db if not set. To prevent data loss, the PVC is not removed automatically when Central is deleted. |
central.db.persistence.persistentVolumeClaim.size
|
The size of the persistent volume when created through the claim. This is automatically generated by default. |
central.db.persistence.persistentVolumeClaim.storageClassName
|
The name of the storage class to use for the PVC. If your cluster is not configured with a default storage class, you must provide a value for this parameter. |
central.db.resources.limits
|
Use this parameter to override the default resource limits for the Central DB. |
central.db.resources.requests
|
Use this parameter to override the default resource requests for the Central DB. |
central.db.nodeSelector
|
If you want this component to only run on specific nodes, you can use this parameter to configure a node selector. |