Starting the Search server Docker container by retrieving parameters from Vault
Learn about how to start Search server Docker container by specifying
CONFIGURE_MODE=Vault.
Mandatory environment variables
These are the mandatory environment variables that you must specify to configure the
Search server Docker container to retrieve additional parameters from
Vault.
| Environment variable name | Description | Comments |
|---|---|---|
| TENANT | The name of the group that contains your set of environments. For example, MyCompany. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.tenant. |
| ENVIRONMENT | The name of the environment. For example, Non-production. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.environmentName. |
| ENVTYPE | The environment type. Accepted values are auth and live. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.environmentType. |
| VAULT_TOKEN | The Vault token to use to connect to Vault and request certification from Vault PKI. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.vaultToken. |
| VAULT_URL | The Vault URL to use to connect to Vault and request certification from Vault PKI. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.vaultUrl. |
| SOLR_MASTER_SERVER_URL | The Vault URL of the Solr Master server URL. This is mandatory for the Solr slave and the Solr repeater. |
Container environment variable. Generated based on contents
of
values.yaml. |
|
SOLR_MASTER and
SOLR_SLAVE are used together to
determine the search node type. To configure the Search server container as a:
|
SOLR_MASTER and SOLR_SLAVE are handled by the Helm Chart template. |
| CONFIGURE_MODE | The configure mode. Accepted values are:
|
Container environment variable. This can be specified in the
values.yaml configuration file under
common.configureMode. |
Optional environment variables
These are the optional environment variables that you can specify to configure the Search server Docker container.
All parameters that you specify as container environment variables take precedence over the values that are stored in Vault.
| Environment variable name | Description | Comments |
|---|---|---|
| EXPOSE_METRICS | Specify if you want to enable metrics for the
environment. Accepted values are:
|
Container environment variable. This can be specified in the
values.yaml configuration file under
metrics.enabled. |
| SOLR_REPLICATION_POLLINTERVAL | The replication poll interval for Search subordinate servers within the live environment. | |
| WORKAREA | The search index path in the Search server Docker container. For example,/search. |
Mandatory Vault configuration variables
These are the mandatory Vault key values that you must specify within Vault to configure the Search server Docker container to use the Vault configuration mode.
| Vault path | Description | Reference Environment Variable |
|---|---|---|
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/spiUserName Note: This value is optional
as of HCL Commerce 9.1.7.0. |
The spiuser user name.
|
SPIUSER_NAME |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/spiUserPwd |
The ASCII encrypted spiuser user password. To set the password in your custom Docker containers, see Setting the spiuser password in your Docker images. |
SPIUSER_PWD |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/adminSpiUserPwd |
The plain text spiuser user password. The ADMIN_SPIUSER_PWD must be the same value as SPIUSER_PWD but kept as plain text. To set the password in your custom Docker containers, see Setting the spiuser password in your Docker images. |
ADMIN_SPIUSER_PWD |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/domainName |
Specify the internal service domain name. If the deployed
environment is on a special namespace on Kubernetes, then the domain name should
be .svc.cluster.local. If no value is specified, then the
default, |
DOMAIN_NAME |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbHost |
The database host name for the environment. Note: This value is only mandatory in the auth environment for
WCPublishDataSource. |
DBHOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbPort |
The database port number. Note: This value
is only mandatory in the auth environment for
WCPublishDataSource. |
DBPORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/sessionKeyEncrypt Note: Now mandatory, this
value was optional prior to HCL Commerce
9.1.12.0. |
The encrypted session key value is generated using
wcs_encrypt.sh utility to encrypt 32 random hexadecimal
characters. Note: Do not specify an encryption key when
running The Session key is used to
encrypt cookies and sensitive customer facing data. For example, the krypto URL
parameter.wcs_encrypt.sh.Important: You must specify your own
session key for the security of your HCL Commerce installation. Do not
use the default value contained within the provided sample configuration files
and documentation examples. |
SESSION_KEY_ENCRYPT |
Optional Vault configuration variables
These are the optional Vault key values that you can specify within Vault to configure the Search server Docker container when used with the Vault configuration mode.
| Vault path | Description | Reference Environment Variable |
|---|---|---|
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbSSLEnable |
Specify whether the database connection uses SSL. Accepted
values are:
false.Note: You
can also specify datasource credentials through the start up command if you do
not want to retrieve the datasource values from Vault. |
DB_SSLENABLE |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbType |
The database type. Accepted values are:
|
DBTYPE |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbXA |
Specify if the XA function is enabled for the database. Accepted
values are:
Note: You can also specify datasource credentials through the start up command if
you do not want to retrieve the datasource values from
Vault. |
DB_XA |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/txHost |
The Transaction server host name. The default value
is |
TX_HOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/txPort |
The Transaction server port number. The default
value is |
TX_PORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/xcHost |
Specify a value if you want to set a host name for the Customization server, instead of using the default value. | XC_HOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/xcPort |
Specify a value if you want to set a port number for the Customization server, instead of using the default value. | XC_PORT |
|
Enable JSON logging. Accepted values are
The default value is false. |
ENABLE_JSON_LOGGING |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/traceSpecification/search-app |
If you want to change the trace specification for the Search server, specify a value. | TRACE_SPEC |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/healthCenterEnable/search-app |
Specify a value if you want to enable Health
Center. Accepted values are:
false. |
HEALTH_CENTER_ENABLED |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/threadMonitorEnable/search-app |
Specify a value if you want to enable Thread
Monitor. Accepted values are:
false. |
THREAD_MONITOR_ENABLED |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/redisPasswordEncrypt |
The encrypted Redis password. | REDIS_PASSWORD_ENCRYPT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/