Starting the Transaction server Docker container by retrieving parameters from Vault
Learn about how to start the Transaction server Docker container by specifying
CONFIGURE_MODE=Vault
.
Mandatory environment variables
These are the mandatory environment variables that you must specify to configure the Transaction server Docker container to retrieve additional parameters from Vault.
- You can also specify datasource credentials through the start up command if you do not want to retrieve the datasource values from Vault.
- The /SETUP/bin/vaultConfigure.sh script retrieves the values from Vault.
Environment variable name | Description | Comments |
---|---|---|
TENANT | The name of the group that contains your set of environments. For example, MyCompany. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.tenant . |
ENVIRONMENT | The name of the environment. For example, Non-production. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.environmentName . |
ENVTYPE | The environment type. Accepted values are auth and live. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.environmentType . |
VAULT_TOKEN | The Vault token to use to connect to Vault and request certification from Vault PKI. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.vaultToken . |
VAULT_URL | The Vault URL to use to connect to Vault and request certification from Vault PKI. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.vaultUrl . |
CONFIGURE_MODE | The configure mode. Accepted values are:
|
Container environment variable. This can be specified in the
values.yaml configuration file under
common.configureMode . |
ELASTICSEARCH_ENABLED |
Optional environment variables
These are the optional environment variables that you can specify to configure the Transaction server Docker container.
All parameters that you specify as container environment variables take precedence over the values that are stored in Vault.
Environment variable name | Description | Comments |
---|---|---|
LOCALSTOREWEB | The web server host name of a local store if you migrated from
IBM Websphere Commerce Version 7 or IBM Websphere Commerce Version 8. Note: This is mandatory if you are using a
migrated local store. |
Container environment variable. This can be specified in the
values.yaml configuration file under
|
Mandatory Vault configuration variables
These are the mandatory Vault key values that you must specify within Vault to configure the Transaction server Docker container to use the Vault configuration mode.
Vault path | Description | Reference Environment Variable |
---|---|---|
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/merchantKeyEncrypted |
The encrypted merchant key, encrypted with the key
encryption key. The merchant key was created when you or an administrator loaded
the HCL Commerce database schema. For more information, see: Important: You must specify your own merchant key and key
encryption key values for the security of your HCL Commerce installation. Do not
use the default values contained within the provided sample configuration files and
documentation examples. |
MERCHANTKEY_ENCRYPT |
KEY_ENCRYPTION_KEY | ||
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/authJWKS |
JWKS | |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbPassword |
The HCL Commerce database user password. Note: This value is only mandatory in the auth environment for
WCPublishDataSource . |
DBPASS |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbaUser |
The database administrator user name. | DBAUSER |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbaPassEncrypt |
The encrypted database administrator user password. | DBAPASSENCRYPT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/elasticSearchEnabled |
ELASTICSEARCH_ENABLED |
Optional Vault configuration variables
These are the optional Vault key values that you can specify within Vault to configure the Transaction server Docker container when used with the Vault configuration mode.
Vault path | Description | Reference Environment Variable |
---|---|---|
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbSSLEnable |
Specify whether the database connection uses SSL. Accepted
values are:
false .Note: You
can also specify datasource credentials through the start up command if you do
not want to retrieve the datasource values from Vault. |
DB_SSLENABLE |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbXA |
DB_XA | |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/kafkaServers |
Specify a value if you want to enable ZooKeeper and
Kafka. The format for this key-value pair
is:
|
KAFKA_SERVERS |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/kafkaAuthenticationPassword |
The Kafka authentication user password. | KAFKA_AUTHENTICATION_PASSWORD |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/traceSpecification/ts-app |
If you want to change the trace specification for the Transaction server, specify a value. | TRACE_SPEC |
ENABLE_JSON_LOGGING | ||
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/domainName |
Specify the internal service domain name. If the deployed
environment is on a special namespace on Kubernetes, then the domain name should
be .svc.cluster.local. If no value is specified, then the
default, |
DOMAIN_NAME |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/externalDomainName |
This value specifies the store-web external
domain name, which can be recognized by your browser. For example, in the hostname store.demo4qaauth.hcl.com, hcl.com is the external domain name. |
EXTERNAL_DOMAIN_NAME |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/xcHost |
Specify a value if you want to set a host name for the Customization server, instead of using the default value. | XC_HOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/xcPort |
Specify a value if you want to set a port number for the Customization server, instead of using the default value. | XC_PORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/previewPort |
Specify a value if you want to set
previewPort, instead of using the default value. The
default value is |
PREVIEW_PORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/storeHost |
Specify a value if you want to set a value for the Store server Commerce Remote Store (CRS) store host, instead of
using the default value. The default value is the |
STORE_HOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/storePort |
Specify a value if you want to set a value for the Store server Commerce Remote Store (CRS) store port, instead of
using the default value. The default value is |
STORE_PORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/storeWebHost |
Specify a value if you want to set
storeWebHost, instead of using the default value. The default value is store.${TENANT}${ENVIRONMENT}${ENVTYPE}${EXTERNAL_DOMAIN_NAME}. |
STOREWEB_HOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/storeWebPort |
Specify a value if you want to set
storeWebPort, instead of using the default value. The
default value is |
STOREWEB_PORT |
DX_HOST | ||
DX_PORT | ||
DX_SCHEME | ||
SSO_ENABLE | ||
SSO_DOMAIN_NAME | ||
SSO_SSL | ||
SSO_KEEP_ALIVE_SESSION | ||
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/searchMasterHost |
The Search server host name.
Note: This parameter is only required with the solr-based
search solution auth environment. The default value is the solr search master
service name. |
SEARCH_HOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/searchSlaveHost |
The Search server host name.
Note: This parameter is only required to be defined within
the live environment. The default value is the solr search slave service
name. |
SEARCH_HOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/searchSlaveRepeater |
The Search server host name.
Note: This parameter is only required to be defined within
the live environment. The default value is the solr search repeater service
name. |
SEARCH_REPEATER_HOST |