Starting the Nifi Docker container by retrieving parameters from Vault
Learn about how to start the Nifi Docker container by specifying
CONFIGURE_MODE=Vault
.
Mandatory environment variables
Environment variable name | Description | Comments |
---|---|---|
TENANT | The name of the group that contains your set of environments. For example, MyCompany. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.tenant . |
ENVIRONMENT | The name of the environment. For example, Non-production. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.environmentName . |
VAULT_TOKEN | The Vault token to use to connect to Vault and request certification from Vault PKI. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.vaultToken . |
VAULT_URL | The Vault URL to use to connect to Vault and request certification from Vault PKI. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.vaultUrl . |
CONFIGURE_MODE | The configure mode. Accepted values are:
|
Container environment variable. This can be specified in the
values.yaml configuration file under
common.configureMode . |
Mandatory Vault configuration variables
These are the mandatory Vault key values that you must specify within Vault to configure the Nifi Docker container to use the Vault configuration mode.
Vault path | Description | Reference Environment Variable |
---|---|---|
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbHost |
The database host name for the environment. | ${ENVTYPE}_DBHOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbPort |
The database port number. | ${ENVTYPE}_DBPORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbUser |
The HCL Commerce database user name. | ${ENVTYPE}_DBUSER |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbPassword |
The HCL Commerce database user password. | ${ENVTYPE}_DBPASS |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbName |
The database name. | ${ENVTYPE}_DBNAME |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/spiUserName Note: This value is optional
as of HCL Commerce 9.1.7.0. |
The spiuser user name. If the value is not defined, then spiuser is used. |
SPIUSER_NAME |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/adminSpiUserPwd |
The plain text spiuser user password. The ADMIN_SPIUSER_PWD must be the same value as SPIUSER_PWD but kept as plain text. To set the password in your custom Docker containers, see Setting the spiuser password in your Docker images. |
ADMIN_SPIUSER_PWD |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/elasticSearchHost |
Specify an elasticSearchHost value. | ELASTICSEARCH_HOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/elasticSearchPort |
Specify a value if you want to set an elasticSearchPort value, instead of using the default value. | ELASTICSEARCH_PORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/zookeeperHost |
Specify a value if you want to set a zookeeperHost value, instead of using the default value. | ZOOKEEPER_HOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/redisHost |
Specify the Redis hostname that NiFi will connect to for event messages. | REDIS_HOST |
Optional Vault configuration variables
These are the optional Vault key values that you can specify within Vault to configure the NiFi Docker container when used with the Vault configuration mode.
Vault path | Description | Reference Environment Variable |
---|---|---|
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/domainName |
Specify the internal service domain name. If the deployed
environment is on a special namespace on Kubernetes, then the domain name should
be .svc.cluster.local. If no value is specified, then the
default, |
DOMAIN_NAME |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbType |
The database type. Accepted values are:
|
${ENVTYPE}_DBTYPE |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbSchema |
The database schema. | ${ENVTYPE}_DB_SCHEMA |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbSSLEnable |
Specify whether the database connection uses SSL. Accepted
values are:
false .Note: You
can also specify datasource credentials through the start up command if you do
not want to retrieve the datasource values from Vault. |
${ENVTYPE}_DB_SSLENABLE |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbSSLEnable |
Specify whether the database connection uses SSL. Accepted
values are:
false .Note: You
can also specify datasource credentials through the start up command if you do
not want to retrieve the datasource values from Vault. |
DB_SSLENABLE |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/jdbcUrl |
Specify the database connection URL. The URL is
constructed based on the database type and whether or not SSL is enabled.
|
${ENVTYPE}_JDBC_URL |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/jdbcDriver |
Specify a value if you want to change the
default database driver location for NiFi. The default values are:
|
${ENVTYPE}_JDBC_DRIVER_LOCATION |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/jdbcDriverClass |
Specify a value if you want to
change the default database driver class for NiFi. The default values are:
|
${ENVTYPE}_JDBC_DRIVER_CLASSNAME |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/elasticSearchPort |
Specify a value if you want to set an elasticSearchPort value, instead of using the default value. | ELASTICSEARCH_PORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/elasticSearchScheme |
Specify a value if you want to set an elasticSearchScheme value, instead of using the default value. | ELASTICSEARCH_SCHEME |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/elasticSearchShardCount |
Specify the number of shards to store the indexes for that environment, within the Elasticsearch service. The default value is 1. |
|
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/elasticSearchReplicaCount |
Specify the number of replicas for indexes for that environment, within the Elasticsearch service. The default value is 0. |
|
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/zookeeperHost |
Specify a value if you want to set a zookeeperHost value, instead of using the default value. | ZOOKEEPER_HOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/zookeeperPort |
Specify a value if you want to set a
zookeeperPort value, instead of using the default
value. The default value is |
ZOOKEEPER_PORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/zookeeperScheme |
Specify a value if you want to set a
zookeeperScheme value, instead of using the default
value. The default value is |
ZOOKEEPER_SCHEME |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiClusterIsNode |
Specify whether the NiFi installation is a standalone
installation. Accepted values are:
false . |
NIFI_CLUSTER_IS_NODE |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiClusterNodeProtocalPort |
Specify a value for the NiFi cluster
node port. The default value is 8082 . |
NIFI_CLUSTER_NODE_PROTOCOL_PORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiElectionMaxWait |
Specify a value if you want to if you want to set the maximum wait time for the NiFi election node service. | NIFI_ELECTION_MAX_WAIT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiJvmHeapInit |
Specify a value if you want to set a
nifiJvmHeapInit value, instead of using the default
value. |
NIFI_JVM_HEAP_INIT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiHost |
The NiFi service host name. The default value is
nifi . |
NIFI_HOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiPort |
The Nifi service port. The default value is
30600 . |
NIFI_PORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiScheme |
The Nifi service scheme. The default value is
http . |
NIFI_SCHEME |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiWebHttpPort |
The NiFi service web HTTP port. The default value is
30600 . |
NIFI_WEB_HTTP_PORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/queryHost |
The Search server host name for the Elasticsearch-based search solution. Specify a value if you want to set queryHost, instead of using the default value. | QUERY_HOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/queryPort |
The Search server port number for
the Elasticsearch-based search solution. Specify a value if you want to set
queryPort, instead of using the default value. The
default value is |
QUERY_PORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/queryScheme |
The Search server scheme for the
Elasticsearch-based search solution. Specify a value if you want to set
queryScheme, instead of using the default value. The
default value is |
QUERY_SCHEME |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nlpEnableLanguageCode |
The language code for the Natural Language
Processing (NLP) feature. Specify a comma separated list of language codes for
natural language processing. For example, en,es. In this
example, NLP is enabled for both English and Spanish.
|
NLP_ENABLE_LANGUAGE_CODE |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/redisHost |
Specify the Redis hostname that NiFi will connect to for event messages. | REDIS_HOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/redisPort |
Specify the Redis port number that NiFi will connect to
for event messages. The default value is |
REDIS_PORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/redisPasswordEncrypt |
The encrypted Redis server password. | REDIS_PASSWORD_ENCRYPT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/enableJsonLogging |
Enable JSON logging. Accepted values are
The default value is false. |
ENABLE_JSON_LOGGING |