Starting the Registry Docker container by retrieving parameters from Vault
Learn about how to start the Registry Docker container by specifying
CONFIGURE_MODE=Vault
.
Mandatory environment variables
Environment variable name | Description | Comments |
---|---|---|
TENANT | The name of the group that contains your set of environments. For example, MyCompany. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.tenant . |
ENVIRONMENT | The name of the environment. For example, Non-production. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.environmentName . |
VAULT_TOKEN | The Vault token to use to connect to Vault and request certification from Vault PKI. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.vaultToken . |
VAULT_URL | The Vault URL to use to connect to Vault and request certification from Vault PKI. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.vaultUrl . |
CONFIGURE_MODE | The configure mode. Accepted values are:
|
Container environment variable. This can be specified in the
values.yaml configuration file under
common.configureMode . |
Optional environment variables
These are the optional environment variables that you can specify to configure the Registry Docker container.
All parameters that you specify as container environment variables take precedence over the values that are stored in Vault.
Environment variable name | Description | Comments |
---|---|---|
SCHEDULER_WAIT_SEC | SCHEDULER_WAIT_SEC is used to control how
often to run the scheduler job, in seconds. The default value is 300 (5 minutes). As of HCL Commerce 9.1.15.0, there
is a corresponding Vault value that can be used for
configuration,
|
In the HCL Commerce 9.1.14.0 release, the NiFi Registry
container is now run as a non-root user. However, the
cron job that is used to run the scheduler is
required to run as the root user. Therefore, this mechanism is
introduced to run scheduled_job.sh. You can check
the log at the following path,
/SETUP/scheduler/job.log. The environment variable SCHEDULER_WAIT_SEC can be added to the registry-app.yaml configuration file after the LICENSE acceptance parameter. For example, to set the scheduler to run every
360 seconds:
|
Mandatory Vault configuration variables
These are the mandatory Vault key values that you must specify within Vault to configure the Registry Docker container to use the Vault configuration mode.
Vault path | Description | Reference Environment Variable |
---|---|---|
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/elasticSearchHost |
Specify an elasticSearchHost value. | ELASTICSEARCH_HOST |
Optional Vault configuration variables
These are the optional Vault key values that you can specify within Vault to configure the Registry Docker container when used with the Vault configuration mode.
Vault path | Description | Reference Environment Variable |
---|---|---|
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/domainName |
Specify the internal service domain name. If the deployed
environment is on a special namespace on Kubernetes, then the domain name should
be .svc.cluster.local. If no value is specified, then the
default, |
DOMAIN_NAME |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/elasticSearchPort |
Specify a value if you want to set an elasticSearchPort value, instead of using the default value. | ELASTICSEARCH_PORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/elasticSearchScheme |
Specify a value if you want to set an elasticSearchScheme value, instead of using the default value. | ELASTICSEARCH_SCHEME |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiHost |
The Nifi service host name. The default value is
|
NIFI_HOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiPort |
The Nifi service port. The default value is
|
NIFI_PORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiScheme |
The Nifi service scheme. The default value is
|
NIFI_SCHEME |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/search-registry-app/schedulerWaitSeconds |
The registry service scheduler job
run interval, in seconds. The default value is
As of the HCL Commerce9.1.14.0 release, the NiFi Registry container is now run as a non-root user. However, the cron job that is used to run the scheduler is required to run as the root user. Therefore, this mechanism is introduced to run scheduled_job.sh. You can check the log at the following path, /SETUP/scheduler/job.log. |
SCHEDULER_WAIT_SEC |