Starting the Search server Docker container by retrieving parameters from Vault

Learn about how to start Search server Docker container by specifying CONFIGURE_MODE=Vault.

Mandatory environment variables

These are the mandatory environment variables that you must specify to configure the Search server Docker container to retrieve additional parameters from Vault.
Environment variable name Description Comments
TENANT The name of the group that contains your set of environments. For example, MyCompany. Container environment variable. This can be specified in the values.yaml configuration file under common.tenant.
ENVIRONMENT The name of the environment. For example, Non-production. Container environment variable. This can be specified in the values.yaml configuration file under common.environmentName.
ENVTYPE The environment type. Accepted values are auth and live. Container environment variable. This can be specified in the values.yaml configuration file under common.environmentType.
VAULT_TOKEN The Vault token to use to connect to Vault and request certification from Vault PKI. Container environment variable. This can be specified in the values.yaml configuration file under common.vaultToken.
VAULT_URL The Vault URL to use to connect to Vault and request certification from Vault PKI. Container environment variable. This can be specified in the values.yaml configuration file under common.vaultUrl.
SOLR_MASTER_SERVER_URL The Vault URL of the Solr Master server URL.

This is mandatory for the Solr slave and the Solr repeater.

Container environment variable.
Generated based on contents of values.yaml.
solr slave: { common.tenant }{common.environmentName}}livesearch-app-repeater.{ Namespace }.svc.cluster.local:3738 
solr repeater: { common.tenant }{common.environmentName}}livesearch-app-master.{ Namespace }.svc.cluster.local:3738
  • SOLR_MASTER
  • SOLR_SLAVE
SOLR_MASTER and SOLR_SLAVE are used together to determine the search node type.
To configure the Search server container as a:
  • Search-master node.
    • SOLR_MASTER=true
    • SOLR_SLAVE=false
  • Search-repeater node.
    • SOLR_MASTER=true
    • SOLR_SLAVE=true
  • Search-subordinate node.
    • SOLR_MASTER=false
    • SOLR_SLAVE=true
SOLR_MASTER and SOLR_SLAVE are handled by the Helm Chart template.
CONFIGURE_MODE The configure mode.
Accepted values are:
  • Vault for Vault configuration.
  • EnvVariables for environment variables configuration.
Set this value to Vault to use Vault configuration, and the configurations present within this reference.
Container environment variable. This can be specified in the values.yaml configuration file under common.configureMode.

Optional environment variables

These are the optional environment variables that you can specify to configure the Search server Docker container.

All parameters that you specify as container environment variables take precedence over the values that are stored in Vault.

Environment variable name Description Comments
EXPOSE_METRICS Specify if you want to enable metrics for the environment.
Accepted values are:
  • true for enabled.
  • false for disabled.
The default value is set to true.
Container environment variable. This can be specified in the values.yaml configuration file under metrics.enabled.
SOLR_REPLICATION_POLLINTERVAL The replication poll interval for Search subordinate servers within the live environment.
WORKAREA

The search index path in the Search server Docker container.

For example, /search.

Mandatory Vault configuration variables

These are the mandatory Vault key values that you must specify within Vault to configure the Search server Docker container to use the Vault configuration mode.

Vault path Description Reference Environment Variable
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/spiUserName
HCL Commerce Version 9.1.7.0 or laterNote: This value is optional as of HCL Commerce 9.1.7.0.
The spiuser user name.

HCL Commerce Version 9.1.7.0 or laterIf the value is not defined, then spiuser is used.

SPIUSER_NAME
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/spiUserPwd The ASCII encrypted spiuser user password.

To set the password in your custom Docker containers, see Setting the spiuser password in your Docker images.

SPIUSER_PWD
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/adminSpiUserPwd The plain text spiuser user password.

The ADMIN_SPIUSER_PWD must be the same value as SPIUSER_PWD but kept as plain text.

To set the password in your custom Docker containers, see Setting the spiuser password in your Docker images.

ADMIN_SPIUSER_PWD
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/domainName Specify the internal service domain name. If the deployed environment is on a special namespace on Kubernetes, then the domain name should be .svc.cluster.local.

If no value is specified, then the default, default.svc.cluster.local, is used.

DOMAIN_NAME
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbHost The database host name for the environment.
Note: This value is only mandatory in the auth environment for WCPublishDataSource.
DBHOST
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbPort The database port number.
Note: This value is only mandatory in the auth environment for WCPublishDataSource.
DBPORT
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/sessionKeyEncrypt
HCL Commerce Version 9.1.12.0 or laterNote: Now mandatory, this value was optional prior to HCL Commerce 9.1.12.0.
The encrypted session key value is generated using wcs_encrypt.sh utility to encrypt 32 random hexadecimal characters.
Note: Do not specify an encryption key when running wcs_encrypt.sh.
The Session key is used to encrypt cookies and sensitive customer facing data. For example, the krypto URL parameter.
Important: You must specify your own session key for the security of your HCL Commerce installation. Do not use the default value contained within the provided sample configuration files and documentation examples.
SESSION_KEY_ENCRYPT

Optional Vault configuration variables

These are the optional Vault key values that you can specify within Vault to configure the Search server Docker container when used with the Vault configuration mode.

Vault path Description Reference Environment Variable
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbSSLEnable Specify whether the database connection uses SSL.
Accepted values are:
  • true for an SSL connection.
  • false for an unencrypted connection.
The default value is false.
Note: You can also specify datasource credentials through the start up command if you do not want to retrieve the datasource values from Vault.
DB_SSLENABLE
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbType The database type.
Accepted values are:
  • db2 for IBM Db2 Database.
  • oracle for Oracle Database.
The default value is db2.
DBTYPE
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbXA Specify if the XA function is enabled for the database.
Accepted values are:
  • true for enabled.
  • false for disabled.
The default value is false.
Note: You can also specify datasource credentials through the start up command if you do not want to retrieve the datasource values from Vault.
DB_XA
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/txHost The Transaction server host name.

The default value is app.

TX_HOST
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/txPort The Transaction server port number.

The default value is 5443.

TX_PORT
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/xcHost Specify a value if you want to set a host name for the Customization server, instead of using the default value. XC_HOST
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/xcPort Specify a value if you want to set a port number for the Customization server, instead of using the default value. XC_PORT
HCL Commerce Version 9.1.6.0 or later${VAULT_URL}/${TENANT}/${ENVIRONMENT}/enableJsonLogging Enable JSON logging.
Accepted values are
  • true to enable JSON logging.
  • false to disable JSON logging.

The default value is false.

ENABLE_JSON_LOGGING
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/traceSpecification/search-app If you want to change the trace specification for the Search server, specify a value. TRACE_SPEC
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/healthCenterEnable/search-app Specify a value if you want to enable Health Center.
Accepted values are:
  • true for enabling Health Center.
  • false for not enabling Heather Center.
The default value is false.
HEALTH_CENTER_ENABLED
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/threadMonitorEnable/search-app Specify a value if you want to enable Thread Monitor.
Accepted values are:
  • true for enabling Thread Monitor.
  • false for not enabling Thread Monitor.
The default value is false.
THREAD_MONITOR_ENABLED
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/redisPasswordEncrypt The encrypted Redis password. REDIS_PASSWORD_ENCRYPT