Docker container start up configuration parameters
Whenever you specify OVERRIDE_PRECONFIG=true or VAULT_CA=true, there are mandatory parameters that you need to specify, otherwise the container will not start. The following tables summarize the list of mandatory and optional parameters for each container.- Transaction server parameters when OVERRIDE_PRECONFIG=true
- Search server parameters when OVERRIDE_PRECONFIG=true
- Store server parameters when OVERRIDE_PRECONFIG=true
- Utility server parameters when OVERRIDE_PRECONFIG=true
- Mandatory parameters when VAULT_CA=true
Transaction server parameters when OVERRIDE_PRECONFIG=true
| Parameter name | Description | Mandatory |
|---|---|---|
| TENANT | The name of the group that contains your set of environments. For example, MyCompany. | Yes. |
| ENVIRONMENT | The name of the environment. For example, Non-production. | Yes. |
| ENVTYPE | Then type of environment. For example, auth. | Yes. |
| VAULT_TOKEN | The Vault token to use to connect to Vault and request certification from Vault PKI. | Yes if we are using Vault. |
| VAULT_URL | The HTTP API endpoint to connect to Vault and request certification from Vault PKI. For example, http://Vault_IP:8200/v1. | Yes if we are using Vault. |
| STOREWEB_HOST | The external store hostname that can be used to access the store by a
browser. If we are using DC/OS or Kubernetes, this is the exposed hostname on the load balancer,
such as store.demoqaauth.cn.ibm.com.
Note: If you have multiple stores running on multiple domains, we can configure your domains to redirect to STOREWEB_HOST to ensure that Management Center store preview works for all stores. The Transaction server will identify the different stores through the ID in the store URL. | Yes |
| DBHOST | The database hostname. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. |
| DBNAME | The name of the database. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. |
| DBUSER | The database user name. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. |
| DBPASS | The database user password. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. |
| DBPORT | The database port. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. |
| DBAUSER | The database administrator name. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. |
| DBAPASSENCRTY | The database administrator encrypted password. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. |
| ENABLE_DB_SSL | Determines whether to enable SSL protocol for connections to the database. Valid values are true or false. | Yes. |
| DBHOST_LIVE | The database hostname in the live environment. | Yes for Transaction server on an authoring environment.
Note: If the value is stored in Vault, we can ignore this parameter. |
| DBNAME_LIVE | The name of the database in the live environment. | Yes for Transaction server on an authoring environment.
Note: If the value is stored in Vault, we can ignore this parameter. |
| DBPASS_LIVE | The database user password in the live environment. | Yes for Transaction server on an authoring environment.
Note: If the value is stored in Vault, we can ignore this parameter. |
| DBPORT_LIVE | The database port in the live environment. | Yes for Transaction server on an authoring environment.
Note: If the value is stored in Vault, we can ignore this parameter. |
| DBUSER_LIVE | The database user name in the live environment. | Yes for Transaction server on an authoring environment.
Note: If the value is stored in Vault, we can ignore this parameter. |
| MERCHANTKEY_ENCRYPT | The encrypted merchant key that was created when you or an administrator loaded the WebSphere Commerce database schema. See Loading the WebSphere Commerce database schema. | Yes. |
|
|
|
|
| LOCALSTOREWEB | The web server host name of a local store if you migrated from WebSphere Commerce Version 7 or Version 8. | Yes if we are using a local store. |
| adminPassword | The password for user configadmin, which is used to access the WebSphere Application Server Administrative Console. | No. |
| TRACE_SPEC | Sets trace specifications. For more information about trace, see Trace components | No. |
| BLUE_ID_SERVER | idaas.iam.ibm.com | No. |
| KAFKA_SERVERS | Works with ZOOKEEPER_SERVERS to configure the container to catch validation. | No. |
| ZOOKEEPER_SERVERS | Works with KAFKA_SERVERS, to configure the container to catch validation. Remote Store just need it to set catch validation. | No. |
| OIDC_CLIENT_ID | No Default Value, works with OIDC_CLIENT_SECRET to enable IBMid feature for single sign-on. | No. |
| OIDC_CLIENT_SECRET | No Default Value, works with OIDC_CLIENT_ID to enable IBMid feature | No. |
| BLUE_ID_PROVIDERHOST | The provider host for single sign-on. | No. |
| SESSION_KEY_ENCRYPT | Encrypted session key. | No. |
| SESSION_KEY_ENCRYPT | Encrypted session key. | No. |
SPIUSER_PWD
Search server parameters when OVERRIDE_PRECONFIG=true
| Parameter name | Description | Mandatory | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| TENANT | The name of the group that contains your set of environments. For example, MyCompany. | Yes. | |||||||||||||||
| ENVIRONMENT | The name of the environment. For example, Non-production. | Yes. | |||||||||||||||
| ENVTYPE | Then type of environment. For example, auth. | Yes. | |||||||||||||||
| VAULT_TOKEN | The Vault token to use to connect to Vault and request certification from Vault PKI. | Yes if we are using Vault and pass VAULT_TOKEN and VAULT_URL. | |||||||||||||||
| VAULT_URL | The Vault URL to use to connect to Vault and request certification from Vault PKI. | Yes if we are using Vault and pass VAULT_TOKEN and VAULT_URL. | |||||||||||||||
| DBHOST | The database hostname. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. | |||||||||||||||
| DBNAME | The name of the database. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. | |||||||||||||||
| DBPASS | The database user password. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. | |||||||||||||||
| DBPORT | The database port. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. | |||||||||||||||
| DBUSER | The database user name. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. | |||||||||||||||
| SOLR_MASTER
SOLR_SLAVE | SOLR_MASTER and SOLR_SLAVE work together to determine the search node type. To configure the Search server container as:
SOLR_MASTER=true SOLR_SLAVE=true
SOLR_MASTER=false SOLR_SLAVE=true
Yes
| SOLR_MASTER_SERVER_URL
| The IP and port of the search node to poll from.
|
search-repeater-ip:3737
Yes for the search-repeater on the live environment.
| SOLR_REPLICATION_POLLINTERVAL
| The replication poll interval.
| Yes for the search-slave on the live environment.
| WORKAREA
| The search index path in the Search server Docker container. For
example,
| /search
Yes all search nodes.
|
|
|
|
TRACE_SPEC
| Sets trace specifications. For more information about trace, see Trace components
| No.
| |
Store server parameters when OVERRIDE_PRECONFIG=true
| Parameter name | Description | Mandatory |
|---|---|---|
| TENANT | The name of the group that contains your set of environments. For example, MyCompany. | Yes. |
| ENVIRONMENT | The name of the environment. For example, Non-production. | Yes. |
| ENVTYPE | Then type of environment. For example, auth. | Yes. |
| VAULT_TOKEN | The Vault token to use to connect to Vault and request certification from Vault PKI. | Yes if we are using Vault and pass VAULT_TOKEN and VAULT_URL. |
| VAULT_URL | The Vault URL to use to connect to Vault and request certification from Vault PKI. | Yes if we are using Vault and pass VAULT_TOKEN and VAULT_URL. |
| SSLPort | The remote store page redirect secure port. | Yes. |
| NONSSLPort | The remote store page redirect non-secure port. | Yes. |
|
|
|
|
| TRACE_SPEC | Sets trace specifications. For more information about trace, see Trace components | No. |
| ZOOKEEPER_SERVERS | Works with KAFKA_SERVERS, to configure the container to catch validation. | No. |
Utility server parameters when OVERRIDE_PRECONFIG=true
| Parameter name | Description | Mandatory |
|---|---|---|
| ENVTYPE | Then type of environment. For example, auth. | Yes. |
| DBHOST | The database hostname. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. |
| DBNAME | The name of the database. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. |
| DBPASS | The database user password. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. |
| DBPORT | The database port. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. |
| DBUSER | The database user name. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. |
| DBAUSER | The database administrator name. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. |
| DBAPASSENCRTY | The database administrator encrypted password. | Yes.
Note: If the value is stored in Vault, we can ignore this parameter. |
| ENABLE_DB_SSL | Determines whether to enable SSL protocol for connections to the database. Valid values are true or false. | Yes. |
Mandatory parameters when VAULT_CA=true
If you do not use Vault for certification management, then do not specify VAULT_CA=true.
To use Vault for certification management, you need to use the PKI secret backend for Vault. For more information about configuring Vault, see the sample implementation, . When VAULT_CA=true, the container start up logic executes the /SETUP/bin/updateCerts.sh script to import internal and third-party certificates from Vault. We need to specify the following environment parameters so that the script can import the certificates from Vault.
| Parameter name | Description |
|---|---|
| TENANT | The name of the group that contains your set of environments. For example, MyCompany. |
| ENVIRONMENT | The name of the environment. For example, Non-production. |
| ENVTYPE | Then type of environment. For example, auth. |
| VAULT_TOKEN | The Vault token to use to connect to Vault and request certification from Vault PKI. |
| VAULT_URL | The Vault URL to use to connect to Vault and request certification from Vault PKI. |
Related reference
WebSphere Commerce runtime environment overview
Docker container start up logic for 9.0.0.0 and 9.0.0.1
Related information:
Implement a continuous deployment pipeline for WebSphere Commerce Version 9