Azure SQL Settings
Azure SQL
Sample Docker Compose files for Azure SQL are included in the Dockerfiles you can download from the ThingWorx Platform part of the PTC Software Downloads site.
* 
You must have an Azure SQL database configured in Microsoft Azure to use it with ThingWorx Dockerfiles. For information on setting up an AzureSQL database, see Using Azure SQL Server as the Persistence Provider.
* 
The initial memory is set to 2 GB, and the maximum memory is set to 4 GB.
You can add the following options to the environment section of the platform service to control the configuration of this instance:
Variable Names
Values
Defaults
Comments
DATABASE_HOST
String
N/A
Specifies the URL for the Azure SQL database.
DATABASE_PORT
Number
1433
Specifies the port number for the SQL Server database.
DATABASE_ADMIN_USERNAME
String
N/A
Specifies the administrator user name for the Azure SQL database. Set only if you want the docker container to create TWX_DATABASE_USERNAME and initialize ThingWorx database tables.
DATABASE_ADMIN_PASSWORD
String
N/A
Specifies the administrator password for the Azure SQL database. Set only if you want the docker container to create TWX_DATABASE_USERNAME and initialize ThingWorx database tables.
DB_TYPE
String
azuresql
Specifies the name of the default persistence provider. Note: This variable is not supported in ThingWorx 9.3.0 and later versions.
ENABLE_HTTP
true/false
true
Enables the HTTP connector on Tomcat for unsecured traffic to the container
ENABLE_HTTPS
true/false
false
Enables the HTTPS connector on Tomcat for secured traffic to the container. You must also provide a keystore and set SSL_KEYSTORE_PASSWORD
SSL_KEYSTORE_PASSWORD
String
PASSWORD
Specifies the password to keystore used for SSL communication in Tomcat.
SSL_KEYSTORE_BASE_PATH
String
/ThingworxPlatform
Specifies the path to the Tomcat SSL keystore. If you store the keystore in a location in the container other than the default folder, you must set this variable.
SSL_KEYSTORE_FILENAME
String
keystore.jks
Specifies the file name for the Tomcat SSL keystore. If your keystore has a file name other than the default, you must set this variable.
TOMCAT_SSL_PROTOCOLS
String
TLSv1.2
Specifies the Tomcat SSL protocol. Set this if you want to override the accepted SSL protocols in Tomcat.
SERVER_HTTP_PORT
String
8080
Specifies the port that Tomcat monitors for HTTP communication. Note that if this port is changed, you must change the exposed ports in the Compose file.
SERVER_HTTPS_PORT
String
8443
Specifies the port that Tomcat monitors for HTTPS communication. Note that if this port is changed, you must change the exposed ports in the Compose file.
DOCKER_DEBUG
true/false
false
Toggles the option for recording debugging information when the container starts up. Note that this might contain sensitive information.
TWX_DATABASE_USERNAME
String
""
Specifies the ThingWorx user that will be created for the database. This variable must be manually set before starting the ThingWorx Platform.
TWX_DATABASE_PASSWORD
String
""
Specifies the password for the ThingWorx user for the database. This variable must be manually set before starting the ThingWorx Platform. The variable must also conform to the password policy for Azure SQL Database. See Password Policy for details.
TWX_DATABASE_SCHEMA
String
""
Specifies the schema name for the ThingWorx instance. This variable must be manually set before starting the ThingWorx Platform.
LS_USERNAME
String
""
Specifies the PTC login user name to get your ThingWorx License.
LS_PASSWORD
String
""
Specifies the PTC login password to get your ThingWorx License.
ENABLE_BACKUP
true/false
false
Toggles the option for backups.
ENABLE_LOGGING
true/false
true
Toggles the option for logging.
ENCRYPT_CREDENTIALS
true/false
false
Toggles the option to encrypt passwords for databases and licensing in the platform-settings.json file.
THINGWORX_INITIAL_ADMIN_PASSWORD
String
""
Sets the initial password for the Administrator user in ThingWorx. This variable must be manually set before starting the ThingWorx Platform. This password may be changed after ThingWorx starts up successfully.
* 
There is a minimum length for passwords that must be met. For more information on passwords, see User Passwords.
THINGWORX_INITIAL_METRICS_USER_PASSWORD
String
""
Sets the initial password for the MetricsUser in ThingWorx. This is an optional variable. Set it manually before starting the ThingWorx Platform. This password may be changed after ThingWorx starts up successfully.
EXTPKG_IMPORT_POLICY_ENABLED
true/false
false
Controls global enable/disable of Extension Package import through the Extension Package Uploader.
EXTPKG_IMPORT_POLICY_ALLOW_JARRES
true/false
false
Controls import permissions for Extension Packages that contain Jar (Java) resources. If false and the Extension contains jar files, the import will fail.
EXTPKG_IMPORT_POLICY_ALLOW_JSRES
true/false
false
Controls import permissions for Extension Packages that contain Javascript resources. If false and the Extension contains javascript files, the import will fail.
EXTPKG_IMPORT_POLICY_ALLOW_CSSRES
true/false
false
Controls import permissions for Extension Packages that contain CSS resources. If false and the Extension contains css files, the import will fail.
EXTPKG_IMPORT_POLICY_ALLOW_JSONRES
true/false
false
Controls import permissions for Extension Packages that contain JSON resources. If false and the Extension contains json files, the import will fail.
EXTPKG_IMPORT_POLICY_ALLOW_WEBAPPRES
true/false
false
Controls import permissions for Extension Packages that contain WebApps resources. If false and the Extension contains WebApp resource files, the import will fail.
EXTPKG_IMPORT_POLICY_ALLOW_ENTITIES
true/false
false
Controls import permissions for Extension Packages that contain non-extensible entity definitions. If false and the Extension contains non-extensible entity definitions other than the Extension Package entity, the import will fail.
EXTPKG_IMPORT_POLICY_ALLOW_EXTENTITIES
true/false
false
Controls import permissions for Extension Packages that contain extensible entity definitions. If false and the Extension contains extensible entity definitions other than the Extension Package entity, the import will fail.
ENABLE_CONSOLE_OUTPUT
true/false
false
Enable console logging.
ENABLE_CLUSTERED_MODE
true/false
false
Set to true to enable clustered mode.
HTTP_PORT
Number
Null
Port used for for HTTP communication should match SERVER_HTTP_PORT. Used for service discovery.
HTTP_SERVICE_NAME
String
thingworx-http
HTTP service name for ThingWorx Platform. Used for service discovery.
HTTPS_PORT
Number
Null
Port used for HTTPS communication should match SERVER_HTTPS_PORT. Used for service discovery.
HTTPS_SERVICE_NAME
String
thingworx-https
HTTPS service name for ThingWorx Patform. Used for service discovery.
MASHUP_WEBSOCKET_CONNECTION_ALIVE_AFTER_TIMEOUT
Boolean
false
Controls whether mashup WebSocket connections are automatically disconnected when the mashup is not actively visible in the browser. When true, connections running in a background browser tab or window are maintained.
TOMCAT_SSL_CIPHERS
String
“”
Optional list of comma-separated cipher suites. Limits HTTPS connections to only these ciphers listed. If not set the default JVM ciphers are used.
TOMCAT_COMPRESSION
on/off/force
off
Enables or disables Tomcat compression. The connector may use HTTP/1.1 GZIP compression to save server bandwidth. Acceptable values include off (disable compression), on (allow compression, which causes text data to be compressed), and force (forces compression in all cases).
* 
If the connector supports the sendfile feature, (for instance, the NIO connector), using sendfile will take precedence over compression.
TOMCAT_COMPRESSION_MIN_SIZE
Number
2048
Specifies the minimum amount of data before the output is compressed when TOMCAT_COMPRESSION is on.
TOMCAT_USE_SEND_FILE
true/false
true
Enables or disables the sendfile capability. Use of sendfile will disable any compression that Tomcat may otherwise have performed on the response.
COORDINATOR_HOSTS
String
“”
Comma-separated list of Zookeeper endpoints. Each endpoint is _host_:_port_.
IGNITE_ZK_CONNECTION
String
“”
Zookeeper host and port used for service discovery
ZK_SSL_ENABLED
true/false
false
Enables SSL for Zookeeper.
ZK_SSL_KEYSTORE_LOCATION
String
/certs/zookeeper.p12
Path to the Zookeeper KeyStore.
ZK_SSL_KEYSTORE_PASSWORD
String
“”
Password for the Zookeeper KeyStore.
ZK_SSL_TRUSTSTORE_LOCATION
String
“”
Path for the Zookeeper TrustStore.
ZK_SSL_TRUSTSTORE_PASSWORD
String
“”
Password for the Zookeeper KeyStore.
CATALINA_OPTS
String
“”
Java runtime options passed to Tomcat.
DATABASE_ADMIN_SCHEMA
String
postgres
Name of the default schema on the DB server.
TWX_KEYSTORE_PASSWORD
String
“”
The password to use to set the ThingWorx KeyStore password. If not set, ThingWorx creates a random password on the first boot.
Set this password to make sure a specific password is used for HA setups and for restoring old data/volumes.
SECRET_CX_APP_KEY
String
“”
Application key that connection server will use to connect to ThingWorx
SECRET_PROVISIONING_APP_KEY
String
“”
Application key used for provisioning ThingWorx on first startup. Generate a random GUID as a value for the required SECRET_PROVISIONING_APP_KEY.
EXTPKG_IMPORT_POLICY_HA_COMPATIBILITY_LEVEL
WARN/DENY
WARN
Extension Import Policy configuration that controls whether to allow or deny extensions that are compatible with HA. Options are WARN or DENY.
If set to WARN, extensions that are not HA-compliant will be imported with a warning written to the Application Log.
If set to DENY, only extensions that are HA-compliant are allowed to be imported.
ENABLE_PROPERTY_TRANSFORM
true/false
false
Set to true to enable Property Transform.
PROPERTY_TRANSFORM_RABBITMQ_HOST
“”
localhost
RabbitMQ host for use with Property Transform.
PROPERTY_TRANSFORM_RABBITMQ_PORT
String
5672
RabbitMQ port for use with Property Transform.
PROPERTY_TRANSFORM_RABBITMQ_USERNAME
String
admin
RabbitMQ username for use with Property Transform.
PROPERTY_TRANSFORM_RABBITMQ_PASSWORD
String
“”
RabbitMQ password for use with Property Transform.
PROPERTY_TRANSFORM_RABBITMQ_VHOST
String
/
RabbitMQ Vhost for use with Property Transform.
IGNITE_SSL_ACTIVE
true/false
false
Enables SSL for Ignite.
IGNITE_KEYSTORE_FILE_PATH
String
/certs/ignite.pfx
Path to the Ignite KeyStore.
IGNITE_KEYSTORE_PASSWORD
String
“”
Password for the Ignite KeyStore.
ZK_SASL_ENABLED
true/false
false
Enable SASL authentication in Zookeeper.
ZK_SASL_SECURITY_KRB5_CONF
String
/tmp1/krb5.conf
Path to Kerberos configuration file.
ZK_SASL_SECURITY_AUTH_LOGIN_CONFIG
String
/tmp1/jaas.conf
Path to JAAS configuration file.
AKKA_SSL_ENABLED
true/false
true
Turn on/off tls Akka communication.
AKKA_KEYSTORE
String
/certs/keystore.jks
Path to the Akka keystore can be stored in the certs volume. For example, /certs/keystore.jks.
AKKA_TRUSTSTORE
String
/certs/truststore.jks
Path to the Akka truststore can be stored in the certs volume. For example, /certs/truststore.jks.
AKKA_KEYSTORE_PASSWORD
String
No default value set.
Password from AKKA_KEYSTORE.
AKKA_TRUSTSTORE_PASSWORD
String
No default value set.
Password from AKKA_TRUSTSTORE.
PROVISIONING_APPKEY_DURATION
Number
1 Day
The duration of provisioning app key can be configured to have a longer time before expiration.
You can also change the volume path to a location specific to your site. The volume path uses the following syntax:
"./path_to_local_mount:/path_to_container_mount"
For example:
"/opt/ThingworxPlatform:/ThingworxPlatform"
* 
When updating the volume path, change only the local mount as the mount points of the internal container never change.
Was this helpful?