Azure SQL Settings
Azure SQL
Sample Docker Compose files for Azure SQL are included in the Dockerfiles you can download from the ThingWorx Platform part of the PTC Software Downloads site.
 |
You must have an Azure SQL database configured in Microsoft Azure to use it with ThingWorx Dockerfiles. For information on setting up an AzureSQL database, see Using Azure SQL Server as the Persistence Provider.
|
|
|
The initial memory is set to 2 GB, and the maximum memory is set to 4 GB.
|
You can add the following options to the environment section of the platform service to control the configuration of this instance:
|
Variable Names
|
Values
|
Defaults
|
Comments
|
||
|---|---|---|---|---|---|
|
DATABASE_HOST
|
String
|
N/A
|
Specifies the URL for the Azure SQL database.
|
||
|
DATABASE_PORT
|
Number
|
1433
|
Specifies the port number for the SQL Server database.
|
||
|
DATABASE_ADMIN_USERNAME
|
String
|
N/A
|
Specifies the administrator user name for the Azure SQL database. Set only if you want the docker container to create TWX_DATABASE_USERNAME and initialize ThingWorx database tables.
|
||
|
DATABASE_ADMIN_PASSWORD
|
String
|
N/A
|
Specifies the administrator password for the Azure SQL database. Set only if you want the docker container to create TWX_DATABASE_USERNAME and initialize ThingWorx database tables.
|
||
|
DB_TYPE
|
String
|
azuresql
|
Specifies the name of the default persistence provider. Note: This variable is not supported in ThingWorx 9.3.0 and later versions.
|
||
|
ENABLE_HTTP
|
true/false
|
true
|
Enables the HTTP connector on Tomcat for unsecured traffic to the container
|
||
|
ENABLE_HTTPS
|
true/false
|
false
|
Enables the HTTPS connector on Tomcat for secured traffic to the container. You must also provide a keystore and set SSL_KEYSTORE_PASSWORD
|
||
|
SSL_KEYSTORE_PASSWORD
|
String
|
PASSWORD
|
Specifies the password to keystore used for SSL communication in Tomcat.
|
||
|
SSL_KEYSTORE_BASE_PATH
|
String
|
/ThingworxPlatform
|
Specifies the path to the Tomcat SSL keystore. If you store the keystore in a location in the container other than the default folder, you must set this variable.
|
||
|
SSL_KEYSTORE_FILENAME
|
String
|
keystore.jks
|
Specifies the file name for the Tomcat SSL keystore. If your keystore has a file name other than the default, you must set this variable.
|
||
|
TOMCAT_SSL_PROTOCOLS
|
String
|
TLSv1.2
|
Specifies the Tomcat SSL protocol. Set this if you want to override the accepted SSL protocols in Tomcat.
|
||
|
SERVER_HTTP_PORT
|
String
|
8080
|
Specifies the port that Tomcat monitors for HTTP communication. Note that if this port is changed, you must change the exposed ports in the Compose file.
|
||
|
SERVER_HTTPS_PORT
|
String
|
8443
|
Specifies the port that Tomcat monitors for HTTPS communication. Note that if this port is changed, you must change the exposed ports in the Compose file.
|
||
|
DOCKER_DEBUG
|
true/false
|
false
|
Toggles the option for recording debugging information when the container starts up. Note that this might contain sensitive information.
|
||
|
TWX_DATABASE_USERNAME
|
String
|
""
|
Specifies the ThingWorx user that will be created for the database. This variable must be manually set before starting the ThingWorx Platform.
|
||
|
TWX_DATABASE_PASSWORD
|
String
|
""
|
Specifies the password for the ThingWorx user for the database. This variable must be manually set before starting the ThingWorx Platform. The variable must also conform to the password policy for Azure SQL Database. See Password Policy for details.
|
||
|
TWX_DATABASE_SCHEMA
|
String
|
""
|
Specifies the schema name for the ThingWorx instance. This variable must be manually set before starting the ThingWorx Platform.
|
||
|
LS_USERNAME
|
String
|
""
|
Specifies the PTC login user name to get your ThingWorx License.
|
||
|
LS_PASSWORD
|
String
|
""
|
Specifies the PTC login password to get your ThingWorx License.
|
||
|
ENABLE_BACKUP
|
true/false
|
false
|
Toggles the option for backups.
|
||
|
ENABLE_LOGGING
|
true/false
|
true
|
Toggles the option for logging.
|
||
|
ENCRYPT_CREDENTIALS
|
true/false
|
false
|
Toggles the option to encrypt passwords for databases and licensing in the platform-settings.json file.
|
||
|
THINGWORX_INITIAL_ADMIN_PASSWORD
|
String
|
""
|
Sets the initial password for the Administrator user in ThingWorx. This variable must be manually set before starting the ThingWorx Platform. This password may be changed after ThingWorx starts up successfully.
|
||
|
THINGWORX_INITIAL_METRICS_USER_PASSWORD
|
String
|
""
|
Sets the initial password for the MetricsUser in ThingWorx. This is an optional variable. Set it manually before starting the ThingWorx Platform. This password may be changed after ThingWorx starts up successfully.
|
||
|
EXTPKG_IMPORT_POLICY_ENABLED
|
true/false
|
false
|
Controls global enable/disable of Extension Package import through the Extension Package Uploader.
|
||
|
EXTPKG_IMPORT_POLICY_ALLOW_JARRES
|
true/false
|
false
|
Controls import permissions for Extension Packages that contain Jar (Java) resources. If false and the Extension contains jar files, the import will fail.
|
||
|
EXTPKG_IMPORT_POLICY_ALLOW_JSRES
|
true/false
|
false
|
Controls import permissions for Extension Packages that contain Javascript resources. If false and the Extension contains javascript files, the import will fail.
|
||
|
EXTPKG_IMPORT_POLICY_ALLOW_CSSRES
|
true/false
|
false
|
Controls import permissions for Extension Packages that contain CSS resources. If false and the Extension contains css files, the import will fail.
|
||
|
EXTPKG_IMPORT_POLICY_ALLOW_JSONRES
|
true/false
|
false
|
Controls import permissions for Extension Packages that contain JSON resources. If false and the Extension contains json files, the import will fail.
|
||
|
EXTPKG_IMPORT_POLICY_ALLOW_WEBAPPRES
|
true/false
|
false
|
Controls import permissions for Extension Packages that contain WebApps resources. If false and the Extension contains WebApp resource files, the import will fail.
|
||
|
EXTPKG_IMPORT_POLICY_ALLOW_ENTITIES
|
true/false
|
false
|
Controls import permissions for Extension Packages that contain non-extensible entity definitions. If false and the Extension contains non-extensible entity definitions other than the Extension Package entity, the import will fail.
|
||
|
EXTPKG_IMPORT_POLICY_ALLOW_EXTENTITIES
|
true/false
|
false
|
Controls import permissions for Extension Packages that contain extensible entity definitions. If false and the Extension contains extensible entity definitions other than the Extension Package entity, the import will fail.
|
||
|
ENABLE_CONSOLE_OUTPUT
|
true/false
|
false
|
Enable console logging.
|
||
|
ENABLE_CLUSTERED_MODE
|
true/false
|
false
|
Set to true to enable clustered mode.
|
||
|
HTTP_PORT
|
Number
|
Null
|
Port used for for HTTP communication should match SERVER_HTTP_PORT. Used for service discovery.
|
||
|
HTTP_SERVICE_NAME
|
String
|
thingworx-http
|
HTTP service name for ThingWorx Platform. Used for service discovery.
|
||
|
HTTPS_PORT
|
Number
|
Null
|
Port used for HTTPS communication should match SERVER_HTTPS_PORT. Used for service discovery.
|
||
|
HTTPS_SERVICE_NAME
|
String
|
thingworx-https
|
HTTPS service name for ThingWorx Patform. Used for service discovery.
|
||
|
TOMCAT_SSL_CIPHERS
|
String
|
“”
|
Optional list of comma-separated cipher suites. Limits HTTPS connections to only these ciphers listed. If not set the default JVM ciphers are used.
|
||
|
TOMCAT_COMPRESSION
|
on/off/force
|
off
|
Enables or disables Tomcat compression. The connector may use HTTP/1.1 GZIP compression to save server bandwidth. Acceptable values include off (disable compression), on (allow compression, which causes text data to be compressed), and force (forces compression in all cases).
|
||
|
TOMCAT_COMPRESSION_MIN_SIZE
|
Number
|
2048
|
Specifies the minimum amount of data before the output is compressed when TOMCAT_COMPRESSION is on.
|
||
|
TOMCAT_USE_SEND_FILE
|
true/false
|
true
|
Enables or disables the sendfile capability. Use of sendfile will disable any compression that Tomcat may otherwise have performed on the response.
|
||
|
COORDINATOR_HOSTS
|
String
|
“”
|
Comma-separated list of Zookeeper endpoints. Each endpoint is _host_:_port_.
|
||
|
IGNITE_ZK_CONNECTION
|
String
|
“”
|
Zookeeper host and port used for service discovery
|
||
|
ZK_SSL_ENABLED
|
true/false
|
false
|
Enables SSL for Zookeeper.
|
||
|
ZK_SSL_KEYSTORE_LOCATION
|
String
|
/certs/zookeeper.p12
|
Path to the Zookeeper KeyStore.
|
||
|
ZK_SSL_KEYSTORE_PASSWORD
|
String
|
“”
|
Password for the Zookeeper KeyStore.
|
||
|
ZK_SSL_TRUSTSTORE_LOCATION
|
String
|
“”
|
Path for the Zookeeper TrustStore.
|
||
|
ZK_SSL_TRUSTSTORE_PASSWORD
|
String
|
“”
|
Password for the Zookeeper KeyStore.
|
||
|
CATALINA_OPTS
|
String
|
“”
|
Java runtime options passed to Tomcat.
|
||
|
DATABASE_ADMIN_SCHEMA
|
String
|
postgres
|
Name of the default schema on the DB server.
|
||
|
TWX_KEYSTORE_PASSWORD
|
String
|
“”
|
The password to use to set the ThingWorx KeyStore password. If not set, ThingWorx creates a random password on the first boot.
Set this password to make sure a specific password is used for HA setups and for restoring old data/volumes.
|
||
|
SECRET_CX_APP_KEY
|
String
|
“”
|
Application key that connection server will use to connect to ThingWorx
|
||
|
SECRET_PROVISIONING_APP_KEY
|
String
|
“”
|
Application key used for provisioning ThingWorx on first startup. Generate a random GUID as a value for the required SECRET_PROVISIONING_APP_KEY.
|
||
|
EXTPKG_IMPORT_POLICY_HA_COMPATIBILITY_LEVEL
|
WARN/DENY
|
WARN
|
Extension Import Policy configuration that controls whether to allow or deny extensions that are compatible with HA. Options are WARN or DENY.
If set to WARN, extensions that are not HA-compliant will be imported with a warning written to the Application Log.
If set to DENY, only extensions that are HA-compliant are allowed to be imported.
|
||
|
ENABLE_PROPERTY_TRANSFORM
|
true/false
|
false
|
Set to true to enable Property Transform.
|
||
|
PROPERTY_TRANSFORM_RABBITMQ_HOST
|
“”
|
localhost
|
RabbitMQ host for use with Property Transform.
|
||
|
PROPERTY_TRANSFORM_RABBITMQ_PORT
|
String
|
5672
|
RabbitMQ port for use with Property Transform.
|
||
|
PROPERTY_TRANSFORM_RABBITMQ_USERNAME
|
String
|
admin
|
RabbitMQ username for use with Property Transform.
|
||
|
PROPERTY_TRANSFORM_RABBITMQ_PASSWORD
|
String
|
“”
|
RabbitMQ password for use with Property Transform.
|
||
|
PROPERTY_TRANSFORM_RABBITMQ_VHOST
|
String
|
/
|
RabbitMQ Vhost for use with Property Transform.
|
||
|
IGNITE_SSL_ACTIVE
|
true/false
|
false
|
Enables SSL for Ignite.
|
||
|
IGNITE_KEYSTORE_FILE_PATH
|
String
|
/certs/ignite.pfx
|
Path to the Ignite KeyStore.
|
||
|
IGNITE_KEYSTORE_PASSWORD
|
String
|
“”
|
Password for the Ignite KeyStore.
|
||
|
ZK_SASL_ENABLED
|
true/false
|
false
|
Enable SASL authentication in Zookeeper.
|
||
|
ZK_SASL_SECURITY_KRB5_CONF
|
String
|
/tmp1/krb5.conf
|
Path to Kerberos configuration file.
|
||
|
ZK_SASL_SECURITY_AUTH_LOGIN_CONFIG
|
String
|
/tmp1/jaas.conf
|
Path to JAAS configuration file.
|
||
|
AKKA_SSL_ENABLED
|
true/false
|
true
|
Turn on/off tls Akka communication.
|
||
|
AKKA_KEYSTORE
|
String
|
/certs/keystore.jks
|
Path to the Akka keystore can be stored in the certs volume. For example, /certs/keystore.jks.
|
||
|
AKKA_TRUSTSTORE
|
String
|
/certs/truststore.jks
|
Path to the Akka truststore can be stored in the certs volume. For example, /certs/truststore.jks.
|
||
|
AKKA_KEYSTORE_PASSWORD
|
String
|
No default value set.
|
Password from AKKA_KEYSTORE.
|
||
|
AKKA_TRUSTSTORE_PASSWORD
|
String
|
No default value set.
|
Password from AKKA_TRUSTSTORE.
|
||
|
PROVISIONING_APPKEY_DURATION
|
Number
|
1 Day
|
The duration of provisioning app key can be configured to have a longer time before expiration.
|
You can also change the volume path to a location specific to your site. The volume path uses the following syntax:
"./path_to_local_mount:/path_to_container_mount"
For example:
"/opt/ThingworxPlatform:/ThingworxPlatform"
|
|
When updating the volume path, change only the local mount as the mount points of the internal container never change.
|