Microsoft SQL Server Settings
Sample Docker Compose files for Microsoft SQL Server are included in the Dockerfiles you can download from the ThingWorx Platform part of the PTC Software Downloads site.
* 
The initial memory is set to 2 GB and the maximum memory is set to 4 GB. The volume mounts are relative to docker-compose files. This is the location where the logs and configuration files are stored to enable persistence in the containers.
You can add the following options to the environment section of the platform service to control the configuration of this instance:
Variable Names
Values
Defaults
Comments
DATABASE_HOST
String
mssql
Specifies the hostname, service name, or IP address of the SQL Server database host.
DATABASE_PORT
Number
1433
Specifies the port number for the SQL Server database.
DATABASE_ADMIN_USERNAME
String
SA
Specifies the administrator user name for the SQL Server database. You must use the provided default value for successful creation of the container.
DATABASE_ADMIN_PASSWORD
String
PASSWORD
Specifies the administrator password for the SQL Server database. The value for DATABASE_ADMIN_PASSWORD and SA_PASSWORD should be the same.
DB_TYPE
String
mssql
Specifies the name of the default persistence provider. Note: This variable is not supported in ThingWorx 9.3.0 and later versions.
SA_PASSWORD
String
PASSWORD
Specifies the SA password. The value for DATABASE_ADMIN_PASSWORD and SA_PASSWORD should be the same.
ENABLE_HTTP
true/false
true
Enables the HTTP connector on Tomcat for unsecured traffic to the container
ENABLE_HTTPS
true/false
false
Enables the HTTPS connector on Tomcat for secured traffic to the container. You must also provide a keystore and set SSL_KEYSTORE_PASSWORD.
SSL_KEYSTORE_PASSWORD
String
PASSWORD
Specifies the password to keystore used for SSL communication in Tomcat.
SSL_KEYSTORE_BASE_PATH
String
/ThingworxPlatform
Specifies the path to the Tomcat SSL keystore. If you store the keystore in a location in the container other than the default folder, you must set this variable.
SSL_KEYSTORE_FILENAME
String
keystore.jks
Specifies the file name for the Tomcat SSL keystore. If your keystore has a file name other than the default, you must set this variable.
TOMCAT_SSL_PROTOCOLS
String
TLSv1.2
Specifies the Tomcat SSL protocol. Set this if you want to override the accepted SSL protocols in Tomcat.
SERVER_HTTP_PORT
String
8080
Specifies the port that Tomcat monitors for HTTP communication. Note that if this port is changed, you must change the exposed ports in the Compose file.
SERVER_HTTPS_PORT
String
8443
Specifies the port that Tomcat monitors for HTTPS communication. Note that if this port is changed, you must change the exposed ports in the Compose file.
DOCKER_DEBUG
true/false
false
Toggles the option for recording debugging information when the container starts up. Note that this might contain sensitive information.
TWX_DATABASE_USERNAME
String
""
Specifies the ThingWorx user that will be created for the database. This variable must be manually set before starting the ThingWorx Platform.
TWX_DATABASE_PASSWORD
String
""
Specifies the password for the ThingWorx user for the database. This variable must be manually set before starting the ThingWorx Platform.
TWX_DATABASE_SCHEMA
String
""
Specifies the schema name for the ThingWorx instance. This variable must be manually set before starting the ThingWorx Platform.
LS_USERNAME
String
""
Specifies the PTC login user name to get your ThingWorx License.
LS_PASSWORD
String
""
Specifies your PTC login password to get your ThingWorx License.
ENABLE_BACKUP
true/false
false
Toggles the option for backups.
ENABLE_LOGGING
true/false
true
Toggles the option for logging.
ENCRYPT_CREDENTIALS
true/false
false
Toggles the option to encrypt passwords for databases and licensing in the platform-settings.json file.
THINGWORX_INITIAL_ADMIN_PASSWORD
String
""
Sets the initial password for the Administrator user in ThingWorx. This variable must be manually set before starting the ThingWorx Platform. This password may be changed after ThingWorx starts up successfully.
THINGWORX_INITIAL_METRICS_USER_PASSWORD
String
""
Sets the initial password for the MetricsUser in ThingWorx. This is an optional variable. Set it manually before starting the ThingWorx Platform. This password may be changed after ThingWorx starts up successfully.
EXTPKG_IMPORT_POLICY_ENABLED
true/false
false
Controls global enable/disable of Extension Package import through the Extension Package Uploader.
EXTPKG_IMPORT_POLICY_ALLOW_JARRES
true/false
false
Controls import permissions for Extension Packages that contain Jar (Java) resources. If false and the Extension contains jar files, the import will fail.
EXTPKG_IMPORT_POLICY_ALLOW_JSRES
true/false
false
Controls import permissions for Extension Packages that contain Javascript resources. If false and the Extension contains javascript files, the import will fail.
EXTPKG_IMPORT_POLICY_ALLOW_CSSRES
true/false
false
Controls import permissions for Extension Packages that contain CSS resources. If false and the Extension contains css files, the import will fail.
EXTPKG_IMPORT_POLICY_ALLOW_JSONRES
true/false
false
Controls import permissions for Extension Packages that contain JSON resources. If false and the Extension contains json files, the import will fail.
EXTPKG_IMPORT_POLICY_ALLOW_WEBAPPRES
true/false
false
Controls import permissions for Extension Packages that contain WebApps resources. If false and the Extension contains WebApp resource files, the import will fail.
EXTPKG_IMPORT_POLICY_ALLOW_ENTITIES
true/false
false
Controls import permissions for Extension Packages that contain non-extensible entity definitions. If false and the Extension contains non-extensible entity definitions, other than the Extension Package entity, the import will fail.
EXTPKG_IMPORT_POLICY_ALLOW_EXTENTITIES
true/false
false
Controls import permissions for Extension Packages that contain extensible entity definitions. If false and the Extension contains extensible entity definitions, other than the Extension Package entity, the import will fail.
ENABLE_CONSOLE_OUTPUT
True/false
false
Enable console logging.
ENABLE_CLUSTERED_MODE
True/false
false
Set to true to enable clustered mode.
HTTP_PORT
Number
Null
Port used for for HTTP communication, should match SERVER_HTTP_PORT. Used for service discovery.
HTTP_SERVICE_NAME
String
thingworx-http
HTTP service name for ThingWorx Platform. Used for service discovery.
HTTPS_PORT
Number
Null
Port used for HTTPS communication, should match SERVER_HTTPS_PORT. Used for service discovery.
HTTPS_SERVICE_NAME
String
thingworx-https
HTTPS service name for ThingWorx Patform. Used for service discovery.
TOMCAT_SSL_CIPHERS
String
“”
Optional list of comma-separated cipher suites. Limits HTTPS connections to only these ciphers listed. If not set the default JVM ciphers are used.
TOMCAT_COMPRESSION
on/off/force
off
Enables or disables Tomcat compression. The connector may use HTTP/1.1 GZIP compression to save server bandwidth. Acceptable values include off (disable compression), on (allow compression, which causes text data to be compressed), and force (forces compression in all cases).
* 
If the connector supports the sendfile feature, (for instance, the NIO connector), using sendfile will take precedence over compression.
TOMCAT_COMPRESSION_MIN_SIZE
Number
2048
Specifies the minimum amount of data before the output is compressed when TOMCAT_COMPRESSION is on.
TOMCAT_USE_SEND_FILE
true/false
true
Enables or disables the sendfile capability. Use of sendfile will disable any compression that Tomcat may otherwise have performed on the response.
COORDINATOR_HOSTS
String
“”
Comma-separated list of Zookeeper endpoints. Each endpoint is _host_:_port_.
IGNITE_ZK_CONNECTION
String
“”
Zookeeper host and port used for service discovery
ZK_SSL_ENABLED
True/false
False
Enables SSL for Zookeeper.
ZK_SSL_KEYSTORE_LOCATION
String
/certs/zookeeper.p12
Path to the Zookeeper KeyStore.
ZK_SSL_KEYSTORE_PASSWORD
String
“”
Password for the Zookeeper KeyStore.
ZK_SSL_TRUSTSTORE_LOCATION
String
“”
Path for the Zookeeper TrustStore.
ZK_SSL_TRUSTSTORE_PASSWORD
String
“”
Password for the Zookeeper KeyStore.
CATALINA_OPTS
String
“”
Java runtime options passed to Tomcat.
DATABASE_ADMIN_SCHEMA
String
postgres
Name of the default schema on the DB server.
TWX_KEYSTORE_PASSWORD
String
“”
The password to use to set the ThingWorx KeyStore password. If not set, ThingWorx creates a random password on the first boot.
Set this password to make sure a specific password is used for HA setups and for restoring old data/volumes.
SECRET_CX_APP_KEY
String
“”
Application key that connection server will use to connect to ThingWorx
SECRET_PROVISIONING_APP_KEY
String
“”
Application key used for provisioning ThingWorx on first startup.
EXTPKG_IMPORT_POLICY_HA_COMPATIBILITY_LEVEL
WARN/DENY
WARN
Extension Import Policy configuration that controls whether to allow or deny extensions that are compatible with HA. Options are WARN or DENY.
If set to WARN, extensions that are not HA-compliant will be imported with a warning written to the Application Log.
If set to DENY, only extensions that are HA-compliant are allowed to be imported.
ENABLE_PROPERTY_TRANSFORM
True/false
False
Set to true to enable Property Transform.
PROPERTY_TRANSFORM_RABBITMQ_HOST
“”
localhost
RabbitMQ host for use with Property Transform.
PROPERTY_TRANSFORM_RABBITMQ_PORT
String
5672
RabbitMQ port for use with Property Transform.
PROPERTY_TRANSFORM_RABBITMQ_USERNAME
String
admin
RabbitMQ username for use with Property Transform.
PROPERTY_TRANSFORM_RABBITMQ_PASSWORD
String
“”
RabbitMQ password for use with Property Transform.
PROPERTY_TRANSFORM_RABBITMQ_VHOST
String
/
RabbitMQ Vhost for use with Property Transform.
IGNITE_SSL_ACTIVE
True/false
False
Enables SSL for Ignite.
IGNITE_KEYSTORE_FILE_PATH
String
/certs/ignite.pfx
Path to the Ignite KeyStore.
IGNITE_KEYSTORE_PASSWORD
String
“”
Password for the Ignite KeyStore.
ZK_SASL_ENABLED
True/false
False
Enable SASL authentication in Zookeeper.
ZK_SASL_SECURITY_AUTH_LOGIN_CONFIG
String
/tmp1/jaas.conf
Path to JAAS configuration file.
ZK_SASL_SECURITY_KRB5_CONF
String
/tmp1/krb5.conf
Path to Kerberos configuration file.
You can also change the volume path to a location specific to your site. The volume path uses the following syntax:
"./path_to_local_mount:/path_to_container_mount"
For example:
"/opt/ThingworxPlatform:/ThingworxPlatform"
* 
When updating the volume path, change only the local mount as the mount points of the internal container never change.
The MS SQL Server Docker image is provided for ease of testing. Do not use the MS SQL Server Docker image provided for production use. As a best practice, set up your own MS SQL Server environment for production.
To connect to a Microsoft SQL Server database that exists outside of the Docker, remove the mssql service from the Compose file and add the following variables to the platform environment variables:
DATABASE_ADMIN_USERNAME
DATABASE_ADMIN_PASSWORD
These are the administrator accounts on your Microsoft SQL Server database authorized to create a user, database, or schema that the ThingWorx container loads on the first startup. See Using an External Microsoft SQL Server Database for ThingWorx Docker for an example Compose file with the platform setup to use an external Microsoft SQL Server database.
If you are using an external database, you can manually install the ThingWorx schema and not provide administrator credentials for the ThingWorx Docker container. To do this, set the DATABASE_HOST, DATABASE_PORT, TWX_DATABASE_USERNAME, TWX_DATABASE_PASSWORD, and TWX_DATABASE_SCHEMA variables appropriately.
Was this helpful?