Environment Variables for Hawk Container Edition Components

Each component of Hawk Container Edition can be configured using the environment variables. These environment variables can be provided in a YAML file. Supply this YAML file to the Docker compose utility to run the component containers with these configurations.

JMX Connectivity for Hawk Container Edition Containers

All three Hawk Container Edition containers can be configured to expose JMX port. This configuration can be done using environment variable JAVA_OPTS.

For example, 
JAVA_OPTS="-Dcom.sun.management.jmxremote=true 
 -Dcom.sun.management.jmxremote.local.only=false
 -Dcom.sun.management.jmxremote.authenticate=false
 -Dcom.sun.management.jmxremote.ssl=false
 -Djava.rmi.server.hostname=<DOCKER_HOST_IP>
 -Dcom.sun.management.jmxremote.port=9999
 -Dcom.sun.management.jmxremote.rmi.port=9999"
Note: -Dcom.sun.management.jmxremote.port and -Dcom.sun.management.jmxremote.rmi.port must be published to Docker host using -p. Also, use different ports for each container.

Encrypted Passwords

You can use simple text or encrypted passwords in the password related environment variables. Hawk Container Edition provides a utility (tibhawkpassword) to encrypt your password. The tibhawkpassword utility is located at /tibco.home/hkce/2.0/bin.

The syntax of the command is as follows: 
tibhawkpassword -encrypt
The utility prompts you to enter the password that you want to encrypt. After encryption, you can use the encrypted password in the YML files by enclosing the password in single quotes. The encrypted password starts with the hash (#) symbol. Thus, without the single quotes, the YML file parser interprets encrypted password as comment.
You can use the simple text or encrypted passwords in the following environment variables:
  • tcp_key_store_password
  • tcp_key_password
  • tcp_trust_store_password
  • email_smtp_password
  • hawk_console_ssl_password
  • hawk_console_ssl_key_store_password
The Hawk Agent (hkce_agent) Environment Variables
Environment Variable Mandatory Default Value Description
agent_domain No "none" The agent_domain environment variable sets the Hawk agent domain.
agent_name No Hostname of hkce_agent container The agent_name environment variable sets the name of Hawk agent. If not provided then set it to the hostname of the hkce_agent container.
auto_config_dir No None The auto_config_dir environment variable specifies the directory from where the configuration objects are loaded for the agent to run in auto-configuration mode. When this option is not used, the agent operates in manual configuration mode. In case of the manual configuration mode, use the config_path variable.
Note: By default the auto_config_dir is created within the hkce_agent container. Since any file or folder created within the container has a transient nature, removing hkce_agent container might lead to loss of rulebases that were stored in the directory specified in auto_config_dir. Thus, to avoid this issue, use the Docker volume to persist the rulebases and set the auto_config_dir to the destination of the Docker volume within the hkce_agent container.
config_path No None The config_path environment variable specifies the directory from where the configuration objects are loaded for the agent to run in manual configuration mode. This variable cannot be used with the auto_config_dir variable.

The delimiter for path entries is the colon (:) symbol.

hawk_domain No "default" The hawk_domain environment variable sets the Hawk domain name.
hma_plugin_dir No - The hma_plugin_dir environment variable specifies the directory used for Hawk microagent plug-in configuration.
log_level No 7 The log_level environment variable identifies the log level. The values of the log_level environment variable are:
  • 4 (ERROR)
  • 6 (WARN)
  • 7 (INFO)
  • 8 (DEBUG)
  • 16 (TRACE)
tcp_daemon_url Yes None The tcp_daemon_url environment variable specifies the daemon URL for TCP Transport for TIBCO Hawk. The URL is in the form <DAEMON_IP_ADDRESS_1>:<PORT>,<DAEMON_IP_ADDRESS_2>:<PORT>.
tcp_self_url Yes None The tcp_self_url environment variable specifies the self URL for the TCP Transport for TIBCO Hawk. The URL is in the form <SELF_IP_ADDRESS>:<PORT>.
Email Configurations
email_smtp_server

No

None

The email_smtp_server environment variable identifies the SMTP server host name for sending emails.

email_smtp_port

No

25

The email_smtp_port environment variable identifiies the SMTP server port

email_smtp_auth_required

No

false

The email_smtp_auth_required environment variable specifies whether the SMTP server authentication is required or not

email_smtp_tls_required

No

false

The email_smtp_tls_required environment variable specifies whether the SMTP server requires TLS or not.

email_smtp_socket_factory_port

No

25

The email_smtp_socket_factory_port environment variable specites the SMTP socketFactory port needed for TLS.

email_smtp_user

No

None

The email_smtp_user environment variable SMTP server user name. This variable is required only if SMTP server authentication is configured to true.

email_smtp_password

No

None

The email_smtp_password environment variable specifies the user password for the SMTP server.

This variable is required only if SMTP server authentication is configured to true.

TCP Transport for TIBCO Hawk SSL Environment Variables
tcp_key_store No None Path of the key store file
tcp_trust_store No None Path of the trust store file
tcp_key_store_password No None Password for the key store file
tcp_key_password No None Encrypted key password
tcp_trust_store_password No None Password for the trust store file
tcp_ssl_protocol No TLSv1.2 Protocol for a secure connection
tcp_enabled_algorithms No TLS_RSA_WITH_AES_128_CBC_SHA Algorithm to be used for the security protocol. You can specify multiple algorithms as comma-separated list without space.
The Hawk Cluster Manager (hkce_clustermanager) Environment Variables
Environment Variable Mandatory Default Value Description
hawk_domain No "default" The hawk_domain environment variable sets the Hawk domain name.
log_level No 7 The log_level environment variable identifies the log level. The values of the log_level environment variable are:
  • 4 (ERROR)
  • 6 (WARN)
  • 7 (INFO)
  • 8 (DEBUG)
  • 16 (TRACE)
tcp_daemon_url Yes None The tcp_daemon_url environment variable specifies the daemon URL for TCP Transport for TIBCO Hawk. The URL is in the form <DAEMON_IP_ADDRESS_1>:<PORT>,<DAEMON_IP_ADDRESS_2>:<PORT>.
tcp_self_url Yes None The tcp_self_url environment variable specifies the self URL for the TCP Transport for TIBCO Hawk. The URL is in the form <SELF_IP_ADDRESS>:<PORT>.
TCP Transport for TIBCO Hawk SSL Environment Variables
tcp_key_store No None Path of the key store file
tcp_trust_store No None Path of the trust store file
tcp_key_store_password No None Password for the key store file
tcp_key_password No None Encrypted key password
tcp_trust_store_password No None Password for the trust store file
tcp_ssl_protocol No TLSv1.2 Protocol for a secure connection
tcp_enabled_algorithms No TLS_RSA_WITH_AES_128_CBC_SHA Algorithm to be used for the security protocol. You can specify multiple algorithms as comma-separated list without space.
The Hawk Console (hkce_console) Environment Variables
Environment Variable Mandatory Default Value Description
hawk_domain No Default The hawk_domain environment variable sets the Hawk domain name.
tcp_self_url Yes None The tcp_self_url environment variable specifies the self URL for the TCP Transport for TIBCO Hawk. The URL is in the form <SELF_IP_ADDRESS>:<PORT>.
tcp_daemon_url Yes None The tcp_daemon_url environment variable specifies the daemon URL for TCP Transport for TIBCO Hawk. The URL is in the form <DAEMON_IP_ADDRESS_1>:<PORT>,<DAEMON_IP_ADDRESS_2>:<PORT>.
hawk_console_repository_path No Current working directory of Hawk Console Path of the repository configuration file in the Hawk Console container. Update to configuration objects of the repository is stored in the path specified.
hawk_console_retention_count_notification No 100000 Retention limit for notifications. After the retention limit is reached, the notifications are purged. The purge rate is 25%.
hawk_console_retention_count_low_alerts No 100000 Retention limit for high alerts. After the retention limit is reached, the high alerts are purged. The purge rate is 25%.
hawk_console_retention_count_medium_alerts No 100000 Retention limit for medium alerts. After the retention limit is reached, the medium alerts are purged. The purge rate is 25%.
hawk_console_retention_count_high_alerts No 100000 Retention limit for low alerts. After the retention limit is reached, the notifications are purged. The purge rate is 25%.
TCP Transport for TIBCO Hawk SSL Environment Variables
tcp_key_store No None Path of the key store file
tcp_trust_store No None Path of the trust store file
tcp_key_store_password No None Password for the key store file
tcp_key_password No None Encrypted key password
tcp_trust_store_password No None Password for the trust store file
tcp_ssl_protocol No TLSv1.2 Protocol for a secure connection
tcp_enabled_algorithms No TLS_RSA_WITH_AES_128_CBC_SHA Algorithm to be used for the security protocol. You can specify multiple algorithms as comma-separated list without space.
Hawk Console SSL Environment Variables
hawk_console_ssl_key_alias None Key alias
hawk_console_ssl_password None Encrypted key password
hawk_console_ssl_key_store None Path of the key store file
hawk_console_ssl_key_store_password None Password for the key store file
hawk_console_ssl_protocol TLSv1.2 Protocol for a secure connection
hawk_console_ssl_ciphers TLS_RSA_WITH_AES_128_CBC_SHA Algorithm to be used for the security protocol. You can specify multiple algorithms as comma-separated list without space.