Enterprise Query Node Configurations

You can configure the Query Node for the enterprise deployment. All the required configuration parameters are stored in CONFIG_FOLDER_REDTAIL/rt_querynode_vars.json

Each of the parameters is explained in more detail in the following table:

Query Node Configuration Options

Parameter Description
certs_conf_path

The directory where the certificates required for communicating with other nodes is stored

 

Mandatory: Yes

Suggested Value:/usr/local/etc/rt_certs

data_path

The base directory for storing TIBCO OI Hawk RedTail services data. All the services store the data in the path categorized by service name.

 

Mandatory: Yes

Suggested Value:DATA_FOLDER

zookeeper_node_url

ZooKeeper URL

 

Mandatory: Yes

Suggested Value: localhost
prometheus_node_url

Prometheus URL

 

Mandatory: Yes

Suggested Value: localhost
hawkconsole_node_url

hawkconsolenode URL

 

Mandatory: Yes

Suggested Value: localhost
zookeeper.connectString

Host and port of ZooKeeper

 

Mandatory: Yes

Suggested Value: zookeeper:9600

zookeeper.config.path

ZooKeeper namespace where the configuration is stored

 

Mandatory: No

Suggested Value: /unity/system/config

unity.services.rest.host

Host address of querynode

 

Mandatory: Yes

Suggested Value: 0.0.0.0

unity.services.rest.port

Port on which query listen to HTTP request

 

Mandatory: Yes

Suggested Value: 9681

unity.services.rest.options.results.maxpage

Maximum number of search results shown on the search page

 

Mandatory: Yes

Suggested Value: 1000000

unity.services.query.host

Query Node self host IP which gets registered with ZooKeeper

 

Mandatory: Yes

Suggested Value: localhost

unity.services.query.port

Query Node self port which gets registered with ZooKeeper

 

Mandatory: Yes

Suggested Value: 9620

unity.storage.cache

Internal cache for storing query results for each cached query

 

Mandatory: Yes

Suggested Value: {data_path}/querynode/.query/qcache

unity.storage.maxSplitH2fileSize

Defines maximum size of file for H2 file splitting

0 - defines no file splitting.
31 - 2 GB file size.

 

Mandatory: Yes

Suggested Value: 31

unity.maxConcurrentQuery

Maximum number of queries that can be run concurrently

 

Mandatory: Yes

Suggested Value: 25

ZK_CLIENT_KEY_FILE

Path to the ZooKeeper client private key

 

Mandatory: Yes

Suggested Value: {certs_conf_path}/querynode-client-key
ZK_CLIENT_KEY_PASSWORD

Password of the ZooKeeper client key

 

Mandatory: Yes

Suggested Value: <password>
ZK_CLIENT_CACERT_FILE

Path to CA certificate file used for generating the key

 

Mandatory: Yes

Suggested Value:{certs_conf_path}/cacert

ZK_CLIENT_CERT_FILE

Path to the ZooKeeper client certificate

 

Mandatory: Yes

Suggested Value: {certs_conf_path}/querynode-client-certificate

ZK_CLIENT_TRUSTSTORE_FILE

Path to the ZooKeeper client truststore. This truststore must contain the certificate of the CA which issued the certificate to the ZooKeeper server. The supported truststore types are PEM, PKCS12, and JKS.


To create a PKCS12 trust store without a key and to use it as zookeeper, use Java’s keytool utility so that a java-based application can understand them. Example:

keytool -import -alias mycert -file certificate.pem -keystore truststore.p12 -storetype PKCS12 -storepass password

 

Mandatory: Yes

Suggested Value: {certs_conf_path}/zookeeper-client-truststore.pem

machineId

Internal component ID

 

Mandatory: Yes

Suggested Value: machine-0000000000

LOAD_CONFIG_FROM_ENV

Flag to indicate whether to load variables or to use predefined default values

 

Mandatory: Yes

Suggested Value: TRUE

LOG_LEVEL

Specifies the level of diagnostic information stored in the logs. The logging levels are as follows:

ERROR - Indicates that error level trace messages should be enabled.
WARNING - Indicates that warning level trace messages should be enabled.
INFO - Indicates that information level trace messages should be enabled.
DEBUG - Indicates that debug level trace messages should be enabled.
TRACE - Indicates that trace level messages should be enabled.

 

Mandatory: Yes

Suggested Value: info
REST_TLS_PROTOCOL

Supported TLS protocols

 

Mandatory: Yes

Suggested Value: TLSv1.2, TLSv1.3

REST_TLS_CIPHERS

Supported Cipher Suites

 

Mandatory: Yes

Suggested Value:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,

TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,

TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,

TLS_RSA_WITH_AES_128_GCM_SHA256,

TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,

TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,

TLS_AES_256_GCM_SHA384,

TLS_AES_128_GCM_SHA256

REST_TLS_KEY_FILE

Key used for setting up REST TLS communication

 

Mandatory: Yes

Suggested Value: {certs_conf_path}/key

REST_TLS_KEY_PASSWORD

Password to the key used for REST TLS communication

 

Mandatory: Yes

Suggested Value: <password>

REST_TLS_CERT_FILE

Certificate used for REST TLS communication

 

Mandatory: Yes

Suggested Value: {certs_conf_path}/certificate

REST_TLS_CACERT_FILE

Certificate of the CA used to sign the REST TLS certificate

 

Mandatory: Yes

Suggested Value: {certs_conf_path}/cacert

TLS_SKIP_CERTIFICATE_VERIFICATION

Skip certificate verification

 

Mandatory: No

Suggested Value: false

TLS_SKIP_HOSTNAME_VERIFICATION

Skip host name verification

 

Mandatory: No

Suggested Value: true

TLS_CLIENT_KEY_FILE

Path to the querynode client key to communicate with hawkconsolenode

 

Mandatory: Yes

Suggested Value: {certs_conf_path}/querynode-client-key

TLS_CLIENT_CERT_FILE

Path to querynode client certificate to communicate with hawkconsolenode

 

Mandatory: Yes

Suggested Value: {certs_conf_path}/querynode-client-certificate

PROMETHEUS_SERVER_HOST

Host name of the Prometheus server

 

Mandatory: Yes

Suggested Value: {prometheus_node_url}

PROMETHEUS_SERVER_PORT

Port of the Prometheus server

 

Mandatory: Yes

Suggested Value: 9090

PROMETHEUS_SERVER_TLS_ENABLED

Set to true, if communication with Prometheus server needs to happen over TLS protocol

 

Mandatory: No

Suggested Value: false

HAWKCONSOLE_HOST

hawkconsolenode host

Note: You must delete this parameter from the configuration file when configuring TIBCO OI Hawk RedTail in HA mode.

 

Mandatory: Yes

Suggested Value: {hawkconsole_node_url}

HAWKCONSOLE_PORT

hawkconsolenode port

Note: You must delete this parameter from the configuration file when configuring TIBCO OI Hawk RedTail in HA mode.

 

Mandatory: Yes

Suggested Value: 9687

HAWKCONSOLE_TLS_ENABLED

True, if communication with Prometheus server needs to happen over TLS protocol

 

Mandatory: Yes

Suggested Value: true

JAVA_OPTS

JVM properties which can be configured to tune the JVM process.

For example, -Xms512m-Xmx2g

 

Mandatory: No

Suggested Value: -Xms512m-Xmx2g