TDM Portal container

This page explains how to start the TDM Portal Docker container and customize its environment.
tdm49
This page explains how to start the TDM Portal Docker container and customize its environment.
Environment Variables
You can define the following variables in the
environment
section of the
tdmweb
service, in the docker-compose file that you use to start the container:
You can pass encrypted passwords to the TDM Portal container. Encrypted passwords must begin with
{cry}
.
For example:
'ORIENTDB_PASSWORD={cry}
tHpzgrvNhtVu6uHGNd9EdlAuwMR30OL0sAXhBWdgM3Md
'
Basic
  • GTREP_DB_TYPE
    Gtrep database type. Default: '
    oracle
    '.
    The only allowed value is ‘
    oracle
    ’. You do not need to set this parameter.
  • GTREP_SERVICE_NAME
    SID for oracle database. Default: ‘
    orcl
    ’.
    This only applies to
    GTREP_DB_TYPE
    =‘
    oracle
    ’.
  • GTREP_PORT
    Gtrep database port. Default ‘
    1521
    ’ for
    GTREP_DB_TYPE
    =‘
    oracle
    ’.
  • GTREP_HOST
    Gtrep hostname. Default: ‘
    oracle
    ’.
  • GTREP_DATABASE
    Gtrep database name. Default: ‘
    gtrep
    ’.
    The TDM Portal Docker container installs the
    gtrep
    repository on the Oracle database that you specify.
  • GTREP_USER
    Gtrep database user name. Default: ‘
    gtrep
    ’.
    We recommend that you do not create a
    gtrep
    user manually on the Oracle database. Instead, use the user creation tool within the TDM Portal Tools container.
  • GTREP_PASSWORD
    Password for gtrep database. Default:
    '$PASSWORD
    '.
  • PORTAL_HOST
    TDMWeb hostname. Default: hostname of the running system.
  • PORTAL_PORT
    TDMWeb http port number. Default: ‘
    8080
    ’.
  • PORTAL_ALM_PORT
    ALM http port number. Default: ‘
    8095
    ’.
  • ORIENTDB_HOST
    OrientDB hostname. Default: ‘
    orientdb
    ’.
  • ORIENTDB_PASSWORD
    OrientDB password. Default:
    '$PASSWORD
    '.
  • KEYSTORE_PASSWORD
    Password for certificate keystore. Default:
    '$PASSWORD
    '.
  • INTEGRATION_USER
    Name of integration user. Default: '
    integrator
    '.
  • INTEGRATION_PASSWORD
    Integration user password. Default:
    '$PASSWORD
    '.
  • ENABLE_SSL
    SSL is enabled by default. Default: ‘
    true
    ’. To disable SSL use ‘
    false
    ’.
All passed passwords are automatically encrypted in the relevant
.properties
files.
Quick setup
The following is an example of the section of docker-compose.yml file, that starts the TDM Portal container.
services:
 
tdmweb
:
    image:
tdm.packages.ca.com/tdm/tdmweb:<version>
    hostname:
tdmweb
    environment:
      - '
GTREP_HOST=
oracle
'
      - '
GTREP_DATABASE=
gtrep
'
      - '
GTREP_SERVICE_NAME
=
orcl
'
      - '
GTREP_PASSWORD=
Gridt00ls
'
      - 'ORIENTDB_PASSWORD=
{cry}tHpzgrvNhtVu6uHGNd9EdlAuwMR30OL0sAXhBWdgM3Md
'
    volumes:
      - 'tdmweb_logs:/mnt/logs'
      -
'
tdmweb_storage:/mnt/storage
'
      - 'tdmweb_fdmconfig:/mnt/fdmconfig'
    depends_on:
      -
orientdb
    ports:
      - '
8080:8080
'
      - '
8443:8443
'
Advanced setup
You can pass the following variables to the docker-compose.yml file, to customize properties within configuration files. Delimit multiple properties with the | (pipe) character.
  • APPLICATION_PROP
    Customize properties in file:
    /opt/tdm/conf/application.properties
  • DATARESERVATION_PROP
    Customize properties in file
    /opt/tdm/conf/tdmdatareservation.properties
    .
Custom application.properties configuration
The following is an example of the section of a docker-compose.yml file that creates a TDM Portal container with a customized
application.properties
file:
services:
 
tdmweb
:
    image:
tdm.packages.ca.com/tdm/tdmweb:<version>
    hostname:
tdmweb
    environment:
      -
'GTREP_HOST=
oracle
'
      - 'GTREP_DATABASE=
gtrep
'
      - 'GTREP_SERVICE_NAME=
orcl
'
      - 'GTREP_PASSWORD=
Gridt00ls
'
      - 'ORIENTDB_PASSWORD=
{cry}tHpzgrvNhtVu6uHGNd9EdlAuwMR30OL0sAXhBWdgM3Md
'
      - 'APPLICATION_PROP="
spring.datasource.url=jdbc:oracle:thin:@oracle:1521:orcl|
\
            spring.datasource.username=gtrep|
\
            spring.datasource.password=Gridt00ls|
\
            spring.datasource.driver-class-name=oracle.jdbc.OracleDriver|
\
            spring.jpa.database=ORACLE|
\
            file.resource.loader.path=/opt/tdm/Mail Templates/|
\
            almservice.endpoint.url=http://localhost:8095/ALMService|
\
            spring.datasource.tomcat.validationQuery=select 1 from dual|
\
            tdmweb.security.integration.userName=integrator|
\
           
tdmweb.security.integration.password={cry}KSiF+XH5JYSieHLkUkA5LdMvEk81XBHt-3OZVSKmM8LZ
"'
    volumes:
      -
'
tdmweb_storage:/mnt/storage
'
      - 'tdmweb_logs:/mnt/logs'
      - 'tdmweb_fdmconfig:/mnt/fdmconfig'
    depends_on:
    
  -
orientdb
    ports:
      - '
8080:8080
'
  
    - '
8443:8443
'
Data Volumes
CA TDM Portal in Docker requires data volumes, in which to store logs and production data. These volumes include:
  • tdmweb_logs
    Contains the TDMWeb application Apache Tomcat .log files under the /tdm folder.
  • tdmweb_storage
    Contains files related to TDMWeb user created projects and publish actions from the generators. This volume is further divided as follows:
    • /Jobs
    • /objects
    • /ssl-cert
    • /jdbc-drivers
  • tdmweb_fdmconfig
    Volume to contain updated fdm-config.xml file
You can pass Docker your own volumes under the
volumes
section of the docker-compose.yml file.
Example:
The following is an example of the section of the 
docker-compose.yml
file, which creates a TDM Portal container with external volumes for
storage,
 
logs
 and 
fdmconfig:
 
services:
  ...
 
tdmweb
:
    image:
tdm.packages.ca.com/tdm/tdmweb:<version>
    hostname:
tdmweb
    environment:
      -
'GTREP_HOST=
oracle
'
      - 
'GTREP_PORT=
1521
'
      - 'GTREP_DATABASE=
gtrep
'
      - 'GTREP_DB_TYPE=
oracle
'
      - 'GTREP_SERVICE_NAME=
orcl
'
      - 'ORIENTDB_PASSWORD=
marmite
'
    ...
volumes:
      -
'
tdmweb_
storage:/mnt/storage
'
      -
'
tdmweb_
logs:/mnt/logs
'
     
- 'tdmweb_fdmconfig:/mnt/fdmconfig'
If you do not supply the TDM Portal container with volumes, it creates these volumes within the TDM Portal container. By default, these volumes are stored physically in the
/mnt
partition, at
/mnt/logs
and
/mnt/storage
(as in the example above).
Apache Tomcat logs
TDM Portal in Docker uses Apache Tomcat to run the Java code without the Windows environment.
Tomcat's logs (catalina and access-log) are printed to the Docker console. To check them at any time, run:
docker logs <tdmweb_container_name>
By default, Tomcat stores logs at
/mnt/logs
.
Certificates in CA TDM Portal in Docker
TDM Portal in Docker handles security with certificates.
Disable SSL
By default, the TDM Portal Docker container has SSL enabled. To disable SSL, pass command line argument
ENABLE_SSL=false
to your docker-compose.yml file when you create the Docker container.
Use a third-party certificate
If you wish to use your own third-party certificates, you must copy the relevant certificate and key file to the
storage
volume that you define under the
volumes
section of your docker-compose.yml file. TDM Portal imports these files to the Java key store the first time it runs.
Rename the files within the
storage
volume as follows, to allow TDM Portal to detect them:
Certificate file path:
/ssl-cert/tdm-site.pem
Key file path:
/ssl-cert/tdm-site.key
The private key you supply cannot be password protected. You can use the following command in your Linux environment to remove password protection:
openssl rsa -in encrypted-tdm-site.key -out tdm-site.key
Create a self-signed certificate
If there is no certificate and key file present in the storage volume, the TDM Portal Docker container creates a self-signed certificate when you run it.
Troubleshooting
Exit Code 137
Symptom:
If your instance of the TDMWeb container closes with Exit Code 137, this indicates that your machine does not have sufficient memory.
Solution:
Assign more memory to your machine (either physical or virtual).