#AWS

2

Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help businesses scale and grow.

Learn more.

IRIS can use a KMS (Key Managment Service) as of release 2023.3. Intersystems documentation is a good resource on KMS implementation but does not go into details of the KMS set up on the system, nor provide an easily followable example of how one might set this up for basic testing.

The purpose of this article is to supplement the docs with a brief explanation of KMS, an example of its use in IRIS, and notes for setup of a testing system on AWS EC2 RedHat Linux system using the AWS KMS. It is assumed in this document that the reader/implementor already has access/knowledge to set up an AWS EC2 Linux system running IRIS (2023.3 or later), and that they have proper authority to access the AWS KMS and AWS IAM (for creating roles and polices), or that they will be able to get this access either on their own or via their organizations Security contact in charge of their AWS access.

6 0
1 294

Introduction

In today's rapidly evolving threat landscape, organizations deploying mission-critical applications must implement robust security architectures that protect sensitive data while maintaining high availability and performance. This is especially crucial for enterprises utilizing advanced database management systems like InterSystems IRIS, which often powers applications handling highly sensitive healthcare, financial, or personal data.

9 3
1 198

Hey folks! Having recently onboarded to InterSystems, I realized that despite having a totally free and awesome Community Edition, it's not super clear how to get it. I decided to write up a guide highlighting all the different ways you can access the Community Edition of InterSystems IRIS:

Get InterSystems IRIS Community Edition as a Container

Working with a containerized instance of the Community Edition is the recommended approach for folks who are new to developing on InterSystems IRIS, and in my opinion it's the most straightforward. InterSystems IRIS Community Edition can be found on DockerHub; if you have an InterSystems SSO account, you can also find it in the InterSystems Container Registry.

In either case, you'll want to pull the image you want using the docker CLI:

docker pull intersystems/iris-community:latest-em
// or
docker pull containers.intersystems.com/intersystems/iris-community:latest-em

Next, you'll need to start the container: In order to interact with IRIS from outside the container (for example, to use the management portal) you'll need to publish some ports. The following command will run the IRIS Community Edition container with the superserver and web server ports published; note that you can't have anything else running that depends on ports 1972 or 52773!

docker run --name iris -d --publish 1972:1972 --publish 52773:52773 intersystems/iris-community:latest-em

5 0
1 181

Background

For a variety of reasons, users may wish to mount a persistent volume on two or more pods spanning multiple availability zones. One such use case is to make data stored outside of IRIS available to both mirror members in case of failover.

Unfortunately the built-in storage classes in most Kubernetes implementations (whether cloud or on-prem) do not provide this capability:

7 2
3 147

Another step in this implementation path, adding cross cloud, cross regional stretched IrisCluster with Mirroring + Disaster Recovery using the Intersystems Kubernetes Operator (IKO) and Tailscale

Though trivial, Id like to go multi-cloud with the stretched IrisCluster for a couple of reasons to socialize the power of Wireguard when it supplies the network for a properly zoned IrisCluster by adding another mirror role to Amazon Web Services in the Western United States based datacenter in Oregon.

4 0
1 64