#Kubernetes

If you look at the values.yaml of the IKO's Helm chart you'll find:

useIrisFsGroup: false 

Let's break down what it is and in what situations you may want to set it to true.

FsGroup refers to the file system group.

Monitoring your IRIS deployment is crucial. With the deprecation of System Alert and Monitoring (SAM), a modern, scalable solution is necessary for real-time insights, early issue detection, and operational efficiency. This guide covers setting up Prometheus and Grafana in Kubernetes to monitor InterSystems IRIS effectively.

This guide assumes you already have an IRIS cluster deployed using the InterSystems Kubernetes Operator (IKO), which simplifies deployment, integration and mangement.

The IKO will dynamically provision storage in the form of persistent volumes and pods will claim them via persistent volume claims.

But storage can come in different shapes and sizes. The blueprint to the details about the persistent volumes comes in the form of the storage class.

This raises the question: we've deployed the IrisCluster, and haven't specified a storage class yet. So what's going on?

You'll notice that with a simple

The IKO allows for sidecars. The idea behind them is to have direct access to a specific instance of IRIS. If we have mirrored data nodes, the web gateway will (correctly) only give us access to the primary node. But perhaps we need access to a specific instance. The sidecar is the solution.

Building on the example from the previous article, we introduce the sidecar by using a mirrored data node and of course arbiter.

We now get to make use of the IKO.

Below we define the environment we will be creating via a Custom Resource Definition (CRD). It lets us define something outside the realm of what the Kubernetes standard knows (this is objects such as your pods, services, persistent volumes (and claims), configmaps, secrets, and lots more). We are building a new kind of object, an IrisCluster object.

The IKO documentation is robust. A single web page, that consists of about 50 actual pages of documentation. For beginners that can be a bit overwhelming. As the saying goes: how do you eat an elephant? One bite at a time. Let's start with the first bite: helm.

What is Helm?

Helm is to Kubernetes what the InterSystems Package Manager (IPM, formerly ObjectScript Package Manager - ZPM) is to IRIS.

IAM - InterSystems API Manager is a great tool for monitoring your traffic. If you are trying to use it in your Kubernetes cluster you may have tried doing a deployment similar to this one:

Anakin Skywalker challenged the high ground and has been terribly injured on Mustafar.

I attended Cloud Native Security Con in Seattle with full intention of crushing OTEL day, then perusing the subject of security applied to Cloud Native workloads the following days leading up to CTF as a professional excercise. This was happily upended by a new understanding of eBPF, which got my screens, career, workloads, and atitude a much needed upgrade with new approaches to solving workload problems.

So I made it to the eBPF party and have been attending clinic after clinic on the subject ever since, here I would like to "unbox" eBPF as a technical solution, mapped directly to what we do in practice (even if its a bit off), and step through eBPF through my experimentation on supporting InterSystems IRIS Workloads, particularly on Kubernetes, but not necessarily void on standalone workloads.

eBee Steps with eBPF and InterSystems IRIS Workloads

In our previous article, we have explored the most common Kubernetes components:

• We started with the pods and the services we needed to communicate with each other.
• Then, we examined the Ingress component used to Route traffic into the cluster.
• We also skimmed through an external configuration using ConfigMaps and Secrets.
• Afterward, we analyzed Data persistence with the help of Volumes.
• Finally, we took a quick look at pod blueprints with such replicating mechanisms as Deployments and StatefulSets (the latter is employed specifically for such stateful applications as databases).

In this article, we will explore Kubernetes architecture and configuration.

In this article, we will cover below topics:

• What is Kubernetes?
• Main Kubernetes (K8s) Components

What is Kubernetes?

Kubernetes is an open-source container orchestration framework developed by Google. In essence, it controls container speed and helps you manage applications consisting of multiple containers. Additionally, it allows you to operate them in different environments, e.g., physical machines, virtual machines, Cloud environments, or even hybrid deployment environments.

Hey Community,

Hit that play button and enjoy the new video on InterSystems Developers YouTube:

⏯ Can You Autoscale This? Lessons from the Field on Kubernetes @ Global Summit 2023

https://www.youtube.com/embed/AjPUDGYyNsU
[This is an embedded link, but you cannot view embedded content directly on the site because you have declined the cookies necessary to access it. To view embedded content, you would need to accept all cookies in your Cookies Settings]

Hi, I was wondering if anyone already dealt with this issue:
"System has been suspended for over X seconds, exceeding the maximum duration specified. Allowing system activity to resume. Any ongoing backup has presumably failed. Next InterSystems IRIS backup must be a full one"

our backup system "Commvault" is automatic, how do you tell it once you get this message that the next backup should be full?

thanks,

Eyal

We have solution which uses IRIS with IAM and webgateway integrated.

After integration, we notice that in the kong configuration in the kongdb upstreams are not created as listed in the kong.yml

We noticed that, IAM api calls are failing with enterprise license expired.

[kong@iam-deployment-75f485954c-ssdfv /]$ curl --location --request POST 'http://localhost:8001/services/'
{"message":"Enterprise license missing or expired"}

From Logs: