New post

#System Administration

12

System administration refers to the management of one or more hardware and software systems.

Documentation on InterSystems system administration.

Hello; We are managing several Ensemble instances on several servers. One server has 4 instances, and two other servers have one instance each (those are production servers). We encrypt all instances using the Caché encryption in the management portal.

Currently we are using two different encryption keys: 1 key on the server with 4 instances, which is used for all 4 instances, and a second key on single-instance server. ( I'm installing the newest production server now.)

1 1
0 696

Let's say I have an InterSystems IRIS instance with 6 Namespaces:

  • Foo1
  • Foo2
  • Foo3
  • Foo4
  • Foo5
  • Bar

And the number of Foo# namespaces can increase at any time for a number of reasons. I need to ensure that they all have identical configuration globals stored in a DB called CONFIG, so I do the following in my configuration file:

[Map.%ALL]
Global_SYS=%DEFAULTDB
Global_SYS("CommonConfig")=CONFIG
Global_SYS("CommonOtherSettings")=CONFIG
Global_SourceControl=CONFIG

1 9
0 298
Question
· Oct 30, 2016
ISCAgent debug

Good day!
Is there an opportunity to debug the ISCAgent behaviour (in Linux)? ISCAgent uses /etc/iscagent/iscagent.conf as configuration file, but in docs I've found a description only for two parameters (port number and interface - http://docs.intersystems.com/latest/csp/docbook/DocBook.UI.Page.cls?KEY=...). Other parameters I can see by running /usr/local/etc/cachesys/ISCAgentCtrl status:

1 8
0 3K
Question
· Sep 25, 2018
Wireshark with ensemble

Hi,

We see a lot of TCPIP connection error for few of the components not sure if it is a network glitch at the source/target or is it with us. And most of the times these errors are very transient and vanish on their own and the connection gets re established and the messages get processed. Here is the error we mostly see

ERROR <Ens>ErrTCPTerminatedReadTimeoutExpired: TCP Read timeout (30) expired waiting for terminator SegTerminatorAscii=13, on |TCP|50007|10620, data received =''

or

1 3
1 1.6K

I was wondering if there was a certain procedure or documentation on securing (Https://) the Web Portal into IRIS/Ensemble?

Currently we are using LDAP Delegated Authentication to access the Web Portal using LDAP. However as more and more emphasis is put on securing applications within networks, I can see Management/Security asking us to make sure that the web portal is more secure.

1 6
1 1.1K
Question
· Nov 30, 2022
Delegated Users

In our current UCR arhcitecture, we use two installations. We have one machine with Access, Registry and Edges and one machine with the ODS. On the machine with the Registry, I can create a user/clinician. When I log into the management portal with this user, a so-called delegated user is created in the cached users table. So far everything is going well.

When I try the same on the machine with the ODS I get the message : 'ERROR #822: Access Denied' . so no delegated user is created.... Does anyone have any idea where I can find the solution?

1 1
0 363

I need to develop a tool to help to get what data is being consumed by a certain process, in order to get all data used to build an automated test scenario.

For example, some user process will pull data from ^GLOBAL(1)="dataString", ^GLOBAL(2)="dataString2", ^GLOBAL1(1)="data1String", ^GLOBAL2(4)="data2String4". Amidst all other data on these Globals, I will ignore everything that was not used in the user process, and get the specific keys used on it.

1 12
0 451

Is it possible to audit code changes in a namespace?

Ideally what we'd like to be able to do is check which classes were compiled (or deleted) in a time period, eg in last 3 months, and which user made those changes. Even better would be an audit of what those changes were, but that's less important (for us, as we can probably find that information in other ways).

1 7
1 62

Hello Community

IRISTEMP database consumes more disk space and make the production instance down when running Bulk SQL queries (maybe other processes aswell)

Is setting up the "Maximum" size it resolves the problem?. Is this setting impacts the performance?

What are the approaches to resolve it

sample screenshot

1 2
1 296

Has anyone noticed weird behavior when upgrading to HealthShare Health Connect 2024.1?

Wednesday I upgraded our TEST environment from IRIS for UNIX (Red Hat Enterprise Linux 8 for x86-64) 2022.1.4 (Build 812_0_22913U) [HealthConnect:3.5.0-1.m1] [HealthConnect:3.5.0-1.m1] to IRIS for UNIX (Red Hat Enterprise Linux 8 for x86-64) 2024.1 (Build 267_2U) [HealthConnect:3.5.0-1.m1].

Some of our Business Processes have been throwing...

1 2
0 216

I'm working on a proposal for a deployment tool development project and I was wondering if anyone had any experience with such a thing.

We use Healthshare and implementations for new clients are tedius and lengthy. Lots of ensemble service, registry value, lookup tables, namespaces and other things have to be created and configured.

I would like to create a Zen or CSP page based deployment tool that can do all this with a few parameters and some custom code.

1 15
0 979

Hi,

We have Mirroring established between NODE 1 & Node 2 . We have set the "cachesys" database enabled for Journalling. But we dont see the User Accounts , Roles, Resources created on Node 1 ( favoured Primary) reflected on Node 2 . Is creating them manually again is the only option for this ? . Is there any way to sync them or would adding %SYS to MIRROR a possible solution. Would it be great if anyone has faced this as we have an issue that during failovers Team is locked out .

Best Regards,

Arun Madhan

1 10
1 972

Hi,

Can a Cache Mirror be used in the cloud ? (ie stand up a Primary and Backup member instances in a High Availability Cache Mirroring configuration)

I'm investigating the validity of this configuration, because I was of the understanding that this may not possible due to these cloud servers not (typically) having fixed ip addresses, which interferes with the Virtual IP settings for the mirror set.

Is this correct, and if there are workarounds (like Load Balancing ?) can I have details on how this should be configured ?

1 8
0 998

Currently, we have an application running in one namespace ("Database B") that has globals and routines mapped to another database ("Database A"). After enforcing clean up on Database A, we found that 90% of the disk is free. We would like to compact Database A and release the unused space. However, we are running OpenVMS, which seems to be the issue.

For databases consisting of only globals, we are able to use ^GBLOCKCOPY; however, we need to ensure that the routines and mappings are also copied.

1 8
0 1.2K

I am currently working on an Upgrade to HealthShare 2019.1.1. As described in the steps once the upgrade was complete to run $system.OBJ.Upgrade(). When I run $system.OBJ.Upgrade() , it is not finding any classes to update. However I am getting an Error 5116 on one of my Productions...

Class dictionary version for '%1' is out of date, please run upgrade utility $system.OBJ.Upgrade()
1 5
1 852

We are getting more and more request wondering if we could send/receive data via HTTPS to the outside world from within our Hospital Network. As you can imagine our Ensemble/Cache productions are not exposed to the DMZ or has access outside of the network. We only communicate with external vendors through a VPN, so communicating not using a VPN is rather new to us.

Currently there is a project to get rid of using Proxy, and instead of through a Load Balancer that can use rules to filter out traffic, which adds another layer of complexity.

1 3
0 285
Question
· Jan 13, 2017
GitLab CI examples?

Recently I started working with GitLab - GitHub self-hosted foss alternative. So far so good, liked the UI, ease of administration, and available functionality (I was on Phabricator previously, and still use it for repo mirroring).

GitLab has GitLab CI (GitLab Continuous Integration) which looks promising (pluggable docker/vm/ds to run code) , but I wondered if someone uses it already and can share scripts for it?

1 4
0 4.2K

Currently we are exploring how we can allocate additional disk space to our current environment as we have seen a significant increase in growth of our Database files. Currently we have 3 namespaces, all with 1 IRIS.dat each that contains both the Global and Routines.

Since we have started down the route of everything within a single IRIS.dat file for each namespace, is it logical as we see growth to be able to split the current IRIS.dat for each namespace into a separate IRIS.dat for global and a IRIS.dat with for routines for each namespace in a Mirror environment?

1 4
0 215

Hello everyone,

I'm trying to authenticate a user(Health Share clinician) from a Java Application.

I 'm already connected to Caché and able to run SQL commands.

My question is: How can I authenticate a user using only SQL? In fact, what I want is verify if the users exists in the base and if the given password is the same used in Health Share.

There is a column 'password' in Security.users table but I'm not able to see its content, even so, I don't know which hash function to use to compare with.

1 7
0 1.7K

We recently went through an Audit of our Security Policies and Procedures when it comes to IRIS. As a result of that Audit, we need to make adjustments to the way that Security is setup within IRIS. I have already done my changes on our TEST and DEVELOPMENT environments, but now I am trying to plan out how do we make these changes in Production.

These changes include moving away from the PWS, setting up Apache/Web Gateway, moving to LDAP instead of using Delegated Authentication, updating Web Applications, updating Resources, updating Services, etc...

1 4
0 180