Has anybody happened to get MQ inbounds working with explicit authentication?  I have a need to talk to different queues with different credentials  across environments and the limitation of the using the os user running the process is inhibiting it.

There is a tiny blurb about setting the credentials object on the adapter, but maybe I am not implementing it correctly as designed. 

I basically copied the adapter class, and tried to use the ..CredentialsSet method which points to a standard Ens credential on the system with username and password.

Method OnInit() As %Status
Set tSC = ..InitQueue()
Set tSC = ..CredentialsSet("mq")
If $$$ISERR(tSC) Set ..%initQueueNeeded = 1
#; Do not prevent job starting if cannot initialise on connection.
#; If still error initialising in first poll it will be reported in the event log and available for Alert on Error
Quit $$$OK

No luck here, if anybody can help me out, it would be appreciated!

well, maybe spoke too soon as I see nothing coming from enabling the business services to TRACE and setting:

Set tSC = ..%sshSession.SetTraceMask(64,"/tmp/sftp-trace.log")
Set tSC = ..%sshSession.SetTraceMask(256,"/tmp/sftp-keys.log")

still not seeing any tracing at this point.

This is great Mark, excellent write up.

Ran into a similar problem a couple of years ago on AWS with the mirror VIP, had a less sophisiticated solution with a custom business service on a target production/namespace listening for a keep alive socket the ELB to detect which Mirror Member was active.... re-used it for an auto-scaling group too for an indicator for availability we could put logic behind.   Those links up there to the routines appears broke for me, would love to take a look at that magic.

What's Azure's VPN for solution look like for site 2 site connections?   The diagrams above maybe suggest this is possibly bolted to on-prem, but just curious if you had any comments to that with Azure.

Did you provision a DNS Zone on a legible domain for internal communications?  I abused a couple of *.info domains for this purpose and found that the hostnames enumerated from Cache were from the Instances and not very usable for interhost communication and broke things like Enterprise Manager, HS Endpoint Enumeration, etc.

Does Azure have an Internet Gateway or a NAT solution to provide communication outbound from a single address (or fault tolerance) ?  The diagram for Web Server Load Balancing looks like they work for both inbound and outbound just wondered if that was the case.

Again, excellent resource, thanks for taking the time.