Nice!

Wow, I guess I can do that in a Lamba function too says Stack Overflow... Assumes the function is in a VPC with internet access and no idea if it needs a `/tmp` provisioned, but wasn't aware of this harry pottery.
 

import os
import sys
import subprocess

# pip install custom package to /tmp/ and add to path
subprocess.call('pip install https://github.com/intersystems/quickstarts-python/raw/master/Solutions/nativeAPI_wheel/irisnative-1.0.0-cp34-abi3-linux_x86_64.whl -t /tmp/ --no-cache-dir'.split(), stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
sys.path.insert(1, '/tmp/')

Hi @Anton Umnikov excellent work on this (and a lot of it too).

I was wondering if you can check the stack into an intersystems github repo so I can suggest some changes  and additions to the CF Template through a PR?  If not I can create one out of band too but thought it would be nice since its available to have it hosted in CC.

Hi Murray!

This is excellent, love this work and glad its making its way into the api.

For some reason though, I am unable to add this as a direct Prometheus datasource in Grafana and wondering if there is a model or version pre-requisite to Grafana ?  

I can see the metrics with curl, wget, postman, and a browser et al... but when I add the datasource to grafana it fails the test.

Aany ideas ?

Has anybody happened to get MQ inbounds working with explicit authentication?  I have a need to talk to different queues with different credentials  across environments and the limitation of the using the os user running the process is inhibiting it.

There is a tiny blurb about setting the credentials object on the adapter, but maybe I am not implementing it correctly as designed. 

I basically copied the adapter class, and tried to use the ..CredentialsSet method which points to a standard Ens credential on the system with username and password.

Method OnInit() As %Status
{
Set tSC = ..InitQueue()
Set tSC = ..CredentialsSet("mq")
If $$$ISERR(tSC) Set ..%initQueueNeeded = 1
#; Do not prevent job starting if cannot initialise on connection.
#; If still error initialising in first poll it will be reported in the event log and available for Alert on Error
Quit $$$OK
}

No luck here, if anybody can help me out, it would be appreciated!

This is great Mark, excellent write up.

Ran into a similar problem a couple of years ago on AWS with the mirror VIP, had a less sophisiticated solution with a custom business service on a target production/namespace listening for a keep alive socket the ELB to detect which Mirror Member was active.... re-used it for an auto-scaling group too for an indicator for availability we could put logic behind.   Those links up there to the routines appears broke for me, would love to take a look at that magic.

What's Azure's VPN for solution look like for site 2 site connections?   The diagrams above maybe suggest this is possibly bolted to on-prem, but just curious if you had any comments to that with Azure.

Did you provision a DNS Zone on a legible domain for internal communications?  I abused a couple of *.info domains for this purpose and found that the hostnames enumerated from Cache were from the Instances and not very usable for interhost communication and broke things like Enterprise Manager, HS Endpoint Enumeration, etc.

Does Azure have an Internet Gateway or a NAT solution to provide communication outbound from a single address (or fault tolerance) ?  The diagram for Web Server Load Balancing looks like they work for both inbound and outbound just wondered if that was the case.

Again, excellent resource, thanks for taking the time.