All
Accepted answers
Scott Roth · Oct 11, 2022 go to post

I have modified docker-compose.yml to include command: --check-caps false without any luck

[root@int-lxiris-vd02 docker-webgateway-sample]# more docker-compose.yml
version: '3.6'
services:

  webgateway:
    image: tls-ssl-webgateway
    command: --check-caps false
    container_name: tls-ssl-webgateway
    build:
      context: .
      dockerfile: Dockerfile
    networks:
      app_net:
        ipv4_address: 172.16.238.50
    ports:
      # change the local port already used on your system.
      - "80:80"
      - "443:443"
    environment:
      - IRIS_HOST=172.16.238.20
      - IRIS_PORT=1972
      # Replace by the list of ip address allowed to open the CSP system manager
      # https://localhost/csp/bin/Systems/Module.cxw
      - "SYSTEM_MANAGER=${LOCAL_IP}"
      # the list of web apps
      # /csp allow to the webgateway to redirect all request starting by /csp to the iris instance
      # You can specify a list separate by a space : "IRIS_WEBAPPS=/csp/sys /api /isc /swagger-ui"
      - "IRIS_WEBAPPS=/csp/sys"
    volumes:
      # Mount certificates files.
      - ./certificates/webgateway_client.cer:/opt/webgateway/bin/webgateway_client.cer
      - ./certificates/webgateway_client.key:/opt/webgateway/bin/webgateway_client.key
      - ./certificates/CA_Server.cer:/opt/webgateway/bin/CA_Server.cer
      - ~/webgateway-apache-certificates/apache_webgateway.cer:/etc/apache2/certificate/apache_webgateway.cer
      - ~/webgateway-apache-certificates/apache_webgateway.key:/etc/apache2/certificate/apache_webgateway.key
    hostname: webgateway
    command: ["--ssl"]

  iris:
    image: intersystemsdc/iris-community:latest
    command: --check-caps false
    container_name: tls-ssl-iris
    networks:
      app_net:
        ipv4_address: 172.16.238.20
    volumes:
      - ./iris-config-files:/opt/config-files
      # Mount certificates files.
      - ./certificates/CA_Server.cer:/usr/irissys/mgr/CA_Server.cer
      - ./certificates/iris_server.cer:/usr/irissys/mgr/iris_server.cer
      - ./certificates/iris_server.key:/usr/irissys/mgr/iris_server.key
    hostname: iris
    # Load the IRIS configuration file ./iris-config-files/iris-config.json
    command: ["-a","sh /opt/config-files/configureIris.sh"]

networks:
  app_net:
    ipam:
      driver: default
      config:
        - subnet: "172.16.238.0/24"

Scott Roth · Oct 11, 2022 go to post

When IRIS goes to start as part of the script I am seeing the following errors... 

[iris]       | [ERROR] Required Linux capability cap_setuid is missing.
[iris]       | [ERROR] Required Linux capability cap_dac_override is missing.
[iris]       | [ERROR] Required Linux capability cap_fowner is missing.
[iris]       | [ERROR] Required Linux capability cap_setgid is missing.
[iris]       | [ERROR] Required Linux capability cap_kill is missing.
[iris]       | [FATAL] Your IRIS container is missing one or more required Linux capabilities.

I didn't have this issue with the SAM docker file, what could be missing??
 

Scott Roth · Oct 11, 2022 go to post

Found that this issue was attributed because I was using sudo to execute the docker/podman compose call.

Scott Roth · Oct 10, 2022 go to post

What are the network sections within the docker-compose.yml used for? Do we have to change the ipv4_address for our needs? What should the ipv4_adress be set to? Should it be the local address of the server we are running it on? I keep running into issues when I attempt to run it and receive "RuntimeError: missing networks: app_net". I have been struggling with this for weeks now, and would like some insight on getting this to work as it is preconfigured instead of having to install and setup the webgateway on my own.

Scott Roth · Oct 4, 2022 go to post

Linked Tables, Views, and Stored Procedures all use the JDBC Gateway (JDBC_Default) at the server level. While this article is nice to explain how to setup individual connections, how do you troubleshoot the Default connection at the server level to ensure your Linked Tables, Views, and Stored Procedures stay connected. I have opened a WRC ticket because I am finding the Management Portal -> JDBC Gateway page unresponsive to get into, update, or restart the service. Do you have any helpful hints?

Scott Roth · Sep 30, 2022 go to post

I was unable to get the container/image to run with podman compose as I was getting OCI Image Format warnings. So while investigating I saw a suggestion to use buildah to first build and format the image to use with podman. However I keep running into issues still with "SHELL is not supported for OCI image format, [/bin/bash -c] will be ignored. Must use 'docker' format. HEALTHCHECK is not supported for OCI image format..."

Has anyone gotten this to work using podman or buildah instead of docker? I don't have docker available to my RHEL8 environment.

Thanks

Scott

Scott Roth · Sep 21, 2022 go to post

Can someone help me out with the gen-certificates.sh? I have the CA_server.cer from our CA, and I need to just generate the key and csr files so I can submit them to get the cer signed by CA. I tried removing some of the script, but could someone help me change the gen-certificates.sh so this can be done?

Scott Roth · Sep 21, 2022 go to post

What if we just want to run this daily? Should we just specify Start Time of 00:00 and End Time of 23:59? Would the class file run for the entire day then?

Scott Roth · Sep 16, 2022 go to post

In "ExecuteCode" do you have to specify the "do ##class....." or can you just enter "##class...."

Scott Roth · Aug 29, 2022 go to post

I had originally tried to setup a web server outside of docker, but forgot to write down my steps. Instead of building a stand alone web server, I figured this might be a better option. Can someone help me understand the process if I don't want to use a self signed CA certificate? I have downloaded the organization CA certificate but I can't remember what I need to do next to generate and register the key with the organization so I can implement it on our docker session for the web server.

Please and thanks.

Scott Roth · Aug 29, 2022 go to post

Yeah I figured that out. I am just not sure how to incorporate the data just yet.

Scott Roth · Aug 25, 2022 go to post

Can you explain "Keep in mind that if there are self-signed certificates, web browsers will show security alerts. Obviously, if you have a certificate delivered by a certified authority, you can use it instead of a self-signed one (especially for the Apache server certificate)." a little bit further? Would I send the .key to my organization to get a CA signed cer file back? Which file should I replace once I receive my CA signed certificate from my organization?

Scott Roth · Aug 23, 2022 go to post

Is there any benefit to just using Prometheus/Grafana vs using the SAM?

Scott Roth · Aug 23, 2022 go to post

I was looking to connect to the SAM container to add code for custom metrics to SAM for our group. If it isn't a suggested path I could always create the code locally and move it over to the SAM container.

Scott Roth · Aug 22, 2022 go to post

Is there a magic trick to get it to work with VS Code as well? I have configured all the security settings and I am getting a "Forbidden" error when trying to access it via VS Code?

Scott Roth · Aug 22, 2022 go to post

What if I only want to run the metric once a day? I don't know how much of a performance hit it will be to keep on having these queries run every 5 min or so.

Scott Roth · Aug 19, 2022 go to post

I was able to get it to work once I added the command statement. Thanks.

Scott Roth · Aug 19, 2022 go to post

writing status to file: /home/irisowner/irissys/iscagent.status
Reading configuration from file: /home/irisowner/irissys/iscagent.conf
ISCAgent[15]: Starting
ISCAgent[19]: Starting ApplicationServer on *:2188
[ERROR] Required Linux capability cap_setuid is missing.
[ERROR] Required Linux capability cap_dac_override is missing.
[ERROR] Required Linux capability cap_fowner is missing.
[ERROR] Required Linux capability cap_setgid is missing.
[ERROR] Required Linux capability cap_kill is missing.

I found this link that references the error. I will make the changes to the docker-compose.yml
 

Scott Roth · Aug 18, 2022 go to post

Alex can you explain a bit more on how 

>set tSC=##class(UnitTest.Test.DTL.TestTrans.TransformSource2).AddTestFromMessageBody("EnsLib.HL7.Message",1218511,1,.sourceXdataName,.targetXdataName)
 

is suppose to work? I tried the message above with the 1218515 message ID and got a syntax error.

DEVCLIN>set tSC=##class(UnitTest.Test.DTL.TestTrans.TransformSource2).AddTestFromMessageBody("EnsLib.HL7.Message",1218515,1,.sourceXdataName,.targetXdataName)

SET tSC=##CLASS(UnitTest.Test.DTL.TestTrans.TransformSource2).AddTestFromMessage
^
Body("EnsLib.HL7.Message",1218515,1,.sourceXdataName,.targetXdataName)
<CLASS DOES NOT EXIST> *UnitTest.Test.DTL.TestTrans.TransformSource2

Scott Roth · Aug 17, 2022 go to post

I tried install csvgen and got ERROR! 'csvgen' not found in any repository. Anyone else having this issue?

IRIS for Windows (x86-64) 2022.1 (Build 209U) Tue May 31 2022 12:16:40 EDT

Scott Roth · Aug 12, 2022 go to post

I don't like using temp tables, I would just write the data to another table then truncate/drop the table when I am done if necessary. The syntax between the different SQL system can be a little tricky and my guess there is an incompatibility between MS SQL and InterSystems. 

Scott Roth · Aug 11, 2022 go to post

I had to pull the images down via another PC that could access docker. Should I still run start.sh to get everything loaded?

Scott Roth · Aug 11, 2022 go to post

Why not use a view instead of a Temporary table? Since Temporary Tables are just Temporary and created at the time of execution how are you setting privs on the Temporary Table.

Scott Roth · Aug 3, 2022 go to post

I missed the Discord chat, however I am very interested in trying it out once you have the documentation together. I look forward to it.

Thanks

Scott

Scott Roth · Aug 3, 2022 go to post

Thanks unfortunately the servers I am trying to install these on do not have the ability to download the docker images. So I am trying other avenues to try to make it work for my team.

Scott Roth · Aug 1, 2022 go to post

Just FYI..... One and probably many of my BPL's have over 30+ IF statements. Interface Maps has a limitation on how many IF statements it handled. It was suggested that I split apart my BPL, or wait for Development, which has been entered into the internal InterSystems system.