go to post Timo Lindenschmid · Mar 3, 2023 This is NOT correct a VIP is not needed for a failover mirror even with ASYNC DR. Any Async Mirror will know of all mirror nodes and try both failover mirror members if it cannot connect to the primary automatically. For this it uses the superserver IP configured on the mirror setup or the private mirror IP if it is able to access it. A VIP is only needed for application that are not mirror aware. Even the current web/csp gateway can be configured to be mirror aware.
go to post Timo Lindenschmid · Mar 3, 2023 Agreed contact WRC on this and get your messages log from Primary and backup (from during the outage) reviewed. This sounds like a full loss of connectivity or just a hunch are both mirror members backed up at the same time and does this coincide with the outage?
go to post Timo Lindenschmid · Mar 3, 2023 just asking is there a loadbalancer involved when you connect to your application? if so enable stickysession on it so it always reconnects via the same web server as a different webserver means a new session when connecting to iris/cache
go to post Timo Lindenschmid · Feb 23, 2023 Hi Philip, User and password management in TrakCare is difficult task via SQL and i would not suggest doing it that way. In newer versions of TrakCare the CodeTable upload manager can be used to batch upload user accounts. I would suggest you create an iService ticket for TrakCare support to help you with the best option here. You can always request support to contact me if they need more information on this.
go to post Timo Lindenschmid · Feb 23, 2023 Hi Kari, this really depends on the authentication options of the 3rd party api. If the 3rd party api only accept e.g. username/paswords then it will never be more secure even if you use a password vault, as the password needs to be cleartext to be provided to the 3rd party. Different story if the api accepts e.g OAUTH based keys/hashes.refer to : OAuth 2.0 Client | InterSystems IRIS Data Platform 2022.3 Best Regards Timo
go to post Timo Lindenschmid · Feb 20, 2023 Hi Mark, there is no issue doing this on a Primary mirror. I have done this multiple times for customers. The system impact with IRIS is negligible. Just remember to do this on all mirror members as DB activities are not replicated only data is. Just to be on the save side though always check a valid backup is available before you start.
go to post Timo Lindenschmid · Feb 20, 2023 Hi, to create a really password less mode enable delegated authentication and create your own zauthenticate.mac that checks for your rules e.g. originating from local ip addresses etc and then logs your user in. refer to: Delegated Authentication | Authentication Guide | InterSystems IRIS Data Platform 2022.3
go to post Timo Lindenschmid · Feb 8, 2023 Hi, the issue is that $ZDATETIME tformat -2 presents posix time to the second. to get the full available precision you could use something like this: set t=$ZTIMESTAMP w t 66513,24732.646579 w $ZDATETIME(t,-2)_$piece(t,".",2) 1675804932646579
go to post Timo Lindenschmid · Feb 5, 2023 Hi Jonathan, best way forward is for you to contact WRC, they can help you with the install files and also if needed with a temp license. just email support@intersystems.com
go to post Timo Lindenschmid · Jan 13, 2023 Depending on the OS you are running you can have firewall rules that redirect the incoming port 80 to another port but its easier to setup a full webserver that publishes your application on port 80/443. If you don't want to publishg using a full webserver but have it already running you can add rules to it that will redirect request for that webapp to the buildin webserver. Also need to be aware that the build-in webserver will no longer be included starting from a future version of IRIS, with the exception of community docker image.
go to post Timo Lindenschmid · Dec 14, 2022 Hi, you can use Studio to export all your application into one xml file. This XML file can be imported by anyone. Requirements though are that the user of this application needs an IRIS version installed and licensed (might also be the community edition) . You don't need an IDE to deploy an application (XML package) into IRIS. you just need access to either terminal or System Management Pages or short SMP (management web ui) there you can import the code and compile it so your application is available. Also for application deployment you might want to look at an installer manifest that can do additional configuration that might be required like web application creation, security, database, namespace and global mapping creation etc.
go to post Timo Lindenschmid · Dec 6, 2022 Usually the biggest culprit is IRISTemp database. This data base is essentially used for temporary storage of data during the live of a process and can grow quite big if a process misbehaves. The space can usually be reclaimed by setting configuration parameter and restarting IRIS.
go to post Timo Lindenschmid · Nov 25, 2022 The explanation here is the table lock threshold. If a process modifies a certain number of entries within one table without committing it will trigger an escalation from atomic locks per record to a full table lock. This is configurable but i am not sure about the default value but i think its between 1000 and 10000. If the lock is triggered essentially all other processes which want to write have to wait until the process has committed its changes which will release the lock. Solution is to use %NOLOCK if you are sure you will not hit the same record with multiple processes.
go to post Timo Lindenschmid · Oct 26, 2022 Hi, i am not quite sure why you got BasicAuth enabled on Apache for requests to webservices hosted on IRIS. I would disable basic auth and use IRIS to authenticate the request, also from a security perspective if the request originates not from localhost i would move to using https. Main issue with cors is, if the request originates not from the same domain as the target server is in, e.g. server is configured to be at server.sample.loc, that any request not coming from same domain would trigger a cors deny e.g. ip address only. As cors is only enforced in the browser not the server the question also is how do you call the webservice? From another production? If so, don't care about cors its than only an issue when testing via your browser. Best Regards Timo
go to post Timo Lindenschmid · Jan 31, 2021 Hi Rick, Iris now supports dynamic entities try something like this: set newArray={}.%FromJSON(tsc) write newArray.%Get("memberId") https://docs.intersystems.com/irislatest/csp/docbook/Doc.View.cls?KEY=GJ...
go to post Timo Lindenschmid · Jan 30, 2018 Hi Mack,there are a couple of ways to move the installation across.One very simple way is by ,as already has been mentioned, shutting down cache and then copy the cache.dat files across for example using ftp.Another way is using the build-in backup utility to take a backup and restore the backup on your new system,. this does not require a shutdown of cache on either side.Also make sure you grep a copy of the original cache.cpf file as this contains all the database,namespace and mapping information.You can easily enough modify the new cache.cpf file accordingly (although this requires then a cache restart to activate the changes).Cheers
