New post
AllAccepted answers
Pierre-Yves Duq... · Nov 7, 2023

We also tried this example on a Windows Instances, where the general method still works, but required some Windows Specific Changes for AWS:
- To first assign the secondary IP Address (the VIP) to the Windows Instances, it needs to be done differently, as Windows requires to first set the primary IP as a Fixed (non DHCP address) before adding a secondary address, as documented by AWS here:
https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/config-windows-multiple-ip.html

- the python script for ZMIRROR also needs some tweeking to remove the OS dependant commands, so for testing this, we simply removed the first part of the script that uses the OS to dynamically determine the value of the assigned VIP and replaced it with the pre-determined (fixed) value.

With these small changes, it worked like a charm. Thanks Eduard!

Pierre-Yves Duq... · Nov 7, 2023

Great Article!
For the EC2 instance to be able to manipulate the route table in the VPC , we created some policy in AWS IAM, assigned it to a Role, and assigned this Role to both EC2 instances.
The Policy was as follow (a better solution would be more restrictive and limit this policy to the VPC where the EC2 instance Run):
 

{
	"Version": "2012-10-17",
	"Statement": [
		{
			"Effect": "Allow",
			"Action": [
				"ec2:DescribeInstances",
				"ec2:CreateRoute",
				"ec2:DeleteRoute",
				"ec2:DescribeRouteTables"
			],
			"Resource": "*"
		}
	]
}
Pierre-Yves Duq... · Jan 31, 2023

Hello,

One way to invoke the Code of a BO you have defined in another Database, would be to "map" the class Definition package of this BO to have it visible from your current namespace and add it as another BO in your production. 
The Package Mapping in the Namespace definition allows you to share code between Namespaces.

If you really need to invoke Business Hosts of Production B running in Namespace B from a Production A running in Namespace A, one correct way to perform this is to have your BP invoke a BO in the same production/namespace(A) and from there, call into a Business Service into the Production B. 

From within a BO, it is posible, however, to access data in another namespace, using set $Namespace="B" and running your code, and coming back into "A" before finalizing the method (and in your catch block if an error occurs while running code in "B"). 

 

Pierre-Yves Duq... · May 29, 2020

Hello Vikash!

The Apache Web Server that gets installed on port 57772 as part of the  InterSystems Caché/Ensemble/IRIS  installation  is designed to serve the System Management portal pages, allow the connection from the Atelier/VSCode IDEs.

This Web Server is not hardened, scalable of otherwise "production Ready". As such, the ssl module is not installed, no server certificate is installed, and it does not respond to https requests on any port.

The recommended way is to install a separate Web Server, (Apache, Microsoft IIS or Nginx), and additionally:

  • install and configure the InterSystems CSP gateway (also called the Web Gateway in InterSystems IRIS)
  • generate some Server Certificates for this (private and public keys), and load them in your Web Server. You will need some Recognized Certificate authority to issue this certificates if you need your server to be recognized as trusted by external browsers/clients.
  • Configure this web Server to respond to Https on a specific port (the default is 443)
  • maintain this web server up to date with the latest security patches.

The relevant documentation for this process depends on the webserver you choose, and the CSP Gateway/Web gateway installation documentation can be found on the InterSystems website:

https://docs.intersystems.com/irislatest/csp/docbook/Doc.View.cls?KEY=PAGE_WEB_GATEWAY