Configure InterSystems IRIS Cloud Managed Service Productions
Interoperability productions enable you to connect other systems to InterSystems IRIS Cloud Managed Service so that you can transform and route messages between them. Generally speaking, productions consist of three types of business hosts:
-
Business Services — Business services have inbound adapters that accept incoming messages from an external system.
-
Business Processes — Business processes take messages from a business service and process them (for example, transforming them from one format to another) and then pass them to a business operation.
-
Business Operations — Business operations have outbound adapters that send outgoing messages to an external system.
In InterSystems IRIS Cloud Managed Service, you can create a new production on the Productions page and then configure it in the Management Portal, by going to Interoperability > Configure > Production.
For general information on productions, see Introduction to Interoperability ProductionsOpens in a new tab.
For guidelines on how to configure InterSystems IRIS Cloud Managed Service productions in some common specific scenarios, see the following sections.
Configure a Production to Use SFTP
Create Authorization Credentials
Before configuring a production to use SFTP, create the authorization credentials that will be used in your productions. This task creates SFTP passphrase credentials that correspond to the file transfer user you created for your tenant on the Files pageOpens in a new tab of the Cloud Services Portal.
-
In the InterSystems IRIS Cloud Managed Service Management Portal, select Interoperability > Configure > Credentials.
-
In the right panel of the Credentials Viewer page, enter an ID that will be used in your production configuration.
-
Enter the User Name of the file transfer user from your tenant’s Files page.
-
Click Save.
Configure a Production to Use SFTP
After you have set up SFTP for your tenant on the Files pageOpens in a new tab of the Cloud Services Portal, you can configure a production to ingest files from a folder in your S3 bucket or output files to a folder in your S3 bucket. A business service can watch an input folder for incoming files, such as HL7 or X12 messages, and pass them to a business process for transformation or other processing. A business process can also pass outgoing files to a business operation, which can in turn deposit them in an output folder.
This section applies to business services (inbound adapters) and business operations (outbound adapters) that are of Input Type or Output Type FTP.
-
In the Management Portal, select Interoperability > Configure > Production.
-
Select your business service or business operation.
-
Click the Settings tab.
-
Configure the Basic Settings and SFTP Settings, as described below.
-
Click Apply when you are done to save your settings.
Basic Settings Section
-
File Path — Enter a file path, as listed in the Paths column for your file transfer user on your tenant’s Files page.
-
FTP Server — Enter the server listed on your tenant’s Files page under SFTP Connection Instructions.
The server will look something like: s-abc.server.transfer.us-east-1.amazonaws.com.
-
FTP Port — Type the port number 22.
SFTP Section
-
SFTP Authentication Methods — Type the letter k, indicating that the adapter will use public/private key authentication.
-
SFTP Public Key File — Enter the path to the public key file on your server, for example, /connect/ftp/xyz-sftp-public-key.txt, where xyz is the name of your file transfer user.
-
SFTP Private Key File — Enter the path to the private key file on your server, for example, /connect/ftp/xyz-sftp-private-key.txt, where xyz is the name of your file transfer user.
-
SFTP Passphrase Credentials — Select the credentials you created in Create Authorization Credentials.
See Upload SFTP Keys to ServerOpens in a new tab for information on uploading public and private key files.
Configure a Production to Use a Firewall Rule
This section describes the settings required to configure a business service to use a firewall rule that you have defined on the Firewall page of your deployment.
-
In the Management Portal, select Interoperability > Configure > Production.
-
Select your business service.
-
Click the Settings tab.
-
Configure the Basic Settings and Connection Settings, as described below.
-
Click Apply when you are done to save your settings.
Basic Settings Section
-
IP Port — Enter a port within the port range of your firewall rule.
Connection Settings Section
-
SSL Configuration — Enter an SSL/TLS configuration to be used to secure traffic when using an external firewall rule.
For business services, select a server SSL/TLS configuration.
-
Local Interface — Leave blank.
The IP Port is bound to the correct Local Interface automatically.
Connect to the Business Service
To connect to a business service from the external system, use the IP Port you specified in the business service settings. Connect to the Virtual IP Address listed on the Overview page if using a private firewall rule. Connect to the External IP listed on the Overview page if using an external firewall rule.
To quickly test connectivity from the other system to a business service, use the command nc -vv <InterSystems IRIS Cloud Managed Service IP address> <port number> on Linux or tnc <InterSystems IRIS Cloud Managed Service IP address> -Port <port number> on Windows.
The following examples show how to test connectivity to the Virtual IP Address 192.168.22.254 over the private network on port 5000.
Linux
nc -vv 192.168.22.254 5000
Connection to 192.168.22.254 5000 port [tcp/*] succeeded!
Windows:
tnc 192.168.22.254 -Port 5000
ComputerName : 192.168.22.254
RemoteAddress : 192.168.22.254
RemotePort : 5000
InterfaceAlias : Ethernet 2
SourceAddress : <Source IP address>
TcpTestSucceeded : True
Configure a Production to Use SSL
This section describes how to configure a business service or business operation to use an SSL/TLS Configuration that you have defined on the SSL/TLS Configurations page of your deployment.
-
In the Management Portal, select Interoperability > Configure > Production.
-
Select your business service or business operation.
-
Click the Settings tab.
-
In the Connection Settings section, in the SSL Configuration field, select an SSL/TLS configuration.
For business services, select a server SSL/TLS configuration.
For business operations, select a client SSL/TLS configuration.
-
Click Apply when you are done to save your settings.