検索

記事
· 1 hr 前 10m read

IKO Plus: KWOK IrisCluster Topology and Operator Node/Pod Simulation w/o IRIS

#分散データ管理 #Kubernetes #テスト #InterSystems Kubernetes Operator (IKO)

Target Practice for IrisClusters with KWOK

KWOK, Kubernetes WithOut Kubelet, is a lightweight tool that simulates nodes and pods—without running real workloads—so you can quickly test and scale IrisCluster behavior, scheduling, and zone assignment.  For those of you wondering what value is in this without the IRIS workload, you will quickly realize it when you play with your Desk Toys awaiting nodes and pods to come up or get the bill for provisioning expensive disk behind the pvc's for no other reason than just to validate your topology.

Here we will use it to simulate an IrisCluster and target a topology across 4 zones, implementing high availability mirroring across zones, disaster recovery to an alternate zone, and horizontal ephemeral compute (ecp) to a zone of its own.  All of this done locally, suitable for repeatable testing, and a valuable validation check mark on the road to production.

Goal

The graphic above sums it up, but lets put it in a list for attestation at the end of the exercise.

⬜ HA Mirror Set, Geographically situated > 500 miles as the crow flies (Boston, Chicago)

⬜ DR Async, Geographically situated > 1000 miles as an Archer eVTOL flies (Seattle)

⬜ Horizontal Compute situated across the pond for print (London)

⬜ Pod Counts Match Topology

lesgo...

Setup

We are using Kwok "In-Cluster", though it supports actually creating the clusters themselves, there will be a single control plane and a single initial node with the KWOK and IKO charts included.

Cluster

Lets provision a local Kind cluster, with a single "physical node" and a control plane.

cat <<EOF | kind create cluster --name ikoplus-kwok --config=-
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
  - role: control-plane
  - role: worker
networking:
  disableDefaultCNI: false
EOF

Should be a simple cluster with a control plane and a worker node.



Install IKO Chart

Install the Operator under test.

helm install iris-operator . --namespace ikoplus

Install KWOK

In-cluster, per the docs.

helm repo add kwok https://kwok.sigs.k8s.io/charts/
helm upgrade --namespace kube-system --install kwok kwok/kwok
helm upgrade --install kwok kwok/stage-fast
helm upgrade --install kwok kwok/metrics-usage

Charts looking good:


Configure KWOK

KWOK configuration for this distraction is two parts:

  • Create KWOK Nodes
  • Tell KWOK which ones to Manage

Data Nodes

Here I create three specific KWOK nodes to hold the data nodes for HA/DR and the mirrormap topology.  The nodes are kubernetes nodes, with specific annotations and labels to identify them as "fake", important to note that all the fields are fully configurable, meaning you can also do things with resources such as cpu and memory so you can test requests for the pods and fully configurable phase values.

 
datanodes.yaml

Full yaml in the spoiler above, but here are the annotations and label that are important to call out:

  • kwok annotation
  • iko zone
  • type: kwok

Apply the nodes to the cluster and take a peak, you should see your 3 fake data nodes:


 

Compute Nodes

Now, lets provision many compute nodes because we can, for this, you can use the script below to prompt and loop over the creation.

 
computenodes.sh

Lets create 128 compute nodes, which gets us close to a reasonable ecp limit.

The cluster should now be at 133 nodes, 1 control plane, 1 worker, 3 data nodes, and 128 compute.


Now hang this kwok command in another terminal to perpetually annotate.

sween@pop-os-cosmic:~$ kwok --manage-nodes-with-annotation-selector=kwok.x-k8s.io/node=fake

The result should be a  pretty busy loop.

Apply IrisCluster SUT

Here is our system under test, the IrisCluster itself.

# full IKO documentation:
# https://docs.intersystems.com/irislatest/csp/docbook/Doc.View.cls?KEY=PAGE_deployment_iko
apiVersion: intersystems.com/v1alpha1
kind: IrisCluster
metadata:
  name: ikoplus-kwok
  namespace: ikoplus
  labels:
      type: kwok
spec:
  volumes:
    - name: foo
      emptyDir: {}
  topology:
    data:
      image: containers.intersystems.com/intersystems/iris-community:2025.1
      mirrorMap: primary,backup,drasync
      mirrored: true
      podTemplate:
        spec:
      preferredZones:
        - boston
        - chicago
        - seattle
      webgateway:
         replicas: 1
         alternativeServers: LoadBalancing
         applicationPaths:
         - /*
         ephemeral: true
         image: containers.intersystems.com/intersystems/webgateway-lockeddown:2025.1
         loginSecret:
           name: webgateway-secret
         type: apache-lockeddown
      volumeMounts:
       - name: foo
         mountPath: "/irissys/foo/"
      storageDB:
       mountPath: "/irissys/foo/data/"
      storageJournal1:
       mountPath: "/irissys/foo/journal1/"
      storageJournal2:
       mountPath: "/irissys/foo/journal2/"
      storageWIJ:
       mountPath: "/irissys/foo/wij/"
    arbiter:
      image: containers.intersystems.com/intersystems/arbiter:2025.1
    compute:
      image: containers.intersystems.com/intersystems/irishealth:2025.1
      ephemeral: true
      replicas: 128
      preferredZones:
        - london

Explanations

The emptyDir {} volume maneuver is pretty clutch to this test with IKO.  The opinionated workflow of a data node would be to use external storage through a CSI or whatever, but is counter intuitive for this test.  Thank you to @Steve Lubars from ISC for the hint on this, was pretty stuck for a bit making the IrisCluster all ephemeral.

The mirrorMap and preferred zones specify the topology for the data and compute to target the location of the clusters and declare the roles.

Set the ephemeral flag on the compute to enforce the same thing as the emptyDir{} for the data nodes, and the number of nodes of 128 specifies the replica count which matches the number of nodes we provisioned.

lesgo...

The apply...
 

Attestation

One command to check them all.

 

kubectl get pods -A -l 'intersystems.com/role=iris' -o json \
| jq -r --argjson zmap "$(kubectl get nodes -o json \
  | jq -c 'reduce .items[] as $n ({}; .[$n.metadata.name] = (
      $n.metadata.labels["topology.kubernetes.io/zone"]
      // $n.metadata.labels["failure-domain.beta.kubernetes.io/zone"]
      // "unknown"))')" '
  [ .items[] | {zone: ($zmap[.spec.nodeName] // "unknown")} ]
  | group_by(.zone)
  | map({zone: .[0].zone, total: length})
  | (["ZONE","TOTAL"], (.[] | [ .zone, ( .total|tostring ) ]))
  | @tsv' | column -t
ZONE     TOTAL
boston   1
chicago  1
london   19
seattle  1

Results

✅ HA Mirror Set, Geographically situated > 500 miles as the crow flies (Boston, Chicago)

✅ DR Async, Geographically situated > 1000 miles as an Archer eVTOL flies (Seattle)

✅ Horizontal Compute situated across the pond for print (London)

❌ Pod Counts Match Topology

So after launching this over and over, it never got to schedule 128 pods to the available compute nodes, and it is due to the KWOK nodes going into NotReady at a random point around 20-50 nodes in.  I think this is due to the fact that the ECP nodes rely on a healthy cluster to connect to to continue to provision by IKO... so I have some work to do to see if IKO readiness checks can be faked as well.  The other thing I did was cordon the other "worker" to speed things up so the arbiter went to a fake node, I was able to get more compute nodes in with this arrangement.  I guess too I could have targetted the topology for the arbiter too, but it seems that those are basically anywhere these days and can be out of cluster.

Fun and useful for 3/4 use cases above at this point for sure.

 

ディスカッション (0)1
続けるにはログインするか新規登録を行ってください
質問
· 2 hr 前

Custom listing with inner subquery

#分析 #SQL #InterSystems IRIS BI (DeepSee)

Hi community.

I have a query:

SELECT
nameField,
dateField,
anotherDateField
FROM
(      
SELECT
MIN(someDate) as dateField,       
nameField,
anotherDateField
FROM $$$SOURCE
WHERE $$$RESTRICT               
GROUP by someOtherField    
)
WHERE dateField >= anotherDateField

This query should filter the data by the minimum value of the somDate field, but it doesn't. It displays all values ​​together, regardless of the external filter. The exact same query (without the $$$ tokens, of course) works fine in a regular SQL runtime.

My guess is that the $$$RESTRICT does this

WHERE source.%ID IN (SELECT _DSsourceId FROM MyTable.Listing WHERE _DSqueryKey = 'en3460403753')

And outer WHERE is just left unseen

Is there a way to fix this?

ディスカッション (0)1
続けるにはログインするか新規登録を行ってください
質問
· 2 hr 前

How Can Live Video Monitoring Services Prevent Crime Effectively?

#ビジネスサービス #ダッシュボード #その他

The security environment has drastically evolved, with crime prevention moving beyond traditional passive surveillance to proactive, real-time strategies. Pioneer Security Services is at the forefront of this evolution, offering advanced video guard monitor solutions combined with live video monitoring services. This system uniquely pairs sophisticated AI-powered video surveillance technology with skilled security professionals. These trained guards provide continuous real-time supervision, enabling rapid detection and intervention of suspicious activities. By integrating human judgment with cutting-edge technology, Pioneer Security Services ensures powerful deterrence against crime and faster response times, safeguarding properties more effectively and reducing security risks significantly.

The Shift From Reactive to Proactive Security

Traditional CCTV cameras primarily record footage for post-incident review, limiting their utility in preventing crime. In contrast, Pioneer’s video guard monitor system transforms surveillance into an active defense tool. Through live video security monitoring, suspicious activity is detected and addressed immediately, enabling remote video guard services to communicate directly with potential intruders or dispatch physical guards swiftly. This immediate response capability significantly reduces crime rates by interrupting criminal acts in progress.

Key Components of an Effective Live Video Monitoring System

Pioneer Security Services deploys a comprehensive live video monitoring system featuring high-resolution cameras, two-way audio, and a central AI PoE hub that supports up to 15 cameras. The AI analyzes video feeds to identify threats, minimizing false alarms and prioritizing genuine risks for human guards. This seamless integration of technology and personnel enhances situational awareness and accelerates decision-making, ultimately preventing incidents before escalation.

Crime Deterrence Through Active Surveillance

Visible video guard monitors and signs alert potential offenders that a property is under constant watch. Real-time human interaction, such as verbal warnings through two-way audio, is a proven deterrent against trespassing and vandalism. Criminals are less likely to target areas employing remote video guard services since they understand their actions could be promptly challenged, recorded, and reported.

Benefits Beyond Immediate Crime Prevention

The impact of live video monitoring extends to long-term community safety and operational savings. Pioneer’s system reduces reliance on onsite human guards, lowering security costs while maintaining robust coverage. Additionally, high-quality footage from the video surveillance security guard system assists law enforcement investigations and can reduce insurance premiums. The presence of a live video monitoring system fosters a sense of security among residents, employees, and business owners.

Why Pioneer Security Services Excels in Crime Prevention

Pioneer Security Services combines cutting-edge technology with experienced security staff to create one of the most effective video guard monitor systems available today. Their proactive video monitoring stops crimes before they happen by delivering live intervention and leveraging AI detection. Through remote monitoring, mobile app access, and instant escalation, clients receive unmatched protection tailored to their unique security needs.

 

Conclusion

Live video monitoring services offered by Pioneer Security Services transform crime prevention through active real-time engagement instead of passive observation. Their smart live video monitoring system unites advanced AI technology with live human oversight, enabling properties to respond more quickly to incidents and reduce safety risks. Video guard monitors provide continuous, vigilant surveillance that not only protects assets but also deters criminal behavior before it occurs. This combination of technology and human intervention enhances overall security effectiveness, making Pioneer’s services a vital part of modern safety strategies.

FAQs

What is a video guard monitor system?

A video guard monitor system combines high-quality video surveillance cameras with live human monitoring to provide real-time security and crime prevention. It integrates AI technology and trained security professionals to detect and respond to threats immediately.

How do live video monitoring services prevent crime?

Live video monitoring services deter crime by actively watching camera footage in real time. Security personnel can intervene through two-way audio to warn intruders, and verified threats are escalated swiftly to law enforcement.

What are the benefits of using Pioneer Security Services’ live video monitoring?

Pioneer provides proactive crime deterrence, 24/7 surveillance coverage, cost savings compared to onsite guards, instant response, and high-resolution video for accurate incident verification.

Can video guard monitors replace traditional security guards?

They complement and enhance security by covering larger areas with AI-assisted technology while providing immediate intervention. Pioneer’s system reduces reliance on physical guards but keeps expert humans monitoring remotely.

Is remote video guard service reliable for all property types?

Yes, it is customizable for commercial, residential, and industrial properties, ensuring tailored security solutions for each client’s needs.

How is false alarm reduction managed?

Advanced AI analytics assess video feeds to minimize false alarms, ensuring that human monitors focus on genuine security risks.

ディスカッション (0)1
続けるにはログインするか新規登録を行ってください
お知らせ
· 4 hr 前

Videos para desarrolladores de InterSystems, resumen de septiembre de 2025

#ビデオ #開発者コミュニティ公式
Hola y bienvenidos al resumen de YouTube de la Comunidad de Desarrolladores de septiembre de 2025
InterSystems Ready 2025
Por Dean Andrews, David Reche
Por Aldo Faisal
Por Kari Hedges
Por Scott Gnau, Peter Lesperance, Tom Woodfin, Gokhan Uluderya, Jeff Fried, Daniel Franco
 
Vídeos de "Rarified Air"
Por John Paladino, Vice President of Client Services, InterSystems
Vídeos de "Código para cuidar"
Cuando las IA debaten: inteligencia artificial agente en acción con problemas matemáticos
Por Don Woodlock, Director de Soluciones Globales de Salud, InterSystems
Explicando la inteligencia artificial agente mediante la corrección automática de errores
Por Don Woodlock, Director de Soluciones Globales de Salud, InterSystems
Juegos de demos de InterSystems
Health Evolve: transformando datos no estructurados
Por Vishal Pallerla, Erica Song, Louis Kabelka, Zelong Wang, John Murtha
AI Smart Data Fabric
Por Kevin Kindschuh, Jeff Semmens
ディスカッション (0)1
続けるにはログインするか新規登録を行ってください
質問
· 4 hr 前

77Data: Download the Verified List of Companies in Chhattisgarh

#ビジネスサービス #その他

Are you looking for a verified list of companies in chhattisgarh? 77Data offers a data of thousands of businesses in chhattisgarh in excel format. It’s simple to use and helps you see all types of companies quickly. This list is great if you want to explore business opportunities, get in touch with the right people, or grow your business in a less time.

ディスカッション (0)1
続けるにはログインするか新規登録を行ってください