Recommendations

The following is a collection of recommendations detailing what Genial Genetics consider to be best practices: These however should be reviewed internally to decide if they are valid for your use.

Record Keeping

iGene, just like any IT system that is maintained, should have good and up-to-date system documentation to cover how it’s backed up and to where, any changes that happen over time and contact numbers for responsible parties.

At an absolute minimum we recommend the following:

  • List of environments, their users, intended usages and any policies in place for each. e.g. Which environments can contain production information, along with the following for each environment:
  • For each server
    • Its role
    • Name / DNS name
    • IP address (if static)
    • Specifications (including placement information if located on a virtual machine)
    • Any connected drives, their location and drive letters
    • Backup schedule and details
    • Technical contacts
    • Service accounts
    • Installed software and their versions
  • iGene Setup
    • Application server
    • Database server
    • Database URL
    • Home folder location
    • Java version and location
    • Karaf version and location
    • Service name
    • Service account name
    • Storage pool locations
    • Debugging tools and settings (e.g. VisualVM and Wireshark)
    • Power users contact details
  • For each interface setup
    • Plugin version
    • Configuration settings
    • External dependencies (for example downstream systems or network locations)
    • Any specifications and their versions if they exist
    • Technical contact
    • Technical contact information for any downstream systems
    • Debugging checklist containing the main items to check and why
  • For each iGene version moved into production
    • The application version
    • A copy of the application
    • A migration plan that contains each change required, including:
    • Reports
    • Interfaces
    • Plugins
    • Label templates
    • Workflows
    • Webhooks
    • How the system was tested, what was tested and by whom
    • The date the version was set to live
    • A record of any post go-live testing undertaken

Monitoring

Like any other system within your infrastructure, we expect that automated monitoring is set up. This helps to spot immediate issues, intermittent issues and help with capacity planning.

Normally we’d expect at a minimum:

  • Application Servers
    • CPU usage
    • Memory usage
    • Disk utilization
    • Network connectivity
    • Network bandwidth
    • JVM
    • Memory usage
    • CPU %
    • Garbage % and collections
    • Threads
  • Database Server
    • CPU usage
    • Memory usage
    • Disk utilization
    • Network connectivity
    • Network bandwidth
  • Network
    • Connectivity
    • Utilization
    • Latency

Backups

When performing backups for iGene, there are three locations that need to be considered:

  • The SQL Server Database
  • The iGene home folder (on the application server)

  • The iGene storage pools (by default contained within the iGene home folder)

  • We recommend the database is backed up every day and the transaction logs backed up every 4 hours.

  • The file system backed up every 4 hours.

When backing up data, the database should be backed up first followed by the home folder and the storage pools. The system will run without issue if the database is slightly older than the file system storage locations if this is ever an issue.

Periodic Tasks

Like most applications, there are a number of system administration tasks that should be carried out periodically:

  • Check and clean out the Karaf logs
  • Check and clean out temporary files
  • Check and clean out temporary files within each storage pool
  • Check interface logs and clear down if necessary
  • Check interface errors
  • Check iGene Dropbox import locations
  • Check scanned files error folders (if relevant)

Servers

Virtual Servers that run iGene need to have constant and predictable performance throughout the day.

Security

As well as your own security policies for application servers, we’d also recommend the following:

  • iGene should be served over a HTTPS connection for all production traffic. Customers will need to to obtain an SSL certificate for each server to support both the server and the connecting clients.

  • iGene runs on Apache Karaf. Just like any software package, it’s important to keep up-to-date with any security issues and how that may relate to your installation. We recommend that you regularly check CERT and NIST for any security alert that relates to Apache Karaf

  • Lock down all ports on the server with the exception of the following ports: 80, 443 and any ports that are required for normal operation of the server, e.g. those required for remote access, interfaces, Active Directory membership and network file systems.

Licences

It’s important to understand the licence requirements on your servers. Please pay particular attention to the following:

  • Running Oracle’s version of Java in a commercial environment now requires a commercial licence. We suggest using Amazon Corretto as a free alternative.

  • The barcode scanning service if required is licensed per machine.

Periodic Upgrades

iGene is updated on a four weekly release cycle. Customers that are working towards or have recently gone live will generally install each monthly updates. For other customers, we’d expect them to upgrade at a minimum once per year.

Upgrades and Acceptance Testing

As part of any upgrade, it’s important to ensure the update is fit for purpose. It’s important any change is first deployed to a test environment before being considered for production. Once deployed to a test environment any testing should be conducted and recorded before any changes are moved into production.