FileMaker Server 9 Best Practices
Everything you need to know about hardware selection, system specifications, installation and configuration.
By Todd Duell
Todd Duell is the Vice President & CIO of Formulations Pro, Inc and has been creating powerful commercial and custom solutions using FileMaker Pro since 1989. He holds an MBA in Technology Management, is a Certified FileMaker Pro 7 and 8 Developer, and has been a member of the FileMaker Business Alliance since 1998. Todd may be
W
hat do you need to do to configure your server to optimize performance? User’s guides and manuals seldom answer that question. They tend to only offer minimum settings and only the most basic configuration information without regard for the impact that the settings will have on security and performance. This white paper will discuss everything you need to know about hardware selection, system specifications, installation, and configuration of FileMaker Server 9. This white paper will make some assumptions in the recommended configuration settings to balance cost, ease of administration, and security. For additional details on functions not covered in this white paper please read the FileMaker Server 9 Getting Started Guide and the technical brief: Upgrading to FileMaker 7: How to take advantage of the new server model and capabilities, which are available from FileMaker, Inc. Live Configuration ChangesAlmost all changes to the FileMaker Server 9 preferences can be made without requiring FileMaker Server 9 to restart.
The only notable exception is if you want to configure SSL encrypted connections to FileMaker Server 9. This requires a restart. Therefore, for companies whose FileMaker Server 9 software configurations are under change management control your policy or SOP for FileMaker Server 9 should clearly state that the only change that requires approval is changing the SSL encryption setting because it requires you to stop the services and restart the server. All other FileMaker Server 9 software configuration changes should be at the discretion of the system administrator.
External Authentication
Figure 1 Account Settings — Select the authentication method
in FileMaker Pro 7 files.
configuration of FileMaker Pro 9 solutions with Active or Open Directory.
Live Backups
FileMaker Server 9 starts copying the live files while users are still accessing them. At the end of the copy process the file is momentarily paused to synchronize the changes since the start of the copy. The files are physically paused for a very short time so the clients are not inconvenienced while the backup occurs. The copy reflects the state the files were in at the end of the backup process, not the state they were in when the backup started. If a user locks any records, FileMaker Server 9 makes another pass at those records until they are all backed up.
DO NOT backup the live files with third party software from
vendors such as Retrospect Remote, Veritas or Network Appliance. The backup files will be damaged. Only backup the files created by FileMaker Server 9 from the backup folder. You should periodically check the backup files with a copy of FileMaker Pro 9 on your computer (not on the server) to make sure they are not damaged in the case of a needing to restore the data. Although FileMaker Server 9 can be configured to monitor the health of the file, that does may mean that the file has not lost data due to corruption. You should always periodically check the validity of the backup process. How frequently you check the backup files is dependent on how critical the files are to your business.
User Connectivity Limits • 125 Files
• 250 Concurrent users
FileMaker Server 9 can host 125 files. Since each file can have up to 1 million tables, that’s equivalent to 125,000,000 tables per server. When you build your FileMaker Pro file(s) this will be an important consideration in terms of how efficiently you use the 125 file limit. If you need ODBC, JDBC, IWP, or custom web publishing connectivity you will need to upgrade to FileMaker Server 9 Advanced. FileMaker Server 9 Advanced (web publishing) will not be covered in this white paper.
Operating Systems
• Mac OS X Server (10.4.9, Power-PC or Intel processor) • Mac OS X (10.4.9, Power-PC or Intel processor)
• Windows 2000 Server (Service Pack 4)
• Java Runtime Environment 5 (6 recommended) • Java Runtime Environment 6 for Windows Vista
FileMaker Server 9 runs as a background service (daemon) on both operating systems.
Supported Clients
• FileMaker Pro 7, 8, 8.5, and 9. • Firefox 2.0
• Internet Explorer 6.0 and 7.0 • Safari 1.2, 1.3, and 2.0 Networking
•TCP/IP
• Static IP address assigned to FileMaker Server 9
The performance of the client interaction with FileMaker Server 9 will be optimized if it is running on it’s own subnet. The only downfall is that users may have more difficulty locating the server through the Host button if they are not on the same subnet as the server. In this case they will have to know the IP address of the server to store the server address as a favorite host in FileMaker Pro 9. FileMaker Server 9 supports multi-homing. By installing more than one NIC card FileMaker Server 9 can listen and transmit data over more than one subnet.
• Port 5003: FileMaker Data port • Port 16000: HTTP Admin Console • Port 16001: HTTPS Admin Console • Port 16004: Admin Console
• Port 16006-16018: Web Publishing Engine • Port 50003: FileMaker Server Service/Daemon
• Port 50006: FileMaker Server Helper/Daemon
If you need to administer FileMaker Server 9 using the Admin Console through a NAT firewall you will need to open and redirect the ports for 16000. If you need to connect to the FileMaker data through a NAT firewall using FileMaker Pro 9 open and redirect port 5003. If you are connecting to the server remotely over the Internet you should use a secure connection with a Virtual Private Network or enable the SSL encryption between FileMaker Server 9 and the FileMaker Pro 9 client. Server Hardware Selection
As everyone knows, there is a big difference between the stated minimums and best practices. FileMaker Server 9 should be deployed on “server class” hardware. That means that you will spend between $4000 and $10,000 depending on your configuration. If you choose Windows as your operating system you will also have to purchase client applications licensing (CALS) for each user. Tack on approximately $300 per user for Windows-based servers. OS X Server comes with an unlimited client license.
• 2 GB RAM
Install as much RAM as you can afford. New chips, such as the Intel Dual-Core chip, can handle as much as 16 GB of RAM. With RAM being relatively inexpensive we recommend no less than 2 GB of RAM.
with several hundred users and/or you maxed out the server with 125 files, you should install as much RAM as possible. If you have less than 50 users and only a few files hosted on the server you can probably get away with 2 GB of RAM. FileMaker Server 9 can use as much as 70% of all available RAM on the server. Anything the clients request that is not available in the cache needs to be loaded from the hard disk. Obviously accessing the hard disk takes longer than just reading it from memory. You should monitor FileMaker Server 9 during peak traffic periods and make sure the “cache hits” are high (around 95%), meaning that 95% of the client requests can be handled by the data that is available in memory and that the hard disk only needs to be consulted sporadically. This will drastically improve overall performance. The trade-off to installing more RAM is the problem associated with server crashes. If the data has not been flushed from the cache and written to the hard drive or backed up and the server crashes all the unsaved changes in RAM will be lost. Therefore you must balance the amount of RAM, cache flushing, and backup intervals with your performance requirements and the importance of your data. • RAID 5, 3 x 80 GB SATA or SCSI Hard Drives
Install the fastest hard drive you can afford. With large amounts of cache to backup on a continual basis the speed of the hard drive will be critical to your server’s performance. To increase performance and capacity you should install a RAID 5 configuration. For maximum RAID performance, the RAID controller should come from a hardware RAID, not a software RAID. Both Apple and Intel-based servers offer
RAID cards with server class computers. RAID 5 systems require a minimum of 3 hard drives. In this configuration the data is striped across all the disks and provides fault tolerance in the event that a disk fails. This means that you can hot-swap (replace) a bad hard drive and the data will automatically be rebuilt. RAID 5 will also allow you to add more drives as your storage needs increase. If you are deploying a FileMaker Pro solution that is HIPAA or 21 CFR 11 compliant with an audit trail (log file) table, you should acquire as much hardware storage as possible because the log file will get very large, very fast. We recommend installing no less than 3 X 80 GB SATA or SCSI hard drives.
A typical installation with a 240 GB hard drive might include the following partitions:
1. The swap file (1 GB). All modern operating systems use swap files to create ‘virtual memory’. It’s a temporary placeholder for data that does not fit in the physically available RAM. 2. The operating system (5 GB)
3. The Applications (5 GB)
4. Live “hosted” files (114.5 GB or half of the remaining space) 5. Backup files (114.5 GB or half of the remaining space)
the data. Although it is possible to perform backups to external locations, we recommend that this only be done during non-peak hours or in the middle of the night when users are not accessing the server or the network.
• 1000 BT Ethernet Card
Install the fastest NIC card you can afford. We do not recommend anything less than a 1000 BT NIC card for a server unless your switches are only 10/100 BT. Then 1000 BT will not be utilized to its fullest capacity.
FileMaker Server 9 supports homing. A server is multi-homed when it has one or more IP address for more than one NIC (Ethernet) card. How that is set up depends on the Operating System, but both Mac OS X and Windows support multi-homed systems. This opens a wide variety of configuration options ranging from aliasing one IP address across multiple network cards in order to maximize server throughput, to making one FileMaker Server 9 available to different subnets with one network card configured for each subnet. In general, one NIC card should be sufficient for up to 100 concurrent users. If you have more than 100 concurrent users you should consider installing additional NIC cards.
• Intel Dual-Core or Xenon Processor
Install the fastest processor you can afford. FileMaker Server 9 can utilize multiple processors.
The FileMaker Server 9 engine now performs many of the calculations before sending the data back to the user. This
means that the server’s processor will have a significant load as more users are accessing the files. Thus, multiple processors will provide vastly improved performance. We recommend that you use a dual-core Intel or dual Xenon processor.
Automatic Hosting
FileMaker Server 9 will automatically host all files in the “Databases” folder (FileMaker Server 9/Data/Databases) and subfolders one level down from there when the service launches. You can also specify an additional folder if necessary. The files there and in subfolders one level down are also automatically hosted. This makes it very easy to deploy FileMaker files away from the system and application partitions and put them on their own partition on the hard disk.
Accessing the Admin Console
FileMaker Server 9 no longer requires a special client to be installed on your computer for administration. You can download the Admin Console directly from the server using your web browser. Use one of the following URL strings to access the Admin Console Start Page. If you are on the server you can use localhost, otherwise you will need to know the IP Address of the server. Remember that FileMaker Server 9 Admin Console runs on port 16000. Click the Start Admin Console button and a java file will be downloaded to your desktop that will enable you to access FileMaker Server.
http://localhost:16000
http://<IPADDRESS>:16000
Operating System Performance Tuning
The server should be dedicated to hosting FileMaker Server 9.
FileMaker Server 9 with services such as; DHCP, DNS, or e-mail services. That is the fastest way to poor performance, unexpected crashing, and data loss.
DO NOT set the server’s operating system energy saver
settings to put the computer or hard drive to sleep. The server should be constantly running. OS X Energy Saver preferences are located in the System Preferences. Windows 2000/2003 Server Energy Saver preferences are located in the Power options Hibernation and Standby Mode.
DO NOT configure virus checking software to scan the
active database files. They will constantly change, which will give the virus software a false positive. Actively scanning the files may also corrupt the databases.
Turn off Indexing Service (Windows) and Spotlight (OS X). This feature reduces performance.
You should install A UPS backup system for your server. This will provide you with enough time to shut down the server in the event of a power failure.
Installation of FileMaker Server 9 — Single Machine If you want to install the web components on two or more machines please consult the FileMaker Server 9 Getting Started Guide. This setup is only for a single server. 1. Double-click the FileMaker Server 9 icon.
2. Select Single Machine and click Next.
3. Enter the license key information and click Install.
Windows: Java Runtime Environment 6 will be installed if you don’t already have it.
OS X: May need to install JRE 6 using the Software Update function.
4. Start the deployment assistant.
Windows: Check the Start the Deployment assistant box and click Finish.
OS X: Click the continue button.
5. Follow the on-screen instructions. Each section will be detailed in below.
Manual Installation of FileMaker Pro 9 Files for Hosting Place your database files in the FileMaker Server 9/Data/Databases folder. You can place files in separate folders for better organization. FileMaker Server 9 will automatically serve all databases in the main Databases folder and one folder lower.
If you use OS X Sever you must assign the following privileges to the database files and plug-ins:
• Group: fmsadmin • Access: Read & Write
Figure 2 Ownership and Permissions — Change the Group to
fmsadmin and the Access to Read and Write.
Automatic Installation of FileMaker Pro 9 Files for Hosting
The Admin Console has an automatic feature that lets you upload databases from your computer to the server. With the FileMaker Server Admin Console open, choose Server>Upload Database. Then follow the on screen instructions to upload your file (Figure 3). It even changes the file permission for OS X servers!
Configuration of FileMaker Server Using Admin Console These instructions will balance security with ease of use and configuration to minimize the burden and cost of administration. If you need additional instructions please consult the FileMaker Server 9 Getting Started Guide. These instructions may use images from both OS X and Windows. These instructions do not endorse one platform over another.
Server Information (Figure 4)
Use a custom name for the server. When users open the server through the Host button they will see the custom name. You may already have naming conventions for your servers. Naming conventions usually have a standard abbreviation for the application running on the server (i.e. FMS9), the department (i.e. Production), and the property tag number or serial number of the server (i.e. 000001) = FMS9 Prod 1. The owner’s information is also information if you have more than one administrator that takes care of the server.
Email Notifications (Figure 5)
FileMaker Server 9 can be configured to send email notifications for errors, warnings, backups, and completed scripts. You will need to know the email settings to configure the addresses, user account, and password. It’s always a good thing to immediately know if there is an error on the server rather than finding out several days later or from an end user when it’s too late to fix it.
Admin Console (Figure 6)
Unless you have some security requirement that prevents you from accessing FileMaker Server from your computer rather than directly from the server you can leave the Enable access restrictions unchecked. Make sure that if you access FileMaker Server from outside your network that you do so c o n n e c t e d v i a V P N o r u s i n g t h e U R L https://<IPAddress>:16001, which is the secure connection to the FileMaker Server Admin Console.
Figure 6 Admin Console
You must authenticate yourself (i.e. enter the user name and password) to FileMaker Server when you access it using the Admin Console. If you need to change the password, this is where to change it.
Auto Start (Figure 7)
In the event of a power failure or a restart you always want to automatically start any necessary services. This simply makes your life easier as an administrator.
FileMaker Pro Clients (Figure 8)
Set the maximum number of clients to 10% more FileMaker Pro users than you expect to access the server. Even though you can host up to 250 users, each user takes up worker threads on the server, which increases overhead. Reducing overhead significantly improves performance. Since this setting can be reset without requiring a restart of the server there is no reason to allow more connections more than necessary.
Figure 8 FileMaker Pro Clients
Check the box to allow FileMaker Pro clients to download plug-in updates. Your FileMaker Pro 9 solution must be programmed to download plug-in updates. If newer plug-ins are placed on the server FileMaker Pro 9 will automatically
download them and install them on the client computers. This saves a significant amount of time and hassle for system administrators.
Your internal policies will dictate how much time to allow users to be inactive. We recommend setting the maximum idle time for FileMaker Pro 9 clients to no more than 90 minutes. Idle users take up valuable threads on the server. 90 minutes is enough time to go to a meeting or lunch, come back, and then resume work. Longer periods of inactivity unnecessarily leave your solutions open for unauthorized access.
Databases (Figure 9)
Set the maximum number of files to host to the exact number of files hosted on the server. Since this setting can be reset without requiring a restart of the server there is no reason to host more files (i.e. open threads) than necessary.
Figure 9 Databases
FileMaker Server 9 will tell you exactly how much RAM you can assign based on the amount of available memory on the server. In general, assigning more RAM will improve performance for larger database files and more users. How much RAM you assign to FileMaker Server 9 and how long you assign to distribute the cache flush for writing the data stored in RAM to the disk is a balancing act based on your desired performance and data integrity requirements.
FileMaker Server 9 is constantly flushing the cache to the hard drive. FileMaker Server 9 inspects up to 1/60th of the cache every second and writes any changes to the disk. For example, if you assign 2000 MB of RAM for cache and distribute the cache over 30 minutes it will write approximately 1.1 MB of cache to the disk each second or:
1/60 x 2000 MB RAM / 30 minutes = 1.1 MB RAM/second
Security (Figure 10)
Client Authentication depends on how you want to authenticate the users. If you authenticate the users with the accounts stored in each database when the user logs in choose FileMaker accounts only. If you use Active or Open Directory choose FileMaker and external server accounts. The user name and password are authenticated against the account name and password specified in FileMaker Pro accounts or against an Open or Active Directory (i.e. external server). The external server returns local and domain group accounts that the user belongs to, which are then authenticated against the group accounts specified in FileMaker Pro External Server accounts. FileMaker Server does not operate in a mixed environment for authentication, so you have to choose one approach and stick to it. The easiest method is usually to authenticate using FileMaker accounts. That way you are free to develop FileMaker Pro database without dealing with the hassle of setting up new groups in Active or Open Directory for every single user. Your goal should always be to reduce the administration burden on your IT staff.
The easiest setting to display the files is List all databases. If you have any security restraints you can choose to List only the databases each user is authorized to access. This will only show the list of database for which the user has an account. The downfall of this setting is that they have to first authenticate themselves to the server, then log into the database. Thus, they have to log in twice, which can be a hassle. Note that this does not prohibit the user from making a direct URL request to open the database with a shortcut. Therefore, this setting really does not provide any additional security!
Figure 10 Security
Default Folders (Figure 11)
FileMaker Server’s default database folders for live, hosted files are: Windows filewin:/C:/Program Files/FileMaker/FileMaker Server/Data/Databases/ OS X filemac:/Macintosh HD/Library/FileMaker Server/Data/Databses
We recommend that you use the default location to host the files unless you have you have partitioned your hard drive. FileMaker Server will automatically host any files in this location as well as one folder down when the server is started. If you upload the files to the server FileMaker Server 9 will automatically host the files (if you don’t exceed the number of hosted files set in Figure 9). Otherwise you can place your databases where every you want. Just check the Use additional databases folder and enter the path. Sorry, but there is no browse button to select the folder, so you have to enter the path manually. Just make sure to use either the filewin:/ or filemac:/ format when you specify the path. Then click the validate button to make sure the path is correct.
Even though FileMaker Server can host files from up to two locations, please don’t host files from outside the server on a client computer or a file server. This will provide horrible performance. It’s best practices to host the files from one central folder and use one or more sub-folders to organize the databases logically. For example, organize the
Figure 11 Default Folders
folders by work group (i.e. HR, Accounting, Purchasing, etc.) or by “modules” when 2 or more databases are use together. FileMaker Server’s default backup folders are in the following location:
Windows
filewin:/C:/Program Files/FileMaker/FileMaker Server/Data/Backups/
OS X
Logging (Figure 12)
FileMaker Server 9 logs items such as FileMaker Server starting and stopping, database files opening and closing, clients logging in and out, failed logins, plug in downloads, scheduled tasks running, usage statistics, and changes to FileMaker Server properties. The log files have a maximum size of 40 MB.
Figure 12 Logging
Log files are located at: FileMaker Server/Data/Logs/.
Logs can be viewed with the OS X Console, the Windows 2000 Server Performance Logs and Alerts, or the Windows 2003 Server System Monitor applications.
• Windows log: Application.Log • OS X log: Event.log
Server statistics are located at: FileMaker Server/Data/Logs/.
Logs are best viewed in the Admin Console using the Statistics window.
• Windows stats log: Stats.log • OS X stats log: Stats.log
Server Plugins (Figure 13)
Plugins that run on the server can be installed at: FileMaker Server/Extensions/Plugins/
The purpose of a plugin is to extend the functionality of FileMaker Server. For example, connecting to a clearinghouse to accept credit card payments. Check with the plugin vendor’s documentation before deploying it on FileMaker Server. Note: this is not the same feature as FileMaker Pro clients downloading plugins (Figure 8).
Web Publishing (General Settings Figure 14)
Custom Web Publishing with PHP, ASP, and JSP is out of scope for this white paper. However, if you use Instant Web Publishing (IWP) FileMaker Server can log the usage statistics for access, errors, ScriptMaker errors, and user access (via XSLT). The setting of most importance is the maximum number of web publishing sessions. FileMaker Server allows up to 100 concurrent IWP sessions. Just because you can set it to 100 users does not mean that this is a good idea. You should limit it to the maximum number of concurrent IWP users to reduce the number of open threads. Open threads, even if unused, reduce the overall performance of the server.
ODBC/JDBC (Figure 15)
FileMaker Server and the hosted databases can be used as ODBC and/or JDBC data sources. In other words, they can supply data to ORACLE, SQL, and Excel if the appropriate driver is installed on the client computer and the DSN is set up correctly to make the connection. Check with the driver manufacturer’s documentation and your system administrator for the correct settings.
Figure 15 ODBC/JDBC
FileMaker Server supports 50 concurrent ODBC/JDBC connections. Although this does not seem like much, the connections are opened and closed by the driver very quickly. Once the connection is closed it goes back to the available pool. Typically the application or web server
Creating Schedules (Figure 16)
You can create automated schedules for backups, running scripts, and sending messages. Choose Create a Schedule then click the Perform Action button. Then follow the schedule wizard to define the schedule.
Figure 16 Schedules
Backups can be run for one or more databases at any defined time criteria. Scripts can be run from any database, Windows batch file, Perl, VBScript, or AppleScript. Scripts are typically run by the server to perform an automated task on a set of data. NOTE: Only web compatible scripts steps will run with FileMaker Pro. That means scripts that printing reports in the middle of the night are still not possible without using a “robot” computer.
Plug-ins (Figure 17)
Plug-in files need to be manually placed in the correct folder location on the server.
Windows
FileMaker Server 9\Data\Databases\AutoUpdate\ OS X
FileMaker Server 9/Data/Databases/AutoUpdate/
The FileMaker Pro Plug-ins Preferences need to be enabled to auto-update the plug-in from the server. If the client needs to use the plug-in it must also be checked in the Plug-in Preferences. Plug-ins located on the OS X server MUST be in tar compressed format (plugin.tar). Plug-ins for Windows must be in the .fmx format (plugin.fmx). You can also manually place the plug-ins (uncompressed) on the client computers running FileMaker Pro 9.
Windows:
FileMaker Pro 9\Extensions\ OS X
FileMaker Pro 9/Extensions/
Figure 17 Auto Update Plug-in — Check the box in the FileMaker
