FileMaker Server 7 Best Practices

FileMaker Server 7 Best Practices
Everything you need to know about hardware selection, system specifications, installation and configuration.
By Todd Duell
W hat do you need to do to configure your
server to optimize performance? User’s
guides and manuals seldom answer that
question. They tend to only offer minimum
settings and only the most basic
configuration information without regard for
the impact that the settings will have on
security and performance. This white paper will discuss
everything you need to know about hardware selection,
system specifications, installation, and configuration of
FileMaker Server 7. This white paper will make some
assumptions in the recommended configuration settings to
balance cost, ease of administration, and security. For
additional details on functions not covered in this white paper
please read the FileMaker Server 7 Administrator’s Guide
and the technical brief: Upgrading to FileMaker 7: How to
take advantage of the new server model and capabilities,
which are available from FileMaker, Inc.
Live Configuration Changes
Almost all changes to the FileMaker Server 7 preferences
can be made without requiring FileMaker Server 7 to restart.
The only notable exception is if you want to configure SSL
encrypted connections to FileMaker Server 7. This requires a
restart. Therefore, for companies whose FileMaker Server 7
software configurations are under change management control
your policy or SOP for FileMaker Server 7 should clearly state
that the only change that requires approval is changing the SSL
encryption setting because it requires you to stop the services
and restart the server. All other FileMaker Server 7 software
configuration changes should be at the discretion of the system
administrator.
External Authentication
FileMaker Pro 7 can authenticate users internally or with Active
(Windows) or Open (Apple) Directory. The access privileges
themselves are set in the FileMaker Pro database files
(File>Define>Accounts & Privileges. Figure 1), and if “External
Server” authentication is selected in FileMaker Pro 7, FileMaker
Server 7 security settings must be configured to work with your
external server accounts. This means that FileMaker Server 7
cannot operate in a mixed authentication environment. Either
you set up authentication through FileMaker Pro or through
Active or Open Directory. This white paper will not cover the
Todd Duell is the Vice President & CIO of Formulations Pro, Inc and has been creating powerful commercial and custom solutions using FileMaker Pro since 1989. He holds an
MBA in Technology Management, is a Certified FileMaker Pro 7 Developer, and has been an Associate member of the FileMaker Solutions Alliance since 1998. Todd may be
reached at [email protected]
© 2004 Formulations Pro, Inc. All rights reserved. www.formulationspro.com
DO NOT backup the live files with third party software from
vendors such as Retrospect Remote, Veritas or Network
Appliance. The backup files will be damaged. Only backup the
files created by FileMaker Server 7 from the backup folder. You
should periodically check the backup files with a copy of
FileMaker Pro 7 on your computer (not the server) to make sure
they are not damaged in the case of a needing to restore the
data.
User Connectivity Limits
• 125 Files
• 250 Concurrent users
Figure 1 Account Settings — Select the authentication method
in FileMaker Pro 7 files.
configuration of FileMaker Pro 7 solutions with Active or
Open Directory.
Live Backups
FileMaker Server 7 starts copying the live files while users
are still accessing them. At the end of the copy process the
file is momentarily paused to synchronize the changes since
the start of the copy. The files are physically paused for a
very short time so the clients are not inconvenienced while
the backup occurs. The copy reflects the state the files were
in at the end of the backup process, not the state they were
in when the backup started. If a user locks any records,
FileMaker Server 7 makes another pass at those records
until they are all backed up.
FileMaker Server 7 can host 125 files. Since each file can have
up to 1 million tables, that’s equivalent to 125,000,000 tables
per server. When you build your FileMaker Pro file(s) this will be
an important consideration in terms of how efficiently you use
the 125 file limit. If you need ODBC, JDBC, IWP, or custom web
publishing connectivity you will need to upgrade to FileMaker
Server 7 Advanced. FileMaker Server 7 Advanced will not be
covered in this white paper.
Operating Systems
• Mac OS X Server (10.2.8 or later)
• Windows 2000 Server (Service Pack 4)
• Windows 2003 Server Standard Edition
FileMaker Server 7 runs as a background service (daemon) on
both operating systems. For now, ODBC/JDBC connectivity is
only available on Windows. However, there are plans to make it
available on OS X Server.
Page 2
Networking
•TCP/IP
• Static IP address assigned to FileMaker Server 7
The performance of the client interaction with FileMaker
Server 7 will be optimized if it is running on it’s own subnet.
The only downfall is that users may have more difficulty
locating the server through the Host button if they are not on
the same subnet as the server. In this case they will have to
know the IP address of the server or have a “launcher” file
on their computer that is programmed to open the files.
FileMaker Server 7 supports multi-homing. By installing
more than one NIC card FileMaker Server 7 can listen and
transmit data over more than one subnet.
• Port 50003: FileMaker Server Service
• Port 50006: FileMaker Server Helper Service
• Port 5003: FileMaker Data port
If you need to administer FileMaker Server 7 using the
Server Administration Tool (SAT) through a NAT firewall you
will need to open and redirect the ports for 50003 (FileMaker
Server Service) and 50006 (FileMaker Server Helper
Service). If you need to connect to the FileMaker data
through a NAT firewall using FileMaker Pro 7 open and
redirect port 5003. If you are connecting to the server
remotely over the Internet you should use a secure
connection with a Virtual Private Network or enable the SSL
encryption between FileMaker Server 7 and the FileMaker
Pro 7 client.
Server Hardware Selection
As everyone knows, there is a big difference between the stated
minimums and best practices. FileMaker Server 7 should be
deployed on “server class” hardware. That means that you will
spend between $4000 and $20,000 depending on your
configuration. If you choose Windows as your operating system
you will also have to purchase client applications licensing
(CALS) for each user. Tack on approximately $300 per user for
Windows-based servers. OS X Server comes with an unlimited
client license.
• 2 GB RAM
Install as much RAM as you can afford. New 64-bit chips, such
as the Apple G5, can handle as much as 8 GB of RAM. Older
chips, such as the Apple G4 and Pentium 4, can handle up to 2
GB of RAM. With RAM being relatively inexpensive we
recommend no less than 2 GB of RAM.
How much RAM is enough? It depends on the cache hits made
to the server, which can be monitored by the Server
Administration Tool. If you cannot keep the cache hits at 95%
you need more RAM. In general: if you have an enterprise or
mission critical solution with several hundred users and/or you
maxed out the server with 125 files, you should install as much
RAM as possible. If you have less than 50 users and only a few
files hosted on the server you can probably get away with 1 or 2
GB of RAM.
FileMaker Server 7 can use as much as 70% of all available
RAM on the server. Anything the clients request that is not
available in the cache needs to be loaded from the hard disk.
Obviously accessing the hard disk takes longer than just
Page 3
reading it from memory. You should monitor FileMaker
Server 7 during peak traffic periods and make sure the
“cache hits” are high (around 95%), meaning that 95% of the
client requests can be handled by the data that is available
in memory and that the hard disk only needs to be consulted
sporadically. This will drastically improve overall
performance. The trade-off to installing more RAM is the
problem associated with server crashes. If the data has not
been flushed from the cache and written to the hard drive or
backed up and the server crashes all the unsaved changes
in RAM will be lost. Therefore you must balance the amount
of RAM, cache flushing, and backup intervals with your
performance requirements and the importance of your data.
acquire as much hardware storage as possible because the log
file will get very large, very fast. We recommend installing no
less than 3 X 80 GB SATA or SCSI hard drives.
A typical installation with a 240 GB hard drive might include the
following partitions:
1. The swap file (1 GB). All modern operating systems use swap
files to create ‘virtual memory’. It’s a temporary placeholder
for data that does not fit in the physically available RAM.
2. The operating system (5 GB)
3. The Applications (5 GB)
4. Live “hosted” files (114.5 GB or half of the remaining space)
5. Backup files (114.5 GB or half of the remaining space)
• RAID 5, 3 x 80 GB SATA or SCSI Hard Drives
Install the fastest hard drive you can afford. With large
amounts of cache to backup on a continual basis the speed
of the hard drive will be critical to your server’s performance.
To increase performance and capacity you should install a
RAID 5 configuration. For maximum RAID performance, the
RAID controller should come from a hardware RAID, not a
software RAID. Both Apple and Intel-based servers offer
RAID cards with server class computers. RAID 5 systems
require a minimum of 3 hard drives. In this configuration the
data is striped across all the disks and provides fault
tolerance in the event that a disk fails. This means that you
can hot-swap (replace) a bad hard drive and the data will
automatically be rebuilt. RAID 5 will also allow you to add
more drives as your storage needs increase. If you are
deploying a FileMaker Pro solution that is HIPAA or 21 CFR
11 compliant with an audit trail (log file) table, you should
The key to consider when partitioning your hard drive is that the
backup files need just as much space as your live files. That
reduces the overall disk storage of your server by half. You
might consider backing up your live files to remote network
application storage (NAS) server or tape drive to save space.
However, if you do this you must understand that the process of
transferring the data from FileMaker Server 7 will place a
tremendous load on the server and your network. Thus, greatly
affecting the performance of your system if users are accessing
the data. Although it is possible to perform backups to external
locations, we recommend that this only be done during nonpeak hours or in the middle of the night when users are not
accessing the server or the network.
• 1000 BT Ethernet Card
Install the fastest NIC card you can afford. We do not
recommend anything less than a 1000 BT NIC card for a server
Page 4
unless your switches are only 10/100 BT. Then 1000 BT will
not be utilized to its fullest capacity.
FileMaker Server 7 supports multi-homing. A server is multihomed when it has one or more IP address for more than
one NIC (Ethernet) card. How that is set up depends on the
Operating System, but both Mac OS X and Windows support
multi-homed systems. This opens a wide variety of
configuration options ranging from aliasing one IP address
across multiple network cards in order to maximize server
throughput, to making one FileMaker Server 7 available to
different subnets with one network card configured for each
subnet. In general, one NIC card should be sufficient for up
to 100 concurrent users. If you have more than 100
concurrent users you should consider installing additional
NIC cards.
• Dual G5 or Dual Pentium 4 Chips
Install the fastest processor you can afford. FileMaker Server
7 can utilize multiple processors.
The FileMaker Server 7 engine now performs many of the
calculations before sending the data back to the user. This
means that the server’s processor will have a significant load
as more users are accessing the files. Thus, multiple
processors will provide vastly improved performance. We
recommend that you use a dual G5 or dual Pentium 4
processor.
Automatic Hosting
FileMaker Server 7 will automatically host all files in the
“Databases” folder (FileMaker Server 7/Data/Databases)
and subfolders one level down from there when the service
launches. You can also specify an additional folder if necessary.
The files there and in subfolders one level down are also
automatically hosted. This makes it very easy to deploy
FileMaker files away from the system and application partitions
and put them on their own partition of the hard disk.
Operating System Performance Tuning
The server should be dedicated to hosting FileMaker Server 7.
DO NOT enable or install any additional services or share
FileMaker Server 7 with services such as; DHCP, DNS, or email services. That is the fastest way to poor performance,
unexpected crashing, and data loss.
DO NOT set the server’s operating system energy saver
settings to put the computer or hard drive to sleep. The server
should be constantly running. OS X Energy Saver preferences
are located in the System Preferences. Windows 2000/2003
Server Energy Saver preferences are located in the Power
options Hibernation and Standby Mode.
You should install A UPS backup system for your server. This
will provide you with enough time to shut down the server in the
event of a power failure.
Installation of FileMaker Server 7 (Windows)
1. Double-click setup.exe.
2. Choose the installation language. Click OK.
3. Click Next and follow the on-screen instructions.
Page 5
4. Select the Automatic option for FileMaker Server start-up,
then click Next and follow the on-screen instructions.
If you use OS X Sever you must assign the following privileges
to the database files and plug-ins:
Automatic means that FileMaker Server will start as a
service whenever the operating system is restarted.
• Group: fmsadmin
• Access: Read & Write
5. Restart the server to start the FileMaker Server 7 service
for the first time.
The ownership and permissions for the files can be changed by
clicking the folder or file icon and choosing File>Get Info (Figure
2).
Installation of FileMaker Server 7 (OS X)
1. Double-click the FileMaker Server 7 icon.
2. Enter your Mac OS authentication password and follow
the on-screen instructions.
3. Click Install
4. Select the Automatic option for FileMaker Server start-up,
then click Next and follow the on-screen instructions.
Automatic means that FileMaker Server will start as a
service whenever the operating system is restarted.
5. Restart the server to start the FileMaker Server 7 service
for the first time.
Installation of FileMaker Pro 7 Files for Hosting
Place your database files in the FileMaker Server
7/Data/Databases folder. You can place files in separate
folders for better organization. FileMaker Server 7 will
automatically serve all databases in the main Databases
folder and one folder lower.
Figure 2 Ownership and Permissions — Change the Group to
fmsadmin and the Access to Read and Write.
Page 6
Installation and Configuration of FileMaker Server
Administration Tool (SAT)
Note: SAT can be installed on either the server or a remote
computer. In most cases your server will be in a locked
server room. We recommend that you administer the server
from a remote computer on your local area network (LAN).
DO NOT install FileMaker Pro 7 on the server! FileMaker
Server 7 will not run if FileMaker Pro 7 is installed and
running on the server.
1.
Windows only: Locate the Files folder on the installation
CD.
2.
Double-click the FileMaker Server Admin icon.
3.
Click Next and follow the on-screen instructions.
4.
After installation you can start the FileMaker Server
Admin application.
5.
Choose Server>Connect to FileMaker Server.
6.
Choose the server in the Favorite Servers list or type in
the IP address of the server and click Connect.
Configuration of FileMaker Server Using SAT
These instructions will balance security with ease of use and
configuration to minimize the burden and cost of
administration. If you need additional instructions please
consult the FileMaker Server 7 Admin Guide. These
instructions may use images from both OS X and Windows.
These instructions do not endorse one platform over another.
Clients Properties (Figure 3)
1. Set the number of FileMaker Pro connections to 10% more
users than you expect to access the system. Even though you
can host up to 250 users, each user takes up worker threads on
the server, which increases overhead. Reducing overhead
significantly improves performance.
Figure 3 Client Properties
2. Your internal policies will dictate how much time to allow
users to be inactive. We recommend setting the maximum idle
time for FileMaker Pro 7 clients to no more than 90 minutes. As
stated above, users take up valuable threads on the server. 90
Page 7
minutes is enough time to go to a meeting or lunch, come
back, and then resume work. Longer periods of inactivity
unnecessarily leave your solutions open for unauthorized
access.
3. Check the box to allow FileMaker Pro clients to download
plug-in updates. Your FileMaker Pro 7 solution must be
programmed to download plug-in updates. If newer plug-ins
are placed on the server FileMaker Pro 7 will automatically
download them and install them on the client computers.
This saves a significant amount of time and hassle for
system administrators.
Database Properties (Figure 4)
1. Set the maximum number of files to host to the exact
number of files hosted on the server. Since this setting can
be reset without requiring a restart of the server there is no
reason to host more files than necessary.
2. FileMaker Server 7 will tell you exactly how much RAM
you can assign based on the amount of available memory on
the server. In general, assigning more RAM will improve
performance for larger database files and more users. How
much RAM you assign to FileMaker Server 7 and how long
you assign to distribute the cache flush for writing the data
stored in RAM to the disk is a balancing act based on your
desired performance and data integrity requirements.
FileMaker Server 7 is constantly flushing the cache to the
hard drive. FileMaker Server 7 inspects up to 1/60th of the
cache every second and writes any changes to the disk. For
example, if you assign 2000 MB of RAM for cache and
distribute the cache over 30 minutes it will write
approximately 1.1 MB of cache to the disk each second or:
Figure 4 Database Properties
1/60 x 2000 MB RAM / 30 minutes = 1.1 MB RAM/second
Page 8
This means that all changes on the server will be no older
than the time specified for the cache flush (30 minutes in the
example above). Therefore, if your data is mission critical
you may want to specify the cache flush be set to shorter
time intervals. If your data is not as critical the cache flush
can be set to longer time intervals. In this method FileMaker
Server 7 can distribute its disk writing over time, and
therefore allow the server CPU a higher priority to service
client requests, as it will take much less time to inspect 1 MB
compared to 2000 MB if the setting is left at 1 minute.
Overall, we recommend that you adjust the settings to
achieve approximately 1-5 MB RAM/second.
Another server statistic to consider is the amount of unsaved
cache as a percentage of the total cache. This number
should be relatively low (less than 5%) if your data is critical.
If this number is too high you can decrease the cache flush
interval to ensure that the cache is flushed more frequently.
Figure 5 Default Folders
Default Folder Properties (Figure 5)
1. We recommend that you place all the database files in the
default folder location. You can separate solutions into their
own folders. FileMaker Server 7 will automatically host any
database files in the default location or one folder lower
when the service is started. If you add files to FileMaker
Server 7 while it is running you will have to manually open
the database using the SAT.
2. We recommend using the default backup folder location. If
you have a RAID system with separate partitions for the live
and backup data you can specify a path to a different
location
Administration Properties (Figure 6)
1. Use a custom name for the server. When users open the
server through the Host button they will see the custom name.
You may already have naming conventions for your servers.
Naming conventions usually have a standard abbreviation for
the application running on the server (i.e. FMS7), the
department (i.e. Production), and the property tag number or
serial number of the server (i.e. 000001) = FMS7 Prod 1.
2. We recommend that the administrator of the server be
allowed to access the server remotely through the SAT. Check
the box to allow remote users to administer FileMaker Server.
Page 9
To provide an additional layer of basic security you should
require a password to access the SAT.
Logging (Figure 7)
FileMaker Server 7 logs items such as FileMaker Server
starting and stopping, database files opening and closing,
clients logging in and out, failed logins, plug in downloads,
scheduled tasks running, and changes to FileMaker Server
properties. The log files have a maximum size of 40 MB.
Figure 7 Logging
Figure 6 Administration Properties
Page 10
Log files are located at FileMaker Server/Data/Logs/. Logs
can be viewed with the OS X Console, the Windows 2000
Server Performance Logs and Alerts, or the Windows 2003
Server System Monitor applications.
• Windows log: Application.Log
• OS X log: Event.log
Server statistics are located at FileMaker Server/Data/Logs/.
Logs are best viewed in the SAT using the Statistics window.
• Windows stats log: Stats.log
• OS X stats log: Stats.log
When you first setup FileMaker Server 7 you should monitor
the statistics frequently to determine how well the server is
performing. We recommend updating the usage statistics
every 15 seconds and setting the minimum size of the usage
log to 40 MB. After you get your server dialed in at 95%
cache hits you can either turn off the usage statistics or set
the time interval to every 5 minutes.
Security (Figure 8)
1. Select the client authentication for FileMaker accounts
only. This setting uses the accounts and privilege sets that
are installed in the FileMaker Pro file when the user logs into
the system.
Figure 8 Security
Schedules (Figure 9)
You should backup your database on a routine schedule.
Because backups take away from the performance of the server
they should be performed when the server is least accessed.
This is usually in the middle of the night. Using the Schedules
feature of FileMaker Server 7 you can add up to 50 scheduled
tasks.
2. Select Display only the databases each user is authorized
to access. This limits the list of FileMaker Server-hosted files
displayed in FileMaker Pro to only those databases that
each client has privileges to access.
Page 11
Figure 9 Schedules
Plug-ins (Figure 10)
Plug-in files need to be manually placed in the correct folder
location on the server.
• Windows: FileMaker Server 7\Data\Databases\AutoUpdate\
• OS X: FileMaker Server 7/Data/Databases/AutoUpdate/
The FileMaker Pro Plug-ins Preferences need to be enabled
to auto-update the plug-in from the server. If the client needs
to use the plug-in it must also be checked in the Plug-in
Preferences. Plug-ins located on the OS X server MUST be
in tar compressed format (plugin.tar). Plug-ins for Windows
must be in the .fmx format (plugin.fmx). You can also
manually place the plug-ins (uncompressed) on the client
computers running FileMaker Pro 7.
Figure 10 Auto Update Plug-in — Check the box in the FileMaker
Pro Plug-in Preferences to automatically download plug-ins from the
server.
• Windows: FileMaker Pro 7\Extensions\
• OS X: FileMaker Pro 7/Extensions/
Page 12