- Overview
- Requirements
- Installation
- Prerequisite checks
- Downloading the installation packages
- uipathctl cluster
- uipathctl cluster maintenance
- uipathctl cluster maintenance disable
- uipathctl cluster maintenance enable
- uipathctl cluster maintenance is-enabled
- uipathctl cluster migration
- uipathctl cluster migration export
- uipathctl cluster migration import
- uipathctl cluster migration run
- uipathctl cluster upgrade
- uipathctl config
- uipathctl config add-host-admin
- uipathctl config additional-ca-certificates
- uipathctl config additional-ca-certificates get
- uipathctl config additional-ca-certificates update
- uipathctl config alerts
- uipathctl config alerts add-email
- uipathctl config alerts remove-email
- uipathctl config alerts update-email
- uipathctl config argocd
- uipathctl config argocd ca-certificates
- uipathctl config argocd ca-certificates get
- uipathctl config argocd ca-certificates update
- uipathctl config argocd generate-dex-config
- uipathctl config argocd generate-rbac
- uipathctl config argocd registry
- uipathctl config argocd registry get
- uipathctl config argocd registry update
- uipathctl config enable-basic-auth
- uipathctl config orchestrator
- uipathctl config orchestrator get-config
- uipathctl config orchestrator update-config
- uipathctl config saml-certificates get
- uipathctl config saml-certificates rotate
- uipathctl config saml-certificates update
- uipathctl config tls-certificates
- uipathctl config tls-certificates get
- uipathctl config tls-certificates update
- uipathctl config token-signing-certificates
- uipathctl config token-signing-certificates get
- uipathctl config token-signing-certificates rotate
- uipathctl config token-signing-certificates update
- uipathctl health
- uipathctl health bundle
- uipathctl health check
- uipathctl health diagnose
- uipathctl health test
- uipathctl manifest
- uipathctl manifest apply
- uipathctl manifest diff
- uipathctl manifest get
- uipathctl manifest get-revision
- uipathctl manifest list-applications
- uipathctl manifest list-revisions
- uipathctl manifest render
- uipathctl prereq
- uipathctl prereq create
- uipathctl prereq run
- uipathctl resource
- uipathctl resource report
- uipathctl snapshot
- uipathctl snapshot backup
- uipathctl snapshot backup create
- uipathctl snapshot backup disable
- uipathctl snapshot backup enable
- uipathctl snapshot delete
- uipathctl snapshot list
- uipathctl snapshot restore
- uipathctl snapshot restore create
- uipathctl snapshot restore delete
- uipathctl snapshot restore history
- uipathctl snapshot restore logs
- uipathctl version
- Post-installation
- Migration and upgrade
- Upgrading Automation Suite on EKS/AKS
- Step 1: Moving the Identity organization data from standalone to Automation Suite
- Step 2: Restoring the standalone product database
- Step 3: Backing up the platform database in Automation Suite
- Step 4: Merging organizations in Automation Suite
- Step 5: Updating the migrated product connection strings
- Step 6: Migrating standalone Orchestrator
- Step 7: Migrating standalone Insights
- Step 8: Deleting the default tenant
- B) Single tenant migration
- Migrating from Automation Suite on Linux to Automation Suite on EKS/AKS
- Monitoring and alerting
- Cluster administration
- Product-specific configuration
- Troubleshooting
Automation Suite on EKS/AKS stack
Automation Suite on EKS/AKS allows you to bring and manage your own Kubernetes cluster, dedicated to Automation Suite.
There are three sections of the stack:
-
UiPath® managed: UiPath® services and components optimized for Automation Suite provided and supported by UiPath®.
-
Optional to install: If you have the same components pre-configured in your Kubernetes cluster, you can choose to skip installing them via Automation Suite. In this case, you will manage the lifecycle of these components.
-
Customer managed: Prerequisites for deploying Automation Suite on your cloud infrastructure managed and supported by you. For supported EKS/AKS configurations, see the Compatibility matrix.
Stack Component |
Description |
---|---|
UiPath® managed | |
UiPath® products |
When you deploy Automation Suite, a minimum set of shared capabilities are installed by default, such as UiPath® Portal, Identity, License, Org Management, and Audit. You can choose which UiPath® products to enable on Automation Suite both at the time of installation or post-installation. Note that there are cross-product dependencies you must address. |
ArgoCD |
Open-source declarative CD tool for Kubernetes. It follows the GitOps pattern of using Git repositories as the source of truth for defining the desired application state. It is optimized to provide application lifecycle management (ALM) capabilities for Automation Suite. |
Optional to install | |
Gatekeeper and container policies |
Open-source tool that allows a Kubernetes administrator to implement policies for ensuring compliance and best practices in their cluster. If you bring your own Gatekeeper and associated policies, review the access needed by Automation Suite. |
Networking policies |
Kubernetes networking policies provide a way to control networking traffic flow at IP address or port level (Layer 4). Automation Suite comes with an optionally bundled component with networking policies implemented to follow security best practices. Note that Automation Suite-bundled networking policies are only compatible with Cilium CNI. If you use a different type of CNI or if you bring your own networking policies, make sure to check the compatibility of these policies with Automation Suite. For details, see Security and compliance. |
Cert Manager |
Cert Manager is an open-source certificate controller for Kubernetes. You can choose to keep the Cert Manager pre-configured within Automation Suite or bring your own. If you bring your own, you are responsible for managing the lifecycle of that component. Note:
If you choose to bring your own Cert Manager, and your TLS certificate is issued by a private or non-public CA, you must manually include both the leaf certificate and intermediate CA certificates in the TLS certificate file. In case of public CAs, they are automatically trusted by client systems, and no further action is required on your part. |
Prometheus |
Open-source system monitoring toolkit for Kubernetes. It can accept metrics from Kubernetes components and workloads running in the clusters and store those in time series database. If you choose not to install Automation Suite-bundled Prometheus, you must configure your Prometheus to collect metrics. Prometheus bundled with Automation Suite on EKS/AKS is not configured for high availability (HA) mode. If you require a monitoring stack with HA functionality, you must supply your own Prometheus. |
Alert Manager |
Open-source tool that handles alerts sent by client applications such as the Prometheus server. It is responsible for deduplicating, grouping, and routing them to the correct receiver integrations, such as email, PagerDuty, or OpsGenie. Automation Suite configures custom alerts, such as certificate expiration. If you choose not to install Automation Suite-bundled Alert Manager, you must configure your own alerts. Alert Manager bundled with Automation Suite on EKS/AKS is not configured for high availability (HA) mode. If you require a monitoring stack with HA functionality, you must supply your own Alert Manager. |
Grafana |
Open-source visualization tool used for querying and visualizing data stored in Prometheus. You can create and ship a variety of dashboards for cluster and service monitoring. If you choose not to install Automation Suite-bundled Alert Manager, you must create your own alerts. Grafana bundled with Automation Suite on EKS/AKS is not configured for high availability (HA) mode. If you require a monitoring stack with HA functionality, you must supply your own Grafana. |
FluentD and Fluent-bit |
Open-source log scraping solution. The logging operator deploys and configures a background process on every node to collect container and application logs from the node file system. If you choose not to install Automation Suite-bundled FluentD and Fluent Bit, you must configure your own log scraper. |
Velero |
Open-source tool that allows you to take a snapshot backup and restore. If you choose not to install Automation Suite-bundled Velero, make sure you take backups as per your Disaster Recovery policy. |
Istio | Open-source service mesh that provides functionality such as ingress, request routing, traffic monitoring, etc., for the microservices running inside the Kubernetes cluster. |
Customer managed | |
Kubernetes cluster (AKS or EKS) |
Azure Kubernetes Service and Elastic Kubernetes Service are managed Kubernetes services from Microsoft Azure cloud and Amazon Web Services, respectively. Make sure to configure the EKS/AKS clusters correctly with the required worker nodes and capacity. |
Object storage |
Automation Suite and UiPath® Services require Object Storage - Azure Blob Storage or Amazon S3 (Simple Storage Service). |
Block storage |
Block storage is similar to disk storage needed for Automation Suite platform and UiPath® products. Automation Suite is compatible with Azure Disk Storage and Amazon’s Elastic Block Storage. |
File Storage |
File storage is hierarchical data storage methodology and is needed for several UiPath® products. Automation Suite is compatible with Azure Files and Elastic File Storage from Microsoft and AWS clouds, respectively. |
Caching |
Caching is required by several UiPath® products. Automation Suite is compatible with Cloud Redis for Azure and Elasticache for AWS. |
Database |
SQL Server and SQL databases are needed for all UiPath® products. Automation Suite is compatible with Microsoft SQL server, Azure SQL and AWS managed (RDS) SQL services. |
Activity |
UiPath® responsibility |
Customer responsibility |
---|---|---|
Infrastructure prerequisites |
|
|
Managing optional components
|
|
|
Network policies (optionally provided by UiPath®) |
|
|
Gatekeeper and OPA policies (optionally provided by UiPath®) |
|
|
uipathctl (management tool) |
|
|
Automation Suite upgrades |
|
|
Infrastructure upgrades |
|
|
Backup and Restore |
|
|
Support |
|
|