- Overview
- Requirements
- Installation
- Prerequisite checks
- Downloading the installation packages
- uipathctl cluster
- uipathctl cluster maintenance
- uipathctl cluster maintenance disable
- uipathctl cluster maintenance enable
- uipathctl cluster maintenance is-enabled
- uipathctl cluster migration
- uipathctl cluster migration export
- uipathctl cluster migration import
- uipathctl cluster migration run
- uipathctl cluster upgrade
- uipathctl config
- uipathctl config add-host-admin
- uipathctl config additional-ca-certificates
- uipathctl config additional-ca-certificates get
- uipathctl config additional-ca-certificates update
- uipathctl config alerts
- uipathctl config alerts add-email
- uipathctl config alerts remove-email
- uipathctl config alerts update-email
- uipathctl config argocd
- uipathctl config argocd ca-certificates
- uipathctl config argocd ca-certificates get
- uipathctl config argocd ca-certificates update
- uipathctl config argocd generate-dex-config
- uipathctl config argocd generate-rbac
- uipathctl config argocd registry
- uipathctl config argocd registry get
- uipathctl config argocd registry update
- uipathctl config enable-basic-auth
- uipathctl config orchestrator
- uipathctl config orchestrator get-config
- uipathctl config orchestrator update-config
- uipathctl config saml-certificates get
- uipathctl config saml-certificates rotate
- uipathctl config saml-certificates update
- uipathctl config tls-certificates
- uipathctl config tls-certificates get
- uipathctl config tls-certificates update
- uipathctl config token-signing-certificates
- uipathctl config token-signing-certificates get
- uipathctl config token-signing-certificates rotate
- uipathctl config token-signing-certificates update
- uipathctl health
- uipathctl health bundle
- uipathctl health check
- uipathctl health diagnose
- uipathctl health test
- uipathctl manifest
- uipathctl manifest apply
- uipathctl manifest diff
- uipathctl manifest get
- uipathctl manifest get-revision
- uipathctl manifest list-applications
- uipathctl manifest list-revisions
- uipathctl manifest render
- uipathctl prereq
- uipathctl prereq create
- uipathctl prereq run
- uipathctl resource
- uipathctl resource report
- uipathctl snapshot
- uipathctl snapshot backup
- uipathctl snapshot backup create
- uipathctl snapshot backup disable
- uipathctl snapshot backup enable
- uipathctl snapshot delete
- uipathctl snapshot list
- uipathctl snapshot restore
- uipathctl snapshot restore create
- uipathctl snapshot restore delete
- uipathctl snapshot restore history
- uipathctl snapshot restore logs
- uipathctl version
- Post-installation
- Migration and upgrade
- Upgrading Automation Suite on EKS/AKS
- Step 1: Moving the Identity organization data from standalone to Automation Suite
- Step 2: Restoring the standalone product database
- Step 3: Backing up the platform database in Automation Suite
- Step 4: Merging organizations in Automation Suite
- Step 5: Updating the migrated product connection strings
- Step 6: Migrating standalone Orchestrator
- Step 7: Migrating standalone Insights
- Step 8: Deleting the default tenant
- B) Single tenant migration
- Migrating from Automation Suite on Linux to Automation Suite on EKS/AKS
- Monitoring and alerting
- Cluster administration
- Product-specific configuration
- Troubleshooting
Proxy
To deploy Automation Suite on EKS/AKS in a proxy configuration, you must configure your cluster and add all UiPath® required domains to an allowlist in your network proxy.
For instructions on how to configure the cluster worker nodes in proxy mode, refer to the respective documentation from Microsoft and AWS:
no_proxy
list:
-
EKS
"$VPC_CIDR,$SERVICE_CIDR, localhost,127.0.0.1,169.254.169.254,<clusterfqdn>,.<clusterfqdn>,.internal,.eks.amazonaws.com,.cloudfront.net,.s3.CLOUD_REGION.amazonaws.com,.dkr.ecr.CLOUD_REGION.amazonaws.com,ec2.CLOUD_REGION.amazonaws.com,api.ecr.CLOUD_REGION.amazonaws.com,.elb.amazonaws.com,.gr7.CLOUD_REGION.eks.amazonaws.com,.s3.amazonaws.com,kubernetes,kubernetes.default,kubernetes.default.svc,kubernetes.default.svc.cluster,kubernetes.default.svc.cluster.local,.svc,.svc.cluster,.svc.cluster.local,.svc.cluster.local.,argocd-repo-server,istiod.istio-system.svc,logging-operator-logging-fluentd.logging.svc.cluster.local,argocd-repo-server,.local,.cluster,ai-helper-svc,ai-pkgmanager-svc,ai-deployer-svc,ai-appmanager-svc,ai-trainer-svc,get"
"$VPC_CIDR,$SERVICE_CIDR, localhost,127.0.0.1,169.254.169.254,<clusterfqdn>,.<clusterfqdn>,.internal,.eks.amazonaws.com,.cloudfront.net,.s3.CLOUD_REGION.amazonaws.com,.dkr.ecr.CLOUD_REGION.amazonaws.com,ec2.CLOUD_REGION.amazonaws.com,api.ecr.CLOUD_REGION.amazonaws.com,.elb.amazonaws.com,.gr7.CLOUD_REGION.eks.amazonaws.com,.s3.amazonaws.com,kubernetes,kubernetes.default,kubernetes.default.svc,kubernetes.default.svc.cluster,kubernetes.default.svc.cluster.local,.svc,.svc.cluster,.svc.cluster.local,.svc.cluster.local.,argocd-repo-server,istiod.istio-system.svc,logging-operator-logging-fluentd.logging.svc.cluster.local,argocd-repo-server,.local,.cluster,ai-helper-svc,ai-pkgmanager-svc,ai-deployer-svc,ai-appmanager-svc,ai-trainer-svc,get" -
AKS
"<cluster-fqdn>,.<cluster-fqdn>,localhost,127.0.0.1,10.0.0.0/8,mcr.microsoft.com,kubernetes,kubernetes.default,kubernetes.default.svc,kubernetes.default.svc.cluster,kubernetes.default.svc.cluster.local,.svc,.svc.cluster,.svc.cluster.local,.svc.cluster.local.,argocd-repo-server,istiod.istio-system.svc,logging-operator-logging-fluentd.logging.svc.cluster.local,argocd-repo-server,.local,.cluster,ai-helper-svc,ai-pkgmanager-svc,ai-deployer-svc,ai-appmanager-svc,ai-trainer-svc,get\"
"<cluster-fqdn>,.<cluster-fqdn>,localhost,127.0.0.1,10.0.0.0/8,mcr.microsoft.com,kubernetes,kubernetes.default,kubernetes.default.svc,kubernetes.default.svc.cluster,kubernetes.default.svc.cluster.local,.svc,.svc.cluster,.svc.cluster.local,.svc.cluster.local.,argocd-repo-server,istiod.istio-system.svc,logging-operator-logging-fluentd.logging.svc.cluster.local,argocd-repo-server,.local,.cluster,ai-helper-svc,ai-pkgmanager-svc,ai-deployer-svc,ai-appmanager-svc,ai-trainer-svc,get\"
<cluster-fqdn>
with the actual FQDN URL.
input.json
file with the following parameters:
Mandatory parameters |
Description |
---|---|
|
Use
true or false to enable or disable proxy settings.
|
|
Used to route HTTP outbound requests from the cluster. This should be the proxy server FQDN and port. |
|
Used to route HTTPS outbound requests from the cluster. This should be the proxy server FQDN and port. |
|
Comma-separated list of hosts, IP addresses, or IP ranges in CIDR format that you do not want to route via the proxy server. This should be the same list as provided above for EKS and AKS, respectively. |
input.json
for proxy configuration:
"proxy": {
"enabled": "true",
"http_proxy": "<http://<PROXY-SERVER-IP>:<PROXY-PORT>",>
"https_proxy": "<http://<PROXY-SERVER-IP>:<PROXY-PORT>",>
"no_proxy": <"paste list for eks/aks from above">
"proxy": {
"enabled": "true",
"http_proxy": "<http://<PROXY-SERVER-IP>:<PROXY-PORT>",>
"https_proxy": "<http://<PROXY-SERVER-IP>:<PROXY-PORT>",>
"no_proxy": <"paste list for eks/aks from above">
.microsoft.com
login.microsoftonline.com
login.windows.net
graph.microsoft.com
sfbrprddeploywe.azurecr.io
sfbrprddeploywe.westeurope.data.azurecr.io
registry-data.uipath.com
registry.uipath.com
dc.services.visualstudio.com
activate.uipath.com
download.uipath.com
du-metering.uipath.com
du.uipath.com
du-au.uipath.com
du-ca.uipath.com
du-jp.uipath.com
du-us.uipath.com
du-sg.uipath.com
raw.githubusercontent.com
objects.githubusercontent.com
pkg-containers.githubusercontent.com
raw.github.com
api.github.com
api.nuget.org
pkgs.dev.azure.com
gallery.uipath.com
github.com
pypi.org
pypi.python.org
pythonhosted.org
files.pythonhosted.org
opensuse.org
copr.fedorainfracloud.org
download.copr.fedorainfracloud.org
ping.looker.com
rt.services.visualstudio.com
uipath.pkgs.visualstudio.com
.blob.core.windows.net
pkgs.dev.azure.com
events.launchdarkly.com
app.launchdarkly.com
in.applicationinsights.azure.com
.pkg.dev
production.cloudflare.docker.com
.googleapis.com
.microsoft.com
login.microsoftonline.com
login.windows.net
graph.microsoft.com
sfbrprddeploywe.azurecr.io
sfbrprddeploywe.westeurope.data.azurecr.io
registry-data.uipath.com
registry.uipath.com
dc.services.visualstudio.com
activate.uipath.com
download.uipath.com
du-metering.uipath.com
du.uipath.com
du-au.uipath.com
du-ca.uipath.com
du-jp.uipath.com
du-us.uipath.com
du-sg.uipath.com
raw.githubusercontent.com
objects.githubusercontent.com
pkg-containers.githubusercontent.com
raw.github.com
api.github.com
api.nuget.org
pkgs.dev.azure.com
gallery.uipath.com
github.com
pypi.org
pypi.python.org
pythonhosted.org
files.pythonhosted.org
opensuse.org
copr.fedorainfracloud.org
download.copr.fedorainfracloud.org
ping.looker.com
rt.services.visualstudio.com
uipath.pkgs.visualstudio.com
.blob.core.windows.net
pkgs.dev.azure.com
events.launchdarkly.com
app.launchdarkly.com
in.applicationinsights.azure.com
.pkg.dev
production.cloudflare.docker.com
.googleapis.com
Pods cannot communicate with the FQDN on a proxy environment, and the following error is displayed:
System.Net.Http.HttpRequestException: The proxy tunnel request to proxy 'http://<proxyFQDN>:8080/' failed with status code '404'.
System.Net.Http.HttpRequestException: The proxy tunnel request to proxy 'http://<proxyFQDN>:8080/' failed with status code '404'.
ServiceEntry
, as shown in the following example:
apiVersion: networking.istio.io/v1beta1
kind: ServiceEntry
metadata:
name: proxy
namespace: uipath
spec:
hosts:
- <proxy-host>
addresses:
- <proxy-ip>/32
ports:
- number: <proxy-port>
name: tcp
protocol: TCP
location: MESH_EXTERNAL
apiVersion: networking.istio.io/v1beta1
kind: ServiceEntry
metadata:
name: proxy
namespace: uipath
spec:
hosts:
- <proxy-host>
addresses:
- <proxy-ip>/32
ports:
- number: <proxy-port>
name: tcp
protocol: TCP
location: MESH_EXTERNAL