- Overview
- Requirements
- Installation
- Post-installation
- Migration and upgrade
- Upgrading Automation Suite on EKS/AKS
- Migration options
- Step 1: Moving the Identity organization data from standalone to Automation Suite
- Step 2: Restoring the standalone product database
- Step 3: Backing up the platform database in Automation Suite
- Step 4: Merging organizations in Automation Suite
- Step 5: Updating the migrated product connection strings
- Step 6: Migrating standalone Insights
- Step 7: Deleting the default tenant
- B) Single tenant migration
- Monitoring and alerting
- Cluster administration
- Product-specific configuration
- Troubleshooting
Automation Suite on EKS/AKS Installation Guide
Configuring input.json
input.json
file allows you to configure the UiPath products you want to deploy, the parameters, settings, and preferences applied to
the selected products, and the settings of your cloud infrastructure. You must update this file to change the defaults and
use any advanced configuration for your cluster.
Some products may have dependencies. For details, see Cross-product dependencies.
input.json
, you can use your favorite text editor on your client machine.
General parameters |
Description |
---|---|
|
Specificy which Kubernetes distrubution you use. Can be
aks or eks .
|
|
URLs to pull the docker images and helm charts for UiPath products and Automation Suite.
|
|
The load balancer endpoint for Automation Suite |
|
The username that you would like to set as an admin for the host organization. |
|
The host admin password to be set. |
|
Default value, not changeable
|
|
true or false - used to opt out of sending telemetry back to UiPath. It is set to false by default.
If you want to opt out, then set to
true .
|
"kubernetes_distribution": "aks",
"registries": {
"docker": {
"url": "registry.uipath.com"
},
"helm": {
"url": "registry.uipath.com"
}
},
"fqdn": "replace with your fqdn",
"admin_username": "replace with your UiPath admin username",
"admin_password": "replace with your UiPath admin password",
"profile": "ha",
"telemetry_optout": false
"kubernetes_distribution": "aks",
"registries": {
"docker": {
"url": "registry.uipath.com"
},
"helm": {
"url": "registry.uipath.com"
}
},
"fqdn": "replace with your fqdn",
"admin_username": "replace with your UiPath admin username",
"admin_password": "replace with your UiPath admin password",
"profile": "ha",
"telemetry_optout": false
You can enable and disable products in Automation Suite at the time of installation and at any point post-installation. For more details on each product configuration, see Managing products.
Orchestrator example:
"orchestrator": {
"enabled": true,
"external_object_storage": {
"bucket_name": "uipath-as-orchestrator"
},
"testautomation": {
"enabled": true
},
"updateserver": {
"enabled": true
}
"orchestrator": {
"enabled": true,
"external_object_storage": {
"bucket_name": "uipath-as-orchestrator"
},
"testautomation": {
"enabled": true
},
"updateserver": {
"enabled": true
}
Automation Suite allows you to bring your own Gatekeeper (and OPA Policies), Cert Manager, Monitoring, and Logging components. If you choose to exclude these components, ensure that you have these present in your cluster before installing Automation Suite.
-
For the list of optional components and responsibility matrix, see Automation Suite on EKS/AKS Stack.
-
Make sure to review the compatibility matrix for versions that are validated with Automation Suite.
In the following below, all components are excluded. However, you can remove the ones you would like Automation Suite to provision.
"exclude_components": [
"gatekeeper",
"opa-policies",
"network-policies",
"cert-manager",
"monitoring",
"logging",
"velero"
]
"exclude_components": [
"gatekeeper",
"opa-policies",
"network-policies",
"cert-manager",
"monitoring",
"logging",
"velero"
]
If no certificate is provided at the time of installation, the installer creates self-issued certificates and configures them in the cluster.
pwd
to get the path of the directory where files are placed and append the certificate file name to the input.json
.
Parameter |
Description |
---|---|
|
Absolute path to the Certificate Authority (CA) certificate. This CA is the authority that signs the TLS certificate. A CA bundle must contain only the chain certificates used to sign the TLS certificate. The chain limit is nine certificates. If you use a self-signed certificate, you must specify the path to
rootCA.crt , which you previously created. Leave blank if you want the installer to generate ir.
|
|
Absolute path to the TLS certificate (
server.crt is the self-signed certificate). Leave blank if you want the installer to generate it.
|
|
Absolute path to the certificate key (
server.key is the self-signed certificate). Leave blank if you want the installer to generate it.
|
|
Absolute path to the identity token signing certificate used to sign tokens (
identity.pfx is the self-signed certificate). Leave blank if you want the installer to generate an identity certificate using the server
certificate.
|
|
Plain text password set when exporting the identity token signing certificate. |
|
Absolute path to the file containing the additional CA certificates that you want to be trusted by all the services running
as part of Automation Suite. All certificates in the file must be in valid
PEM format.
For example, you need to provide the file containing the SQL server CA certificate if the certificate is not issued by a public certificate authority. |
input.json
parameter requirements, see the following prerequisite sections:
-
SQL database (mandatory)
-
Caching (mandatory)
-
Storage (mandatory)
-
Networking (mandatory)
-
NGINX ingress configuration (optional)
-
Proxy configuration (optional)
orchestrator.orchestrator_robot_logs_elastic
section. If not provided, robot logs are saved to Orchestrator's database.
orchestrator.orchestrator_robot_logs_elastic
parameters:
Parameter |
Description |
---|---|
orchestrator_robot_logs_elastic |
Elasticsearch configuration. |
|
The address of the Elasticsearch instance that should be used. It should be provided in the form of a URI. If provided, then username and password are also required. |
|
The Elasticsearch username, used for authentication. |
|
The Elasticsearch password, used for authentication. |
If enabling Insights, users can include SMTP server configuration that will be used to send scheduled emails/alert emails. If not provided, scheduled emails and alert emails will not function.
insights.smtp_configuration
fields details:
Parameter |
Description |
---|---|
|
Valid values are
TLSv1_2 , TLSv1_1 , SSLv23 . Omit key altogether if not using TLS.
|
|
Address that alert/scheduled emails will be sent from. |
|
Hostname of the SMTP server. |
|
Port of the SMTP server. |
|
Username for SMTP server authentication. |
|
Password for SMTP server authentication. |
enable_realtime_monitoring | Flag to enable Insights Real-time monitoring. Valid values are true , false . Default value is false .
|
Example
"insights": {
"enabled": true,
"enable_realtime_monitoring": true,
"smtp_configuration": {
"tls_version": "TLSv1_2",
"from_email": "test@test.com",
"host": "smtp.sendgrid.com",
"port": 587,
"username": "login",
"password": "password123"
}
}
"insights": {
"enabled": true,
"enable_realtime_monitoring": true,
"smtp_configuration": {
"tls_version": "TLSv1_2",
"from_email": "test@test.com",
"host": "smtp.sendgrid.com",
"port": 587,
"username": "login",
"password": "password123"
}
}
processmining
section:
Parameter |
Description |
---|---|
|
DotNet formatted connection string with database set as a placeholder:
Initial Catalog=DB_NAME_PLACEHOLDER .
|
|
Sqlalchemy PYODBC formatted connection string for custom airflow metadata database location:
sqlServer:1433/DB_NAME_PLACEHOLDER .
Example:
where user:
testadmin%40myhost Note:
If there is '@' in user name it has to be urlencoded to %40 Example: (SQL Server setup with Kerberos authentication)
|
|
DotNet formatted SQL connection string to the processmining data warehouse SQL Server with placeholder for dbname: Initial Catalog=DB_NAME_PLACEHOLDER .
|
|
Sqlalchemy PYODBC formatted SQL connection string to the processmining data warehouse SQL Server with placeholder for dbname: sqlServer:1433/DB_NAME_PLACEHOLDER .
|
|
If the installer is creating databases through
sql.create_db: true setting, a DotNet formatted master SQL connection string must be provided for the processmining data warehouse SQL Server.
Database in the connection string must be set as master .
|
Sample Process Mining connection string
"processmining": {
"enabled": true,
"app_security_mode": "system_managed",
"sql_connection_str": "Server=tcp:shared_sqlserver_fqdn,1433;Initial Catalog=AutomationSuite_ProcessMining_Metadata;Persist Security Info=False;User Id=username;Password='password';MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=True;Connection Timeout=30;Max Pool Size=100;",
"sqlalchemy_pyodbc_sql_connection_str": "mssql+pyodbc://username:password@shared_sqlserver_fqdn:1433/AutomationSuite_Airflow?driver=ODBC+Driver+17+for+SQL+Server&TrustServerCertificate=YES&Encrypt=YES",
"warehouse": {
"sql_connection_str": "Server=tcp:dedicated_sqlserver_fqdn,1433;Initial Catalog=AutomationSuite_ProcessMining_Warehouse;Persist Security Info=False;User Id=username;Password='password';MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=True;Connection Timeout=30;Max Pool Size=100;",
"sqlalchemy_pyodbc_sql_connection_str": "mssql+pyodbc://useername:password@dedicated_sqlserver_fqdn:1433/AutomationSuite_ProcessMining_Warehouse?driver=ODBC+Driver+17+for+SQL+Server&TrustServerCertificate=YES&Encrypt=YES",
"master_sql_connection_str": "Server=tcp:dedicated_sqlserver_fqdn,1433;Initial Catalog=master;Persist Security Info=False;User Id=username;Password='password';MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=True;Connection Timeout=30;Max Pool Size=100;"
},
"blob_storage_account_use_presigned_uri": true
},
"processmining": {
"enabled": true,
"app_security_mode": "system_managed",
"sql_connection_str": "Server=tcp:shared_sqlserver_fqdn,1433;Initial Catalog=AutomationSuite_ProcessMining_Metadata;Persist Security Info=False;User Id=username;Password='password';MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=True;Connection Timeout=30;Max Pool Size=100;",
"sqlalchemy_pyodbc_sql_connection_str": "mssql+pyodbc://username:password@shared_sqlserver_fqdn:1433/AutomationSuite_Airflow?driver=ODBC+Driver+17+for+SQL+Server&TrustServerCertificate=YES&Encrypt=YES",
"warehouse": {
"sql_connection_str": "Server=tcp:dedicated_sqlserver_fqdn,1433;Initial Catalog=AutomationSuite_ProcessMining_Warehouse;Persist Security Info=False;User Id=username;Password='password';MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=True;Connection Timeout=30;Max Pool Size=100;",
"sqlalchemy_pyodbc_sql_connection_str": "mssql+pyodbc://useername:password@dedicated_sqlserver_fqdn:1433/AutomationSuite_ProcessMining_Warehouse?driver=ODBC+Driver+17+for+SQL+Server&TrustServerCertificate=YES&Encrypt=YES",
"master_sql_connection_str": "Server=tcp:dedicated_sqlserver_fqdn,1433;Initial Catalog=master;Persist Security Info=False;User Id=username;Password='password';MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=True;Connection Timeout=30;Max Pool Size=100;"
},
"blob_storage_account_use_presigned_uri": true
},
When setting up Microsoft SQL Server make sure that the timezone of the SQL Server machine where the Airflow database and a dedicated Process Mining database are installed, is set to UTC.
When configuring the connection strings for the processmining data warehouse SQL Server, the named instance of the SQL Server should be omitted.
Named instances of SQL Server cannot operate on the same TCP port. Therefore, the port number alone is sufficient to distinguish between instances.
tcp:server,1445
instead of tcp:server\namedinstance,1445
.
sql_connection_string_template_sqlalchemy_pyodbc
and the PYODBC connection string sqlalchemy_pyodbc_sql_connection_str
used when you bring your own database are different. Also connection string names are different for the template SQL sql_connection_string_template
and sql_connection_str
used when you bring your own database.
sql_connection_str
and sqlalchemy_pyodbc_sql_connection_str
connection strings in the processmining
section of the input.json
file, the template connection strings sql_connection_string_template
and sql_connection_string_template_sqlalchemy_pyodbc
are ignored if specified.
1433
for the following databases:
warehouse.sql_connection_str
warehouse.sqlalchemy_pyodbc_sql_connection_str
warehouse.master_sql_connection_str
Non-standard SQL server ports are not supported.
Automation Suite Robots can use package caching to optimize your process runs and allow them to run faster. NuGet packages are fetched from the filesystem instead of being downloaded from the Internet/network. This requires an additional space of minimum 10GiB and should be allocated to a folder on the host machine filesystem of the dedicated nodes.
input.json
parameters:
Parameter |
Default value |
Description |
---|---|---|
|
|
When set to
true , robots use a local cache for package resolution.
|
|
|
The disk location on the serverless agent node where the packages are stored. |
aicenter.external_object_storage.port
and
aicenter.external_object_storage.fqdn
parameters in the input.json
file.
aicenter
section of the input.json
file even if you
have configured the external_object_storage
section of the file.
input.json
configuration for AI Center:"aicenter": {
"external_object_storage" {
"port": 443,
"fqdn": "s3.us-west-2.amazonaws.com"
}
},
"external_object_storage": {
"enabled": true,
"create_bucket": false,
"storage_type": "s3",
"region": "us-west-2",
"use_instance_profile": true
}
...
"aicenter": {
"external_object_storage" {
"port": 443,
"fqdn": "s3.us-west-2.amazonaws.com"
}
},
"external_object_storage": {
"enabled": true,
"create_bucket": false,
"storage_type": "s3",
"region": "us-west-2",
"use_instance_profile": true
}
...