- Overview
- Requirements
- Installation
- Post-installation
- Migration and upgrade
- Upgrading Automation Suite on EKS/AKS
- Migration options
- Step 1: Moving the Identity organization data from standalone to Automation Suite
- Step 2: Restoring the standalone product database
- Step 3: Backing up the platform database in Automation Suite
- Step 4: Merging organizations in Automation Suite
- Step 5: Updating the migrated product connection strings
- Step 6: Migrating standalone Insights
- Step 7: Deleting the default tenant
- B) Single tenant migration
- Monitoring and alerting
- Cluster administration
- Product-specific configuration
- Troubleshooting
Updating credentials
To update credentials for the different Automation Suite components, take the following steps:
-
Generate the
file.input.json
-
Provide the new credentials for the given components in the
as described in each component section.input.json
-
Run the
uipathctl
CLI as described in each component section.
input.json
file as follows:
-
A: Run the following command to get the latest revision of your
file:input.json
uipathctl manifest get-revision
uipathctl manifest get-revision -
B: Run the following command to list all the past
files and determine the one you wish to choose:input.json
uipathctl manifest list-revisions
uipathctl manifest list-revisions
There are multiple scenarios where you may want to update the connection string used by Automation Suite products to connect to the SQL database, such as the following:
- When periodically rotating the password used to connect to the database, for security and compliance;
- When changing the FQDN for the SQL server;
- When migrating the database to another SQL server for maintenance purposes;
- When adding, modifying, or removing one or more connection attributes, such as
MultiSubnetFailover
; - When switching from basic authentication to integrated authentication using Kerberos and AD.
Important:
Products in Automation Suite do not create tables or schema at the time of updating the SQL database connection string. Make sure your new connection string refers to the same database that you currently use.
To avoid downtime during the update process, make sure that your current connection string is valid at the time of the update process. You can revoke your old connection string after the update.
- Generate the
file.input.json
- Provide the new connection strings for the installed products in the
input.json
. - Run
uipathctl
.
Providing the new connection strings for installed products
There are two ways to provide the connection strings for products running in Automation Suite:
-
A: Provide a connection string template that will be common to all the products running in Automation Suite. This approach will assume the default database names for all the products.
-
B: Provide connection strings specific to each product.
Make sure you escape NET, JDBC, or ODBC passwords as follows:
-
for NET: add
'
at the beginning and end of the password, and double any other'
. -
for JDBC/ODBC: add
{
at the beginning of the password and}
at the end, and double any other}
.
TrustServerCertificate=False
, then you may have to provide an additional CA certificate for the SQL Server. This is required if the SQL Server certificate
is self-signed or signed by an internal CA. For details, see Updating the CA certificates.
A: Providing a common connection string for all products
All the products running in Automation Suite refer to a common template connection string. One use case for choosing this method would be when you want to change the password for all the products at once. Note that, in this case, the password will be the same for all the products.
In this scenarios, the database names for all products must be the default ones, as required by Automation Suite. If the database names you configured do not meet the Automation Suite requirements, follow the next step.
The following table explains which template format the product services accept:
Parameter |
Description |
Products |
---|---|---|
|
Full ADO.NET connection string where Catalog name is set to
DB_NAME_PLACEHOLDER . The installer will replace this placeholder with the default database names for the installed suite services.
|
Platform, Orchestrator, Automation Suite Robots, Test Manager, Automation Hub, Automation Ops, Insights, Task Mining, Data Service, Process Mining |
|
Full JDBC connection string where database name is set to
DB_NAME_PLACEHOLDER . The installer will replace this placeholder with the default database names for the installed suite services.
|
AI Center |
|
Full ODBC connection string where database name is set to
DB_NAME_PLACEHOLDER . The installer will replace this placeholder with the default database names for the installed suite services.
|
Document Understanding, Apps |
sql_connection_string_template_sqlalchemy_pyodbc | Full SQL alchemy PYODBC connection string where database name is set to DB_NAME_PLACEHOLDER . The installer will replace this placeholder with the default database names for the installed suite services.
|
Process Mining |
sql_connection_string_template example
Server=tcp:sfdev1804627-c83f074b-sql.database.windows.net:1433;Initial Catalog=DB_NAME_PLACEHOLDER;Persist Security Info=False;User Id=testadmin;Password=***;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;Max Pool Size=100;
Server=tcp:sfdev1804627-c83f074b-sql.database.windows.net:1433;Initial Catalog=DB_NAME_PLACEHOLDER;Persist Security Info=False;User Id=testadmin;Password=***;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;Max Pool Size=100;
sql_connection_string_template_jdbc example
jdbc:sqlserver://sfdev1804627-c83f074b-sql.database.windows.net:1433;database=DB_NAME_PLACEHOLDER;user=testadmin;password=***;encrypt=true;trustServerCertificate=false;Connection Timeout=30;hostNameInCertificate=sfdev1804627-c83f074b-sql.database.windows.net"
jdbc:sqlserver://sfdev1804627-c83f074b-sql.database.windows.net:1433;database=DB_NAME_PLACEHOLDER;user=testadmin;password=***;encrypt=true;trustServerCertificate=false;Connection Timeout=30;hostNameInCertificate=sfdev1804627-c83f074b-sql.database.windows.net"
sql_connection_string_template_odbc example
SERVER=sfdev1804627-c83f074b-sql.database.windows.net,1433;DATABASE=DB_NAME_PLACEHOLDER;DRIVER={ODBC Driver 17 for SQL Server};UID=testadmin;PWD=***;MultipleActiveResultSets=False;Encrypt=YES;TrustServerCertificate=NO;Connection Timeout=30;"
SERVER=sfdev1804627-c83f074b-sql.database.windows.net,1433;DATABASE=DB_NAME_PLACEHOLDER;DRIVER={ODBC Driver 17 for SQL Server};UID=testadmin;PWD=***;MultipleActiveResultSets=False;Encrypt=YES;TrustServerCertificate=NO;Connection Timeout=30;"
"mssql+pyodbc://testadmin%40sfdev4515230-sql.database.windows.net:07%3Cl%5Bxj-%3D~%3Az%60Ds%26nl@sfdev4515230-sql.database.windows.net:1433/DB_NAME_PLACEHOLDER?driver=ODBC+Driver+17+for+SQL+Server"
"mssql+pyodbc://testadmin%40sfdev4515230-sql.database.windows.net:07%3Cl%5Bxj-%3D~%3Az%60Ds%26nl@sfdev4515230-sql.database.windows.net:1433/DB_NAME_PLACEHOLDER?driver=ODBC+Driver+17+for+SQL+Server"
input.json
with the new connection string template you want to update.
B: Providing connection strings specific to each product
Platform
AutomationSuite_Platform
.
input.json
file:
"platform": {
"sql_connection_str": "***" // dotnet connection string
}
"platform": {
"sql_connection_str": "***" // dotnet connection string
}
Orchestrator
AutomationSuite_Orchestrator
.
input.json
file:
"orchestrator": {
"sql_connection_str": "***" // dotnet connection string
}
"orchestrator": {
"sql_connection_str": "***" // dotnet connection string
}
Automation Suite Robots
AutomationSuite_Orchestrator
.
input.json
file:
"asrobots": {
"sql_connection_str": "***" // dotnet connection string
}
"asrobots": {
"sql_connection_str": "***" // dotnet connection string
}
Automation Hub
AutomationSuite_Automation_Hub
.
input.json
file:
"automation_hub": {
"sql_connection_str": "***" // dotnet connection string
}
"automation_hub": {
"sql_connection_str": "***" // dotnet connection string
}
Automation Ops
AutomationSuite_Platform
.
input.json
file:
"automation_ops": {
"sql_connection_str": "***" // dotnet connection string
}
"automation_ops": {
"sql_connection_str": "***" // dotnet connection string
}
AI Center
AutomationSuite_AICenter
.
input.json
file:
"aicenter": {
"sql_connection_str": "***" // jdbc connection string
}
"aicenter": {
"sql_connection_str": "***" // jdbc connection string
}
Apps
AutomationSuite_Apps
.
input.json
file:
"apps": {
"sql_connection_str": "***" // odbc connection string
}
"apps": {
"sql_connection_str": "***" // odbc connection string
}
Data Service
AutomationSuite_DataService
.
input.json
file:
"dataservice": {
"sql_connection_str": "***" // dotnet connection string
}
"dataservice": {
"sql_connection_str": "***" // dotnet connection string
}
Document Understanding
AutomationSuite_DU_Datamanager
.
input.json
file:
"documentunderstanding": {
"enabled": true,
"sql_connection_str": "***" // dotnet connection string,
"datamanager": {
"sql_connection_str": "***" // odbc connection string
}
}
"documentunderstanding": {
"enabled": true,
"sql_connection_str": "***" // dotnet connection string,
"datamanager": {
"sql_connection_str": "***" // odbc connection string
}
}
Insights
AutomationSuite_Insights
.
input.json
file:
"insights": {
"sql_connection_str": "***" // dotnet connection string
}
"insights": {
"sql_connection_str": "***" // dotnet connection string
}
Process Mining
AutomationSuite_ProcessMining_Metadata
.
input.json
file:
"process_mining": {
"enabled": true,
"sql_connection_str": "***" // dotnet connection string
"sqlalchemy_pyodbc_sql_connection_str": "",
"warehouse": {
"sql_connection_str": "",
"master_sql_connection_str": "",
"sqlalchemy_pyodbc_sql_connection_str": ""
}
}
"process_mining": {
"enabled": true,
"sql_connection_str": "***" // dotnet connection string
"sqlalchemy_pyodbc_sql_connection_str": "",
"warehouse": {
"sql_connection_str": "",
"master_sql_connection_str": "",
"sqlalchemy_pyodbc_sql_connection_str": ""
}
}
Task Mining
AutomationSuite_Task_Mining
.
input.json
file:
"task_mining": {
"sql_connection_str": "***" // dotnet connection string
}
"task_mining": {
"sql_connection_str": "***" // dotnet connection string
}
Test Manager
AutomationSuite_Test_Manager
.
input.json
file:
"test_manager": {
"sql_connection_str": "***" // dotnet connection string
}
"test_manager": {
"sql_connection_str": "***" // dotnet connection string
}
Running the uipathctl installer
uipathctl
installer using the following command:
uipathctl manifest apply input.json --versions versions.json
uipathctl manifest apply input.json --versions versions.json
input.json
file
with the new password and/or hostname:
"fabric": {
"redis": {
"hostname": "new_hostname",
"password": "new_password",
"port": 6380,
"tls": true
}
"fabric": {
"redis": {
"hostname": "new_hostname",
"password": "new_password",
"port": 6380,
"tls": true
}
uipathctl
installer using the following command:
uipathctl manifest apply input.json --only redis --versions versions.json
uipathctl manifest apply input.json --only redis --versions versions.json
uipathctl
to print the result of the command without applying it.
input.json
file with the new access_key, secret_key or acount_key and account_name:
"external_object_storage": {
"enabled": false, // <true/false>
"create_bucket": true, // <true/false>
"storage_type": "s3", // <s3,azure,aws>
"fqdn": "", // <needed in case of aws non instance profile>
"port": 443, // <needed in case of aws non instance profile>
"region": "",
"access_key": "", // <needed in case of aws non instance profile>
"secret_key": "", // <needed in case of aws non instance profile>
"use_managed_identity": false, // <true/false>
"bucket_name_prefix": "",
"bucket_name_suffix": "",
"account_key": "", // <needed only when using non managed identity>
"account_name": "",
"azure_fqdn_suffix": "core.windows.net",
"client_id": "" // <optional field in case of managed identity>
},
"external_object_storage": {
"enabled": false, // <true/false>
"create_bucket": true, // <true/false>
"storage_type": "s3", // <s3,azure,aws>
"fqdn": "", // <needed in case of aws non instance profile>
"port": 443, // <needed in case of aws non instance profile>
"region": "",
"access_key": "", // <needed in case of aws non instance profile>
"secret_key": "", // <needed in case of aws non instance profile>
"use_managed_identity": false, // <true/false>
"bucket_name_prefix": "",
"bucket_name_suffix": "",
"account_key": "", // <needed only when using non managed identity>
"account_name": "",
"azure_fqdn_suffix": "core.windows.net",
"client_id": "" // <optional field in case of managed identity>
},
uipathctl
installer using the following command:
uipathctl manifest apply input.json --versions versions.json
uipathctl manifest apply input.json --versions versions.json
uipathctl
to print the result of the command without applying it.
uipathpullsecret
. To update uipathpullsecret
, take the following steps:
- Update the registry section of the
input.json
file:"registries": { "docker": { "url": "yourContainerRegistryUrl", "username": "username", "password": "newpassword" }, "helm": { "url": "yourContainerRegistryUrl", "username": "username", "password": "newpassword" } }
"registries": { "docker": { "url": "yourContainerRegistryUrl", "username": "username", "password": "newpassword" }, "helm": { "url": "yourContainerRegistryUrl", "username": "username", "password": "newpassword" } } - Delete the existing
uipathpullsecret
:kubectl delete secret uipathpullsecret -n uipath
kubectl delete secret uipathpullsecret -n uipath - Rerun the installation command:
uipathctl manifest apply input.json --versions versions.json
uipathctl manifest apply input.json --versions versions.json
- Guidelines
- Generating the input.json file
- Guidelines
- Updating the SQL connection strings
- Updating the connection strings for installed products
- Updating Redis credentials
- Providing the new credentials for Redis
- Running the uipathctl installer
- Updating objectstore credentials
- Running the uipathctl installer
- Updating the registry credentials