- Overview
- Requirements
- Installation
- Q&A: Deployment templates
- Configuring the machines
- Configuring the external objectstore
- Configuring an external Docker registry
- Configuring the load balancer
- Configuring the DNS
- Configuring Microsoft SQL Server
- Configuring the certificates
- Online multi-node HA-ready production installation
- Offline multi-node HA-ready production installation
- Disaster recovery - Installing the secondary cluster
- Downloading the installation packages
- install-uipath.sh parameters
- Enabling Redis High Availability Add-On for the cluster
- Document Understanding configuration file
- Adding a dedicated agent node with GPU support
- Adding a dedicated agent Node for Task Mining
- Connecting Task Mining application
- Adding a Dedicated Agent Node for Automation Suite Robots
- Post-installation
- Cluster administration
- Monitoring and alerting
- Migration and upgrade
- Migration options
- Step 1: Moving the Identity organization data from standalone to Automation Suite
- Step 2: Restoring the standalone product database
- Step 3: Backing up the platform database in Automation Suite
- Step 4: Merging organizations in Automation Suite
- Step 5: Updating the migrated product connection strings
- Step 6: Migrating standalone Insights
- Step 7: Deleting the default tenant
- B) Single tenant migration
- Product-specific configuration
- Using the Orchestrator Configurator Tool
- Preparing Orchestrator
- Updating the Orchestrator configuration
- Cleaning up the Orchestrator database
- Best practices and maintenance
- Troubleshooting
- How to troubleshoot services during installation
- How to uninstall the cluster
- How to clean up offline artifacts to improve disk space
- How to clear Redis data
- How to enable Istio logging
- How to manually clean up logs
- How to clean up old logs stored in the sf-logs bundle
- How to disable streaming logs for AI Center
- How to debug failed Automation Suite installations
- How to delete images from the old installer after upgrade
- How to automatically clean up Longhorn snapshots
- How to disable TX checksum offloading
- How to manually set the ArgoCD log level to Info
- How to generate the encoded pull_secret_value for external registries
- How to address weak ciphers in TLS 1.2
- Unable to run an offline installation on RHEL 8.4 OS
- Error in downloading the bundle
- Offline installation fails because of missing binary
- Certificate issue in offline installation
- First installation fails during Longhorn setup
- SQL connection string validation error
- Prerequisite check for selinux iscsid module fails
- Azure disk not marked as SSD
- Failure after certificate update
- Antivirus causes installation issues
- Automation Suite not working after OS upgrade
- Automation Suite requires backlog_wait_time to be set to 0
- GPU node affected by resource unavailability
- Volume unable to mount due to not being ready for workloads
- Support bundle log collection failure
- Failure to upload or download data in objectstore
- PVC resize does not heal Ceph
- Failure to resize PVC
- Failure to resize objectstore PVC
- Rook Ceph or Looker pod stuck in Init state
- StatefulSet volume attachment error
- Failure to create persistent volumes
- Storage reclamation patch
- Backup failed due to TooManySnapshots error
- All Longhorn replicas are faulted
- Setting a timeout interval for the management portals
- Update the underlying directory connections
- Authentication not working after migration
- Kinit: Cannot find KDC for realm <AD Domain> while getting initial credentials
- Kinit: Keytab contains no suitable keys for *** while getting initial credentials
- GSSAPI operation failed due to invalid status code
- Alarm received for failed Kerberos-tgt-update job
- SSPI provider: Server not found in Kerberos database
- Login failed for AD user due to disabled account
- ArgoCD login failed
- Failure to get the sandbox image
- Pods not showing in ArgoCD UI
- Redis probe failure
- RKE2 server fails to start
- Secret not found in UiPath namespace
- ArgoCD goes into progressing state after first installation
- Issues accessing the ArgoCD read-only account
- MongoDB pods in CrashLoopBackOff or pending PVC provisioning after deletion
- Unhealthy services after cluster restore or rollback
- Pods stuck in Init:0/X
- Prometheus in CrashloopBackoff state with out-of-memory (OOM) error
- Missing Ceph-rook metrics from monitoring dashboards
- Running High Availability with Process Mining
- Process Mining ingestion failed when logged in using Kerberos
- Unable to connect to AutomationSuite_ProcessMining_Warehouse database using a pyodbc format connection string
- Airflow installation fails with sqlalchemy.exc.ArgumentError: Could not parse rfc1738 URL from string ''
- How to add an IP table rule to use SQL Server port 1433
- Using the Automation Suite Diagnostics Tool
- Using the Automation Suite Support Bundle Tool
- Exploring Logs
Updating the Orchestrator configuration
Update the Orchestrator configuration. Make sure to review the following:
- Custom configuration from
UiPath.Orchestrator.dll.config
- Any
web.config
settings. - Storage (packages, execution media, and buckets data) - mostly applicable to
Storage.Type=FileSystem
- Custom NLog targets.
- Custom credential stores.
- Encryption key per tenant configuration.
You can simplify many of the following steps by using the provided Orchestrator Configurator Tool.
orchestrator_configurator.sh
bash tool can update the Orchestrator custom config map and upload files to the Orchestrator well-known blob storage locations.
Use the -y
parameter to skip confirmation of the proposed actions.
orchestrator-customconfig
config map using a tool such as Lens or kubectl.
values.json
file. The Orchestrator deployment should restart automatically after this configuration change.
{
"Kestrel": {
"Limits": {
"MaxRequestBodySize": 314572800
}
}
{
"Kestrel": {
"Limits": {
"MaxRequestBodySize": 314572800
}
}
appSettings.custom.json
file edited in the pre-migration steps now contains all the customization needed in the appSettings
section. You need to place this .json
file in the orchestrator-customconfig
config map, in the values.json
file, under the appSettings
key.
{
"ExampleSetting.Enabled": true,
"ExampleSetting.Type": "BasicExample",
"ExampleSetting.Count": 3
}
{
"ExampleSetting.Enabled": true,
"ExampleSetting.Type": "BasicExample",
"ExampleSetting.Count": 3
}
-c|--app-settings
parameter:
./orchestrator-configurator.sh -c appSettings.custom.json
./orchestrator-configurator.sh -c appSettings.custom.json
If using the configurator tool, go through all the steps to gather all required appSettings overrides, and run the script once at the end.
FileSystem
storage to Orchestrator's storage provider, use the Orchestrator Configurator Tool to transfer the storage content.
-s|--storage-folder
parameter in the Orchestrator Configurator Tool, where path
is the parent folder. Replace the path with the folder's location where your files are stored. To determine the path, check
the Storage.Path
parameter in UiPath.Orchestrator.dll.config
.
To ensure it's the correct folder, it should contain this hierarchy:
-
One folder named Orchestrator-Host\Libraries.
-
One folder for each tenant, named Orchestrator-[tenantKey].
./orchestrator-configurator.sh -s path
./orchestrator-configurator.sh -s path
The command uploads the contents of the path folder to the configured storage provider.
-
The Orchestrator Configurator tool only supports CEPH, S3 (or compatible), or Azure Blob Storage. For any other storage, copy the content to the new location manually.
To use network FileStore, edit the Orchestrator ArgoCD app parameters, and set the following:
storage.type = smb
storage.smb.domain
storage.smb.password
storage.smb.source
storage.smb.username
storage.smb.size
To configure other storage options, edit the Orchestrator ArgoCD app parameters and set the following:
storage.type
to the desired provider. The value is case-sensitive. The possible values are:Azure
,AWS
,Minio
.storage.connectionString
Overview of the Orchestrator app storage settings:
Orchestrator web browser access to Amazon and Azure storage buckets can be restricted due to the same-origin policy on the provider side. Successfully accessing the content of such a bucket requires you to configure the respective provider to allow cross-origin requests from Orchestrator.
See instructions on how to configure each provider to allow cross-origin requests from Orchestrator.
Ceph
, in the uipath
bucket. The Orchestrator pod will then be able to load them at startup. You also need to place the configuration in orchestrator-customconfig
in the nlog.json
file.
-n|--nlog-extensions-folder
and -l|--nlog-config-file
parameters.
./orchestrator-configurator.sh -n nlogextensions -l nlog.custom.json
./orchestrator-configurator.sh -n nlogextensions -l nlog.custom.json
/var/orchestrator/plugins/nlog
. The configurator automatically updates the assemblyFile paths, prepending the plugins path to them.
appsettings.custom.json
, so there are no more required configuration updates.
values.json
file of orchestrator-customconfig
under the appSettings section.
/var/orchestrator/plugins/securestore/
path.
-p|--securestore-plugins-folder
parameter:
./orchestrator-configurator.sh -p securestoreplugins
./orchestrator-configurator.sh -p securestoreplugins
orchestrator-generated-secrets
Kubernetes secret by overwriting the value of APPSETTINGS__EncryptionKey
. To do this, run the following command:ENCRYPT_KEY=$(echo <key>|base64 -w 0)
kubectl -n uipath patch secret orchestrator-generated-secrets --type='json' \
-p="[{'op': 'replace', 'path': '/data/APPSETTINGS__EncryptionKey', 'value':'$ENCRYPT_KEY'}]"
ENCRYPT_KEY=$(echo <key>|base64 -w 0)
kubectl -n uipath patch secret orchestrator-generated-secrets --type='json' \
-p="[{'op': 'replace', 'path': '/data/APPSETTINGS__EncryptionKey', 'value':'$ENCRYPT_KEY'}]"
<key>
with the value of the key retrieved from UiPath.Orchestrator.dll.config
.