automation-suite
2024.10
true
UiPath logo, featuring letters U and I in white

Automation Suite on EKS/AKS Installation Guide

Last updated Dec 18, 2024

Meeting the Process Mining prerequisites

Note: You must take the steps in this section only if you run the Automation Suite installer with reduced privileges. If you can run the installer with admin privileges, you do not need to follow the instructions in this section.

Installing cert-manager

The Dapr installation for Process Mining requires cert-manager.

You can install cert-manager via Helm. For installation instructions, see the cert-manager documentation.

Installing Dapr

To install Dapr, take the following steps:
  1. Create an image pull secret in the <uipath> namespace. To create the image pull secret, you can use your typical workflow or take the following steps:
    registry= <registry_url> #provide the registry where the UiPath images are hosted
    username= <user_name> #provide the username which will be used for the authentication
    password= <password> #provide the password which will be used for the authentication
    namespace= <namespace> #namespace where you want to create a secret
    kubectl create secret docker-registry uipathpullsecret --namespace=${namespace} \
      --docker-server=${registry} --docker-username=${username} \
      --docker-password=${password} --dry-run=client -o yaml \
      | kubectl apply -f -registry= <registry_url> #provide the registry where the UiPath images are hosted
    username= <user_name> #provide the username which will be used for the authentication
    password= <password> #provide the password which will be used for the authentication
    namespace= <namespace> #namespace where you want to create a secret
    kubectl create secret docker-registry uipathpullsecret --namespace=${namespace} \
      --docker-server=${registry} --docker-username=${username} \
      --docker-password=${password} --dry-run=client -o yaml \
      | kubectl apply -f -
  2. Create the Argo application using the following YAML file:
    apiVersion: argoproj.io/v1alpha1
    kind: Application
    metadata:
      name: dapr
      namespace: <argo_namespace>
    spec:
      destination:
        namespace: <uipath_namespace>
        server: https://kubernetes.default.svc
      ignoreDifferences:
      - jsonPointers:
        - /data
        - /stringData
        - /metadata
        kind: Secret
      - group: apiextensions.k8s.io
        jsonPointers:
        - /spec/conversion
        kind: CustomResourceDefinition
      - group: admissionregistration.k8s.io
        jsonPointers:
        - /webhooks
        kind: MutatingWebhookConfiguration
      project: <project_name>
      source:
        chart: helm/dapr
        helm:
          valueFiles:
          - values.yaml
          values: |
            global:
              registry: <target-registry>/daprio
              imagePullSecrets: uipathpullsecret
              mtls:
                enabled: true
              prometheus:
                enabled: false
              logAsJson: true
              actors:
                enabled: false
              ha:
                enabled: false
                replicaCount: 1
              rbac:
                namespaced: true
              seccompProfile: RuntimeDefault
            dapr_dashboard:
              enabled: false
            dapr_operator:
              watchInterval: 1m
              resources:
                requests:
                  cpu: 100m
                  memory: 100Mi
                limits:
                  cpu: "1"
                  memory: 200Mi
              watchNamespace: <uipath_namespace>
              deploymentAnnotations:
                sidecar.istio.io/inject: "false"
            dapr_sidecar_injector:
              allowedServiceAccounts: <uipath_namespace>:default
              resources:
                requests:
                  cpu: 100m
                  memory: 30Mi
                limits:
                  cpu: "1"
                  memory: 100Mi
              sidecarDropALLCapabilities: true
              deploymentAnnotations:
                sidecar.istio.io/inject: "false"
            dapr_sentry:
              resources:
                requests:
                  cpu: 100m
                  memory: 30Mi
                limits:
                  cpu: "1"
                  memory: 100Mi
              deploymentAnnotations:
                sidecar.istio.io/inject: "false"
            dapr_rbac:
              secretReader:
                enabled: false
              createClusterScopedObjects: true
        repoURL: <target-registry>
        targetRevision: <dapr-version>
      syncPolicy:
        automated:
          prune: true
          selfHeal: true
        retry:
          backoff:
            duration: 10s
            factor: 2
            maxDuration: 1m
          limit: 1000
        syncOptions:
        - CreateNamespace=true
        - RespectIgnoreDifferences=trueapiVersion: argoproj.io/v1alpha1
    kind: Application
    metadata:
      name: dapr
      namespace: <argo_namespace>
    spec:
      destination:
        namespace: <uipath_namespace>
        server: https://kubernetes.default.svc
      ignoreDifferences:
      - jsonPointers:
        - /data
        - /stringData
        - /metadata
        kind: Secret
      - group: apiextensions.k8s.io
        jsonPointers:
        - /spec/conversion
        kind: CustomResourceDefinition
      - group: admissionregistration.k8s.io
        jsonPointers:
        - /webhooks
        kind: MutatingWebhookConfiguration
      project: <project_name>
      source:
        chart: helm/dapr
        helm:
          valueFiles:
          - values.yaml
          values: |
            global:
              registry: <target-registry>/daprio
              imagePullSecrets: uipathpullsecret
              mtls:
                enabled: true
              prometheus:
                enabled: false
              logAsJson: true
              actors:
                enabled: false
              ha:
                enabled: false
                replicaCount: 1
              rbac:
                namespaced: true
              seccompProfile: RuntimeDefault
            dapr_dashboard:
              enabled: false
            dapr_operator:
              watchInterval: 1m
              resources:
                requests:
                  cpu: 100m
                  memory: 100Mi
                limits:
                  cpu: "1"
                  memory: 200Mi
              watchNamespace: <uipath_namespace>
              deploymentAnnotations:
                sidecar.istio.io/inject: "false"
            dapr_sidecar_injector:
              allowedServiceAccounts: <uipath_namespace>:default
              resources:
                requests:
                  cpu: 100m
                  memory: 30Mi
                limits:
                  cpu: "1"
                  memory: 100Mi
              sidecarDropALLCapabilities: true
              deploymentAnnotations:
                sidecar.istio.io/inject: "false"
            dapr_sentry:
              resources:
                requests:
                  cpu: 100m
                  memory: 30Mi
                limits:
                  cpu: "1"
                  memory: 100Mi
              deploymentAnnotations:
                sidecar.istio.io/inject: "false"
            dapr_rbac:
              secretReader:
                enabled: false
              createClusterScopedObjects: true
        repoURL: <target-registry>
        targetRevision: <dapr-version>
      syncPolicy:
        automated:
          prune: true
          selfHeal: true
        retry:
          backoff:
            duration: 10s
            factor: 2
            maxDuration: 1m
          limit: 1000
        syncOptions:
        - CreateNamespace=true
        - RespectIgnoreDifferences=true
    
    The following table provides further information on replacing the placeholders in the YAML file with adequate values for the respective parameters:
    ParameterPlaceholderDescription
    namespace

    <argo_namespace>

    • Use <argocd> for a dedicated ArgoCD instance.
    • Use <openshift-gitops> for a shared ArgoCD instance.

    namespace

    watchNamespace

    <uipath_namespace>

    Namespace for Automation Suite

    project

    <project_name>

    • For a dedicated ArgoCD instance, use default
      .
    • For a shared ArgoCD instance, use the name of the project created for Automation Suite.

    registry

    repoURL

    <target-registry>

    Helm chart registry

    targetRevision

    <dapr-version>

    Version of the Dapr Helm chart from the versions.json file
    Note:

    If you install Automation Suite in a shared cluster and update the FQDN post-installation, you must delete and recreate the Dapr application by taking the following steps:

    1. In the ArgoCD UI, navigate to Dapr > Delete.

    2. Install Dapr again by following all the steps in this section.

Generating the application YAML file via Bash script

You can also use the following Bash script to generate the application YAML file:

#!/bin/bash

echo "Enter the namespace of argocd applications"
read argocd_namespace

echo "Enter the name of uipath namespace"
read uipath_namespace


if [[ "${argocd_namespace}" == "openshift-gitops" ]]; then
  echo "Enter the argocd project name"
  read project
else
  project="default"
fi

echo "Enter the registry fqdn"
read registry_fqdn

echo "Enter the DAPR helm chart version"
read dapr_version

echo "-------------------- SUMMARY --------------------"
echo "Argocd Application namespace : $argocd_namespace"
echo "Uipath namespace             : $uipath_namespace"
echo "Argocd Project name          : $project"
echo "Helm registry FQDN           : $registry_fqdn"
echo "DAPR Version                 : $dapr_version"

echo "------------- Application yaml file-------------"

echo -n "apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: dapr
  namespace: $argocd_namespace
spec:
  destination:
    namespace: $uipath_namespace
    server: https://kubernetes.default.svc
  ignoreDifferences:
  - jsonPointers:
    - /data
    - /stringData
    - /metadata
    kind: Secret
  - group: apiextensions.k8s.io
    jsonPointers:
    - /spec/conversion
    kind: CustomResourceDefinition
  - group: admissionregistration.k8s.io
    jsonPointers:
    - /webhooks
    kind: MutatingWebhookConfiguration
  project: $project
  source:
    chart: helm/dapr
    helm:
      valueFiles:
      - values.yaml
      values: |
        global:
          registry: $registry_fqdn/daprio
          imagePullSecrets: uipathpullsecret
          mtls:
            enabled: true
          prometheus:
            enabled: false
          logAsJson: true
          actors:
            enabled: false
          ha:
            enabled: false
            replicaCount: 1
          rbac:
            namespaced: true
          seccompProfile: RuntimeDefault
        dapr_dashboard:
          enabled: false
        dapr_operator:
          watchInterval: 1m
          resources:
            requests:
              cpu: 100m
              memory: 100Mi
            limits:
              cpu: "1"
              memory: 200Mi
          watchNamespace: $uipath_namespace
          deploymentAnnotations:
            sidecar.istio.io/inject: "false"
        dapr_sidecar_injector:
          allowedServiceAccounts: $uipath_namespace:default
          resources:
            requests:
              cpu: 100m
              memory: 30Mi
            limits:
              cpu: "1"
              memory: 100Mi
          sidecarDropALLCapabilities: true
          deploymentAnnotations:
            sidecar.istio.io/inject: "false"
        dapr_sentry:
          resources:
            requests:
              cpu: 100m
              memory: 30Mi
            limits:
              cpu: "1"
              memory: 100Mi
          deploymentAnnotations:
            sidecar.istio.io/inject: "false"
        dapr_rbac:
          secretReader:
            enabled: false
          createClusterScopedObjects: true
    repoURL: $registry_fqdn
    targetRevision: $dapr_version
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    retry:
      backoff:
        duration: 10s
        factor: 2
        maxDuration: 1m
      limit: 1000
    syncOptions:
    - CreateNamespace=true
    - RespectIgnoreDifferences=true"#!/bin/bash

echo "Enter the namespace of argocd applications"
read argocd_namespace

echo "Enter the name of uipath namespace"
read uipath_namespace


if [[ "${argocd_namespace}" == "openshift-gitops" ]]; then
  echo "Enter the argocd project name"
  read project
else
  project="default"
fi

echo "Enter the registry fqdn"
read registry_fqdn

echo "Enter the DAPR helm chart version"
read dapr_version

echo "-------------------- SUMMARY --------------------"
echo "Argocd Application namespace : $argocd_namespace"
echo "Uipath namespace             : $uipath_namespace"
echo "Argocd Project name          : $project"
echo "Helm registry FQDN           : $registry_fqdn"
echo "DAPR Version                 : $dapr_version"

echo "------------- Application yaml file-------------"

echo -n "apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: dapr
  namespace: $argocd_namespace
spec:
  destination:
    namespace: $uipath_namespace
    server: https://kubernetes.default.svc
  ignoreDifferences:
  - jsonPointers:
    - /data
    - /stringData
    - /metadata
    kind: Secret
  - group: apiextensions.k8s.io
    jsonPointers:
    - /spec/conversion
    kind: CustomResourceDefinition
  - group: admissionregistration.k8s.io
    jsonPointers:
    - /webhooks
    kind: MutatingWebhookConfiguration
  project: $project
  source:
    chart: helm/dapr
    helm:
      valueFiles:
      - values.yaml
      values: |
        global:
          registry: $registry_fqdn/daprio
          imagePullSecrets: uipathpullsecret
          mtls:
            enabled: true
          prometheus:
            enabled: false
          logAsJson: true
          actors:
            enabled: false
          ha:
            enabled: false
            replicaCount: 1
          rbac:
            namespaced: true
          seccompProfile: RuntimeDefault
        dapr_dashboard:
          enabled: false
        dapr_operator:
          watchInterval: 1m
          resources:
            requests:
              cpu: 100m
              memory: 100Mi
            limits:
              cpu: "1"
              memory: 200Mi
          watchNamespace: $uipath_namespace
          deploymentAnnotations:
            sidecar.istio.io/inject: "false"
        dapr_sidecar_injector:
          allowedServiceAccounts: $uipath_namespace:default
          resources:
            requests:
              cpu: 100m
              memory: 30Mi
            limits:
              cpu: "1"
              memory: 100Mi
          sidecarDropALLCapabilities: true
          deploymentAnnotations:
            sidecar.istio.io/inject: "false"
        dapr_sentry:
          resources:
            requests:
              cpu: 100m
              memory: 30Mi
            limits:
              cpu: "1"
              memory: 100Mi
          deploymentAnnotations:
            sidecar.istio.io/inject: "false"
        dapr_rbac:
          secretReader:
            enabled: false
          createClusterScopedObjects: true
    repoURL: $registry_fqdn
    targetRevision: $dapr_version
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    retry:
      backoff:
        duration: 10s
        factor: 2
        maxDuration: 1m
      limit: 1000
    syncOptions:
    - CreateNamespace=true
    - RespectIgnoreDifferences=true"
  • Installing cert-manager
  • Installing Dapr
  • Generating the application YAML file via Bash script

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2025 UiPath. All rights reserved.