Subscribe

UiPath Automation Suite

The UiPath Automation Suite Guide

Manual: Advanced installation experience

This page explains how to use Automation Suite's cluster_config.json configuration file.

The cluster_config.json file defines the parameters, settings, and preferences applied to the UiPath products deployed via Automation Suite. You must update this file to change defaults and use any advanced configuration for your cluster.

To edit cluster_config.json, you can use either:

  • a Linux text editor, such as vi or GNU nano, directly on the Linux machine via SSH (e.g., command: vi cluster_config.json);
  • your favorite text editor and then copy paste the file on the machine.

The cluster_config.json file allows you to configure the UiPath products you want to deploy. Be aware that products may have dependencies. For details, see Cross-product dependencies.

To enable or disable a products via the cluster_config.json file, use true or false for the enabled flag.

cluster_config.json sample

{
  "fqdn": "PLACEHOLDER",
  "cluster_fqdn": "PLACEHOLDER",
  "fixed_rke_address": "PLACEHOLDER",
  "admin_username": "PLACEHOLDER",
  "admin_password": "PLACEHOLDER",
  "rke_token": "PLACEHOLDER ",
  "zone_resilience": false,
  "registries": {
    "docker": {
      "url": "registry.uipath.com"
    },
    "helm": {
      "url": "registry.uipath.com"
    }
  },
  "sql_connection_string_template": "PLACEHOLDER",
  "sql_connection_string_template_jdbc": "PLACEHOLDER",
  "sql_connection_string_template_odbc": "PLACEHOLDER",
  "sql_connection_string_template_sqlalchemy_pyodbc": "PLACEHOLDER",
  "orchestrator": {
    "testautomation": {
      "enabled": true
    },
    "updateserver": {
      "enabled": true
    },
    "enabled": true
  },
  "infra": {
    "docker_registry": {
      "username": " PLACEHOLDER ",
      "password": " PLACEHOLDER "
    }
  },
  "platform": {
    "enabled": true
  },
  "automation_hub": {
    "enabled": true
  },
  "automation_ops": {
    "enabled": true
  },
  "action_center": {
    "enabled": true
  },
  "aicenter": {
    "enabled": true
  },
  "documentunderstanding": {
    "enabled": true,
    "datamanager": {}
  },
  "task_mining": {
    "enabled": true
  },
  "apps": {
    "enabled": true
  },
  "test_manager": {
    "enabled": true
  },
  "insights": {
    "enabled": true
  },
  "dataservice": {
    "enabled": true
  },
  "asrobots": {
    "enabled": true,
    "packagecaching": true,
    "packagecachefolder": "/uipath_asrobots_package_cache"
  },
  "processmining": {
    "enabled": true
  },
  "external_object_storage": {
    "enabled": false
  },
  "identity_certificate": {},
  "profile": "ha",
  "telemetry_optout": false,
  "alternative_fqdn": "",
  "server_certificate": {
    "ca_cert_file": "/opt/UiPathAutomationSuite/UiPath_Installer/rootCA.crt",
    "tls_cert_file": "/opt/UiPathAutomationSuite/UiPath_Installer/server.crt",
    "tls_key_file": "/opt/UiPathAutomationSuite/UiPath_Installer/server.key"
  },
  "alternative_certificate": {
    "ca_cert_file": "/opt/UiPathAutomationSuite/UiPath_Installer/alt-rootCA.crt",
    "tls_cert_file": "/opt/UiPathAutomationSuite/UiPath_Installer/alt-server.crt",
    "tls_key_file": "/opt/UiPathAutomationSuite/UiPath_Installer/alt-server.key"
  }
}

 

General configuration


Mandatory parametersDescription
fqdnThe load balancer (multi-node HA-ready production mode) or machine (single-node evaluation mode) domain name.
fixed_rke_addressFixed address used to load balance node registration and kube API requests. This should be fqdn if load balancer is configured as recommended. Otherwise FQDN of 1st Server Node. Refer to Configuring the load balancer.


Can be the IP/FQDN of the first rke2 server in your setup.
multinodeSet to true when choosing a multi-node HA-ready production profile. The value of this flag is set automatically by the interactive install wizard. It is used for internal purposes only and should not be modified manually.
admin_usernameThe username that you would like to set as admin (such as: admin ) for the host organization.
admin_passwordThe host admin password to be set.
rke_tokenUse a newly generated GUID here. This is a pre-shared, cluster-specific secret. It is needed for all the nodes joining the cluster.
profileSets the profile of the installation. The available profiles are:
default: single-node evaluation profile.
ha: multi-node HA-ready production profile.
The value of this flag is set automatically by the interactive install wizard. It is used for internal purposes only and should not be modified manually.
infra.docker_registry.usernameThe username that you would like to set for the docker registry installation.
infra.docker_registry.passwordThe password that you would like to set for the docker registry installation.
Optional parametersDescription
telemetry_optouttrue or false - used to opt-out of sending telemetry back to UiPath. It is set to false by default.

If you wish to opt out, then set to true.

 

Certificate configuration


If no certificate is provided at the time of installation, the installer creates a self-issued certificate and configures it in the cluster. The validity of the certificate is 90 days.

For details on how to obtain a certificate, see the following:

📘

Note:

Make sure to specify the absolute path for the certificate files. Run pwd to get the path of the directory where files are placed and append the certificate file name to the cluster_config.json.


In multi-node HA-ready production installations, a certificate is required only on the first node.

ParameterDescription
server_certificate.ca_cert_fileAbsolute path to the Certificate Authority (CA) certificate. This CA is the authority that signs the TLS certificate. A CA bundle should contain only the chain certificates used to sign the TLS certificate. The chain limit is up to nine certificates.
If you are using a self-signed certificate, you need to specify the path to the rootCA.crt, which you previously created. Leave blank if you want the installer to generate.
server_certificate.tls_cert_fileAbsolute path to TLS certificate (server.crt for self-signed created in earlier steps). Leave blank if you want the installer to generate.
server_certificate.tls_key_fileAbsolute path to certificate key (server.key for self-signed created in earlier steps). Leave blank if you want the installer to generate.
identity_certificate.token_signing_cert_fileAbsolute path to the Identity Service certificate used to sign tokens (identity.pfx for self-signed created in earlier steps). Leave blank if you want the installer to generate an identity certificate using the server certificate.
identity_certificate.token_signing_cert_passPlain text password set when it was exported.
additional_ca_certsAbsolute path to the file containing additional CA certificates that you want to be trusted by all the services running as part of Automation Suite. All certificates in the file should be valid PEM format.

For example, you need to provide the file containing the SQL server CA certificate if the certificate is not issued by a public certificate authority.

 

Database configuration


Automatically create the necessary databases

If you want the installer to create the databases, fill in the following fields:

ParameterDescription
sql.create_dbSet to true.
sql.server_urlFQDN of the SQL server, where you want the installer to configure database.
sql.portPort number on which a database instance should be hosted in the SQ: server.
sql.usernameUsername / userid to connect to the SQL server.
sql.passwordPassword of the username provided earlier to connect to the SQL server.

📘

Important:

Ensure the user has the dbcreator role. This grants them permission to create the database in SQL Server. Otherwise the installation fails.

ODBC connection does not support usernames that contain special characters. For database usernames for AI Center and Document Understanding, use only uppercase and lowercase letters.

 

Bring your own database

If you bring your own database, you must provide the SQL connection strings for every database. Automation Suite supports the following SQL connection string formats:

ParameterDescriptionProducts
sql_connection_string_templateFull ADO.NET connection string where Catalog name is set to DB_NAME_PLACEHOLDER. The installer will replace this placeholder with the default database names for the installed suite services.Platform, Orchestrator, Automation Suite Robots, Test Manager, Automation Hub, Automation Ops, Insights, Task Mining, Data Service, Process Mining
sql_connection_string_template_jdbcFull JDBC connection string where database name is set to DB_NAME_PLACEHOLDER. The installer will replace this placeholder with the default database names for the installed suite services.AI Center
sql_connection_string_template_odbcFull ODBC connection string where database name is set to DB_NAME_PLACEHOLDER. The installer will replace this placeholder with the default database names for the installed suite services.Document Understanding
sql_connection_string_template_sqlalchemy_pyodbcFull SQL alchemy PYODBC connection string where database name is set to DB_NAME_PLACEHOLDER. The installer will replace this placeholder with the default database names for the installed suite services.Process Mining

🚧

Important!

Make sure the SQL account specified in the connection strings is granted the db_securityadmin and db_owner roles for all Automation Suite databases. If security restrictions do not allow the use of db_owner, then the SQL account should have the following roles and permissions on all databases:

  • db_ddladmin
  • db_datawriter
  • db_datareader
  • EXECUTE permission on dbo schema

🚧

Important!

If you manually set the connection strings in the configuration file, you can escape SQL, JDBC, ODBC, or PYODBC passwords as follows:

  • for SQL: add ' at the beginning and end of the password, and double any other '.
  • for JDBC/ODBC: add { at the beginning of the password and } at the end, and double any other }.
  • for PYODBC: username and password should be url encoded to account for special characters.

🚧

Important!

The AutomationSuite_ProcessMining_Airflow database for Process Mining product must have READ_COMMITTED_SNAPSHOT enabled.

📘

Note:

If you set TrustServerCertificate=False, then you may have to provide an additional CA certificate for the SQL Server. This is required if the SQL Server certificate is self-signed or signed by an internal CA.

See Setting Certificates for more details.

sql_connection_string_template example
Server=tcp:sfdev1804627-c83f074b-sql.database.windows.net:1433;Initial Catalog=DB_NAME_PLACEHOLDER;Persist Security Info=False;User [email protected];Password=***;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;Max Pool Size=100;
sql_connection_string_template_jdbc example
jdbc:sqlserver://sfdev1804627-c83f074b-sql.database.windows.net:1433;database=DB_NAME_PLACEHOLDER;user=testadmin;password=***;encrypt=true;trustServerCertificate=false;Connection Timeout=30;hostNameInCertificate=sfdev1804627-c83f074b-sql.database.windows.net"
sql_connection_string_template_odbc example
SERVER=sfdev1804627-c83f074b-sql.database.windows.net,1433;DATABASE=DB_NAME_PLACEHOLDER;DRIVER={ODBC Driver 17 for SQL Server};UID=testadmin;PWD=***;MultipleActiveResultSets=False;Encrypt=YES;TrustServerCertificate=NO;Connection Timeout=30;"
sql_connection_string_template_sqlalchemy_pyodbc
mssql+pyodbc://testuser%40sfdev3082457-sql.database.windows.net:_-%29X07_%5E3-%28%3B%[email protected]:1433/DB_NAME_PLACEHOLDER?driver=ODBC+Driver+17+for+SQL+Server"
Default and optional DB names for Automation Suite services
{
  "orchestrator": "AutomationSuite_Orchestrator",
  "orchestrator_ta": "AutomationSuite_Orchestrator",
  "asrobots": "AutomationSuite_Orchestrator",
  "orchestrator_upd": "AutomationSuite_Platform",
  "platform": "AutomationSuite_Platform",
  "test_manager": "AutomationSuite_Test_Manager",
  "automation_ops": "AutomationSuite_Platform",
  "automation_hub": "AutomationSuite_Automation_Hub",
  "insights": "AutomationSuite_Insights",
  "task_mining": "AutomationSuite_Task_Mining",
  "dataservice": "AutomationSuite_DataService", 
  "aicenter": "AutomationSuite_AICenter",
  "documentunderstanding": "AutomationSuite_DU_Datamanager",
  "processmining_airflow": "AutomationSuite_Airflow",
  "processmining_metadata": "AutomationSuite_ProcessMining_Metadata",
  "processmining_warehouse": "AutomationSuite_ProcessMining_Warehouse",
    
}

📘

Note:

If you you want to override the connection string for any of the services above, set the sql_connection_str for that specific service.

You still have to manually create these databases before running the installer.

Overriding the default connection string for Orchestrator and the platform
{
  "orchestrator": {
    "sql_connection_str": "Server=tcp:sfdev1804627-c83f074b-sql.database.windows.net,1433;Initial Catalog=CustomOrchDB;Persist Security Info=False;User [email protected];Password=***;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;Max Pool Size=100;"
  },
  "platform": {
    "sql_connection_str": "Server=tcp:sfdev1804627-c83f074b-sql.database.windows.net,1433;Initial Catalog=CustomIDDB;Persist Security Info=False;User [email protected];Password=***;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;Max Pool Size=100;"
  }
}

To override the database connection strings for other products, set the sql_connection_str in the corresponding product blocks. The connection string should have a format supported by the respective product.

Example for setting database connection string for AI Center
ParameterDescription
aicenter.sql_connection_strAICenter JDBC connection string (Refer below for the JDBC format)

📘

Note:

Please check the JDBC connection string has the format in the sample below.

"aicenter": {
    "enabled": true,
    "sql_connection_str": "jdbc:sqlserver://sfdev1804627-c83f074b-sql.database.windows.net;database=aicenter;[email protected];[email protected]_euHQZJ"
}
Sample DU connection string
"documentunderstanding": {
    "enabled": true,
  {
  "datamanager": {
    "sql_connection_str": "mssql+pyodbc://testadmin:[email protected]:1433/datamanager?driver=ODBC+Driver+17+for+SQL+Server",
  }
}

Note: The data manager SQL connection string is optional only if you want to overwrite the default with your own.
Handwriting is always enabled for online installation.
The default value for max_cpu_per-pod is 2, but you can adjust it according to your needs. For more information, check the Document Understanding configuration file.

 

External objectstore configuration


General configuration

Automation Suite allows you to bring your own external storage provider. You can choose from the following storage providers:

  • Azure
  • AWS
  • S3-compatible

You can configure the external object storage in one of the following ways:

  • during installation, using the interactive installer;
  • post-installation, using the cluster_config.json file.

The following table lists out the cluster_config.json parameters you can use to configure each provider of external object storage:

ParameterAzureAWSS3-compatibleDescription
external_object_storage.enabledSpecify whether you would like to bring your own object store. Possible values: true and false.
external_object_storage.create_bucketSpecify whether you would like to provision the bucket. Possible values: true and false.
external_object_storage.storage_typeSpecify the storage provider you would like to configure. Possible values: azure and s3.

Note: Many S3 objectstores require the CORS set to all the traffic from the Automation Suite cluster. You must configure the CORS policy at the objectstore level to allow the FQDN of the cluster.
external_object_storage.fqdnSpecify the FQDN of the S3 server. Only required in the case of the AWS non-instance profile.
external_object_storage.portSpecify the S3 port. Only required in the case of the AWS non-instance profile.
external_object_storage.regionSpecify the AWS region where buckets are hosted. Only required in the case of AWS non-instance profile.
external_object_storage.access_keySpecify the access key for the S3 account. Only required in the case of the AWS non-instance profile.
external_object_storage.secret_keySpecify the secret key for the S3 account. Only required in the case of the AWS non-instance profile.
external_object_storage.use_managed_identityUse managed identity with your Azure storage account. Possible values: true and false.
external_object_storage.bucket_name_prefixIndicate the prefix for the bucket names. Optional in the case of the AWS non-instance profile.
external_object_storage.bucket_name_suffixIndicate the suffix for the bucket names. Optional in the case of the AWS non-instance profile.
external_object_storage.account_keySpecify the Azure account key. Only required when using non-managed identity.
external_object_storage.account_nameSpecify the Azure account name.
external_object_storage.azure_fqdn_suffixSpecify the Azure FQDN suffix. Optional parameter.
external_object_storage.client_idSpecify your Azure client ID. Only required when using managed identity.

Product-specific configuration

You can use the parameters described in the General configuration section to update the general Automation Suite configuration. This means that all installed products would share the same configuration. If you want to configure one or more products differently, you can override the general configuration. You just need to specify the product(s) you want to set up external object storage for differently, and use the same parameters to define your configuration. Note that all the other installed products would continue to inherit the general configuration.

The following example shows how you can override the general configuration for Orchestrator:

"external_object_storage": {
  "enabled": false, // <true/false>
  "create_bucket": true, // <true/false>
  "storage_type": "s3", // <s3,azure,aws>
  "fqdn": "",  // <needed in case of aws non instance profile>
  "port": 443, // <needed in case of aws non instance profile>
  "region": "", 
  "access_key": "", // <needed in case of aws non instance profile>
  "secret_key": "", // <needed in case of aws non instance profile>
  "use_managed_identity": false, // <true/false>
  "bucket_name_prefix": "",
  "bucket_name_suffix": "",
  "account_key": "", // <needed only when using non managed identity>
  "account_name": "",
  "azure_fqdn_suffix": "core.windows.net",
  "client_id": "" // <optional field in case of managed identity>
},

"orchestrator": {
  "external_object_storage": {
    "enabled": false, // <true/false>
    "create_bucket": true, // <true/false>
    "storage_type": "s3", // <s3,azure>
    "fqdn": "",  // <needed in case of aws non instance profile>
    "port": 443, // <needed in case of aws non instance profile>
    "region": "", 
    "access_key": "", // <needed in case of aws non instance profile>
    "secret_key": "", // <needed in case of aws non instance profile>
    "use_managed_identity": false, // <true/false>
    "bucket_name_prefix": "",
    "bucket_name_suffix": "",
    "account_key": "", // <needed only when using non managed identity>
    "account_name": "",
    "azure_fqdn_suffix": "core.windows.net",
    "client_id": "" // <optional field in case of managed identity>
  }
}

Rotating the blob storage credentials for Process Mining

To rotate the blob storage credentials for Process Mining in Automation Suite the stored secrets must be updated with the new credentials. See Rotating blob storage credentials.

 

Orchestrator-specific configuration


Orchestrator can save robot logs to an Elasticsearch server. You can configure this functionality in the orchestrator.orchestrator_robot_logs_elastic section. If not provided, robot logs are saved to Orchestrator's database.

The following table lists out the orchestrator.orchestrator_robot_logs_elastic parameters:

ParameterDescription
elastic_uriThe address of the Elasticsearch instance that should be used. It should be provided in the form of a URI. If provided, then username and password are also required.
elastic_auth_usernameThe Elasticsearch username, used for authentication.
elastic_auth_passwordThe Elasticsearch password, used for authentication.
Click to see an example
"orchestrator": {
    "orchestrator_robot_logs_elastic": {
        "elastic_uri": "https://elastic.example.com:9200",
        "elastic_auth_username": "elastic-user",
        "elastic_auth_password": "elastic-password"
    }
}

 

Insights-specific configuration


If enabling Insights, users can include SMTP server configuration that will be used to send scheduled emails/alert emails. If not provided, scheduled emails and alert emails will not function.

The insights.smtp_configuration fields details:

ParameterDescription
tls_versionValid values are TLSv1_2, TLSv1_1, SSLv23. Omit key altogether if not using TLS.
from_emailAddress that alert/scheduled emails will be sent from.
hostHostname of the SMTP server.
portPort of the SMTP server.
usernameUsername for SMTP server authentication.
passwordPassword for SMTP server authentication.
Click to see an example
"insights": {
    "enabled": true,
    "smtp_configuration": {
      "tls_version": "TLSv1_2",
      "from_email": "[email protected]",
      "host": "smtp.sendgrid.com",
      "port": 587,
      "username": "login",
      "password": "password123"
    }
  }

 

Process Mining-specific configuration


If enabling Process Mining, we recommend users to specify a SECONDARY SQL server to act as a data warehouse that is separate from the primary Automation Suite SQL Server. The data warehouse SQL Server will be under heavy load and can be configured in the processmining section:

ParameterDescription
sql_connection_strDotNet formatted connection string with database set as a placeholder: Initial Catalog=DB_NAME_PLACEHOLDER.
sqlalchemy_pyodbc_sql_connection_strSqlalchemy PYODBC formatted connection string for custom metadata location:
sqlServer:1433/DB_NAME_PLACEHOLDER.
warehouse.sql_connection_strDotNet formatted SQL connection string to the processmining data warehouse SQL Server with placeholder for dbname:
Initial Catalog=DB_NAME_PLACEHOLDER.
warehouse.sqlalchemy_pyodbc_sql_connection_strSqlalchemy PYODBC formatted SQL connection string to the processmining data warehouse SQL Server with placeholder for dbname:
sqlServer:1433/DB_NAME_PLACEHOLDER.
warehouse.master_sql_connection_strIf the installer is creating databases through sql.create_db: true setting, a DotNet formatted master SQL connection string must be provided for the processmining data warehouse SQL Server. Database in the connection string must be set as master.

 

Automation Suite Robots-specific configuration


Automation Suite Robots can use package caching to optimize your process runs and allow them to run faster. NuGet packages are fetched from the filesystem instead of being downloaded from the Internet/network. This requires an additional space of minimum 10GB and should be allocated to a folder on the host machine filesystem of the dedicated nodes.

To enable package caching, you need to update the following cluster_config.json parameters:

ParameterDefault valueDescription
packagecachingtrueWhen set to true, robots use a local cache for package resolution.
packagecachefolder/uipath_asrobots_package_cacheThe disk location on the serverless agent node where the packages are stored.

 

Monitoring configuration


To provision enough resources for monitoring (see Using the monitoring stack), you should consider the number of vCPUs in the cluster and the amount of desired metric retention. See below for how to set the following monitoring resource configurations.

The following table describes the monitoring field details:

ParameterDescription
prometheus_retentionIn days.
This is the amount of days that metrics will be retained for the purpose of visualization in Grafana and manual querying via the Prometheus console.

Default value is 7.
prometheus_storage_sizeIn GB.
Amount of storage space to reserve per Prometheus replica.
A good rule of thumb is to set this value to:
0.65 * vCPU cores * (prometheus_retention / 7)

Example:
If you set prometheus_retention to 14 days, and your cluster has 80 cores spread across 5 machines, this becomes:
0.65 * 80 * (14 / 7)
52 * (2)
104

Default value is 45 and should not be set lower.

If Prometheus starts to run out of storage space, an alert will be triggered with specific remediation instructions. See here.
prometheus_memory_limitIn MB.
Amount of memory to limit each Prometheus replica to.
A good rule of thumb is to set this value to:
100 * vCPU cores * (prometheus_retention / 7)

Example:
If you've set prometheus_retention to 14 days, and your cluster has 80 cores spread across 5 machines, this becomes:
100 * 80 * (14 / 7)
8000 * (2)
16000

Default value is 3200 for the single-node evaluation mode, and 6000 for the multi-node HA-ready production mode, and should not be set lower.

If Prometheus starts to run out of memory, an alert will be triggered with specific remediation instructions. See here.
Click to see an example
"monitoring": {
  "prometheus_retention": 14,
  "prometheus_memory_limit": 16000,
  "prometheus_storage_size": 104
}

 

Optional: Configuring the proxy server


📘

Note:

Make sure you meet the proxy server requirements before configuring the proxy server during installation.
For details, see Step 2: Adding proxy configuration to each node.

While running the interactive installer wizard, you need to exit it and update the cluster_config.json during the advanced configuration step.

You need to add the following to the configuration file using vim or your favorite editor to the configuration file:

"proxy": {
  "enabled": "true",
  "http_proxy": "http://<PROXY-SERVER-IP>:<PROXY-PORT>",
  "https_proxy": "http://<PROXY-SERVER-IP>:<PROXY-PORT>",
  "no_proxy": "alm.<fqdn>,<fixed_rke_address>:9345,<fixed_rke_address>:6443,<named server address>,<metadata server address>,10.0.0.0/8,<private_subnet_ip>,<sql server host>,<Comma separated list of ips that should not got though proxy server>"
}
Mandatory parametersDescription
enabledUse true or false to enable or disable proxy settings.
http_proxyUsed to route HTTP outbound requests from the cluster. This should be the proxy server FQDN and port.
https_proxyUsed to route HTTPS outbound requests from the cluster. This should be the proxy server FQDN and port.
no_proxyComma-separated list of hosts, IP addresses, or IP ranges in CIDR format that you do not want to route via the proxy server. This should be a private subnet range, sql server host, named server address, metadata server address: *.<fqdn>,<fixed_rke_address>:9345,<fixed_rke2_address>:6443.

fqdn - the cluster FQDN defined in cluster_config.json
fixed_rke_address - the fixed_rke_address defined in cluster_config.json
named server address - the IP address from /etc/resolv.conf
private_subnet_ip - the cluster VNet
sql server host - sql server host
metadata server address - the IP address 169.254.169.254 used to fetch machine metadata by cloud services such as Azure and AWS

 

Optional: Enabling resilience to zonal failures in a multi-node HA-ready production cluster

To enable resilience to zonal failures in a multi-node cluster, take the following steps:

  1. Make sure nodes are spread evenly across three availability zones. For a bare-metal server or VM provided by any vendor except for AWS, Azure, or GCP, zone metadata has to be provided via the configuration file at /etc/default/k8s-node-labels on every machine in following format.
NODE_REGION_LABEL=<REGION_NAME>
NODE_ZONE_LABEL=<ZONE_NAME>
cat > /etc/default/k8s-node-labels <<EOF
EXTRA_K8S_NODE_LABELS="topology.kubernetes.io/region=$NODE_REGION_LABEL,topology.kubernetes.io/zone=${NODE_ZONE_LABEL}"
EOF
  1. Update the cluster_config.json file during the advanced configuration step.

To update the cluster_config.json using the interactive installation wizard, exit at advanced configuration step and add the following to the configuration file using vim or your favorite editor:

"zone_resilience": true
Mandatory parametersDescription
zone_resilienceUse true or false to enable or disable resilience to zonal failure.

🚧

If you enable resilience to zonal failure, passing the --zone and --region arguments is:

  • recommended if you provision your machines on AWS, Azure, or GCP, and metadata services are enabled as the installer populates the zone and region details.
  • mandatory if you provision your machines on AWS, Azure, or GCP, and metadata services are disabled, or if you opt for a different cloud provider.

 

Optional: Passing custom resolv.conf

The Kubernetes cluster that Automation Suite deploys uses the name servers configured in /etc/resolv.conf. Kubernetes does not work with local DNS resolvers (127.0.0.1 or 127.0.0.0/8), so if you have such name servers configured in /etc/resolv.conf file, you need to pass a file reference with the correct nameserver entries accessible from anywhere on the VM in the .infra.custom_dns_resolver parameter in cluster_config.json.
For details on a known limitation, see Kubernetes documentation.

Optional ParametersDescription
.infra.custom_dns_resolverPath to the file with correct name server entries that can be accessed from anywhere on the VM. These name server entries must not be from 127.0.0.0/8.

 

Optional: Increasing fault tolerance

By default, the multi-node HA-ready production profile allows for one server node going down without causing a deployment failure. You can increase the tolerance to server node failure using the fault_tolerance parameter in the cluster_config.json file. The parameter modifies the replication factor of in-cluster storage components such as Ceph and Longhorn.

Hardware requirements

To increase fault tolerance beyond 1, make sure your environment meets the following requirements:

  • Your cluster consists of a minimum of 2x+1 server nodes, where x is the required server node fault tolerance;
  • Each server node has raw device configured.

How to increase fault tolerance

To increase fault tolerance beyond 1, take the following steps:

  1. Set fault_tolerance to the required value in the cluster_config.json file. If you set it before starting the installation or upgrade operation, you do not need to take any additional steps.

  2. Run the uipathctl.sh installer to modify the in-cluster Ceph objectstore replication factor. Wait until the operation completes successfully.

  3. Run the install-uipath.sh installer to modify the Longhorn volumes replication factor. Wait until the operation completes successfully.

Updated 10 days ago


Manual: Advanced installation experience


This page explains how to use Automation Suite's cluster_config.json configuration file.

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.