订阅

UiPath Automation Suite

UiPath Automation Suite 指南

2022.4.0

Release date: 29 July 2022

What’s new


Automation Suite 2022.4.0 now supports RHEL 8.6.

 

Release date: 23 May 2022

What’s new


Data Service now available in Automation Suite

"Develop et impera" with our newest Automation Suite member: Data Service. We bring the service within your reach for broader accessibility, providing secure storage and management capabilities for your UiPath data models. Now you can store your business data by creating Data Service entities, import them in Studio, design workflows using your own data, interact with other UiPath products, such as Apps, all from a central location. Moreover, you can reference the available API resources to develop your own application and leverage the Data Service functionality to your interests. That's one way to satisfy your automation "sweet(suite) tooth".

🚧

重要

When upgrading to a new Automation Suite version, newly onboarded products are not enabled by default. This is also the case of Data Service, which you can only enable following a 2022.4 upgrade. For instructions, see Managing products.

On the other hand, if you perform an Automation Suite clean installation, Data Service is enabled by default, regardless of whether you opt for the Basic or Complete profile. To disable the product, see Manual: Advanced installation experience.

 

Resource Catalog now available in Automation Suite

As part of this Automation Suite version, we have also enabled Resource Catalog by default. This new service is integrated with Orchestrator, and no action is required from your part in terms of installation and configuration. For more details on the functionality brought about by the Resource Catalog, see Orchestrator documentation.

 

组织级别的 SAML 集成

该集成允许您将 Automation Suite 连接到支持 SAML 2.0 标准的任何第三方身份提供程序 (IdP),例如 Okta 或 PingOne 等。
该集成已在主机级别可用,但现在您也可以在组织级别启用它。

About the SAML authentication model | Configuring the SAML integration (for organizations)

 

LDAP over SSL (LDAPS)

We have added support for LDAP over SSL for the Active Directory integration.
配置

 

许可

Insights licensed at host level

The Insights service license can now be managed from the host level as well, as for other service licenses, not only from the organization level.

Auditing for license allocation and deallocation

Allocating or deallocating licenses at the host level are now recorded in the host audit logs.

“许可证”页面的性能改进

为了提高检索“许可证”页面中大型用户或组列表的性能,我们进行了以下用户界面更改,适用于已启用用户许可证管理模型的租户:

  • “名称”列已无法用于筛选“用户”列表。

  • 搜索用户不再对列表进行排序。

  • 删除的用户或组将以不适用标签进行标识。

必须手动删除已删除用户或组的孤立许可证,以便可以将其重新引入许可证池中,以供将来重新分配。

新用户许可证:Automation Developer

对于拥有 RPA Developer Pro、RPA Developer 或 Test Developer Pro 用户许可证的现有客户,您可以在产品中看到以下更改:

  • 所有现有 RPA Developer Pro 许可证都重命名为 Automation Developer。

  • 现有 RPA Developer 许可证将保持不变。

  • 现有的 Test Developer Pro 许可证(产品中未显示)现已添加到您的 Automation Developer 许可证中共同计数。

转换许可证

How? If you are on version 2020.4 or later, you can request to convert your existing RPA Developer and Test Developer Pro user licenses to Automation Developer user licenses by submitting a licensing ticket to Support.

为什么这样做?将现有许可证转换为 Automation Developer 许可证后,您需要管理的许可证类型会更少。此外,如果您现有的是 RPA Developer 许可证,则可以通过转换许可证来升级到 Automation Developer 提供的全套功能。

更新许可证分配:完成许可证转换并在产品中提供 Automation Developer 许可证后,您必须更新许可证分配。对于通过组分配或直接分配 RPA Developer 许可证的用户或组,请为其分配 Automation Developer 许可证。

 

Automated prerequisite validation

We have automated the process of verifying if your environment meets the requirements before installing Automation Suite. You now have dedicated scripts that help you prepare for a smooth installation. For details on how to use the new tools, see:

 

Support for new RHEL versions

You can now install Automation Suite on machines running Red Hat Enterprise Linux (RHEL) 8.5. In addition to that, RHEL 8.4 is supported for GPU.

 

ArgoCD access

There are two ways to access ArgoCD now, depending on the operations you want to perform: you can use either the read-only account for basic scenarios or the admin account for advanced configuration. For more details, see Managing the cluster in ArgoCD.

 

Graceful node shutdown

You can now perform a graceful node shutdown using the newly introduced drain-node.sh script. For instructions, see Shutting down a node.

 

Documentation updates

We want you to be able to easily keep an eye on the improvements we make to our cloud templates. That is why we have decided to document template improvements in separate release notes. Every couple of weeks, you will see new release notes in the sections dedicated to each template:

Templates for Automation Suite 2022.4.0 will be released soon, and we will make sure to add all the details to the release notes.
Note that overall Automation Suite release notes will not be impacted by this change.

 

改进


Storage optimizations

Many components in Automation Suite use Persistent Volumes to store the data within the cluster. These Persistent Volumes are replicated on multiple nodes to ensure you have minimal RTO and RPO in the multi-node HA-ready production deployment.

Some components, such as Ceph, which stores NuGet packages and queue data in Orchestrator, datasets uploaded in AI Center, recordings for Task Mining analysis, etc., had a replication factor of 18x. In other words, to store 1GB of data, you needed 18GB of disk space spread across multiple server nodes. Needless to say, this involved huge storage overhead. Other Persistent Volumes used by components such as Prometheus, AlertManager, RabbitMQ, MongoDB, Insights, etc., were in a similar situation.

This Automation Suite release brings a series of storage level optimizations designed to reduce Ceph Objectstore requirements to a replication factor of 9x. This is possible by moving Ceph from Replicated to Erasure coding algorithm.

However, you can consider this solution only if you use Ceph 15.x. This is the case if you clean-install Automation Suite 2022.4 or you upgrade from one of the following versions: 2021.10.0, 2021.10.1, 2021.10.2 to 2022.4.0. On the other hand, if your Ceph version is 16.x, performing the storage optimization operations will result in reduce fault tolerance to data corruption. For this reason, storage optimizations are not recommended when upgrading from 2021.10.3 or 2021.10.4 to 2022.4. For details on this, see Optimizing Objectstore storage.

If, however, you decide to perform the additional migration steps for Ceph when upgrading to Automation Suite 2022.4, here's what you need to keep in mind. The migration needs temporary storage in underlying disks. If you have at least 35% of available storage, you can follow Automated: Migrating Ceph data pool from replicated to erasure-coded type. Otherwise, you must bring the additional disk of 512GiB on any of the server machines where you plan to perform the migration, and follow the instructions in Manual: Migrating Ceph data pool from replicated to erasure-coded type.

Keep in mind that, when upgrading the cluster from 2021.10 to 2022.4, the storage size of other components will remain the same because Kubernetes inherently does not support reducing the size of Persistent Volumes. Fresh installations are not affected by this limitation.

As for other components, we have also drastically reduced their size to bring down the overall storage requirements.

To find out how much storage you need for your use case, see Evaluating your storage needs.

 

Enhanced backup and restore experience

We have put a lot of effort into overhauling the entire backup and restore experience so that you can keep your Automation Suite cluster safe without moving heaven and earth.

You can now choose between two different approaches: an automated and a manual one. The automated backup and restore method plays the leading role and is also the recommended option as it makes the entire process more approachable and less error-prone.

A new versatile script is what facilitates this simplification: uipathctl.sh. Wondering what is so versatile about it? Aside from helping you configure the backup and restore the cluster, the script can also be used in upgrade scenarios. For more details, see Using uipathctl.sh.

On the other hand, the manual approach to the backup and restore operation requires more technical expertise but also opens the door to more customization.

For an overview of the two options and additional instructions, see Backing up and restoring the cluster.

 

Improved upgrade experience

As is also the case of the backup and restore operation, we have also considerably improved the upgrade experience so that you can easily move to the latest Automation Suite version. Similarly, you can now choose between an automated and manual method.

The automated approach, which we recommend since it required a minimum amount of effort from your end, relies on the uipathctl.sh script.

On the other hand, the manual upgrade is a more complex operation, which requires more technical knowledge and is suitable for those of you who want increased control of the entire process. Note, however, that manual upgrades from version 2021.10 require that you take some additional steps to migrate from Canal to Cilium CNI.

For instructions on how to upgrade Automation Suite, either manually or using the automated method, see Upgrading Automation Suite.

 

Improved alerting

Numerous alerts have been introduced to give you more control over Automation Suite and to be aware of any issues that you may encounter. Among them are the alerts for routing request, node going down, MongoBD, RabbitMQ alerts, etc. For more details, see Alert runbooks.

 

Installation improvements

  • The install-uipath.sh installer now accept the following new flags: -c, -m|--machines, --compare-config, --skip-compare-config. For more details, see install-uipath.sh parameters.

  • You no longer have to execute the install-uipath.sh installer when loading the Document Understanding and Computer Vision bundles in an offline environment. Refer to our documentation for the new commands: single-node evaluation profile and offline multi-node HA-ready production profile.

  • We have considerably simplified the GPU installation. Check out Enabling the GPU on the cluster for the new instructions.

  • The Istio gateway now requires TLS version 1.2 and above. While not recommended, using a deprecated TLS version is still possible. For more details, see Enabling a deprecated TLS version.

  • We have updated the requirements for the node port used for internal communication. Now you must only enable port 30071 instead of the 30000 - 32767 range.

 

MongoDB certificate renewal

Starting with 2022.4, the MongoDB certificates generated during installation are valid for three years. The CA certificate is renewed automatically 30 days before it expires, while the TLS certificate is renewed 20 days before it expires. Because of this, there is no user intervention needed to maintain the validity of the certificates.
However, if you want to renew the certificates manually, you can use the certificate rotation CLI. Follow the steps from the MongoDB certificate renewal page to do so.

 

User interface improvements

New Security Settings tab

The Automation Suite host portal and the Admin page of the organization-level portal now include a new tab called Security Settings.

This new tab includes the functionality that was previously available from the now-removed Authentication Settings tab that was available from the Users (host level) or Accounts & Groups (organization level) pages.

标头更新

We made a few minor changes to the Automation Suite header:

  • The user icon has moved from the upper-left corner of the window to the upper-right corner of the window.
  • In the upper-left corner, we now have the App launcher icon, which opens the list of Automation Suite products available to you.

用户偏好

From the user icon, you can now select the Preferences option to open the Preferences page. From there, you can set your language and theme preferences, as well as reset your password.
用户偏好

 

重大变更

Connect token

/connect/token 端点不再接受 multipart/form-data 内容类型。
升级到版本 2022.4 后,您必须更新对此端点的任何受影响的 API 请求,以改用 application/x-www-form-urlencoded 内容类型。

 

Azure AD integration (organization)

To follow Microsoft’s recommended least privilege model, we have updated the permissions that must be assigned from Azure in order to set up the Azure AD integration as follows:

  • For Group member permissions, instead of Group.Read.All we are now requiring the GroupMember.Read.All permission.
  • 对于 User 权限,而不是 User.Read.All,我们现在需要 User.ReadBasic.All 权限。(和以前一样,我们仍然需要 User.Read。)

影响

If you already had the integration set up, you must update your Azure configuration to:

  1. 将旧权限替换为新权限。
  2. 更改权限后,选中“授予管理员许可”复选框。

Azure AD 登录故障排除:如果您不执行步骤 2,则您的用户将在尝试登录时提供许可。由于只有 Azure 管理员可以提供许可,因此用户将无法再登录。

The Test Connection button is not available unless you make the above changes.

Configuring Azure for the integration (steps 9 and 10)

 

Bug fixes


  • Automation Suite has a dependency on Linux IP forwarding, which must be enabled. Occasionally, during node maintenance activity, IP forwarding would accidentally get disabled, breaking the communication to and from the affected node. Starting this release, Automation Suite automatically enables Linux IP forwarding.

  • Previously, any call to Automation Suite would return a partial certificate chain, which browsers and other tools would sometimes deem as untrusted. Starting with this release, Automation Suite always returns a full certificate chain.

  • Longhorn creates replicas of each Persistent Volume on different nodes to ensure High Availability. If the replication process on any node is faulted, Longhorn reclaims the affected replica and releases the space.
    However, if the node on which the faulted replica resides is unreachable for more than 30 minutes, Longhorn is not able to reclaim that space. For this reason, the faulted replica will continue to use the disk for eternity. To reclaim this space, we have introduced a cronjob that periodically checks for faulted replicas.

  • When wiping an old installation, and then installing the new cluster on the same machines, Istio pods were assigned incorrect IP addresses, which were outside the CIDR range of the Kubernetes cluster. For this reason, services running on the nodes with invalid Istio IP addresses were not able to serve traffic. This unwanted behavior occurred due to the residue files left behind by the uninstallation of the old cluster. To fix this problem, we have introduced an autohealer feature that monitors and heals Istio pods.

  • After restarting a single-node cluster, pods using Persistent Volumes were stuck in initialization status with the volumeattachment error. To prevent this issue, we have introduced an autohealer feature that monitors and heals pods.

  • Sometimes Ceph pods were stuck in termination state forever due to Longhorn being unable to delete the underlying loopback devices. This caused storage to be down, which, in turn, made the cluster inaccessible. To fix this problem, we have added a periodical cronjob that identifies the issue and implements the auto-recover functionality.

  • NetworkManager would manipulate the routing table for interfaces in the default network namespace where many CNIs, including RKE2's default, create veth pairs for connections to containers. This would interfere with the CNI’s ability to route correctly and could cause the Automation Suite installation to fail. To fix these issues, we have configured NetworkManager to ignore the flannel network interface.

  • Custom login page HTML would lose style properties after saving, leaving the page, and then returning to the page.

  • When configuring SMTP for system email notifications, the SMTP Host field failed validation if using a hostname instead of an FQDN.

  • Fixed the configureUiPathDisks.sh script to configure the /datadisk Longhorn partition when the underlying disk is vertically scaled.

  • When audit configuration was immutable, upgrades failed with no specific error message during the infra installation stage. We have fixed the issue.

 

已知问题


User sessions on the host- and organization-level portals do not time out.
To enforce a timeout period, you must manually set a timeout interval for the Management portals.

 

捆绑详情


要了解每个 Automation Suite 组件的更改,请访问以下链接。
如果组件显示为灰色,则此 Automation Suite 新版本不会对其进行任何更改。

Click here for details on the internal components this Automation Suite release bundles.

Component

Version

RKE2

v1.21.4+rke2r2

ArgoCD

v2.2.5

rook-ceph

v1.7.9

cert-manager

1.2.0

rancher

2.6.0

longhorn

1.2.2

longhorn-crd

1.1.100

reloader

v0.0.89

csi-driver-smb

v1.4.0

rabbitmq-operator

1.5.0

redis-operator

6.2.8-11

redis-cluster

6.2.8-53

mongodb

4.4.4-ent

docker_registry

2.7.1

self_heal_operator

0.0.1

Updated 6 days ago


2022.4.0


建议的编辑仅限用于 API 参考页面

您只能建议对 Markdown 正文内容进行编辑,而不能建议对 API 规范进行编辑。