orchestrator
2022.10
false
UiPath logo, featuring letters U and I in white

Orchestrator Installation Guide

Automation CloudAutomation Cloud Public SectorAutomation SuiteStandalone
Last updated Dec 9, 2024

Azure Marketplace Deployment

Azure marketplace deployments allow you to deploy UiPath solutions directly from the Azure portal.

Note:

Azure Marketplace keeps the latest UiPath Orchestrator version.

UiPath Orchestrator

This wizard allows you to deploy single or multi-node environments. The components are:

Name

Details

Used for hosting the web services required (eg. Orchestrator, Identity, WebHooks). All components are in the same App Service Plan. If you deploy a multi-node deployment the High Availability Add-on will be accessible using a Virtual Network Integration

The SQL Database (and server) used by the web services.

Application insights used for logging autoscaling rules.

The storage account used to store packages/libraries.

Used to configure the deployment using scripts that are run on a Windows Virtual Machine.

Temporarily deployed Virtual Machine that will run scripts to configure the aforementioned Web Services (Web Apps). This machine uses the Managed Identity to authenticate to Azure. It gets deployed in a separate VNet together with a Network Interface Card and a separate storage account

This is used cleanup Azure Resources (Configuration VM and all dependencies). This resource will automatically be removed at the end if successful.

(Optional) High Availability Add-on (HAA) Components

Important:

Multi-node Orchestrator deployments use the RESP (Redis Serialization Protocol) for communication and thus can be configured using any solution relying on this protocol.

HAA is the only such solution supported by UiPath.

Full support is provided to users of Redis Enterprise with the purchase of an HAA module.

Name

Details

There are three Linux VMs that are deployed together to form a cluster. The cluster gets deployed in a VNet together with Network Interface Cards for each node. The nodes are not publicly exposed and are connected to the Orchestrator App Service through Virtual Network Integration

Going Through the Wizard

Basics



In this step, you need to select the subscription, the Resource Group, and Region where you want the solution to be deployed.

Note: You need to have Owner permissions on the Resource Group or Subscription to deploy since the deployments create a user-managed identity (see components).

Orchestrator Details



Name

Details

Orchestrator Name

Orchestrator name will have a random suffix appended.

Password

Define the password that will be used for the host administrator and the default tenant administrator account (admin).

Orchestrator Version

Select the version of the UiPath Orchestrator you want to deploy.

Orchestrator Instances

The number of P2v2 instances that will be created (scaled to). Can be maximum 30.

Orchestrator Size

This will deploy different versions of the SQL DataBase.

Small: < 100 robots (4 Core)

Medium: < 250 robots (8 Core)

Large: < 500 or more robots (16 Core)

Please note that if you selected one Orchestrator instance you will have the option to skip High Availability Add-on installation. If you chose to skip it, please not change the number of instances since that will be an unsupported scenario.

HAA Server Configuration



Name

Details

HAA Servers (VM) Admin Login

Define the admin username for the High Availability Add-on virtual machines.

Password

Define the admin password for the High Availability Add-on virtual machines.

HAA Admin Email

Define the admin email for the High Availability Add-on.

Password

Define the admin password for the High Availability Add-on.

High Availability Add-on License

High Availability Add-on license. If not provided you will have to enter a license in 30 days.

Virtual Machine Size

The size of the three RHEL (Red Hat Enterprise Linux) virtual machines to provision. We recommend 2-4 CPU and 8-16 GB RAM.

Virtual Network for HAA

A virtual network that will be used to deploy the High Availability Add-on virtual machines. They will be deployed in a subnet and another subnet is required for the WebApp virtual network integration (private connectivity).

Subnets

Two subnets required:

  • Virtual network subnet that will be used to deploy the High Availability Add-on virtual machines.
  • Virtual network subnet used for App Service/Web App VNet integration (private connectivity). If you are using an existing VNet, this subnet must be empty, configured, and only used for this purpose.

Orchestrator SQL Settings



Name

Details

Orchestrator SQL Server Name

The SQL server name will have a random suffix appended.

Orchestrator SQL Server Admin Login

Define the admin username for the Orchestrator SQL server.

Password

Define the admin password for the Orchestrator SQL server.

Certificate Configuration

Name

Details

Token Signing Certificate (pfx)

The certificate used for token signing.

The certificate pfx must meet all requirements.
PasswordToken signing certificate password.

The certificate used in this step could be generated using the following commands:

#Generate certificate directly in the LocalMachine personal store
 $cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature `
    -Subject "CN=UiPathSelfSignedRoot" `
    -KeyExportPolicy Exportable `
    -HashAlgorithm sha256 -KeyLength 4096 `
    -CertStoreLocation "cert:\LocalMachine\My" `
    -KeyUsageProperty Sign `
    -KeyUsage CertSign `
    -NotAfter (Get-Date).AddYears(2)

#Create a secure string password for the certificate
$mypwd = ConvertTo-SecureString -String "1234" -Force -AsPlainText

#Export the certificate from the LocalMachine personal store to a file `mypfx.pfx`
Get-ChildItem -Path "cert:\LocalMachine\my\$($cert.Thumbprint)" | Export-PfxCertificate `
    -FilePath mypfx.pfx `
    -Password $mypwd `
    -CryptoAlgorithmOption TripleDES_SHA1

#Remove the certificate from the LocalMachine personal store
Get-ChildItem "Cert:\LocalMachine\My\$($cert.Thumbprint)" | Remove-Item#Generate certificate directly in the LocalMachine personal store
 $cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature `
    -Subject "CN=UiPathSelfSignedRoot" `
    -KeyExportPolicy Exportable `
    -HashAlgorithm sha256 -KeyLength 4096 `
    -CertStoreLocation "cert:\LocalMachine\My" `
    -KeyUsageProperty Sign `
    -KeyUsage CertSign `
    -NotAfter (Get-Date).AddYears(2)

#Create a secure string password for the certificate
$mypwd = ConvertTo-SecureString -String "1234" -Force -AsPlainText

#Export the certificate from the LocalMachine personal store to a file `mypfx.pfx`
Get-ChildItem -Path "cert:\LocalMachine\my\$($cert.Thumbprint)" | Export-PfxCertificate `
    -FilePath mypfx.pfx `
    -Password $mypwd `
    -CryptoAlgorithmOption TripleDES_SHA1

#Remove the certificate from the LocalMachine personal store
Get-ChildItem "Cert:\LocalMachine\My\$($cert.Thumbprint)" | Remove-Item

Tags Configuration

Here you can create tags for the resources created in the deployment.

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.