Orchestrator
2020.10
false
- Getting Started
- Requirements
- Best Practices
- Installation
- Updating
- Identity Server
- High Availability Add-on
OUT OF SUPPORT
Orchestrator Installation Guide
Last updated Dec 12, 2023
Orchestrator Scripts
The following table describes all the parameters that can be used with the
Publish-Orchestrator.ps1.
|
Parameter |
Description |
|---|---|
-action | Mandatory. Indicates the type of scenario you want to start. The
following options are available:
|
-azureAccountApplicationId | Mandatory. The Azure service principal ID. Please note that the used service principal needs to be assigned the Contributor role to the app service at the subscription scope. |
-azureAccountPassword | Mandatory. The Azure token password for the service principal ID. |
-azureSubscriptionId | Mandatory. The Azure subscription ID for the App Service that hosts Orchestrator. |
-azureAccountTenantId | Mandatory. The Azure tenant ID. |
-resourceGroupName | Mandatory. The name of the Azure Resource Group that contains the Orchestrator App Service. |
-appServiceName | Mandatory. The Orchestrator Azure App Service name. |
-hostAdminPassword | Mandatory only for fresh deployments, when -action is
set to Deploy. Specify a custom password for the host
administrator. Please note that passwords have to be least 8 characters
long, and must have at least one lowercase character and at least one
digit.
|
-isHostPassOneTime | Optional. Enables you to enforce a password reset on the first login for the host administrator. If this parameter is omitted, the host admin password is not a one-time password. |
-defaultTenantAdminPassword | Mandatory only for fresh deployments, when -action is
set to Deploy. Specify a custom password for the
default tenant administrator. Please note that passwords have to be
least 8 characters long, and must have at least one lowercase character
and at least one digit.
|
-isDefaultTenantPassOneTime | Optional. Enables you to enforce a password reset on the first login for the default tenant administrator. If this parameter is omitted, the tenant admin password is not a one-time password. |
-package | Mandatory. Indicate the full path of the
UiPath.Orchestrator.Web.zip archive.
|
-activitiesPackagePath | Optional. Specify the full path of the
UiPathActivities.zip archive, which is included by
default, starting with v2018.4.4, in
UiPathOrchestrator.zip. This enables you to install
the local activity feed in Azure at install-time. Please note that this
parameter can be used only with the Legacy repository
type. Otherwise, it has to be manually set up.
|
-testAutomationFeatureEnabled | Optional. This parameter enables the Test Automation module, for test
data queues, test execution and scheduling. You can enable this feature
based on one of the following scenarios:
Start fresh with a clean Orchestrator install Configure the following settings
for your App
Service before running the
Publish-Orchestrator.ps1 script using the
-testAutomationFeatureEnabled parameter:
Make sure
to mark these settings as
Deployment slot setting,
especially, if you are using hotswap slots.
Enable Test Automation post Orchestrator installation If you
already have deployed Orchestrator without enabling the Test
Automation module, run the
Publish-Orchestrator.ps1
script with the same parameters as for an upgrade, and add the
-testAutomationFeatureEnabled
parameter.
Upgrade Orchestrator If you
upgrade your Orchestrator instance, run the
Publish-Orchestrator.ps1 script with the same
parameters as for an upgrade, and add the
-testAutomationFeatureEnabled
parameter.
|
-robotsElasticSearchUrl | Optional. This should be used only if you want to use Elasticsearch for
logging. Provide the Elasticsearch URL as the value, such as
"http://elasticserver:9200". If your Orchestrator
instance requires authentication, provide the
ElasticSearchUsername,
ElasticSearchPassword,
elasticSearchDiagnosticsUsername, and
elasticSearchDiagnosticsPassword
parameters.
|
-robotsElasticSearchTargets | Optional. This parameter enables you to send Robot logs only to the
configured Elasticsearch server. Provide the Elasticsearch URL as the
value, such as "http://elasticserver:9200". Please note
that it can only be used in conjunction with the
-robotsElasticSearchUrl parameter. If you do not
provide this parameter, Robot logs are sent to both the configured SQL
database and Elasticsearch.
|
-robotsElasticSearchUsername | Optional. This parameter enables you to indicate the username for your Elasticsearch instance if its authentication is enabled. |
-robotsElasticSearchPassword | Optional. This parameter enables you to indicate the password for your Elasticsearch instance if its authentication is enabled. |
-serverElasticSearchDiagnosticsUsername | Optional. This parameter enables you to indicate the username for your
Elasticsearch instance if its authentication is enabled. This parameter
together with elasticSearchDiagnosticsPassword
"Password" are required for internal Orchestrator
logs.
|
-serverElasticSearchDiagnosticsPassword | Optional. This parameter enables you to indicate the password for your
Elasticsearch instance if its authentication is enabled. This parameter
together with elasticSearchDiagnosticsUsername
"Username" are required for internal Orchestrator
logs.
|
-useQuartzClustered | Optional. A switch that indicates that this is a clustered installation. |
-loadBalancerUseRedis | Optional. Use Redis as a database to distribute messages and cache to and
from all the machines connected through your load balancer. If
-redisConnectionString is specified, it is
automatically set to true, otherwise it is set to
false.
|
-redisConnectionString | Optional. It can only be used if loadBalancerUseRedis is
set to true. A connection string that enables you to
set up your Redis server, which contains the URL of the server, the
password, and port used with Redis. It is also possible to enable SSL
encrypted connections between the Orchestrator nodes and the Redis
service. For more information, please click here.
Examples:
|
-azureSignalRConnectionString | Optional. Helps you enable Azure SignalR Service, facilitating a direct
communication between your Robot fleet and the SignalR Service -
Orchestrator no longer intermediates it. Please note that, if enabled,
Robots with a version lower than 2019.2 rely only on the Heartbeat
protocol to communicate to Orchestrator, meaning that any command given
from Orchestrator is picked up by a Robot only every 30 seconds.
Example: -azureSignalRConnectionString
"Endpoint=https://doctest.signalr.net;AccessKey=M1ug+sBu07hyyi12AgyJ52SEd4OgC2Mm6BvllVHCC9c=;Version=1.0;" |
-storageType | Optional. Defines the target where execution media and packages are to be
saved. It can be populated with the following targets:
If you have overridden the
UiPath.Orchestrator.dll.config
Storage.Type parameter in the Configuration
section of the Azure App Service, when upgrading you need to pass
this value as a script parameter to
Publish-Orchestrator.ps1.
|
-storageLocation | Optional. Defines the actual location where execution media and packages
are to be saved. Particularities:
More information on these deployments types is available here. If
you have overridden the
UiPath.Orchestrator.dll.config
Storage.Location parameter in the
Configuration section of the Azure App Service, when
upgrading you need to pass this value as a script parameter to
Publish-Orchestrator.ps1.
|
-standbyslotname | Optional. It can be used only in upgrade scenarios. If specified, the
script deploys Orchestrator in the indicated app service slot instead of
the Production one. Additionally, a swap slot is performed with the
Production slot, with no downtime.
Prerequisites:
|
-productionSlotName | Optional. It can be used only if the Orchestrator App Service deployment slot is different from the default Production App Service Slot set by Azure. |
-appSettings | Optional. Key-value pairs of application settings that are pushed to the
Azure App Service Configuration section after deployment. Keep in mind
that this only applies to settings from the App Settings section of the
UiPath.Orchestrator.dll.config file. You can use
this parameter to change specific settings that are not exposed through
the Publish-Orchestrator.ps1 script. For the rest,
please use their dedicated parameter while deploying the
script.
Please note that existing settings are merged with new ones. |
-stopApplicationBeforePublish | Optional. If present, it stops the application before deployment and it starts it after the deployment is completed. |
-unattended | Optional. If present, the deployment continues without any user confirmation. |
-bucketsAvailableProviders |
Optional. A string containing a comma-separated list of bucket providers you want to enable. If not specified, it defaults to
Orchestrator,Amazon,Azure,Minio. You also have the option to enable the FileSystem provider by adding it to that list.
Caution: If you use the FileSystem provider and upgrade to 20.10.7 or later, you must pass in a value that includes
FileSystem for this parameter. If you do not, this provider is disabled, and you will no longer be able to use those buckets.
|
-bucketsFileSystemAllowlist |
Mandatory only when FileSystem is selected as a bucket provider. The list of locations you
want to allow buckets to be created at for the FileSystem provider.
If you enable the FileSystem provider, you must pass in a value for
this parameter too. Values are a list of UNC paths, separated by the
pipe symbol
| (e.g.
\\mysharedstorage\mybyckets\|\\myotherserver\myotherbuckets).
|
The following
UiPath.Orchestrator.dll.config parameter values are automatically migrated and persisted when performing an update. To change them, provide new values when
calling the Publish-Orchestrator.ps1 script.
-NuGet.Packages.ApiKey
-NuGet.Activities.ApiKey
-NuGet.Packages.Path
-NuGet.Activities.Path
-machineKey/@decryption
-machineKey/@decryptionKey
-machineKey/@validationKey
-EncryptionKey
-NuGet.Repository.Type
-Storage.Type
-Storage.Location
-LoadBalancer.Redis.ConnectionString
-LoadBalancer.UseRedis
-Scalability.AzureSignalR.ConnectionString
-nlog/targets/target/@name=robotElasticBuffer/@name=RobotElastic/@uri
-nlog/targets/target/@name=robotElasticBuffer/@name=RobotElastic/@username
-nlog/targets/target/@name=robotElasticBuffer/@name=RobotElastic/@password
-nlog/rules/logger/@name=Robot.*/@writeTo
-nlog/targets/target/@name=serverElasticBuffer/@name=serverElastic/@uri
-nlog/targets/target/@name=serverElasticBuffer/@name=serverElastic/@username
-nlog/targets/target/@name=serverElasticBuffer/@name=serverElastic/@password
-nlog/targets/target/@name=serverElasticBuffer/@name=serverElastic/@index
-nlog/rules/logger/@name=*/@writeTo-NuGet.Packages.ApiKey
-NuGet.Activities.ApiKey
-NuGet.Packages.Path
-NuGet.Activities.Path
-machineKey/@decryption
-machineKey/@decryptionKey
-machineKey/@validationKey
-EncryptionKey
-NuGet.Repository.Type
-Storage.Type
-Storage.Location
-LoadBalancer.Redis.ConnectionString
-LoadBalancer.UseRedis
-Scalability.AzureSignalR.ConnectionString
-nlog/targets/target/@name=robotElasticBuffer/@name=RobotElastic/@uri
-nlog/targets/target/@name=robotElasticBuffer/@name=RobotElastic/@username
-nlog/targets/target/@name=robotElasticBuffer/@name=RobotElastic/@password
-nlog/rules/logger/@name=Robot.*/@writeTo
-nlog/targets/target/@name=serverElasticBuffer/@name=serverElastic/@uri
-nlog/targets/target/@name=serverElasticBuffer/@name=serverElastic/@username
-nlog/targets/target/@name=serverElasticBuffer/@name=serverElastic/@password
-nlog/targets/target/@name=serverElasticBuffer/@name=serverElastic/@index
-nlog/rules/logger/@name=*/@writeToThe following example enables you to perform a clean install of Orchestrator on one node, use Elasticsearch for logging, and
save packages in the Azure blob storage and their metadata in the SQL database. The procedure occurs in an
-unattended manner and logs its steps at the -verbose level.
.\Publish-Orchestrator.ps1 `
-action "Deploy" `
-unattended `
-package "E:\Work\Orch\Setup\UiPath.Orchestrator.Web.zip" `
-stopApplicationBeforePublish `
-azureSubscriptionId "8e34be72-1937-4aa0-b70e-81bab19gbf0a" `
-azureAccountTenantId "f8350d2a-n153-4d17-8927-902c51f72797" `
-azureAccountApplicationId "$AzureApplicationId" `
-azureAccountPassword "$AzurePassword" `
-resourceGroupName "DocTest-Orch-RG" `
-appServiceName "DocTests123" `
-hostAdminPassword "12345qwert" `
-defaultTenantAdminPassword "12345qwert" `
-storageType "Azure" `
-storageLocation "DefaultEndpointsProtocol=https;AccountName=usr;AccountKey=...;EndpointSuffix=core.windows.net" `
-robotsElasticSearchUrl "http://docelasticserver:9200" `
-verbose.\Publish-Orchestrator.ps1 `
-action "Deploy" `
-unattended `
-package "E:\Work\Orch\Setup\UiPath.Orchestrator.Web.zip" `
-stopApplicationBeforePublish `
-azureSubscriptionId "8e34be72-1937-4aa0-b70e-81bab19gbf0a" `
-azureAccountTenantId "f8350d2a-n153-4d17-8927-902c51f72797" `
-azureAccountApplicationId "$AzureApplicationId" `
-azureAccountPassword "$AzurePassword" `
-resourceGroupName "DocTest-Orch-RG" `
-appServiceName "DocTests123" `
-hostAdminPassword "12345qwert" `
-defaultTenantAdminPassword "12345qwert" `
-storageType "Azure" `
-storageLocation "DefaultEndpointsProtocol=https;AccountName=usr;AccountKey=...;EndpointSuffix=core.windows.net" `
-robotsElasticSearchUrl "http://docelasticserver:9200" `
-verboseThe following example enables you to perform a clean install of Orchestrator on multiple nodes and use Elasticsearch for logging
and Redis for caching and message distribution. Packages are saved in the Azure blob storage and their metadata in the SQL
database. The procedure occurs in an
-unattended manner and logs its steps at the -verbose level.
.\Publish-Orchestrator.ps1 `
-action "Deploy" `
-unattended `
-package "E:\Work\Orch\Setup\UiPath.Orchestrator.Web.zip" `
-stopApplicationBeforePublish `
-azureSubscriptionId "8e34be72-1937-4aa0-b70e-81bab19gbf0a" `
-azureAccountTenantId "f8350d2a-n153-4d17-8927-902c51f72797" `
-azureAccountApplicationId "$AzureApplicationId" `
-azureAccountPassword "$AzurePassword" `
-resourceGroupName "DocTest-Orch-RG" `
-appServiceName "DocTests123" `
-useQuartzClustered `
-redisConnectionString "docs123.redis.cache.windows.net:6380,passwprd=******,ssl=True" `
-azureSignalRConnectionString "Endpoint=https://doctest.signalr.net;AccessKey=*****;Version=1.0;" `
-robotsElasticSearchUrl "http://docelasticserver:9200" `
-hostAdminPassword "12345qwert" `
-defaultTenantAdminPassword "12345qwert" `
-storageType "Azure" `
-storageLocation "DefaultEndpointsProtocol=https;AccountName=usr;AccountKey=...;EndpointSuffix=core.windows.net" `
-verbose.\Publish-Orchestrator.ps1 `
-action "Deploy" `
-unattended `
-package "E:\Work\Orch\Setup\UiPath.Orchestrator.Web.zip" `
-stopApplicationBeforePublish `
-azureSubscriptionId "8e34be72-1937-4aa0-b70e-81bab19gbf0a" `
-azureAccountTenantId "f8350d2a-n153-4d17-8927-902c51f72797" `
-azureAccountApplicationId "$AzureApplicationId" `
-azureAccountPassword "$AzurePassword" `
-resourceGroupName "DocTest-Orch-RG" `
-appServiceName "DocTests123" `
-useQuartzClustered `
-redisConnectionString "docs123.redis.cache.windows.net:6380,passwprd=******,ssl=True" `
-azureSignalRConnectionString "Endpoint=https://doctest.signalr.net;AccessKey=*****;Version=1.0;" `
-robotsElasticSearchUrl "http://docelasticserver:9200" `
-hostAdminPassword "12345qwert" `
-defaultTenantAdminPassword "12345qwert" `
-storageType "Azure" `
-storageLocation "DefaultEndpointsProtocol=https;AccountName=usr;AccountKey=...;EndpointSuffix=core.windows.net" `
-verboseThe following example enables you to upgrade an existing multi-node Orchestrator to the latest available version, without
changing any pre-existing setting. The procedure occurs in an
-unattended manner and logs its steps at the -verbose level.
Publish-Orchestrator.ps1 `
-action Update `
-unattended `
-package "E:\Work\Orch\Setup\UiPath.Orchestrator.Web.zip" `
-stopApplicationBeforePublish `
-azureSubscriptionId "8e34be72-1937-4aa0-b70e-81bab19gbf0a" `
-azureAccountTenantId "f8350d2a-n153-4d17-8927-902c51f72797" `
-azureAccountApplicationId "$AzureApplicationId" `
-azureAccountPassword "$AzurePassword" `
-resourceGroupName "DocTest-Orch-RG" `
-appServiceName "DocTests123" `
-verbosePublish-Orchestrator.ps1 `
-action Update `
-unattended `
-package "E:\Work\Orch\Setup\UiPath.Orchestrator.Web.zip" `
-stopApplicationBeforePublish `
-azureSubscriptionId "8e34be72-1937-4aa0-b70e-81bab19gbf0a" `
-azureAccountTenantId "f8350d2a-n153-4d17-8927-902c51f72797" `
-azureAccountApplicationId "$AzureApplicationId" `
-azureAccountPassword "$AzurePassword" `
-resourceGroupName "DocTest-Orch-RG" `
-appServiceName "DocTests123" `
-verboseThe following example enables you to upgrade an existing multi-node Orchestrator to the latest available version while changing
only the value of the
Webhooks.Enabled and Telemetry.Enabled parameters to false. The procedure occurs in an -unattended manner and logs its steps at the -verbose level.
Publish-Orchestrator.ps1 `
-action Update `
-unattended `
-package "E:\Work\Orch\Setup\UiPath.Orchestrator.Web.zip" `
-stopApplicationBeforePublish `
-azureSubscriptionId "8e34be72-1937-4aa0-b70e-81bab19gbf0a" `
-azureAccountTenantId "f8350d2a-n153-4d17-8927-902c51f72797" `
-azureAccountApplicationId "$AzureApplicationId" `
-azureAccountPassword "$AzurePassword" `
-resourceGroupName "DocTest-Orch-RG" `
-appServiceName "DocTests123" `
-appSettings @{"Webhooks.Enabled"="false"; "Telemetry.Enabled"="false"} `
-verbosePublish-Orchestrator.ps1 `
-action Update `
-unattended `
-package "E:\Work\Orch\Setup\UiPath.Orchestrator.Web.zip" `
-stopApplicationBeforePublish `
-azureSubscriptionId "8e34be72-1937-4aa0-b70e-81bab19gbf0a" `
-azureAccountTenantId "f8350d2a-n153-4d17-8927-902c51f72797" `
-azureAccountApplicationId "$AzureApplicationId" `
-azureAccountPassword "$AzurePassword" `
-resourceGroupName "DocTest-Orch-RG" `
-appServiceName "DocTests123" `
-appSettings @{"Webhooks.Enabled"="false"; "Telemetry.Enabled"="false"} `
-verbose
