-
Notifications
You must be signed in to change notification settings - Fork 120
Using ArcGIS Chef Cookbook to deploy highly available base ArcGIS Enterprise deployment on Windows
ArcGIS Enterprise is an ArcGIS deployment pattern that includes Portal for ArcGIS, ArcGIS for Server, and ArcGIS Data Store.
Deploy a full stack ArcGIS Enterprise on a single machine page describes how to deploy full stack Web GIS on a single machine.
The additional steps for manual deployment of highly available (HA) base ArcGIS Enterprise are described in these help topics:
- Configuring a highly available portal
- Installing ArcGIS for Server on multiple machines
- Tasks to perform after you create a data store
ArcGIS Chef cookbook helps to simplify and accelerate HA base ArcGIS Enterprise deployment by automating these steps. To deploy HA base ArcGIS Enterprise you will need:
- ArcGIS Chef Cookbook v3.2.0 or later;
- Chef-client 12.5.1 or later;
- Refer to the Chef Client Compatibility Matrix to determine which is the best version to use.
- Setups files for Portal for ArcGIS, ArcGIS for Server, ArcGIS Data Store, and ArcGIS Web Adaptor for IIS;
- Authorization files for Portal for ArcGIS and ArcGIS for Server;
- A domain name for the Web GIS site;
- SSL certificate issued to the domain name of the Web GIS site (.pfx file, otherwise self-signed certificates will be generated);
- Network load balancer (NLB);
- Highly available file server;
- Two machines that meet ArcGIS for Server and Portal for ArcGIS system requirements (see Portal for ArcGIS system requirements and ArcGIS for Server system requirements).
Using Chef-Server to deploy the Web GIS site on multiple machines is recommended, but is not strictly required. This workflow describes deploying HA base ArcGIS Enterprise using Chef-Solo without using Chef-Server.
Configure the file server machine:
- Install Windows Chef Client.
- The following command can be used to download and install from a PowerShell window:
.{ iwr -useb https://omnitruck.chef.io/install.ps1 } | iex; install -version 13.6.0 -project chef -download_directory "C:\Chef"
- The following command can be used to download and install from a PowerShell window:
- Download the arcgis cookbook to the file server machine.
- Extract the contents of the cookbook zip file to C:\chef. The final folder structure should be c:\chef\cookbooks\arcgis; c:\chef\coobooks\arcgis-enterprise; etc.
- Edit c:\chef\roles\arcgis-enterprise-windows-file-server.json file.
- Note that the following two recipes are predefined in the run-list which will create the file share:
- arcgis-enterprise::system
- arcgis-enterprise::fileserver
- Set run_as_user and run_as_password attributes values. This can be a local account or an existing domain account, and the cookbook will grant this account full access to the file share it creates.
- Start a command line window as an administrator and run
chef-solo -j C:\chef\arcgis-enterprise-windows-file-server.json
Configure the primary Web GIS machine:
- Install Windows Chef Client.
- The following command can be used to download and install from a PowerShell window:
.{ iwr -useb https://omnitruck.chef.io/install.ps1 } | iex; install -version 13.6.0 -project chef -download_directory "C:\Chef"
- The following command can be used to download and install from a PowerShell window:
- Download the arcgis cookbook to the primary machine.
- Extract the contents of the cookbook zip file to C:\chef. The final folder structure should be c:\chef\cookbooks\arcgis; c:\chef\coobooks\arcgis-enterprise; etc.
- Edit c:\chef\roles\arcgis-enterprise-windows-ha-primary.json file.
- Note that the following recipes are predefined:
- "recipe[arcgis-enterprise::system]",
- "recipe[esri-iis]",
- "recipe[arcgis-enterprise::portal]",
- "recipe[arcgis-enterprise::portal_wa]",
- "recipe[arcgis-enterprise::server]",
- "recipe[arcgis-enterprise::server_wa]",
- "recipe[arcgis-enterprise::datastore]"
- Set run_as_user and run_as_password attributes values to the user account that was specified in your c:\chef\roles\arcgis-enterprise-windows-file-server.json file.
- If the repository variable is defined, you do not need to also specify the path to your setup file.
- If you are specifying the path to your setup file, examine your file. Setup files named "Setup.exe" should be defined in the JSON using the
setupsvariable; setup files named in a format such as "ArcGIS_Server_Windows_1081_175203.exe" are self-extracting and should be defined using thesetups_archivevariable. - Additional attributes can be added. A full list can be found in the arcgis-enterprise README.md. For example, you may want to consider adding node['arcgis']['portal']['web_context_url'] and node['arcgis']['server']['web_context_url'], which can be used to define your existing Network Load Balancer.
- Once the Chef run has completed on the file server machine, start a command line window as an administrator and run
chef-solo -j C:\chef\roles\arcgis-enterprise-windows-ha-primary.json
Configure the secondary Web GIS machine:
- Install Windows Chef Client.
- The following command can be used to download and install from a PowerShell window:
.{ iwr -useb https://omnitruck.chef.io/install.ps1 } | iex; install -version 13.6.0 -project chef -download_directory "C:\Chef"
- Download the arcgis cookbook to the secondary machine.
- Extract the contents of the cookbook zip file to C:\chef. The final folder structure should be c:\chef\cookbooks\arcgis; c:\chef\cookbooks\arcgis-enterprise; etc.
- Edit c:\chef\roles\arcgis-enterprise-windows-ha-secondary.json file, as you did for the first machine.
- Note the following recipes are predefined in the run-list:
- "recipe[arcgis-enterprise::system]",
- "recipe[esri-iis]",
- "recipe[arcgis-enterprise::portal_standby]",
- "recipe[arcgis-enterprise::portal_wa]",
- "recipe[arcgis-enterprise::server_node]",
- "recipe[arcgis-enterprise::server_wa]",
- "recipe[arcgis-enterprise::datastore_standby]",
- "recipe[arcgis-enterprise::federation]"
- A common practice is to move the arcgis-enterprise::federation recipe into its own role json file, which then can be ran separately after the Chef run for secondary Web GIS machine has completed.
- Once the Chef run has completed on the primary Web GIS machine, start a command line window as an administrator and run
chef-solo -j C:\chef\arcgis-enterprise-windows-ha-secondary.json
Add the machines to your NLB.
NOTE: Configuring ArcGIS Web Adaptor with Portal requires providing the site domain name and actually sends requests to this domain. The domain name typically points to NLB. In some cases NLB does not forward requests to a machine unless the machine is healthy, that is an application-level health-check succeeds, and the machine is not healthy unless it is fully configured and is ready to accept the traffic. To solve this chicken-egg problem the arcgis-enterprise::hosts recipe can be added to each of your role json files and the cookbook will then an entry to ‘\Windows\System32\drivers\etc\hosts’ file that points the domain name to local IP address. After that the requests to the site domain name from the machine go directly to the machine and bypass NLB.
This document describes configuration with two base ArcGIS Enterprise machines (primary and secondary) with server, portal and data store running on each machine, and a file server machine. The cookbook could also be used to deploy fully distributed Web GIS configurations with dedicated role for each machine. The role of the machine is defined by the list of recipes specified in the node’s run_list.