Important!
This deployment plan is intended as a guiding example, to be used and customized according to the specific needs and practices of your company (i.e. removing public IPs, changing security groups, etc.).
Previous knowledge and experience working with AWS is highly recommended before undertaking this deployment.
Prerequisites
Before proceeding with your AWS deployment, make sure you have reviewed and complied with the following requirements:
- A valid domain registered in Amazon Route 53.
- A valid SSL certificate registered in Amazon Certificate Manager.
- Generated the necessary AWS Access Key and SSH Key(s).
- Selected the appropriate Amazon EC2 Instance Type corresponding to the Hardware Requirements of your Orchestrator deployment.
- Installed Terraform.
- Copied the contents of UiPath Infrastructure GitHub repository.
Note:
Alternatively, you can copy only the needed scripts from the Terraform folders by viewing the Raw contents.
Installation
Single-Node Orchestrator Deployment
- Complete the
variables.tffile with the necessary parameters:
| Parameter | Description |
|---|---|
aws_region | The region where Orchestrator is being deployed. By default this is set to eu-west-2 but can be edited.See here for the supported Availability Zones. |
access_key | The AWS access key. |
secret_key | The secret/password for the associated access_key. |
key_name | The name of the SSH keypair to use. |
aws_app_instance_type | The AWS instance type used for Orchestrator. By default this is set to m4.large. |
environment | The desired name of your environment. This is used as a prefix to tag the name of resources. |
application | The application stack name, used as a prefix to tag the name of resources. By default, this is set to OrchestratorStack but can be edited. |
db_username | The master username for your AWS Relational Database Service (RDS). |
db_password | The password for the master username of your RDS. |
db_name | The RDS database name. |
environment | The RDS environment name, used as a prefix to name resources. |
rds_allocated_storage | The allocated storage in GB. |
rds_instance_class | The RDS instance type. By default this is set to db.m4.large. |
rds_multi_az | Used to specify if the RDS instance is multi-Availability Zone. Set to false by default. |
skip_final_snapshot | Used to specify if a final database snapshot is created before the DB instance is deleted. Set to true by default. |
aws_availability_zones | The Availability Zones for each region. |
orchestrator_password | The password for the Orchestrator admin user for the Host and Default tenants. |
orchestrator_version | The version of Orchestrator. Set to 19.4.4 by default. |
admin_password | The password for the Windows administrator account used to login to the provisioned VM's. |
orchestrator_passphrase | Orchestrator passphrase used to generate NuGet API keys, App encryption keys, and Machine keys. |
orchestrator_license | The license code for your Orchestrator instance. |
- From the CLI, change to the directory of your Orchestrator plan. For example:
cd C:\terraform. - Run
terraform init. - Run
terraform plan. Review the resources to be deployed and typeterraform apply -auto-approveto deploy the resources.
Note: You can run the command without-auto-approveand it will show all resources which will be deployed, but not begin until you typeYesto confirm. - The deployment begins and should be completed in approximately 30 minutes, generating the following output:
| Name | Description |
|---|---|
public_ip | The public IP address assigned to your Orchestrator instance. |
mssql_id | The ID of the MSSQL database instance. |
mssql_address | The address of the MSSQL database instance. |
public_dns | The public DNS name assigned to the Orchestrator instance. |
Multi-Node Orchestrator Deployment
- Complete the
variables.tffile with the necessary parameters:
| Parameter | Description |
|---|---|
aws_region | The region where Orchestrator is being deployed. By default this is set to eu-west-2 but can be edited.See here for the supported Availability Zones. |
access_key | The AWS access key. |
secret_key | The secret/password for the associated access_key. |
key_name | The name of the SSH keypair to use. |
aws_app_instance_type | The AWS instance type used for Orchestrator. By default this is set to m4.large. |
admin_password | The password for the Windows administrator account used to login to the provisioned VM's. |
orchestrator_password | The password for the Orchestrator admin user for the Host and Default tenants. |
orchestrator_passphrase | Orchestrator passphrase used to generate NuGet API keys, App encryption keys, and Machine keys. |
orchestrator_license | The license code for your Orchestrator instance. |
orchestrator_versions | The version of Orchestrator. Set to 19.10.15 by default. |
haa-user | The email address of the High-Availability Addon admin user. |
haa-password | The password of the HAA admin user. |
haa-license | The license key for your HAA instance. |
newSQL | Used to configure whether or not a new RDS database instance is created. The available values are:No - the Default value, no new database is created.Yes - a new RDS database instance is created. |
db_username | The master username for your AWS Relational Database Service (RDS), or username for an existing database. |
db_password | The password for the master username of your RDS, or password for the existing database user. |
db_name | The name of your RDS database. If newSQL is set to Yes, the name of the existing database to be used. |
sql_srv | The FQDN of your existing SQL Server, if any. |
rds_allocated_storage | The allocated storage in GB. |
rds_instance_class | The RDS instance type. By default this is set to db.m4.large. |
rds_multi_az | Used to specify if the RDS instance is multi-Availability Zone. Set to false by default. |
skip_final_snapshot | Used to specify if a final database snapshot is created before the DB instance is deleted. Set to true by default. |
aws_availability_zones | The Availability Zones for each region. |
environment | The RDS environment name, used as a prefix to name resources. |
application | The application stack name, used as a prefix to tag the name of resources. Set to UiPath_Stack by default. |
role | Used as a suffix for the newly created IAM Role of the Storage gateway. |
s3BucketName | Creates a new S3 bucket with the specified name. |
instance_count | The desired number of Orchestrator instances in the Auto Scaling Group. Set to 1 by default, can be modified at any time as detailed here. |
domain | Your registered domain in Route 53 to be used to host the project. |
subdomain | The new subdomain to be used for the Application Load Balancer, created automatically by Terraform. |
certificate_arn | The ARN of your registered certificate. Must be specified as wildcard type. |
associate_public_ip_address | Used to configure if a public IP address is associated to the EC2 Orchestrator instances. Set to false by default. |
cidr_block | The CIDR block of your Amazon Virtual Private Cloud. |
security_cidr_block | The CIDR block of your Security Group.Note: Only ports 80 and 443 need to have internet access if you want to access your Orchestrator instance from the internet. |
- In the
locals-availability-zones.tffile, set the region(s) where you want to deploy your solution. For example:
locals {
aws_region = "${var.aws_availability_zones["eu-west-2"]}"
}
Note:
Multi Availability Zone (AZ) resources are deployed in available AZ specified in the map type variable
aws_availability_zones. Modify according to how many AZ you want to use. To get the AZ for the specified region see Available Regions.
- From the CLI, change to the directory of your Orchestrator plan. For example:
cd C:\terraform. - Run
terraform init. - Run
terraform plan. Review the resources to be deployed and typeterraform apply -auto-approveto deploy the resources.
Note: You can run the command without-auto-approveand it will show all resources which will be deployed, but not begin until you typeYesto confirm. - The deployment begins and should be completed in approximately 30 minutes, generating the following output:
| Name | Description |
|---|---|
bastion_public_ip | The public IP of the Bastion Host. |
lb_dns_name | The FQDN of your load balancer. |
haa_master_ip | The private IP of your HAA master node. |
haa_slave_ip | The private IP of your HAA slave nodes. |
Updated 2 years ago