Using ArcGIS Chef Cookbook to deploy highly available base ArcGIS Enterprise deployment on Windows

Scott M. MacDonald edited this page Oct 15, 2018 · 6 revisions

ArcGIS Enterprise is an ArcGIS deployment pattern that includes Portal for ArcGIS, ArcGIS for Server, and ArcGIS Data Store.

Deploy a full stack ArcGIS Enterprise on a single machine page describes how to deploy full stack Web GIS on a single machine.

The additional steps for manual deployment of highly available base ArcGIS Enterprise are described in these help topics:

ArcGIS Chef cookbook helps to simplify and accelerate HA base ArcGIS Enterprise deployment by automating these steps. To deploy HA base ArcGIS Enterprise you will need:

  • ArcGIS Chef Cookbook v2.2.0 or later;
  • Chef-client 12.5.1 or later;
  • Setups files for Portal for ArcGIS, ArcGIS for Server, ArcGIS Data Store, and ArcGIS Web Adaptor for IIS;
  • Authorization files for Portal for ArcGIS and ArcGIS for Server;
  • A domain name for the Web GIS site;
  • SSL certificate issued to the domain name of the Web GIS site;
  • Network load balancer (NLB);
  • Highly available file server;
  • Two machines that meet ArcGIS for Server and Portal for ArcGIS system requirements (see Portal for ArcGIS system requirements and ArcGIS for Server system requirements).

Using Chef-Server to deploy the Web GIS site on multiple machines is recommended but is not strictly required. This workflow describes deploying HA base ArcGIS Enterprise using Chef-Solo without using Chef-Server.

On Windows

Configure the file server machine:

  1. Create ‘arcgis’ user account on the file server machine (alternatively, a domain user account could be used).
  2. Create a network file share on the file server machine and give the ‘arcgis’ user account read/write access to the share.
  3. On primary and secondary machines configure Windows firewall.
  4. For Portal for ArcGIS open ports 7080, 7443, 7005, 7099, 7199, and 7654 for inbound/outbound communication with the peer machine.
  5. For ArcGIS Server open ports 1098, 4000-4004, 6006, 6080, 6099, and 6443 for inbound/outbound communication with the peer machine.
  6. For ArcGIS Data Store open ports for inbound/outbound communication with the peer machine. Open ports 80 and 443 for inbound traffic from NLB.

Configure the primary Web GIS machine:

  1. Install Windows Chef Client.
  2. Download the arcgis cookbook to the primary machine.
  3. Extract the contents of the cookbook zip file to C:\chef. The final folder structure should be c:\chef\cookbooks\arcgis; c:\chef\coobooks\windows; etc.
  4. Edit c:\chef\webgis-windows-ha-primary.json file.
  • Set run_as_user and run_as_password attributes values to the user account that has full access to the network shares on the file server.
  • If the repository variable is defined, you do not need to also specify the path to your setup file.
  • If you are specifying the path to your setup file, examine your file. Setup files named "Setup.exe" should be defined in the JSON using the setups variable; setup files named in a format such as "ArcGIS_Server_1061_163983.exe" are self-extracting and should be defined using the setups_archive variable.
  1. Start a command line window as an administrator and run ‘chef-solo -j C:\chef\webgis-windows-ha-primary.json’

Configure the secondary Web GIS machine:

  1. Install Windows Chef Client.
  2. Download the arcgis cookbook to the secondary machine.
  3. Extract the contents of the cookbook zip file to C:\chef. The final folder structure should be c:\chef\cookbooks\arcgis; c:\chef\coobooks\windows; etc.
  4. Edit c:\chef\webgis-windows-ha-secondary.json file, as you did for the first machine. https://github.com/Esri/arcgis-cookbook/wiki/Deploy-a-full-stack-ArcGIS-Enterprise-on-a-single-machine
  5. Start a command line window as an administrator and run ‘chef-solo -j C:\chef\webgis-windows-ha-secondary.json’

Add the machines to your NLB.

NOTE: Configuring ArcGIS Web Adaptor with Portal requires providing the site domain name and actually sends requests to this domain. The domain name typically points to NLB. In some cases NLB does not forward requests to a machine unless the machine is healthy, that is an application-level health-check succeeds, and the machine is not healthy unless it is fully configured and is ready to accept the traffic. To solve this chicken-egg problem the cookbook adds an entry to ‘\Windows\System32\drivers\etc\hosts’ file to points the domain name to local IP address. After that the requests to the site domain name from the machine go directly to the machine and bypass NLB. To disable this feature remove hostsfile_entry resources from ‘portal’ and ‘server_wa’ recipes.

This document describes configuration with two base ArcGIS Enterprise machines (primary and secondary) with server, portal and data store running on each machine. The cookbook could also be used to deploy fully distributed Web GIS configurations with dedicated role for each machine. The role of the machine is defined by the list of recipes specified in the node’s run_list.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.