- Overview
- Requirements
- Deployment templates
- Manual: Preparing the installation
- Manual: Preparing the installation
- Step 2: Configuring the OCI-compliant registry for offline installations
- Step 3: Configuring the external objectstore
- Step 4: Configuring High Availability Add-on
- Step 5: Configuring SQL databases
- Step 7: Configuring the DNS
- Step 8: Configuring the disks
- Step 9: Configuring kernel and OS level settings
- Step 10: Configuring the node ports
- Step 11: Applying miscellaneous settings
- Step 12: Validating and installing the required RPM packages
- Step 13: Generating cluster_config.json
- Cluster_config.json Sample
- General configuration
- Profile configuration
- Certificate configuration
- Database configuration
- External Objectstore configuration
- Pre-signed URL configuration
- ArgoCD configuration
- Kerberos authentication configuration
- External OCI-compliant registry configuration
- Disaster recovery: Active/Passive and Active/Active configurations
- High Availability Add-on configuration
- Orchestrator-specific configuration
- Insights-specific configuration
- Process Mining-specific configuration
- Document Understanding-specific configuration
- Automation Suite Robots-specific configuration
- AI Center-specific configuration
- Monitoring configuration
- Optional: Configuring the proxy server
- Optional: Enabling resilience to zonal failures in a multi-node HA-ready production cluster
- Optional: Passing custom resolv.conf
- Optional: Increasing fault tolerance
- Adding a dedicated agent node with GPU support
- Adding a Dedicated Agent Node for Automation Suite Robots
- Step 15: Configuring the temporary Docker registry for offline installations
- Step 16: Validating the prerequisites for the installation
- Running uipathctl
- Manual: Performing the installation
- Post-installation
- Cluster administration
- Managing products
- Getting Started with the Cluster Administration portal
- Migrating Redis from in-cluster to external High Availability Add-on
- Migrating data between objectstores
- Migrating in-cluster objectstore to external objectstore
- Migrating from in-cluster registry to an external OCI-compliant registry
- Switching to the secondary cluster manually in an Active/Passive setup
- Disaster Recovery: Performing post-installation operations
- Converting an existing installation to multi-site setup
- Guidelines on upgrading an Active/Passive or Active/Active deployment
- Guidelines on backing up and restoring an Active/Passive or Active/Active deployment
- Scaling a single-node (evaluation) deployment to a multi-node (HA) deployment
- Monitoring and alerting
- Migration and upgrade
- Migrating between Automation Suite clusters
- Upgrading Automation Suite
- Downloading the installation packages and getting all the files on the first server node
- Retrieving the latest applied configuration from the cluster
- Updating the cluster configuration
- Configuring the OCI-compliant registry for offline installations
- Executing the upgrade
- Performing post-upgrade operations
- Product-specific configuration
- Best practices and maintenance
- Troubleshooting
- How to troubleshoot services during installation
- How to reduce permissions for an NFS backup directory
- How to uninstall the cluster
- How to clean up offline artifacts to improve disk space
- How to clear Redis data
- How to enable Istio logging
- How to manually clean up logs
- How to clean up old logs stored in the sf-logs bucket
- How to disable streaming logs for AI Center
- How to debug failed Automation Suite installations
- How to delete images from the old installer after upgrade
- How to disable TX checksum offloading
- How to manually set the ArgoCD log level to Info
- How to expand AI Center storage
- How to generate the encoded pull_secret_value for external registries
- How to address weak ciphers in TLS 1.2
- How to check the TLS version
- How to work with certificates
- How to schedule Ceph backup and restore data
- How to collect DU usage data with in-cluster objectstore (Ceph)
- How to install RKE2 SELinux on air-gapped environments
- How to clean up old differential backups on an NFS server
- Error in downloading the bundle
- Offline installation fails because of missing binary
- Certificate issue in offline installation
- SQL connection string validation error
- Azure disk not marked as SSD
- Failure after certificate update
- Antivirus causes installation issues
- Automation Suite not working after OS upgrade
- Automation Suite requires backlog_wait_time to be set to 0
- Temporary registry installation fails on RHEL 8.9
- Frequent restart issue in uipath namespace deployments during offline installations
- DNS settings not honored by CoreDNS
- Upgrade fails due to unhealthy Ceph
- RKE2 not getting started due to space issue
- Upgrade fails due to classic objects in the Orchestrator database
- Ceph cluster found in a degraded state after side-by-side upgrade
- Service upgrade fails for Apps
- In-place upgrade timeouts
- Upgrade fails in offline environments
- snapshot-controller-crds pod in CrashLoopBackOff state after upgrade
- Upgrade fails due to overridden Insights PVC sizes
- Upgrade failure due to uppercase hostname
- Setting a timeout interval for the management portals
- Authentication not working after migration
- Kinit: Cannot find KDC for realm <AD Domain> while getting initial credentials
- Kinit: Keytab contains no suitable keys for *** while getting initial credentials
- GSSAPI operation failed due to invalid status code
- Alarm received for failed Kerberos-tgt-update job
- SSPI provider: Server not found in Kerberos database
- Login failed for AD user due to disabled account
- ArgoCD login failed
- Update the underlying directory connections
- Failure to get the sandbox image
- Pods not showing in ArgoCD UI
- Redis probe failure
- RKE2 server fails to start
- Secret not found in UiPath namespace
- ArgoCD goes into progressing state after first installation
- Missing Ceph-rook metrics from monitoring dashboards
- Mismatch in reported errors during diagnostic health checks
- No healthy upstream issue
- Redis startup blocked by antivirus
- Running High Availability with Process Mining
- Process Mining ingestion failed when logged in using Kerberos
- Unable to connect to AutomationSuite_ProcessMining_Warehouse database using a pyodbc format connection string
- Airflow installation fails with sqlalchemy.exc.ArgumentError: Could not parse rfc1738 URL from string ''
- How to add an IP table rule to use SQL Server port 1433
- Automation Suite certificate is not trusted from the server where CData Sync is running
- Running the diagnostics tool
- Using the Automation Suite support bundle
- Exploring Logs
- Exploring summarized telemetry
Automation Suite on Linux installation guide
How to manually clean up logs
Cleaning up Ceph logs
Moving Ceph out of read-only mode
If you installed AI Center and use Ceph storage, take the following steps to move Ceph out of read-only mode:
-
Check if Ceph is at full capacity:
kubectl -n rook-ceph exec -it deploy/rook-ceph-tools -- ceph statuskubectl -n rook-ceph exec -it deploy/rook-ceph-tools -- ceph statusIf Ceph is at full capacity, you must adjust the read-only threshold to start up the rgw gateways.
-
Scale down the ML skills:
kubectl -n uipath scale deployment <skill> --replicas=0kubectl -n uipath scale deployment <skill> --replicas=0 -
Put the cluster in write mode:
ceph osd set-full-ratio 0.95 <95 is the default value so you could increase to 96 and go up incrementall>ceph osd set-full-ratio 0.95 <95 is the default value so you could increase to 96 and go up incrementall> -
Run Garbage Collection:
kubectl -n rook-ceph exec -it deploy/rook-ceph-tools -- radosgw-admin gc process --include-allkubectl -n rook-ceph exec -it deploy/rook-ceph-tools -- radosgw-admin gc process --include-all -
When storage goes down, run the following commands:
kubectl -n rook-ceph exec -it deploy/rook-ceph-tools -- ceph status kubectl -n rook-ceph exec -it deploy/rook-ceph-tools -- ceph dfkubectl -n rook-ceph exec -it deploy/rook-ceph-tools -- ceph status kubectl -n rook-ceph exec -it deploy/rook-ceph-tools -- ceph dfAt this point, the storage should be lower, and the cluster should be healthy.
Disabling streaming logs
To ensure everything is in a good state, disable streaming logs by taking the following steps.
-
Disable aut-sync on UiPath and AI Center.
-
Disable streaming logs for AI Center.
-
If you have ML skills that have already been deployed, run the following commands:
kubectl set env deployment [REPLICASET_NAME] LOGS_STREAMING_ENABLED=falsekubectl set env deployment [REPLICASET_NAME] LOGS_STREAMING_ENABLED=false -
Find out which buckets use the most space:
kubectl -n rook-ceph exec deploy/rook-ceph-tools -- radosgw-admin bucket stats | jq -r '["BucketName","NoOfObjects","SizeInKB"], ["--------------------","------","------"], (.[] | [.bucket, .usage."rgw.main"."num_objects", .usage."rgw.main".size_kb_actual]) | @tsv' | column -ts $'\t'kubectl -n rook-ceph exec deploy/rook-ceph-tools -- radosgw-admin bucket stats | jq -r '["BucketName","NoOfObjects","SizeInKB"], ["--------------------","------","------"], (.[] | [.bucket, .usage."rgw.main"."num_objects", .usage."rgw.main".size_kb_actual]) | @tsv' | column -ts $'\t' -
Install s3cmd to prepare for cleaning up the
sf-logs:pip3 install awscli s3cmd export PATH=/usr/local/bin:$PATHpip3 install awscli s3cmd export PATH=/usr/local/bin:$PATH -
Clean up the
sf-logslogs. For details, see How to clean up old logs stored in the sf-logs bundle. -
Complete the cleanup operation:
kubectl -n rook-ceph exec -it deploy/rook-ceph-tools -- radosgw-admin gc process --include-allkubectl -n rook-ceph exec -it deploy/rook-ceph-tools -- radosgw-admin gc process --include-all -
If the previous steps do not solve the issue, clean up the AI Center data.
-
Check if the storage was reduced:
kubectl -n rook-ceph exec -it deploy/rook-ceph-tools -- ceph dfkubectl -n rook-ceph exec -it deploy/rook-ceph-tools -- ceph df -
Once storage is no longer full, reduce the backfill setting:
kubectl -n rook-ceph exec -it deploy/rook-ceph-tools -- ceph osd set-full-ratio 0.95kubectl -n rook-ceph exec -it deploy/rook-ceph-tools -- ceph osd set-full-ratio 0.95 -
Check if the ML skills are affected by the multipart upload issue:
echo $(kubectl -n rook-ceph exec deploy/rook-ceph-tools -- radosgw-admin bucket list --max-entries 10000000 --bucket train-data | jq '[.[] | select (.name | contains("_multipart")) | .meta.size] | add') | numfmt --to=iec-iecho $(kubectl -n rook-ceph exec deploy/rook-ceph-tools -- radosgw-admin bucket list --max-entries 10000000 --bucket train-data | jq '[.[] | select (.name | contains("_multipart")) | .meta.size] | add') | numfmt --to=iec-iIf they are affected by this issue, and the returned value is high, you may need to do a backup and restore.
Cleaning up s3 logs
If you use an s3-compatible storage provider, take the following steps to clean up your logs:
-
Get the key for storage access.
-
Find the large items:
export PATH=/usr/local/bin:$PATH kubectl get secret -n logging logging-secrets -o json |jq -r .data # Then base64 decode the "S3_ACCESSKEY" and "S3_SECRETKEY"export PATH=/usr/local/bin:$PATH kubectl get secret -n logging logging-secrets -o json |jq -r .data # Then base64 decode the "S3_ACCESSKEY" and "S3_SECRETKEY" -
Configure the AWS CLI using the credentials decoded in the previous step. To configure AWS, run the following command:
aws configure -- Once aws cli is configured, you can run below commands to check content of sf logsaws configure -- Once aws cli is configured, you can run below commands to check content of sf logs -
Delete the
sf-logs. For more details, see the AWS documentation.aws s3 rm --endpoint-url <AWS-ENDPOINT> --no-verify-ssl --recursive s3://sf-logs --include="2022* --exclude="2022_12_8" # You can craft an include and exclude command to help with this. use --dryrun firstaws s3 rm --endpoint-url <AWS-ENDPOINT> --no-verify-ssl --recursive s3://sf-logs --include="2022* --exclude="2022_12_8" # You can craft an include and exclude command to help with this. use --dryrun first -
Delete the
train-data.
To clean up logs automatically, you can also configure a cleanup policy on your external object store.
CORS and bucket retention policy are subject to change based on the ObjectStore provider. Refer to your ObjectStore provider documentation for the same.
We recommend retention of 15 days for the logs generated by the Automation Suite platform. These log objects are found in the automation-suite-logs folder of the platform bucket.
The following example shows the steps needed for AWS:
-
Create
policy.jsonwith the following content:{ "Rules": [ { "Filter": { "Prefix": "automation-suite-logs/" }, "Status": "Enabled", "Expiration": { "Days": 15 }, "ID": "DeleteOldLogs" } ] }{ "Rules": [ { "Filter": { "Prefix": "automation-suite-logs/" }, "Status": "Enabled", "Expiration": { "Days": 15 }, "ID": "DeleteOldLogs" } ] } -
To apply
policy.jsonto the bucket, run the following command:aws s3api put-bucket-lifecycle-configuration --bucket BUCKET_NAME --lifecycle-configuration file://policy.jsonaws s3api put-bucket-lifecycle-configuration --bucket BUCKET_NAME --lifecycle-configuration file://policy.json
Cleaning up Azure logs
To clean up logs from the Azure bucket you can use az cli. The following example shows the commands to delete logs for specific date:
az storage blob delete-batch --source <CONTAINER> --pattern "automation-suite-logs/2025_01_01/*" --account-name <ACCOUNT_NAME> --debug
az storage blob delete-batch --source <CONTAINER> --pattern "automation-suite-logs/2025_01_01/*" --account-name <ACCOUNT_NAME> --debug
<CONTAINER>represents the storage container, such as the bucket name mentioned underinfra.external_object_storage.bucket_name, used for storing Automation Suite
logs.
<ACCOUNT_NAME>represents the Azure storage account name.
By default, your logs are uploaded to the automation-suite-logs directory. Inside this directory, you will see subdirectories that are named by date.
When you want to delete logs for a specific date, update the date in the path to match your target. For example, to delete the logs for April 15, 2025 (YYYY/MM/DD), use the following directory pattern: automation-suite-logs/2025_04_15.
To automate the deletion of logs older than 30 days, enable a lifecycle policy on your Azure Storage account. The following policy.json example deletes logs that are more than 30 days old:
{
"rules": [
{
"enabled": true,
"name": "DeleteOldLogs",
"type": "Lifecycle",
"definition": {
"actions": {
"baseBlob": {
"delete": {
"daysAfterModificationGreaterThan": 30
}
}
},
"filters": {
"blobTypes": [
"blockBlob",
"appendBlob"
],
"prefixMatch": [
"uipath-as-platform/automation-suite-logs/"
]
}
}
}
]
}
{
"rules": [
{
"enabled": true,
"name": "DeleteOldLogs",
"type": "Lifecycle",
"definition": {
"actions": {
"baseBlob": {
"delete": {
"daysAfterModificationGreaterThan": 30
}
}
},
"filters": {
"blobTypes": [
"blockBlob",
"appendBlob"
],
"prefixMatch": [
"uipath-as-platform/automation-suite-logs/"
]
}
}
}
]
}
The value uipath-as-platform represents the container name. Update this value to match the container configured in your environment.
To apply the lifecycle policy, run the following command:
az storage account management-policy create --account-name <ACCOUNT_NAME> --resource-group <RESOURCE_GROUP_NAME> --policy @policy.json
az storage account management-policy create --account-name <ACCOUNT_NAME> --resource-group <RESOURCE_GROUP_NAME> --policy @policy.json
Here, policy.json is the file that contains the policy definition shown above.