- Overview
- Requirements
- Pre-installation
- Preparing the installation
- Installing and configuring the service mesh
- Downloading the installation packages
- Configuring the OCI-compliant registry
- Granting installation permissions
- Installing and configuring the GitOps tool
- Deploying Redis through OperatorHub
- Applying miscellaneous configurations
- Running uipathctl
- Installation
- Post-installation
- Accessing Automation Suite
- Managing the certificates
- Managing the cluster in ArgoCD
- Managing products
- Updating credentials
- Migration and upgrade
- Upgrading Automation Suite
- Migrating standalone products to Automation Suite
- Step 1: Restoring the standalone product database
- Step 2: Updating the schema of the restored product database
- Step 3: Moving the Identity organization data from standalone to Automation Suite
- Step 4: Backing up the platform database in Automation Suite
- Step 5: Merging organizations in Automation Suite
- Step 6: Updating the migrated product connection strings
- Step 7: Migrating standalone Orchestrator
- Step 8: Migrating standalone Insights
- Step 9: Migrating standalone Test Manager
- Step 10: Deleting the default tenant
- Performing a single tenant migration
- Migrating between Automation Suite clusters
- Monitoring and alerting
- Cluster administration
- Product-specific configuration
- Orchestrator advanced configuration
- Configuring Orchestrator parameters
- Configuring appSettings
- Configuring the maximum request size
- Overriding cluster-level storage configuration
- Configuring NLog
- Saving robot logs to Elasticsearch
- Configuring credential stores
- Configuring encryption key per tenant
- Cleaning up the Orchestrator database
- Skipping host library creation
- Troubleshooting
Automation Suite on OpenShift installation guide
Accessing Automation Suite
Enabling oc
Before running any oc commands, make sure you have downloaded and installed oc on your client machine. This allows you to run commands for retrieving passwords and configuration details for the cluster.
Managing certificates
The installation process generates self-signed certificates on your behalf. You should replace them with certificates signed by a trusted Certificate Authority (CA) as soon as installation completes.
For instructions, see Managing certificates.
If you try to access the cluster with a web browser, and the certificates are not from a trusted CA, then you will see a warning in the browser. You can rectify this by importing and trusting the cluster SSL certificate on the client computer running the browser.
To manage certificates, take the following steps:
- To retrieve the current certificate, run the following command:
- On Linux:
oc get secret -n istio-system istio-ingressgateway-certs -o jsonpath='{.data.ca\.crt}' | base64 --decode | openssl x509 -text -nooutoc get secret -n istio-system istio-ingressgateway-certs -o jsonpath='{.data.ca\.crt}' | base64 --decode | openssl x509 -text -noout - On Windows (PowerShell):
(oc get secret -n istio-system istio-ingressgateway-certs -o jsonpath='{.data.ca\.crt}') | ForEach-Object { [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($_)) }(oc get secret -n istio-system istio-ingressgateway-certs -o jsonpath='{.data.ca\.crt}') | ForEach-Object { [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($_)) }
- On Linux:
- To update the certificates, see Managing certificates.
Accessing Automation Suite general interface
You need to accept the self-signed certificate in the web browser to be able to access a cluster that is still configured with self-signed certificates.
The general-use Automation Suite user interface serves as a portal for both organization administrators and organization users. It is a common organization-level resource from where everyone can access all of your Automation Suite areas: administration pages, platform-level pages, product-specific pages, and user-specific pages.
To access Automation Suite, take the following steps:
-
Go to the following URL:
https://<FQDN> -
Switch to the Default organization.
-
The username is orgadmin.
-
Retrieve the password using the following command:
oc get secret platform-service-secrets -n <uipath> -o jsonpath='{.data.identity\.hostAdminPassword}' | base64 -d ; echooc get secret platform-service-secrets -n <uipath> -o jsonpath='{.data.identity\.hostAdminPassword}' | base64 -d ; echoNote:Using the same command to retrieve the organization admin and the host admin passwords is by design.
This is because the two passwords are initially the same. If Change password on the first login is set to Required at the host level, the organization administrator must set a new password when they log in for the first time.
Accessing host administration
The host portal is for system administrators to configure the Automation Suite instance. The settings that you configure from this portal are inherited by all your organizations, and some can be overwritten at the organization level.
To access host administration, take the following steps:
-
Go to the following URL:
https://<FQDN> -
Switch to the Host organization.
-
The username is admin.
-
Retrieve the password using the following command:
oc get secret platform-service-secrets -n <uipath> -o jsonpath='{.data.identity\.hostAdminPassword}' | base64 -d ; echooc get secret platform-service-secrets -n <uipath> -o jsonpath='{.data.identity\.hostAdminPassword}' | base64 -d ; echoNote:Using the same command to retrieve the organization admin and the host admin passwords is by design.
This is because the two passwords are initially the same. If Change password on the first login is set to Required at the host level, the organization administrator must set a new password when they log in for the first time.
Accessing service database connection strings
You can access the database connection strings for each service as follows:
oc -n <uipath> get secret aicenter-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret orchestrator-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret automation-hub-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret automation-ops-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret insights-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret platform-service-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret test-manager-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret aicenter-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret orchestrator-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret automation-hub-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret automation-ops-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret insights-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret platform-service-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret test-manager-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode