Skip to content

Deploy a base ArcGIS Enterprise deployment on a single machine

Jump to bottom Edit New page
Cameron Kroeker edited this page May 14, 2021 · 15 revisions

This workflow demonstrates how to deploy base ArcGIS Enterprise 10.9 on a single machine using the arcgis-enterprise-base deployment template.

The workflow will:

  1. Install Portal for ArcGIS and authorize it. Create the Initial Administrative Account.
  2. Install Portal for ArcGIS Web Styles.
  3. Install and configure ArcGIS Web Adaptor for Portal for ArcGIS.
  4. Install ArcGIS Server, authorize it, create a site and enable HTTPS in Server Admin.
  5. Install/configure web server (IIS on Windows or Tomcat on Linux).
  6. Import the CA-issued certificate if it's defined, or generate a self-signed certificate for the web server.
  7. Install and configure ArcGIS Web Adaptor for ArcGIS Server.
  8. Install ArcGIS Data Store and register it as a relational and tile cache store with ArcGIS Server.
  9. Federate ArcGIS Server with Portal as the hosting server.

Prerequisites:

Supported Platforms:

  • Windows
    • Windows Server 2016 Standard and Datacenter
    • Windows Server 2019 Standard and Datacenter
  • Linux
    • Ubuntu Server 18.04 LTS
    • Ubuntu Server 20.04 LTS
    • Red Hat Enterprise Linux Server 7
    • Red Hat Enterprise Linux Server 8
    • CentOS Linux 7
    • CentOS Linux 8

Before setting up the deployment, you'll need to have obtained:

  • ArcGIS Enterprise 10.9 setups from My Esri.
  • ArcGIS Enterprise 10.9 authorization files. Make sure to use the correct authorization file for different products.
  • A domain name for your web site
  • SSL certificate in PKCS12 (a.k.a. pfx) format issued by certification authority for the domain (Note: If you don't define a CA-cert, this tool will generate and use a self-signed certificate for testing purposes. Self-signed certificates are not supported by Portal for ArcGIS.)

This workflow uses CINC Client. CINC is a "Free-as-in-Beer" distribution of the open source software of Chef Software Inc.

The deployment templates require ArcGIS setup archives to install ArcGIS applications. The setup archives must be located in a local or shared ArcGIS Software Repository directory specified by the arcgis.repository.archives attribute. Before running the setups, the setup archives are extracted into a local directory specified using the arcgis.repository.setups attribute.

On Windows

  1. Create directory C:\Software\Archives and copy the ArcGIS Enterprise 10.9 setup archives to that directory:

    • ArcGIS_DataStore_Windows_109_177788.exe
    • ArcGIS_Server_Windows_109_177775.exe
    • ArcGIS_Web_Adaptor_for_Microsoft_IIS_109_177789.exe
    • Portal_for_ArcGIS_Windows_109_177786.exe
    • Portal_for_ArcGIS_Web_Styles_Windows_109_177787.exe

  2. Create directory C:\Software\AuthorizationFiles\10.9 and copy the software authorization files for 10.9 ArcGIS Server and Portal for ArcGIS to that directory.

  3. Create directory C:\Software\Certificates and copy the SSL certificate to that directory.

  4. Install Cinc Client 15.

  5. Change the current directory to C:\cinc.

  6. Download the arcgis-3.7.0-cookbooks.zip archive to the machine.

  7. Extract the contents of the cookbook zip file to C:\cinc. The final folder structure should be C:\cinc\cookbooks, C:\cinc\templates, etc.

  8. Copy file C:\cinc\templates\arcgis-enterprise-base\10.9\windows\arcgis-enterprise-primary.json to C:\cinc.

  9. Edit the arcgis-enterprise-primary.json file in a text editor.

    • arcgis.run_as_password - Change to the password of the 'arcgis' Windows user account.
    • arcgis.server.private_url - Change to the ArcGIS Server URL that will be used as the hosting server's admin URL.
    • arcgis.server.web_context_url - Change to the ArcGIS Server web context URL that will be used for the hosting server's services URL. If you are using a reverse proxy, set this property to reverse proxy URL.
    • arcgis.server.admin_username - Change to the primary site administrator account user name.
    • arcgis.server.admin_password - Change to the primary site administrator account password.
    • arcgis.server.authorization_file - Change to the path to the ArcGIS Server software authorization file.
    • arcgis.server.directories_root - Change to C:\\arcgisserver.
    • arcgis.server.config_store_connection_string - Change to C:\\arcgisserver\\config-store.
    • arcgis.server.system_properties.WebContextURL - Change to the ArcGIS Server web context URL that will be used for the hosting server's services URL. If you are using a reverse proxy, set this property to reverse proxy URL.
    • arcgis.portal.admin_username - Change to the Portal for ArcGIS administrator account user name.
    • arcgis.portal.admin_password - Change to the Portal for ArcGIS administrator account password.
    • arcgis.portal.admin_email - Change to the Portal for ArcGIS administrator account's e-mail address.
    • arcgis.portal.admin_full_name - Change to the full name associated with the Portal for ArcGIS administrator account.
    • arcgis.portal.security_question - Change to the Portal for ArcGIS administrator account security question (See Create Site - ArcGIS REST API for the list of allowed security questions.)
    • arcgis.portal.security_question_answer - Change to the answer to the Portal for ArcGIS administrator account security question.
    • arcgis.portal.content_store_connection_string - Change to C:\\arcgisportal\\content.
    • arcgis.portal.authorization_file - Change to the path to the Portal for ArcGIS software authorization file.
    • arcgis.portal.user_license_type_id - Specify the user type to assign to the Portal for ArcGIS administrator account. If left blank, a temporary user type will be assigned to the administrator and will have to be changed on the first log in. The allowed user type IDs are: creatorUT, GISProfessionalBasicUT, GISProfessionalStdUT, and GISProfessionalAdvUT.
    • arcgis.portal.system_properties.privatePortalURL - Change to the Portal for ArcGIS URL that ArcGIS Server should use to communicate with the Enterprise portal.
    • arcgis.portal.system_properties.WebContextURL - Change to the Portal for ArcGIS web context URL. If you are using a reverse proxy, set this property to reverse proxy URL.
    • arcgis.iis.keystore_file - Change to the path to the SSL certificate file that will be used to configure the HTTPS listener in the IIS web server.
    • arcgis.iis.keystore_password - Change to the password for the SSL certificate file

  10. Start a command prompt window as administrator and run:

    chef-client -z -j arcgis-enterprise-primary.json

On Linux

Your machine needs to allow running sudo to execute commands without a password. On some Linux distributions, sudo is configured to require a tty as a default configuration. This is usually set in /etc/sudoers with the entry of Defaults requiretty. You can either change the entry to Defaults !requiretty in the /etc/sudoers file or change this configuration for certain users, groups, or commands. RedHat will remove this default setting, as mentioned in https://bugzilla.redhat.com/show_bug.cgi?id=1020147.

  1. Create directory /opt/software/archives and copy the following ArcGIS Enterprise 10.9 setup archives to that directory:

    • ArcGIS_DataStore_Linux_109_177887.tar.gz
    • ArcGIS_Server_Linux_109_177864.tar.gz
    • ArcGIS_Web_Adaptor_Java_Linux_109_177888.tar.gz
    • Portal_for_ArcGIS_Linux_109_177885.tar.gz
    • Portal_for_ArcGIS_Web_Styles_Linux_109_177886.tar.gz
    • apache-tomcat-8.5.63.tar.gz (will be downloaded from the internet if not present in the local ArcGIS software repository)
    • openjdk-11_linux-x64_bin.tar.gz (will be downloaded from the internet if not present in the local ArcGIS software repository)

  2. Create directory /opt/software/authorization_files/10.9 and copy the software authorization files for 10.9 ArcGIS Server and Portal for ArcGIS to that directory.

  3. Create directory /tomcat_arcgis and copy the SSL certificate to that location.

  4. Install Cinc Client 15.

  5. Change the current directory to /opt/cinc.

  6. Download the arcgis-3.7.0-cookbooks.tar.gz archive to the machine.

  7. Extract the contents of the cookbook tar file to /opt/cinc. The final folder structure should be /opt/cinc/cookbooks, /opt/cinc/templates, etc.

  8. Copy the file /opt/cinc/templates/arcgis-enterprise-base/10.9/linux/arcgis-enterprise-primary.json to /opt/cinc.

  9. Edit the arcgis-enterprise-primary.json file in a text editor.

    • arcgis.server.private_url - Change to the ArcGIS Server URL that will be used as the hosting server's admin URL.
    • arcgis.server.web_context_url - Change to the ArcGIS Server web context URL that will be used for the hosting server's services URL. If you are using a reverse proxy, set this property to reverse proxy URL.
    • arcgis.server.admin_username - Change to the primary site administrator account user name.
    • arcgis.server.admin_password - Change to the primary site administrator account password.
    • arcgis.server.authorization_file - Change to the path to the ArcGIS Server role software authorization file.
    • arcgis.server.directories_root - Change to /gisdata/arcgisserver.
    • arcgis.server.config_store_connection_string - Change to /gisdata/arcgisserver/config-store.
    • arcgis.server.system_properties.WebContextURL - Change to the ArcGIS Server web context URL that will be used for the hosting server's services URL. If you are using a reverse proxy, set this property to reverse proxy URL.
    • arcgis.portal.admin_username - Change to the Portal for ArcGIS administrator account user name.
    • arcgis.portal.admin_password - Change to the Portal for ArcGIS administrator account password.
    • arcgis.portal.admin_email - Change to the Portal for ArcGIS administrator account e-mail address.
    • arcgis.portal.admin_full_name - Change to the full name associated with the Portal for ArcGIS administrator account.
    • arcgis.portal.security_question - Change to the Portal for ArcGIS administrator account security question. (See Create Site - ArcGIS REST API for the list of allowed security questions.)
    • arcgis.portal.security_question_answer - Change to the answer to the Portal for ArcGIS administrator account security question.
    • arcgis.portal.content_store_connection_string - Change to /gisdata/arcgisportal/content.
    • arcgis.portal.authorization_file - Change to the path to the Portal for ArcGIS software authorization file.
    • arcgis.portal.user_license_type_id - Specify the user type to assign to the Portal for ArcGIS administrator account. If left blank, a temporary user type will be assigned to the administrator and will have to be changed on the first log in. The allowed user type IDs are: creatorUT, GISProfessionalBasicUT, GISProfessionalStdUT, and GISProfessionalAdvUT.
    • arcgis.portal.system_properties.privatePortalURL - Change to the Portal for ArcGIS URL that ArcGIS Server should use to communicate with the Enterprise portal.
    • arcgis.portal.system_properties.WebContextURL - Change to the Portal for ArcGIS web context URL. If you are using a reverse proxy, set this property to reverse proxy URL.
    • tomcat.keystore_file - Change to the path to the SSL certificate file in PKCS12 format that will be used to configure the HTTPS listener in Apache Tomcat.
    • tomcat.keystore_password - Change to the password of the SSL certificate file.

  10. As a super user, run the following command:

    chef-client -z -j arcgis-enterprise-primary.json

After the chef-client run is completed, Portal for ArcGIS and ArcGIS Server will be available at https://<domain name>/portal and https://<domain name>/server URLs respectively.

See ArcGIS Enterprise Chef Deployment Templates for more information about deployment templates.

Add a custom footer
Add a custom sidebar
Clone this wiki locally