通过chef client实现ArcGIS Enterprise
2019-10-31 本文已影响0人
寒__
ArcGIS Enterprise 基础部署基本流程
- 安装ArcGIS Server,对其进行授权,创建站点并在Server Admin中启用HTTPS。
- 如果未安装,则在Windows上安装IIS,或者在Linux上安装Tomcat和Java。
- 导入CA证书,或为Web服务器生成自签名证书。
- 安装和配置WA for ArcGIS Server。
- 安装Portal for ArcGIS并对其进行授权。创建初始管理帐户。
- 为Portal for ArcGIS安装和配置WA。
- 安装ArcGIS Data Store并将其注册到ArcGIS Server。
- 联合带有门户的ArcGIS Server。将其设置为托管服务器。
目标
- 修改脚本配置文件,执行脚本,完成上述一系列工作
准备工作
- 测试环境:Windows Server 2019、ArcGIS_Enterprise_Windows_107_166573
- 下载 arcgis-cookbook
- 下载 chef-client.msi
注意:cookbook和chef-client版本要对应,当前最新版的arcgis-cookbook为3.4.0,已支持到最新版本的ArcGIS 10.7和10.7.1;chef-client建议采用14.*版本,开始时采用最新的15.4.45,收获如下异常:
FATAL: Chef::Exceptions::CookbookChefVersionMismatch:
Cookbook 'arcgis-enterprise' version '3.4.0' depends on chef version [">= 12.6", "< 15.0"], but the running chef version is 15.4.45
安装chef-client并配置cookbook
-
默认安装 chef-client
-
将
arcgis-3.4.0-cookbooks.zip解压缩,复制到C盘根目录下C:\chef\
chef目录结构
-
当前cookbook在roles中提供了多个可用的脚本
cookbook - role
选择并修改 cookbook 文件
- 修改
arcgis-enterprise-windows.json文件,实现 ArcGIS Enterprise 单机的基础环境部署
{
"arcgis":{
"run_as_user":"arcgis",
"run_as_password":"Esri2019",
"version":"10.7",
"iis":{
"keystore_file":"C:\\Users\\Administrator\\Desktop\\keystore\\esrichina.org.cn.pfx",
"keystore_password":"Esri2019"
},
"web_adaptor":{
"setup_archive":"C:\\Users\\Administrator\\Documents\\ArcGIS 10.7.1\\WebAdaptorIIS\\Setup.exe",
"admin_access":true
},
"data_store":{
"setup_archive":"C:\\Users\\Administrator\\Documents\\ArcGIS 10.7.1\\ArcGISDataStore\\Setup.exe"
},
"server":{
"admin_username":"siteadmin",
"admin_password":"Esri2019",
"setup_archive":"C:\\Users\\Administrator\\Documents\\ArcGIS 10.7.1\\ArcGISServer\\Setup.exe",
"authorization_file":"C:\\Users\\Administrator\\Desktop\\lic\\ArcGISGISServerAdvanced_ArcGISServer_722288.ecp",
"keystore_file":"C:\\Users\\Administrator\\Desktop\\keystore\\esrichina.org.cn.pfx",
"keystore_password":"Esri2019"
},
"portal":{
"admin_username":"portaladmin",
"admin_password":"Esri2019",
"admin_email":"XX@ESRICHINA.ORG.CN",
"security_question":"Your favorite ice cream flavor?",
"security_question_answer":"vanilla",
"content_dir":"C:\\arcgisportal\\content",
"setup_archive":"C:\\Users\\Administrator\\Documents\\ArcGIS 10.7.1\\PortalForArcGIS\\Setup.exe",
"authorization_file":"C:\\Users\\Administrator\\Desktop\\lic\\107Portal&Insights191126.json",
"user_license_type_id":"creatorUT",
"keystore_file":"C:\\Users\\Administrator\\Desktop\\keystore\\esrichina.org.cn.pfx",
"keystore_password":"Esri2019"
}
},
"run_list":[
"recipe[arcgis-enterprise::system]",
"recipe[esri-iis]",
"recipe[arcgis-enterprise::portal]",
"recipe[arcgis-enterprise::portal_wa]",
"recipe[arcgis-enterprise::server]",
"recipe[arcgis-enterprise::server_wa]",
"recipe[arcgis-enterprise::datastore]",
"recipe[arcgis-enterprise::federation]"
]
}
- 自动化的工作流,实现的主要步骤如下:
—— [arcgis-enterprise::system]:创建 arcgis 用户
—— [esri-iis]:在Windows上安装IIS,生成自签名证书并导入。
—— [arcgis-enterprise::portal]:安装Portal for ArcGIS并对其进行授权,创建初始管理帐户
—— [arcgis-enterprise::portal_wa]:为Portal for ArcGIS安装和配置WA。
—— [arcgis-enterprise::server]:安装ArcGIS Server并对其进行授权,创建站点并在Server Admin中启用HTTPS。
—— [arcgis-enterprise::server_wa]:安装和配置WA for ArcGIS Server。
—— [arcgis-enterprise::datastore]:安装ArcGIS Data Store并将其注册到ArcGIS Server。
—— [arcgis-enterprise::federation]:联合带有门户的ArcGIS Server。将其设置为托管服务器。
执行脚本安装
- 管理员身份 启动 Windows PowerShell
- 执行
chef-solo -j C:\chef\roles\arcgis-enterprise-windows.json脚本安装,首次运行需要同意并接受许可,输入yes,等候自动化部署完成,结束。下文为日志信息,可无视。
PS C:\Users\Administrator> chef-solo -j C:\chef\roles\arcgis-enterprise-windows.json
[2019-10-28T13:58:38+08:00] WARN: No config file found or specified on command line. Using command line options instead.
+---------------------------------------------+
Chef License Acceptance
Before you can continue, 2 product licenses
must be accepted. View the license at
https://www.chef.io/end-user-license-agreement/
Licenses that need accepting:
* Chef Infra Client
* Chef InSpec
Do you accept the 2 product licenses (yes/no)?
> yes
Persisting 2 product licenses...
✔ 2 product licenses persisted.
+---------------------------------------------+
[2019-10-28T13:58:38+08:00] WARN: *****************************************
[2019-10-28T13:58:38+08:00] WARN: Did not find config file: C:/chef/client.rb. Using command line options instead.
[2019-10-28T13:58:38+08:00] WARN: *****************************************
Starting Chef Client, version 14.14.25
resolving cookbooks for run list: ["arcgis-enterprise::system", "esri-iis", "arcgis-enterprise::portal", "arcgis-enterprise::portal_wa", "arcgis-enterprise::server", "arcgis-enterprise::server_wa", "arcgis-enterprise::datastore", "arcgis-enterprise::federation"]
Synchronizing Cookbooks:
- arcgis-enterprise (3.4.0)
- arcgis-repository (3.4.0)
- hostsfile (3.0.1)
- esri-iis (0.1.2)
- limits (1.0.0)
- authbind (0.1.10)
- iptables (4.5.0)
- windows (5.3.1)
- windows_firewall (5.0.1)
- ms_dotnet (4.2.1)
- nfs (2.6.3)
- java_properties (0.1.3)
- openssl (8.5.5)
- s3_file (2.8.5)
- line (2.3.2)
Installing Cookbook Gems:
Compiling Cookbooks...
[2019-10-28T13:58:57+08:00] WARN: Unsupported ArcGIS Web Styles version
Recipe: arcgis-enterprise::system
* chef_gem[multipart-post] action install (up to date)
Converging 77 resources
* chef_gem[multipart-post] action install (up to date)
* windows_user[arcgis] action create (up to date)
Recipe: esri-iis::default
* windows_feature[NetFx3ServerFeatures] action install
* windows_feature_dism[NetFx3ServerFeatures] action install (up to date)
(up to date)
* windows_feature[IIS-WebServerRole] action install
* windows_feature_dism[IIS-WebServerRole] action install (up to date)
(up to date)
* windows_feature[IIS-ApplicationDevelopment] action install
* windows_feature_dism[IIS-ApplicationDevelopment] action install (up to date)
(up to date)
* windows_feature[IIS-ISAPIFilter] action install
* windows_feature_dism[IIS-ISAPIFilter] action install (up to date)
(up to date)
* windows_feature[IIS-ISAPIExtensions] action install
* windows_feature_dism[IIS-ISAPIExtensions] action install (up to date)
(up to date)
* windows_feature[NetFx4Extended-ASPNET45] action install
* windows_feature_dism[NetFx4Extended-ASPNET45] action install (up to date)
(up to date)
* windows_feature[IIS-NetFxExtensibility45] action install
* windows_feature_dism[IIS-NetFxExtensibility45] action install (up to date)
(up to date)
* windows_feature[IIS-ASPNET45] action install
* windows_feature_dism[IIS-ASPNET45] action install (up to date)
(up to date)
* windows_feature[IIS-WebServerManagementTools] action install
* windows_feature_dism[IIS-WebServerManagementTools] action install (up to date)
(up to date)
* windows_feature[IIS-ManagementConsole] action install
* windows_feature_dism[IIS-ManagementConsole] action install (up to date)
(up to date)
* windows_feature[IIS-ManagementService] action install
* windows_feature_dism[IIS-ManagementService] action install (up to date)
(up to date)
* windows_feature[IIS-IIS6ManagementCompatibility] action install
* windows_feature_dism[IIS-IIS6ManagementCompatibility] action install (up to date)
(up to date)
* windows_feature[IIS-ManagementScriptingTools] action install
* windows_feature_dism[IIS-ManagementScriptingTools] action install (up to date)
(up to date)
* windows_feature[IIS-StaticContent] action install
* windows_feature_dism[IIS-StaticContent] action install (up to date)
(up to date)
* windows_feature[IIS-BasicAuthentication] action install
* windows_feature_dism[IIS-BasicAuthentication] action install (up to date)
(up to date)
* windows_feature[IIS-WindowsAuthentication] action install
* windows_feature_dism[IIS-WindowsAuthentication] action install (up to date)
(up to date)
* windows_feature[IIS-Metabase] action install
* windows_feature_dism[IIS-Metabase] action install (up to date)
(up to date)
* windows_service[W3SVC] action enableC:/opscode/chef/embedded/lib/ruby/gems/2.5.0/gems/win32-service-2.1.4/lib/win32/service.rb:1086:in `rescue in block in services': WARNING: Failed to retrieve description for the WinQuic service. (StructuredWarnings::StandardWarning)
C:/opscode/chef/embedded/lib/ruby/gems/2.5.0/gems/win32-service-2.1.4/lib/win32/service.rb:1146:in `rescue in block in services': WARNING: Unable to retrieve failure actions for the WinQuic service (StructuredWarnings::StandardWarning)
(up to date)
* windows_service[W3SVC] action startC:/opscode/chef/embedded/lib/ruby/gems/2.5.0/gems/win32-service-2.1.4/lib/win32/service.rb:1086:in `rescue in block in services': WARNING: Failed to retrieve description for the WinQuic service. (StructuredWarnings::StandardWarning)
C:/opscode/chef/embedded/lib/ruby/gems/2.5.0/gems/win32-service-2.1.4/lib/win32/service.rb:1146:in `rescue in block in services': WARNING: Unable to retrieve failure actions for the WinQuic service (StructuredWarnings::StandardWarning)
(up to date)
* openssl_x509_certificate[C:\Users\Administrator\Desktop\keystore\esrichina.org.cn.pem] action create (skipped due to only_if)
* ruby_block[Convert to PKCS12] action nothing (skipped due to action :nothing)
* esri_iis_iis[Configure HTTPS Binding] action configure_https (up to date)
Recipe: arcgis-enterprise::install_portal
* arcgis_enterprise_portal[Update Portal for ArcGIS service logon account] action nothing (skipped due to action :nothing)
* arcgis_enterprise_portal[Install System Requirements:install_portal] action system
* windows_firewall_rule[Portal for ArcGIS] action create (skipped due to only_if)
* arcgis_enterprise_portal[Unpack Portal for ArcGIS] action unpack (skipped due to only_if)
* arcgis_enterprise_portal[Install Portal for ArcGIS] action install
* template[C:\Chef\misc_scripts/install_portal.bat] action create (skipped due to only_if)
* template[C:\Chef\misc_scripts/install_portal.bat] action nothing (skipped due to action :nothing)
* execute[BUG-000121142] action nothing (skipped due to action :nothing)
* arcgis_enterprise_portal[Configure arcgisportal service] action configure_autostart
* windows_service[Portal for ArcGIS] action enableC:/opscode/chef/embedded/lib/ruby/gems/2.5.0/gems/win32-service-2.1.4/lib/win32/service.rb:1086:in `rescue in block in services': WARNING: Failed to retrieve description for the WinQuic service. (StructuredWarnings::StandardWarning)
C:/opscode/chef/embedded/lib/ruby/gems/2.5.0/gems/win32-service-2.1.4/lib/win32/service.rb:1146:in `rescue in block in services': WARNING: Unable to retrieve failure actions for the WinQuic service (StructuredWarnings::StandardWarning)
(up to date)
(up to date)
* arcgis_enterprise_portal[Start Portal for ArcGIS after upgrade] action start (up to date)
Recipe: arcgis-enterprise::portal
* template[C:\Program Files\ArcGIS\Portal/framework/etc/hostname.properties] action create (skipped due to not_if)
* arcgis_enterprise_portal[Configure hostidentifier.properties] action configure_hostidentifiers_properties
* template[C:\Program Files\ArcGIS\Portal/framework/runtime/ds/framework/etc/hostidentifier.properties] action create
- update content in file C:\Program Files\ArcGIS\Portal/framework/runtime/ds/framework/etc/hostidentifier.properties from ddd60a to c857e6
--- C:\Program Files\ArcGIS\Portal/framework/runtime/ds/framework/etc/hostidentifier.properties 2019-01-17 12:23:54.000000000 +0800
+++ C:\Program Files\ArcGIS\Portal/framework/runtime/ds/framework/etc/chef-hostidentifier20191028-8828-fqmyi9.properties 2019-10-28 14:55:03.913820900 +0800
@@ -4,7 +4,7 @@
#or IP is well-known in the network.
#Syntax: hostidentifier=<host-identifier>
-#hostidentifier=192.168.1.1
+#hostidentifier=192.168.1.61
#Set the preferred host identifier when hostidentifier is not set.
#You can set it to 'ip' or 'hostname'. default is hostname.
@@ -12,5 +12,5 @@
#of your machine will ever change.
#Syntax preferredidentifier=ip | hostname
-#preferredidentifier=ip
+preferredidentifier=hostname
* arcgis_enterprise_portal[Stop Portal for ArcGIS] action nothing (skipped due to action :nothing)
* arcgis_enterprise_portal[Start Portal for ArcGIS] action start (up to date)
* arcgis_enterprise_portal[Authorize Portal for ArcGIS] action authorize (up to date)
* arcgis_enterprise_portal[Create Portal Site] action create_site
* arcgis_enterprise_portal[Configure HTTPS] action configure_https
* arcgis_enterprise_portal[Configure All SSL] action set_allssl (up to date)
Recipe: arcgis-enterprise::install_portal_wa
* arcgis_enterprise_webadaptor[Unpack ArcGIS Web Adaptor] action unpack (skipped due to only_if)
* arcgis_enterprise_webadaptor[Install Web Adaptor for Portal] action install
* arcgis_enterprise_webadaptor[Deploy Web Adaptor for Portal] action deploy (skipped due to not_if)
Recipe: arcgis-enterprise::portal_wa
* arcgis_enterprise_webadaptor[Configure Web Adaptor with Portal] action configure_with_portal
Recipe: arcgis-enterprise::install_server
* arcgis_enterprise_server[Update ArcGIS Server service logon account] action nothing (skipped due to action :nothing)
* arcgis_enterprise_server[Install System Requirements:install_server] action system
* windows_firewall_rule[ArcGIS Server] action create (skipped due to only_if)
* windows_firewall_rule[ArcGIS GeoAnalytics Server] action create (skipped due to only_if)
* arcgis_enterprise_server[Unpack ArcGIS Server Setup] action unpack (skipped due to only_if)
* arcgis_enterprise_server[Setup ArcGIS Server] action install
* arcgis_enterprise_server[Configure arcgisserver service] action configure_autostart
* windows_service[ArcGIS Server] action enableC:/opscode/chef/embedded/lib/ruby/gems/2.5.0/gems/win32-service-2.1.4/lib/win32/service.rb:1086:in `rescue in block in services': WARNING: Failed to retrieve description for the WinQuic service. (StructuredWarnings::StandardWarning)
C:/opscode/chef/embedded/lib/ruby/gems/2.5.0/gems/win32-service-2.1.4/lib/win32/service.rb:1146:in `rescue in block in services': WARNING: Unable to retrieve failure actions for the WinQuic service (StructuredWarnings::StandardWarning)
(up to date)
(up to date)
* arcgis_enterprise_server[Start ArcGIS Server after upgrade] action start (up to date)
Recipe: arcgis-enterprise::server
* arcgis_enterprise_server[Authorize ArcGIS Server] action authorize[2019-10-28T15:42:06+08:00] ERROR: ---- Begin output of "C:\Program Files\Common Files\ArcGIS\bin\SoftwareAuthorization.exe" /VER 10.7 /LIF "C:\Users\Administrator\Desktop\lic\ArcGISGISServerAdvanced_ArcGISServer_722288.prvc" /S ----
STDOUT:
STDERR:
---- End output of "C:\Program Files\Common Files\ArcGIS\bin\SoftwareAuthorization.exe" /VER 10.7 /LIF "C:\Users\Administrator\Desktop\lic\ArcGISGISServerAdvanced_ArcGISServer_722288.prvc" /S ----
Ran "C:\Program Files\Common Files\ArcGIS\bin\SoftwareAuthorization.exe" /VER 10.7 /LIF "C:\Users\Administrator\Desktop\lic\ArcGISGISServerAdvanced_ArcGISServer_722288.prvc" /S returned 1 Retrying software authorization.
[2019-10-28T15:48:44+08:00] ERROR: ---- Begin output of "C:\Program Files\Common Files\ArcGIS\bin\SoftwareAuthorization.exe" /VER 10.7 /LIF "C:\Users\Administrator\Desktop\lic\ArcGISGISServerAdvanced_ArcGISServer_722288.prvc" /S ----
STDOUT:
STDERR:
---- End output of "C:\Program Files\Common Files\ArcGIS\bin\SoftwareAuthorization.exe" /VER 10.7 /LIF "C:\Users\Administrator\Desktop\lic\ArcGISGISServerAdvanced_ArcGISServer_722288.prvc" /S ----
Ran "C:\Program Files\Common Files\ArcGIS\bin\SoftwareAuthorization.exe" /VER 10.7 /LIF "C:\Users\Administrator\Desktop\lic\ArcGISGISServerAdvanced_ArcGISServer_722288.prvc" /S returned 1 Retrying software authorization.
* arcgis_enterprise_server[Stop ArcGIS Server] action stop
* file[Cache server authorization file] action create (skipped due to only_if)
* file[Cache server authorization file] action nothing (skipped due to action :nothing)
* template[C:\Program Files\ArcGIS\Server/framework/etc/hostname.properties] action create (skipped due to not_if)
* arcgis_enterprise_server[Stop ArcGIS Server] action nothing (skipped due to action :nothing)
* arcgis_enterprise_server[Start ArcGIS Server] action start
* directory[C:\arcgisserver] action create
- create new directory C:\arcgisserver
- change owner
* directory[C:\arcgisserver/logs] action create
- create new directory C:\arcgisserver/logs
- change owner
* arcgis_enterprise_server[Create ArcGIS Server site] action create_site
* arcgis_enterprise_gis_service[PublishingTools] action start
* arcgis_enterprise_server[Set server machine properties] action set_machine_properties (up to date)
* arcgis_enterprise_server[Configure HTTPS] action configure_https
Recipe: arcgis-enterprise::install_server_wa
* arcgis_enterprise_webadaptor[Unpack ArcGIS Web Adaptor] action unpack (skipped due to only_if)
* arcgis_enterprise_webadaptor[Install Web Adaptor for Server] action install
* arcgis_enterprise_webadaptor[Deploy Web Adaptor for Server] action deploy (skipped due to not_if)
Recipe: arcgis-enterprise::server_wa
* arcgis_enterprise_webadaptor[Configure Web Adaptor with Server] action configure_with_server
Recipe: arcgis-enterprise::install_datastore
* directory[C:\arcgisdatastore] action create
- create new directory C:\arcgisdatastore
- change owner
* directory[C:\arcgisdatastore/backup] action create
- create new directory C:\arcgisdatastore/backup
- change owner
* arcgis_enterprise_datastore[Update ArcGIS Data Store service logon account] action nothing (skipped due to action :nothing)
* arcgis_enterprise_datastore[Install System Requirements:install_datastore] action system
* windows_firewall_rule[ArcGIS Data Store] action create (skipped due to only_if)
* arcgis_enterprise_datastore[Unpack ArcGIS Data Store] action unpack (skipped due to only_if)
* arcgis_enterprise_datastore[Install ArcGIS Data Store] action install
* arcgis_enterprise_datastore[Configure arcgisdatastore service] action configure_autostart
* windows_service[ArcGIS Data Store] action enableC:/opscode/chef/embedded/lib/ruby/gems/2.5.0/gems/win32-service-2.1.4/lib/win32/service.rb:1086:in `rescue in block in services': WARNING: Failed to retrieve description for the WinQuic service. (StructuredWarnings::StandardWarning)
C:/opscode/chef/embedded/lib/ruby/gems/2.5.0/gems/win32-service-2.1.4/lib/win32/service.rb:1146:in `rescue in block in services': WARNING: Unable to retrieve failure actions for the WinQuic service (StructuredWarnings::StandardWarning)
(up to date)
(up to date)
* arcgis_enterprise_datastore[Configure hostidentifier.properties] action configure_hostidentifiers_properties
* template[C:\Program Files\ArcGIS\DataStore/framework/etc/hostidentifier.properties] action create
- update content in file C:\Program Files\ArcGIS\DataStore/framework/etc/hostidentifier.properties from ddd60a to c857e6
--- C:\Program Files\ArcGIS\DataStore/framework/etc/hostidentifier.properties 2019-02-15 23:19:36.000000000 +0800
+++ C:\Program Files\ArcGIS\DataStore/framework/etc/chef-hostidentifier20191028-8828-17ss53n.properties 2019-10-28 16:03:56.007401300 +0800
@@ -4,7 +4,7 @@
#or IP is well-known in the network.
#Syntax: hostidentifier=<host-identifier>
-#hostidentifier=192.168.1.1
+#hostidentifier=192.168.1.61
#Set the preferred host identifier when hostidentifier is not set.
#You can set it to 'ip' or 'hostname'. default is hostname.
@@ -12,5 +12,5 @@
#of your machine will ever change.
#Syntax preferredidentifier=ip | hostname
-#preferredidentifier=ip
+preferredidentifier=hostname
* arcgis_enterprise_datastore[Stop ArcGIS Data Store] action stop
* arcgis_enterprise_datastore[Stop ArcGIS Data Store] action nothing (skipped due to action :nothing)
* arcgis_enterprise_datastore[Start ArcGIS Data Store] action start
Recipe: arcgis-enterprise::datastore
* arcgis_enterprise_datastore[Configure ArcGIS Data Store] action configure
* arcgis_enterprise_datastore[Change ArcGIS DataStore backup location] action change_backup_location
Recipe: arcgis-enterprise::federation
* arcgis_enterprise_portal[Federate Server] action federate_server
Running handlers:
Running handlers complete
Chef Client finished, 31/109 resources updated in 02 hours 12 minutes 49 seconds
PS C:\Users\Administrator>
查看安装部署结果
联合托管完成
参考
Deploy-a-base-ArcGIS-Enterprise-deployment-on-a-single-machine
