Community

License Validation failed... Proxy?!

995
6
Jump to solution
01-12-2022 06:52 AM
RiccardoKlinger
by
Occasional Contributor
‎01-12-2022 06:52 AM

Dear Folks,

I successfully deployed ArcGIS enterprise on a private OCP cloud. All pods are up and running. Unfortunately the licensing fails as it seems like the manager cannot communiate with the ESRI-side.

I tried to add some proxy configurations to the nodes via the Replica Sets by adding the ENvironment variable HTTP_PROXY as well as HTTPS_PROXY with "http://my.cool.ip.address:8080/ but it seemed like this was not persistent:

The process to create a new organization has failed...

2022-01-12T11:15:29,095|INFO|I/O exception (java.net.SocketException) caught when processing request to {}->http://service.esri.com:80: Network is unreachable (connect failed)|
2022-01-12T11:15:29,096|INFO|Retrying request to {}->http://service.esri.com:80|

Where can I add the proxy information of our private cloud?

Thanks in advance,

Riccardo

0 Kudos
1 Solution

Accepted Solutions
ChristopherPawlyszyn
by Esri Contributor
Esri Contributor
‎01-14-2022 06:40 AM

When you use a PRVC file to authorize ArcGIS Server (or ArcGIS Enterprise on Kubernetes), it has to perform an online authorization with Esri's servers to confirm the validity of the license and create the proper internal license file. By bypassing that process with an ECP file, I believe you'll be in good shape with organization creation. There are other dependencies that require internet-based resources, so I would still recommend configuring the forward proxy settings once the organization creation completes.


-- Chris Pawlyszyn

View solution in original post

0 Kudos
6 Replies
RiccardoKlinger
by
Occasional Contributor
‎01-12-2022 07:43 AM

I was also trying to add the parameters in the arcgis_env_variables secret prior validation but it was not successful. 

0 Kudos
ChristopherPawlyszyn
by Esri Contributor
Esri Contributor
‎01-13-2022 12:16 PM

Is this dealing with ArcGIS Enterprise on Kubernetes, by chance? I am thinking so from the mentions of pods and replica sets.

 

If so, the forward proxy settings will be set in the Admin -> Security -> Config API with the appropriate non-proxy hosts defined, but that can only be done after the organization is configured. Another thing to make sure of is that the SSL certificate used for decryption is imported as a trusted certificate prior to setting those values.

Configuration (Security)—ArcGIS REST APIs | ArcGIS Developers
https://developers.arcgis.com/rest/enterprise-administration/enterprise/security-configuration.htm

 

That leaves us with a few options. You can install ArcGIS Server on a separate machine and go through either the online of offline authorization process, then use the keycodes file to authorize your ArcGIS Enterprise on Kubernetes deployment. This file is typically located in C:\Program Files\Esri\License10.9\sysgen\ and would need to be renamed with a '.ecp' extension before using during the create organization process. An existing keycodes file at the same version (10.9.x) would be adequate as well.

Hope that helps!


-- Chris Pawlyszyn
0 Kudos
RiccardoKlinger
by
Occasional Contributor
‎01-13-2022 11:49 PM

Thanks for the response and yes, this is kubernetes specific. Just to summarize:

- deploy the pods

- validate the license using another server installation in offline mode

- take the received ecp file and use it for the validation process of the kubernetes org alongside the already created json file.

-> the orgsetup process won't try to communicate with service.esri.com then?

0 Kudos
ChristopherPawlyszyn
by Esri Contributor
Esri Contributor
‎01-14-2022 06:40 AM

When you use a PRVC file to authorize ArcGIS Server (or ArcGIS Enterprise on Kubernetes), it has to perform an online authorization with Esri's servers to confirm the validity of the license and create the proper internal license file. By bypassing that process with an ECP file, I believe you'll be in good shape with organization creation. There are other dependencies that require internet-based resources, so I would still recommend configuring the forward proxy settings once the organization creation completes.


-- Chris Pawlyszyn
0 Kudos
RiccardoKlinger
by
Occasional Contributor
‎01-17-2022 02:05 AM

It was like you said: providing the ecp from an offline licence validation was the solution in my case. Thanks for the support @ChristopherPawlyszyn 

0 Kudos
ChristopherPawlyszyn
by Esri Contributor
Esri Contributor
‎01-18-2022 12:44 PM

Happy to help, glad it was easy to resolve!


-- Chris Pawlyszyn
0 Kudos