Community
Select to view content in your preferred language

need help in resolving AWS cloud formation deployment error "Received FAILURE signal with UniqueId"

9522
11
10-28-2021 10:29 AM
Labels (1)
Labels
sapnas
by
Frequent Contributor
‎10-28-2021 10:29 AM

I am using AWS cloud formation template provided by ESRI  for ArcGIS Enterprise 10.9 base deployment.  I have encountered error on ArcGISEnterpriseAllInOneWaitCondition with status "Received FAILURE signal with UniqueId xxxxxxxxx". I have raised a ticket with ESRI premium service  and it has been stalled as the personnel assigned to my case doesn't have expertise to resolve it. He is keeping the ticket rolling by sending one email every day. I am reaching out to the Geonet community to see if any one has any insights on what is causing this error. There are no entries in cloud watch or cloud trail to trouble shoot it further. The error occurs right after the creation of EC2 instance. 

0 Kudos
11 Replies
sapnas
by
Frequent Contributor
‎10-29-2021 09:32 AM

Just to add on my previous comment. As per our company policy the EBS volume has to be encrypted so I had made minor change in my CF template. At this point I am just making assumption if that could have caused the process to fail.

0 Kudos
ChristopherPawlyszyn
by Esri Contributor
Esri Contributor
‎11-02-2021 07:54 AM

Is the EC2 instance created as a resource? Typically you'd want to disable rollback on failure so you could look at the Chef logs on the instance (if it's able to be created).

If the instance isn't created, I'd have to assume there's an issue with the change made to the template as well. Could you post a sanitized version of the template here for review?

 

This documentation is fairly generic, but I wanted to link it just in case you hadn't referenced it already.

Troubleshoot ArcGIS deployments on AWS—ArcGIS Enterprise in the cloud | Documentation for ArcGIS Ent...


-- Chris Pawlyszyn
0 Kudos
PatSmyth
by
Occasional Contributor
‎12-08-2021 11:53 AM

Hi - Also trying to deploy a new Enterprise (10.9.1) using the CloudFormation template and receiving the "Received FAILURE signal with UniqueId xxxxxxxxx". I also had to edit the arcgis-enterprise-allinone.template.json template to fix the regex validation that prevents the fully qualified domain from containing a number (this doesn't make any sense as our company name starts with a number and hence all of our domains also start with a number...no reason this should be illegal..what gives?!).

I did not disable rollback on first go that resulted in above error, but will try that on next deploy but wanted to post a sanitized version of our filled out template as there seems to be a lot of places where entering values incorrectly into the template could derail things (e.g. do we just need the name of the s3 bucket with licenses files etc and not the url path to it?).  Anything glaringly wrong in the below values? With secrets manager I have all entries in plain text and use the key specified in the template (e.g. "SiteadminUserPassword": "blah"), so I believe I'm using that correctly but unsure. Any feedback on below would be much appreciated!

stack.png

0 Kudos
sapnas
by
Frequent Contributor
‎12-08-2021 12:21 PM

My ec2 instance was created successfully but encountered issue with the software installation. However ESRI rep I was working with believes that the issue might be related to the disabled internet gateway. Our aws account has connectivity to our company network and IT refused to enable it. 

0 Kudos
ChristopherPawlyszyn
by Esri Contributor
Esri Contributor
‎12-10-2021 10:46 AM

Typically customers would be using a subdomain of their primary domain, so gis.2nformspatial.com (for example) would be more common although using the primary domain shouldn't cause any issues outside of the validation that you mentioned.

Regardless, the A record needs to be configured prior to kicking-off the deployment, so whatever site domain you've input points to the specified elastic IP address. Hopefully the chef-run logs have some more information to crack into this a bit further.


-- Chris Pawlyszyn
0 Kudos
JoeHershman
by MVP Alum
MVP Alum
‎12-16-2021 03:33 PM

So have you ever gotten this to run to success?  I keep seeing similar issues, set it to not remove resources this time so can look at logs.

Thanks,
-Joe
0 Kudos
PatSmyth
by
Occasional Contributor
‎12-17-2021 08:25 AM

Hi Joe - I did finally get our stack to deploy successfully. My snag was with the aws secrets. For the arcgis user password there are pretty specific password requirements that if you are pointing to a aws secret arn in the template you will have no idea its wrong/non-conforming. It was only by putting passwords in as plain text that I was able to see the requirements for arcgis Windows users (which by the way is not documented anywhere in the Enterprise Cloudformation Template). Here are those requirements so you can double check: 

Password must be at least eight characters in length and must contain characters from three of the following four categories: English uppercase characters (A through Z), English lowercase characters (a through z), digits (0 through 9), non-alphabetic characters (for example, !, $, #, %). Password must not contain backslashes (\) or quotation marks ("). Password must not contain the user's account name (arcgis) or parts of the user's full name (ArcGIS user account) that exceed two consecutive characters.

I also have an unconfirmed suspicion that the arcgis user password and your portal admin password cannot be the same as I had stack deploy fail even when I followed above guidelines for arcgis windows password and used the same password for portal admin. Once I made them different, the stack deployed successfully. 

Another important note. I disabled rollback so that I could view the logs per esri guidance and then tried a couple Updates (which for aws means that it tried to pick up the stack build wherever it had left off). Update never worked even with all password requirements met. I had to do full rollback and redeploy stack from beginning with updated params for it to work.

As I mentioned above, I also had to edit the template json because the regex validation for domains prevents it from containing any numbers (even though our company name and all domains contain a number and by any web standard that is totally fine). I was then told multiple times by esri support that editing the template will mean that the resulting Enterprise deployment will be "unsupported." It's just hard to believe that this is maybe the 4th or 5th iteration of CloudFormation template and it is still riddled with gotchas that force users to hack the template and then be told by Esri support that doing so will result in an unsupported deployment. 

Lastly and more to the point of helping you troubleshoot. If you EC2 instance is created, you can remote into it and check out chef logs. But confusingly, the cookbook is not longer chef but something called "cinc". If the ec2 is a windows server those should be here: C:\cinc\arcgis-enterprise-primary.log

Hope some of this is helpful. 

0 Kudos
JoeHershman
by MVP Alum
MVP Alum
‎12-17-2021 08:31 AM

Thanks.  What I see in the chef logs, is that the condition that the template check does was not working either.  I am running now, but according to the log I can only use a '.'  My password had an @ in it which seems to have failed in creating site.

I will see what happens this run

Thanks,
-Joe
0 Kudos
PatSmyth
by
Occasional Contributor
‎12-17-2021 08:38 AM

That could be it. I had no @ in what finally ended up working. Fingers crossed this one goes through for ya. 

0 Kudos