my requirement is to have highly available ArcGIS Enterprise Deployment and I have machines (P1,P2, S1,S2,DS1, DS2). I want to federate ArcGIS Server with Portal, configure ArcGIS datastore and set hosting server in Portal. I am going to use AD authentiocation for this deployment.
Now, I am following steps documented here
I first create the multiple machine arcgis server site documented here highly available consideration section.
Is Multiple machine site with multiple web adaptors is also a Active-Active deployment scenario ?
I have Web Server so, For steps 4 and 6 where should I installed Web Adaptors for Portal? First Web adaptors in First web server and Second web adaptor in second web Server ? it is not documented here Configure a highly available portal—Portal for ArcGIS (10.5.x) | ArcGIS Enterprise I know that second web adaptor can only be configure with portal after setting the webContextURL property in portal admin directory.
After federate Server with Portal, Server authentication security and roles managed by Portal so, in that case Do I need Web adaptors for ArcGIS Server ? If do not required Web adaptors for ArcGIS server multiple machine site than how load balance will be handle for multiple machine site ?
How do I federate Server with portal as ArcGIS server site is multiple machine deployment ? Do I have to use NLB URL to federate the server with portal ?
Also, How do I set hosting server in portal as it is highly available deployment and we can set only 1 hosting server for Portal?
A Highly Available Deployment has multiple components, so I will attempt to break this explanation down. The following link will be referenced for IWA or LDAP authentication with client access internal:
Note: If Active Directory needs to be access externally, leverage SAML logins with ADFS.
A Highly Available Portal requires a load balancer to Load Balanced PortalWebContextURL and the PortalAdminURL endpoints to be set. The ArcGIS Web Adaptors are required when leveraging IWA or LDAP Web Tier Authentication with Portal. If using SAML (ADFS) or built-in Users, the Web Adaptors for Portal are not required.
The Web Adaptors for a Highly Available ArcGIS Servers are also not a requirement. The Highly Available ArcGIS Servers are not authenticating access to content - Portal is - and the Load Balancer will handle directing requests for the ServerServiceURL and ServerAdminURL appropriately. When Federating an Highly Available Server environment, the Load Balanced ServerServiceURL and Load Balanced ServerAdminURL will be used.
Note: THe Highly Available ArcGIS Servers can be deployed as a Multiple Machine Site or as Separate Active/Passive Sites. This is dependent on your needs. The link you referenced explains the advantages and disadvantages of each configuration, however this decision is independent from how the Highly Available Portals and Data Stores are configured.
When registering the ArcGIS Data Store with a Highly Available ArcGIS Server deployment, use the Load Balanced ServerAdminURL. This will also allow Portal to set the Load Balanced Server as a single Hosted Server.
The Standby Data Store will specify the Load Balanced ServerAdminURL. However, this Data Store should display as a Standby machine / Highly Available Role.
1. - There are four Load Balanced URLs
2. - Web Adaptors for Highly Available Portal is only required to leverage Web Tier Authentication
3. - Web Adaptors for Highly Available Server is not required.
4. - Data Store is configured for fail over
Let me know if I misunderstood your request or should clarify points in the above information.
I have some questions too, since I am attempting this also.
I want to federate the HA gisservers (2) to the HA portal, but I am not sure how to setup the serverserviceurl and the serveradminurl to the reference the lb? Is this done as json in portaladmin as a property? If not, can you please explain..
There are already two (2) lb's in place.
First one (lb1) is used to configure the WebcontextURL.
Second (lb2) is used to configure the PrivatePortalURL.
Do I need a 3rd one or will the first one suffice to set the serverserviceurl and serveradminurl?
The url https://lb1.domain.com/portal/sharing/rest can be resolved. However federation when attempted just returns an error stating https://lb1.domain.com:6443/arcgis is not accesible, but this same resolves in a browser...
Thank you Michelle