Multiple-machine deployment with ArcGIS Web Adaptor
In this topic
- GIS servers, server directories, and configuration store
- Web Adaptor
- High availability considerations
ArcGIS Server supports the configuration of multiple-machine sites. In a multiple-machine site, two or more GIS servers can be administered and used as a single logical unit, providing ArcGIS Server administrators with great flexibility to easily adjust the computing power of the site by adding or removing GIS servers. Multiple-machine sites also simplify the process of publishing and updating services across multiple GIS servers.
In a multiple-machine deployment, each GIS server must be at the same version number for the site to function correctly. Additionally, the exact same license must be applied to each GIS server that participates in the site.
In its simplest configuration, a multiple-machine site is configured by setting up a pool of two or more GIS servers fronted by ArcGIS Web Adaptor running on your own web application server.
A key aspect of multiple-machine configurations is that all GIS servers share the same configuration store and server directories. In this manner, an administrator can log in to any GIS server using ArcGIS Server Manager and apply changes that will affect all machines within the site. This pattern is also ideal in cases where you want to integrate your site with authentication methods in your organization's web tier.
GIS servers, server directories, and configuration store
Because all GIS servers in multiple-machine configurations share the same configuration store and server directories, you must select a network location for your server directories and configuration store.
Typically, a domain account is chosen for the ArcGIS Server account, because this simplifies the management of data access permissions to network resources. However, depending on your own security policies, you may choose to use local accounts. The ArcGIS Server account (local or domain) needs to have write access to the network share where the configuration store and server directories are located. For more information, see Accounts used by ArcGIS Server.
In a multiple-machine site, load-balancing is handled among all GIS server machines in a single cluster using ports 4004 and above. If your site uses a single cluster, all GIS servers in the site will load-balance requests. If your site uses more than one cluster, load-balancing is handled among all GIS servers within each cluster. Essentially, clusters are independent groups of GIS servers that run dedicated sets of services.
For example, an incoming request is assigned to an available GIS server in the cluster, even if the request was directed to a specific machine within or outside of the cluster. That GIS server then does the work of drawing the map, finding the address coordinate, running the geoprocessing tool, and so on, and returns the result to the client. If a machine is offline or the service that was requested is running in a different cluster, the request is forwarded to the cluster containing the service. The GIS server machines in that cluster load-balance and process the request accordingly.
In large sites with a single cluster, you can configure the site to remove the load-balancing functionality between GIS servers. This reduces network traffic between machines in the site, reduces load on your network, and helps improve monitoring of GIS servers in your site. For details, see Remove load balancing between GIS server machines.
As described in other deployment scenarios, when using file-based data, it is highly recommended to use local resources to the GIS server. This has the disadvantage of forcing you to duplicate your data across all GIS servers, but reduces network traffic and results in higher performance for your services. You should consider this option and use it when applicable. The size of your data and the frequency of updates often dictate if keeping your data local across all machines is practical.
When using databases in this deployment pattern, it is important that you always use dedicated hardware. Keep the database tier independent from the GIS server tier.
In this configuration, ArcGIS Server clients never connect directly to your GIS servers. Instead, they connect through a Web Adaptor that provides security features and makes your overall site more resilient to failures.
From a security perspective, it's not a recommended practice to access the same channel to use and administer your site. Typically, administrative tasks are only enabled through sections of your network or specific machines that can access your GIS servers directly, for example, over port 6080 or 6443. You can overcome this by specifying that only certain IP addresses can access the server in the Administrator Directory. This is controlled by the allowedAdminAccessIPs property in the server's security configuration. To learn how to configure this property to limit access to the server, see the example in Update security configuration.
Requests from client applications are always funneled through ArcGIS Web Adaptor, which can be configured to block the use of any administrative end points. To learn how to do this, see Configuring ArcGIS Web Adaptor after installation.
ArcGIS Web Adaptor also provides the means to integrate ArcGIS Server with standard authentication methods used in your organization. It is a small component that you can install in your own web server acting as a reverse proxy to your GIS servers. For a list of supported web servers, see ArcGIS Web Adaptor system requirements. By configuring ArcGIS Server security to use web-tier authentication (as opposed to GIS-tier authentication), ArcGIS Server will delegate authentication into your web server.
Multiple web adaptors can be configured with your site to support multiple authentication methods. To learn more, see Supporting a mix of public and private services.
ArcGIS Web Adaptor also serves as a load-balancer for the means of handling failures in the GIS server tier. It is important to understand that it is at the GIS server tier where ultimately the decision to run a particular request in one GIS server or another is made. In a multiple-machine site, all GIS servers sharing the same configuration store communicate with each other for the purpose of load-balancing incoming requests to the site. In a multiple-machine site, there is no guarantee that a request forwarded by the load-balancer to a particular GIS server machine will be processed by that specific machine. ArcGIS Web Adaptor will forward requests to your pool of GIS servers following a round-robin, load-balancing algorithm. ArcGIS Web Adaptor will also automatically detect and forward requests to any new GIS server that is added to your site, or it will stop forwarding requests to machines that are unavailable or dropped from your site.
High availability considerations
A highly available variation of this deployment scenario would add redundancy at the Web Adaptor tier as shown in the following diagram. When configuring multiple Web Adaptors with your site, each Web Adaptor will round-robin requests to all the GIS server machines in your site.
Consideration should be taken to also eliminate single points of failure at the data, configuration store, and server directories.
Duplicating your file-based datasets across all GIS servers can help you, although it may not always be possible due to the frequency of changes in your files or their size. If using a network share for your file-based datasets, ensure that your storage is configured for high availability.
Databases supported by ArcGIS also support different levels of high availability configuration. Refer to the database configuration to cluster your database tier.
In this deployment scenario, your configuration store and server directories must always be stored on a network share. If requiring a high availability configuration, ensure that this tier is set up accordingly.
- A single ArcGIS Server site provides the means to easily administer ArcGIS Server and its services across a number of machines.
- Easy to adjust the capacity of your site by adding and removing GIS server machines.
- Load-balancing is handled among GIS servers.
- Integrate standard organization authentication by using web-tier authentication through ArcGIS Web Adaptor.
- Use of server directories and data in shared network locations can negatively affect performance of services under heavy load.