Skip To Content

AWS CloudFormation and ArcGIS for Server

You can use features of Amazon Web Services (AWS) CloudFormation to deploy different ArcGIS for Server architectures on AWS. These architectures include the following:

AWS CloudFormation is a service that helps you define architectures for the Amazon Web Services you use. It is an example of infrastructure as code, meaning you write code that can deploy a particular hardware infrastructure in a cloud environment. In the case of CloudFormation, you use a JavaScript object notation (JSON) template to define a stack of resources that work together in a predetermined way. CloudFormation ensures that you always maintain a minimum number of machines in your site, allowing for seamless recovery when one of your machines is unavailable.

Use Esri sample AWS CloudFormation templates to help you configure a GIS server or web GIS on AWS. Customize these templates or create your own templates to implement your own deployment patterns. You could manually set up the deployments without CloudFormation (using the AWS Management Console or APIs); however, using the CloudFormation templates makes launching and maintaining the architecture easier than doing it manually. CloudFormation templates also make it easier to set up identical architectures in different AWS accounts or regions.

You can also use CloudFormation to launch and maintain a web GIS deployment. Web GIS allows you to take advantage of all components of the ArcGIS for Server platform.

Deploy a highly available GIS server using CloudFormation

Esri provides sample CloudFormation templates that allow you to achieve high availability when working with a single-machine architecture GIS server on AWS, each with their own configuration store, or a highly available GIS server site on AWS that uses a shared configuration store.

Deploy a single-machine (active-active) GIS server site

A single-machine (active-active) GIS server site (formerly referred to as a siloed architecture) contains many identical but independent ArcGIS Server machines that run under a load balancer to distribute jobs among themselves. Each GIS server site is self-contained on a single machine and has its own configuration store. One of the main benefits of this architecture is that it allows you to continue running ArcGIS Server even if you lose any GIS server instance, which means your services are available even if one of the machines fails.

Highly available single-machine architecture GIS server on AWS

However, the single-machine architecture cannot be built with the ArcGIS Server Cloud Builder; you must create it manually using the AWS Management Console or APIs. To help ease creation of a highly available, single-machine GIS server, use AWS CloudFormation, the arcgis-siloed-server-VPC.template, and the steps in Use AWS CloudFormation to define the site and load balancer that holds the ArcGIS Server machines together. The arcgis-siloed-server-VPC.template uses autoscaling, which ensures that you always maintain a minimum number of machines in your site but adds or removes machines based on GIS server usage, allowing for seamless recovery when one of your machines becomes unavailable.

Deploy a highly available GIS server site with a shared configuration store

A GIS server site consists of a web server, web adaptor, data server, and one or more ArcGIS Server installations (including the configuration store and server directories) that you can distribute across multiple machines to increase computing power. Each component in the site plays a specific role in the process of managing the resources that are allocated to a set of services.

You can use one of the arcgis-server-<os>-haconfigstore templates and the steps in Use AWS CloudFormation to define a highly available GIS server site that contains two or more ArcGIS Server installations and uses Amazon Simple Storage Service (S3) and DynamoDB for the configuration store. When you use this template, automatic recovery is set for the ArcGIS Server directories; therefore, if one machine fails, your services will still be available.

The following diagram shows an ArcGIS Server site with a file server machine to store ArcGIS Server directories and DynamoDB for the ArcGIS Server configuration store:

Highly available GIS server using AWS DynamoDB and S3 for ArcGIS Server configuration store

To maintain access to your services even when an entire Amazon Availability Zone is unavailable, you can place the GIS server site in read-only mode after you have published the services you need. This allows you to restore your ArcGIS Server directories.

Configuration store

When you use Amazon S3 and DynamoDB for your configuration store, most services will be highly available with the following exceptions:

  • Geoprocessing services cannot be made highly available.
  • Cached services are not automatically highly available, but you can separately configure them to be highly available.

When you create a highly available GIS server site using one of the arcgis-server-<os>-haconfigstore templates, the following are created in your AWS account:

  • A DynamoDB domain named ArcGISConfigStores in the AWS region in which you deploy the GIS server site, provisioned with 5 read capacity units and 1 write capacity unit
  • A DynamoDB domain for each namespace, named ArcGISConfigStores.<namespace>, created with 250 read- and 25 write-provisioned capacity units
  • An S3 bucket for each namespace, with the name arcgis-config-store-<namespace>-<unique ID>]

Note that when you delete the GIS server site, ArcGIS Server deletes the DynamoDB domains for each namespace and the S3 buckets. You must manually delete the DynamoDB domain if you will not be deploying GIS server sites to that AWS region.

Also note that you must manage provisioned throughput settings on the DynamoDB tables to ensure reliable and fast operation of the GIS server configuration store. Esri recommends that you configure CloudWatch metric alarms so you receive notifications when capacity of these DynamoDB tables exceeds levels that you specify.

Server directories

Sites deployed using the ArcGIS Server high availability template are configured for automatic recovery. If a directory is on an instance that crashes or becomes unavailable, AWS replaces the instance to the state it was in prior to the crash. If the entire Amazon Availability Zone is unavailable for a long time, your GIS server site will not be available. If you need your site to be available even if an Amazon Availability Zone is down, you can place your GIS server site in read-only mode, which makes copies of the server directories on each machine in the GIS server site. You can access those copies to restore your site. Be aware, though, that enabling read-only mode prohibits the publishing of new services and blocks most administrative operations.

If you place your GIS server site in read-only mode, you can follow these steps to recover your GIS server site when an Amazon Availability Zone is down.

  1. Re-create the VPC subnet associated with the failed Availability Zone in a new Availability Zone.
  2. Use the ArcGIS 10.4.1 Server Amazon Machine image to launch an Amazon EC2 instance in the re-created VPC subnet. The instance must have the private address of 10.0.0.4.
  3. Once the instance is running, log in to it and change the ArcGIS administrator account password to match the password specified when you originally created your site using CloudFormation.
  4. Ensure that the root path of the shared server directories location is available.

    You cannot designate a new location for the shared server directories.

  5. Log in to the ArcGIS Server Administrator Directory.
  6. Go to System > directories > recover.
  7. Click Recover. The contents or folder structure of the local repository will be copied to the shared server directories.

Deploy web GIS on one machine

Esri provides a sample CloudFormation template that allows you to deploy a web GIS on AWS. Web GIS deployments include the following ArcGIS products:

  • ArcGIS for Server
  • Portal for ArcGIS
  • ArcGIS Web Adaptor
  • ArcGIS Data Store

The sample arcgis-allinone-<OS>-vpc CloudFormation templates configure all these products to work together as a unified web GIS on a single machine.

  • Portal for ArcGIS is registered with ArcGIS Web Adaptor using the context portal. For example, the registered portal URL is in the format http://<domain name>/portal/home.
  • An ArcGIS Server site is created and registered with ArcGIS Web Adaptor using the context server. For example, the ArcGIS Server Manager URL is in the format http://<domain name>/server/manager.
  • An ArcGIS Data Store is created and registered with the ArcGIS Server site. This allows the ArcGIS Server site to store hosted feature layer data for the portal.
  • The ArcGIS Server site is federated with the portal and set as the portal's hosting server.

You need to have the following before you run the CloudFormation templates to deploy a web GIS:

  • A valid domain name for your site
  • A TLS (SSL) certificate for your domain, obtained from a certifying authority
  • An Elastic IP address that you will associate with the EC2 instance; you must map your domain name to the Elastic IP address

A web GIS deployed on one machine on AWS

Use the web GIS templates and the steps in Use AWS CloudFormation to define a web GIS on AWS.

Deploy a highly available web GIS using CloudFormation

Esri also provides a CloudFormation template that allows you to deploy a highly available web GIS on AWS. This template installs and configures the products listed in the previous section, and it configures each component so that data and services are available even if one machine in the deployment fails. This includes the file server instance configured with AWS Auto Recovery to store the portal content, the configuration store and directories for ArcGIS for Server, and backup files for the relational data store.

At a minimum, a highly available web GIS includes three machines. The following diagram shows the software components per machine of a highly available web GIS on AWS:

Highly available web GIS on AWS

This configuration can optionally include a spatiotemporal big data store cluster.

Note that this instance can only be recovered to the same availability zone. If the whole availability zone is unavailable, your web GIS deployment cannot recover unless you have set up an identical, secondary deployment in a different AWS region. Once you set up a secondary deployment, you can export the primary deployment using the webgisdr tool installed with Portal for ArcGIS. This deployment is shown in the following diagram:

Highly available web GIS deployment replicated using webgisdr tool

Certain icons in the diagrams in this topic are used with permission from Amazon Web Services.