You can take advantage of the full ArcGIS Enterprise suite (ArcGIS Server, Portal for ArcGIS, and ArcGIS Data Store) on Microsoft Azure.
You need the following to deploy ArcGIS Enterprise on Microsoft Azure:
- Microsoft Azure subscription
- Esri images
- ArcGIS Enterprise Cloud Builder for Microsoft Azure
- An ArcGIS Enterprise Standard or Advanced license
- Portal for ArcGIS named user licenses
- An SSL certificate from a certifying authority that you have exported to a .pfx file and for which you have set up CNAME mapping to the cloud service domain you specify in Cloud Builder (optional, but strongly recommended)
Get a Microsoft Azure subscription
A Microsoft Azure subscription and account are required to use Microsoft Azure infrastructure and services. Contact Microsoft to purchase a subscription.
Enable programmatic deployment of ArcGIS images
Before you can use the images from the Azure Marketplace, you must enable the programmatic deployment of ArcGIS. An administrator of your Azure subscription must enable programmatic deployment once for the ArcGIS images. This enables all current and future ArcGIS images on the Azure Marketplace.
- Sign in to the Azure portal.
- Browse to the ArcGIS image in the Virtual Machine Marketplace.
- Click Marketplace on the home screen.
- Choose Virtual Machines.
- Type arcgis in the search text box.
- Choose the ArcGIS Enterprise image from the search results.
- Click Want to deploy programatically? Get Started at the bottom of the pane.
The Configure Programmatic Deployment pane appears.
- Read the legal terms and Azure Marketplace Terms. If you accept their conditions, proceed with enabling programmatic deployment.
- Click Enable for your subscription.
- Click Save.
Your Azure subscription is now set to use the ArcGIS Enterprise image from Cloud Builder.
Obtain licenses from Esri
To deploy ArcGIS Enterprise, you need an ArcGIS Server license and Portal for ArcGIS named user licenses.
To federate an Image, GeoAnalytics, or GeoEvent Server with your ArcGIS Enterprise deployment, you'll need appropriate ArcGIS Server role licenses (ArcGIS Image Server, ArcGIS GeoAnalytics Server, or ArcGIS GeoEvent Server).
Get images from Microsoft Azure Marketplace
ArcGIS Enterprise on Microsoft Azure images are available from Microsoft Azure Marketplace. Use these images with ArcGIS Enterprise Cloud Builder for Microsoft Azure to deploy ArcGIS Enterprise and ArcGIS Server sites.
Open Microsoft Azure Marketplace in a web browser and search for esri or arcgis to find the ArcGIS Enterprise on Microsoft Azure images.
Install ArcGIS Enterprise Cloud Builder for Microsoft Azure
Download the ArcGIS Enterprise Cloud Builder for Microsoft Azure installation file, and run it on a local Windows machine to install.
Deploy ArcGIS Enterprise
Use ArcGIS Enterprise Cloud Builder for Microsoft Azure to deploy all components of ArcGIS Enterprise.
- Start ArcGIS Enterprise Cloud Builder for Microsoft Azure.
- Sign in to Microsoft Azure.
If you want to use the Microsoft Azure Government cloud and have an Azure Government subscription, check U.S. Government account.
- Choose the Azure subscription that contains the image you want to use and click next.
- Click Deploy a new site.
- For the base ArcGIS Enterprise deployment, choose ArcGIS Enterprise and click next to proceed to Image and Domain Options.
A base deployment provides the minimum components you need to implement ArcGIS Enterprise: Portal for ArcGIS, a GIS Server site for the portal's hosting server, plus relational and tile cache data stores created through ArcGIS Data Store to store your hosted feature and scene layer data.
- Create a resource group for your site. Click the + button.
A resource group is a container that holds related resources for an application.
- Provide an intuitive name for the resource group. The name can contain alphanumeric characters, dashes (-), underscores (_), parentheses (()), and dots(.).
- Click Check Availability to ensure the name is unique and can be used for your resource group.
- Choose a region for the resource group.
- Click create.
- Once the resource group is created, click close.
- Choose the image to use: either an Esri image, an image in your subscription, or an image you create.
- If you choose an Esri image, use the drop-down list in the To: field to specify the Azure region for your deployment.
- To use an image in your subscription, click Image in this Azure Subscription and choose the image from the drop-down list.
- To create an image from a source .VHD file, follow these steps:
- Click the + button under Image in this Azure Subscription.
- Type a name for the image and click Check Availability to be sure the name is unique.
The image name can contain only letters, numbers, underscores (_), periods (.), or hyphens (-). The name must start with a letter or number and end with a letter, number, or underscore.
- Choose or create a resource group in which to store the image.
- Choose the region in which to create the image. Use the same region that contains the .VHD file.
- For Source Disk, click the button to browse to your .VHD file in your storage account. Choose the storage account the file is in, choose the file, and click ok.
The storage accounts available in the Select Image Disk dialog box are based on the region you chose in the last step.
- Choose the type of image to create.
HDD uses magnetic storage. SSD images use faster, solid state drives.
- Choose the image Size.
The image size determines the minimum size of the operating system disk (C:\) of the virtual machine created from the image. You can increase the size of the provisioned disk for the virtual machine created from the image, but you cannot decrease the size below the image size. See Azure Managed Disks Overview in the Microsoft Azure documentation for more information.
- Click create to create the image.
- Your site deployment requires a public IP address provided by Microsoft Azure, and the public IP address must have a DNS name associated with it. This name is in the format mydomain.<location>.cloudapp.azure.com. Either choose an existing public IP address or type a name for a new domain that ArcGIS Enterprise Cloud Builder for Microsoft Azure will create.
Domain names must be unique within an Azure region. If you want ArcGIS Enterprise Cloud Builder for Microsoft Azure to create the domain, click Check Availability to ensure the domain name is not in use. A check mark appears if your domain name is unique.
Note:
To use a certificate authority issued SSL certificate, the domain name must match the CNAME mapping you configured for the certificate.
Also note that the location prefix will reflect the region in which you deploy your site.
- If you have an ArcGIS Server workgroup edition license, are deploying a test or demonstration site, or only want one machine containing ArcGIS Server, Portal for ArcGIS, and ArcGIS Data Store, click Single machine deployment. Only one Azure machine will be used for your site. If you have an enterprise edition license and want each ArcGIS Enterprise component on a separate virtual machine to distribute resources, do not check Single machine deployment.
- To avoid collision of Azure resource names within resource groups, Cloud Builder allows you to prefix resources with a specified string. Cloud Builder automatically populates this value with a random string. If you want to change this, type a prefix to add to Azure resource names such as load balancers and availability sets.
Prefixes can be up to three alphanumeric characters in length and must start with an alphabetic character.
Adding a prefix avoids collision of resource names and allows you to categorize resources according to your requirements for managing in the Azure portal or billing.
- Click next to proceed to the License and Credentials settings.
- Provide license files to authorize Portal for ArcGIS and the portal's hosting server.
- Browse to your Portal for ArcGIS license file.
- Browse to your ArcGIS GIS Server license file.
- Type a user name and password for the Site Administrator.
This will be used for the ArcGIS Server primary administrator account and the Portal for ArcGIS initial administrator account.
- Type a user name and password for ArcGIS Run As Account.
This is the Windows login under which the Portal for ArcGIS, ArcGIS Server, and ArcGIS Data Store services will run.
- Click next to proceed to Machine Options.
- Type a user name and password for Machine Administrator.
This is the Windows login you will use to administer the virtual machines in your site. The same login and password are used for all machines in your site.
The user name must contain three or more characters, contain no spaces, and cannot be admin or administrator. The password must meet Windows Server 2012 complexity requirements.
- Choose the time zone you want your virtual machines to use.
- If you want Microsoft Windows to apply updates, check Enable Automatic Operating System Updates.
- If you want to directly log in to your virtual machines, check Enable Remote Desktop Access Using Port. The port shown in the UI is the port through which you will access your machines.
In a multimachine deployment, the remote desktop connection provides access to the file share machine. To access the other machines in your deployment, connect to the file share machine and, from there, use remote desktop connections to the other machines using the machine host names, fully qualified domain names, or IP addresses.
- Choose an existing virtual network from the drop-down list or click the plus sign (+) to create a virtual network.
- If you create a virtual network using Cloud Builder, specify the following:
- Type a name for the virtual network. Names must be unique within your Azure subscription.
- Click Check Availability to be sure the name you typed is unique. If the name is unique, a check mark appears in the Name field.
- Choose the range of TCP/IP addresses (the address space class) to be used by your virtual network. See Microsoft documentation for more information on address classes.
- Choose the CIDR value from the VM Count drop-down list to determine the maximum number of addresses to be used in your address space.
- Click create.
- Once the virtual network is created, click close.
- Click next to proceed to ArcGIS Data Store Options.
- Choose which type or types of data store you want to create. For the base ArcGIS Enterprise deployment, you must create a relational data store.
See Apps and functionality that require ArcGIS Data Store in the Portal for ArcGIS administrator guide for help in determining which types of data store you need. If you later decide you need a spatiotemporal big data store, you can add one to your deployment.
- Click next to proceed to Deployment Options.
- Choose or create a storage account for your deployment.
- Type a name for the storage account. Names must be unique. Click Check Availability to confirm the storage account name is unique.
- Choose the type of redundancy for your your storage account: Geo-Redundant, Locally Redundant, or Read-Access Geo-Redundant.
See Azure Storage replication in Microsoft Azure documentation for a description of each redundancy option.
- If your first attempt to deploy using Cloud Builder failed, check Preserve deployment artifacts upon completion when you run Cloud Builder again. If this second attempt fails, files to help troubleshoot the failure will remain on the virtual machines.
Files include a deployment log file, a configuration file, the SSL certificate, and the license file you provided.
- If your IT administrator has placed a wildcard SSL certificate in an Azure Key Vault for you to use, click From Key Vault and choose the Key Vault drop-down list.
- Type a prefix to add to the virtual machine names.
Prefixes are three alphanumeric characters. The prefix must start with an alphabetic character and can contain underscores.
Adding a prefix avoids machine name collisions and allows you to categorize resources according to your requirements for managing in the Azure portal or billing.
- Set virtual machine names, types, and sizes.
- If you want ArcGIS Enterprise Cloud Builder for Microsoft Azure to assign names and default types and sizes to all the virtual machines in your ArcGIS Enterprise deployment, click Use default names and sizes for the machines. The default machine type is Standard_DS3_v2 for all but the web proxy machines, which use Standard_D2_v2 by default. Default disk type is a 128 GB SSD disk.
- If you want to specify the names, types, and sizes of your virtual machines or the number of ArcGIS Server machines, click Specify names and sizes for the individual machines.
- Check Use Azure Cloud Storage for the configuration and content store? if you want to store the Portal for ArcGIS content directory and ArcGIS Server configuration store in Azure Cloud Storage.
Placing these directories in Azure Cloud Storage makes them highly available. If you do not check this option, the directories are stored on disk on the virtual machine used as the file share for the deployment.
- If you checked Use Azure Cloud Storage for the configuration and content store?, optionally specify a storage account where the Azure Cloud Storage will reside. The storage account must be in the same region as your deployment. If you do not have a storage account in that region, click the + button to create a storage account in the resource group for this deployment.
- Type a name for the storage account. Names must be unique. Click Check Availability to confirm the storage account name is unique.
- Choose the type of redundancy for your storage account: Geo-Redundant, Locally Redundant, or Read-Access Geo-Redundant.
See Azure Storage replication in Microsoft Azure documentation for a description of each redundancy option.
- Click create. When the storage account is created, click close to return to Deployment Options.
- When you finish setting deployment options, click next.
- If you chose to Specify names and sizes for the individual machines, clicking to next opens the Machine Options page.
Specify the machine names and sizes on the Machine Options page.
Machine names must be 15 characters or less in length. For Server, Web Proxy, and Spatiotemporal Big Data Store, machine names are specified in a comma separated list of names. Do not place spaces between the commas and the names.
To increase initial disk size, either increase the size of the C drive on the virtual machines by choosing a larger number from the Size of OS Disk drop-down list or check Add a data disk? to add another disk drive to the machines.
License:
Do not run ArcGIS Server on a greater number of CPU cores than you have licensed with Esri, regardless of whether the cores are in the cloud or on-premises. For an explanation of core licensing for virtual machines, see Licensing ArcGIS Enterprise Deployments in Virtualized and Cloud Environments .
When you finish setting and applying machine names, types, and sizes, click next to proceed to the Certificate Options page.
- If you chose Use default names and sizes for the machines, clicking next opens the Certificate Options page.
- If you chose to Specify names and sizes for the individual machines, clicking to next opens the Machine Options page.
- Specify the SSL certificate to use for your deployment. Esri recommends that you use a certificate issued by a certificate authority (CA).
- Choose Certificate issued by a Certificate Authority to use a CA certificate and, in the Domain Name (Alias) text box, type the CNAME you mapped to the site domain you created in step 8. The format of the domain is <domain>.<location>.cloudapp.azure.com.
You can either choose From File, specify the Pfx File you exported from your certificate, and specify the Password set on the file, or choose From Key Vault to specify or create an Azure key vault to store your certificate.
- If your ArcGIS Enterprise deployment is for testing purposes only and, therefore, you are not using a CA certificate, choose Self Signed Certificate (Automatically generated). Cloud Builder will generate a self-signed certificate for your virtual machines. Note that people connecting to your portal will receive warnings that the site is not trusted if you use a self-signed certificate.
- Choose Certificate issued by a Certificate Authority to use a CA certificate and, in the Domain Name (Alias) text box, type the CNAME you mapped to the site domain you created in step 8. The format of the domain is <domain>.<location>.cloudapp.azure.com.
- Click next to view a summary of all the options you chose.
- Review the settings in the Summary pane. If anything needs to be changed, click back to go to the pane where you need to change the information.
Tip:
Click save summary to save your site configuration information to a text file.
- When all settings are correct, click finish to deploy the base ArcGIS Enterprise components.
Tip:
Beginning with 10.5.1, you can change disk types and sizes after you deploy.
When the site successfully deploys, a link to the portal appears in the message box. To connect to your portal at a later time, use the URL format https://<DNS_name>.<region>.cloudapp.azure.com/arcgis/home.
If your hosting server machines have Windows Server 2016 operating systems, you must make a remote desktop connection to each machine in the hosting server site and enable SSL 3.0 in the Internet options before publishing hosted scene layers to your portal. See technical article 000016013 for instructions on enabling SSL 3.0 on Windows Server 2016.
If you want to publish hosted image layers or use GeoAnalytics or raster analysis tools in your portal, add the corresponding ArcGIS Server role to your deployment.