ArcGIS Server supports the configuration of multiple-machine sites. In a multiple-machine site, two or more ArcGIS Server machines can be administered and used as a single logical unit, providing ArcGIS Server administrators with great flexibility to easily adjust the computing power of the site by adding or removing ArcGIS Server machines. Multiple-machine sites also simplify the process of publishing and updating services across multiple ArcGIS Servers.
In a multiple-machine deployment, each ArcGIS Server must be at the same version number for the site to function correctly. Additionally, the exact same license must be applied to each ArcGIS Server that participates in the site.
In its simplest configuration, a multiple-machine site is configured by setting up a pool of two or more ArcGIS Servers fronted by ArcGIS Web Adaptor running on your own web application server.
A key aspect of multiple-machine configurations is that all ArcGIS Servers share the same configuration store and server directories. In this manner, an administrator can log in to any ArcGIS Server using ArcGIS Server Manager and apply changes that will affect all machines within the site. This pattern is also ideal in cases where you want to integrate your site with authentication methods in your organization's web tier.
ArcGIS Servers, server directories, and configuration store
Because all ArcGIS Servers in multiple-machine configurations share the same configuration store and server directories, you must select a network location for your server directories and configuration store.
Typically, a domain account is chosen for the ArcGIS Server account, because this simplifies the management of data access permissions to network resources. However, depending on your own security policies, you may choose to use local accounts. The ArcGIS Server account (local or domain) needs to have write access to the network share where the configuration store and server directories are located. For more information, see Accounts used by ArcGIS Server.
As described in other deployment scenarios, when using file-based data, it is highly recommended to use local resources to the ArcGIS Server machine. This has the disadvantage of forcing you to duplicate your data across all ArcGIS Servers, but reduces network traffic and results in higher performance for your services. You should consider this option and use it when applicable. The size of your data and the frequency of updates often dictate if keeping your data local across all machines is practical.
When using databases in this deployment pattern, it is important that you always use dedicated hardware. Keep the database tier independent from the ArcGIS Server tier.
In this configuration, ArcGIS Server clients never connect directly to your ArcGIS Servers. Instead, they connect through a Web Adaptor that provides security features and makes your overall site more resilient to failures.
From a security perspective, it's not a recommended practice to access the same channel to use and administer your site. Typically, administrative tasks are only enabled through sections of your network or specific machines that can access your ArcGIS Servers directly, for example, over port 6080 or 6443. You can overcome this by specifying that only certain IP addresses can access the server in the Administrator Directory. This is controlled by the allowedAdminAccessIPs property in the server's security configuration. To learn how to configure this property to limit access to the server, see the example in Update security configuration.
Requests from client applications are always funneled through ArcGIS Web Adaptor, which can be configured to block the use of any administrative end points. To learn how to do this, see Configure ArcGIS Web Adaptor after installation.
ArcGIS Web Adaptor also provides the means to integrate ArcGIS Server with standard authentication methods used in your organization. It is a small component that you can install in your own web server acting as a reverse proxy to your ArcGIS Servers. For a list of supported web servers, see ArcGIS Web Adaptor system requirements. By configuring ArcGIS Server security to use web-tier authentication (as opposed to GIS-tier authentication), ArcGIS Server will delegate authentication into your web server.
Multiple web adaptors can be configured with your site to support multiple authentication methods. To learn more, see Support a mix of public and private services.
ArcGIS Web Adaptor also serves as a load-balancer for the site. ArcGIS Web Adaptor will forward requests to your pool of ArcGIS Servers following a round-robin, load-balancing algorithm. ArcGIS Web Adaptor will also automatically detect and forward requests to any new ArcGIS Server that is added to your site, or it will stop forwarding requests to machines that are unavailable or dropped from your site.
High availability considerations
A highly available variation of this deployment scenario would add redundancy at the Web Adaptor tier as shown in the following diagram. When configuring multiple Web Adaptors with your site, each Web Adaptor will round-robin requests to all the ArcGIS Server machines in your site.
Consideration should be taken to also eliminate single points of failure at the data, configuration store, and server directories.
Duplicating your file-based datasets across all ArcGIS Servers can help you, although it may not always be possible due to the frequency of changes in your files or their size. If using a network share for your file-based datasets, ensure that your storage is configured for high availability.
Databases supported by ArcGIS also support different levels of high availability configuration. Refer to the database configuration to cluster your database tier.
In this deployment scenario, your configuration store and server directories must always be stored on a network share. If requiring a high availability configuration, ensure that this tier is set up accordingly.
- A single ArcGIS Server site provides the means to easily administer ArcGIS Server and its services across a number of machines.
- Easy to adjust the capacity of your site by adding and removing ArcGIS Server machines.
- Load-balancing is handled among ArcGIS Servers.
- Integrate standard organization authentication by using web-tier authentication through ArcGIS Web Adaptor.
- Server performance can suffer when shared locations are used for multi-machine site directories and data, owing to several factors — network bandwidth and stability, opportunistic locking, and network drive performance among them.
- Use of server directories and data in shared network locations can also negatively affect performance of services under heavy load.