0

This is the only doc I can find for installing Search on ADS app server. Alas, it is ambiguous and, I fear, is missing some info I need to get ADS search (Code, Wiki, Work Item) to work from my disaster recovery site ADS App Server.

Here is the setup. The WSFC and AOAG are configured and are working as expected. Note that APP01 and APP02 are not in a WSFC.

enter image description here

Using the ADS Admin Console on APP01, I successfully installed and configured Code, Wiki, and Work Item Search. With DB01 as the AOAG primary, when I search from the APP01 ADS web portal, results come back as expected:

enter image description here

Now, I want to be able to do the same search from APP02. My first try was to use the ADS Admin Console on APP02 to configure Search the same way I did on APP01. Search installed ok, but when I search from the APP02 ADS web portal, I get an error:

enter image description here

I went back and re-read the doc that I referenced above and came to the conclusion that I instead should have copied the contents of APP01 {drive}:\Program Files\Azure DevOps Server 2020\Search\zip to APP02 and followed the instructions in the readme.txt file. So, I uninstalled search from APP01 and APP02, reinstalled it on APP01, and then copied the contents of APP01 {drive}:\Program Files\Azure DevOps Server 2020\Search\zip to APP02 and followed the instructions in the readme.txt file, i.e., I ran Configure-TFSSeach.ps1 on APP02. Search seemed to install ok - all good messages from the .ps1, no errors. But, when I ran the search from the APP02 ADS web portal, Same error as before.

How do I get search to work from the APP02 ADS Web Portal?

VA systems engineer
  • 2,856
  • 2
  • 14
  • 38
  • I don't think installing search on the Application Tier is only really supported for single server setups. In a multi-server setup, you install Search on its own server. – jessehouwing Dec 13 '21 at 17:59
  • You'd install Search on a separate server and then point each Application Tier to it during the install process of each server: https://learn.microsoft.com/en-us/azure/devops/project/search/install-configure-search?view=azure-devops#install-or-update-search-on-a-separate-server – jessehouwing Dec 13 '21 at 18:02
  • Microsoft doesn't support setting up ES in cluster mode. There are no docs and multiple closed support tickets pointing out that you'll need to figure that out yourself with support from Elastic, but they (MS) don't support it. – jessehouwing Dec 13 '21 at 18:11
  • Or you install Search with server A and then point server B to the search server on server A upon installation. Do not install more than one instance of Search. – jessehouwing Dec 13 '21 at 18:12
  • on APP01 (from which search works), TFS Admin Console, Search section, the Search URL is http://localhost:9200. On APP02, TFS Admin console, I selected "Use an existing Search Service" and entered a `Search Service URL` == http://app01:9200, and also tried `Search Service URL` == http://app01. Both failed to configure. Where do I get the APP01 `Search Service URL` that I need to enter into APP02 TFS Admin Console? – VA systems engineer Dec 13 '21 at 18:26
  • You may need to tweak the `elasticsearch.yml` (in `C:\Program Files\Azure DevOps Server 2020\Search\ES\elasticsearchv6.2\config`) to bind to the external IP address and open up the windows firewall. – jessehouwing Dec 13 '21 at 19:37

1 Answers1

1

Ok, so this scenario isn't well documented on Microsoft's side. They don't explain how to configure elastic search to scale across multiple nodes and Microsoft support closes every ticket out there on the devcommunity with the notice: "Not a supported scenario, reach out to Elastic for guidance".

The scenario that is supported it to install Elastic Search on the Application Tier for a Single Tier installation of Azure DevOps Server. That's basically what happens when you select to install Search as part of you application tier.

For security, Elastic Search is bound to the local loopback IP and no firewall ports are opened up on the first server (A), so when you install a second application tier (B), there is no way to point that at the instance of Elastic Search on A.

So, in your scenario, where you already know you need to scale, the process would be as follows:

  • Install Azure DevOps on Server A do not install search.
  • Manually install Search on Server A (as if it's a stand-alone installation)
  • Ensure the firewall is opened to receive traffic from Server B later.
  • Configure IPSec to encrypt the traffic between Server A and Server B.
  • Install Azure DevOps on Server B, point it to the elastic Search instance on Server A during installation.

Or completely ignore Search during installation:

If you already have Elastic Search installed on either Server A or Server B you can go into the Azure DevOps Admin console and remove the Search feature from the server (won't actually uninstall Elastic Search, will just remove the configuration):

enter image description here

Then change the network binding:

enter image description here

Then restart the Elastic Search service:

enter image description here

Make sure you point to the Fully Qualified Domain Name of the server running ElasticSearch, or its IP address. If you only enter the host name, the installation wizard will revert your settings back to localhost for some obscure reason.

enter image description here

See also:

jessehouwing
  • 106,458
  • 22
  • 256
  • 341
  • Be sure to patch ElasticSearch after installation: https://jessehouwing.net/azure-devops-patch-for-log4j-vulnerability/ – jessehouwing Dec 14 '21 at 14:46