Self-Deploy Tableau Server on AWS in a Distributed Environment
If you want to run Tableau Server in a highly available (HA) distributed environment, also known as a cluster, you need to launch three or more Amazon EC2 instances of the same type and capacity to your Amazon Virtual Private Cloud (VPC) and configure them as worker nodes.
The following scenario assumes that you have three Amazon EC2 instances with Tableau Server installed on each instance. One instance is configured as the primary node, and the other two instances are configured as worker nodes.
The following steps show how to install and deploy Tableau Server on a cluster of three Amazon EC2 instances in a highly available and scalable configuration.
The following steps assume that you have an Amazon VPC with at least six subnets (three public and three private) in different Availability Zones, as shown below. Be sure to use static IP addresses when setting up your IP addresses. For information about how to create a VPC with public and private subnets, see Scenario 2: VPC with Public and Private Subnets in the Amazon Virtual Private Cloud User Guide at the AWS website.
Launch one EC2 instance into each of the three subnets in your VPC for use as Remote Desktop gateways.
For more information about how to launch and connect to a Windows instance, see Getting Started with Amazon EC2 Windows Instances in the Amazon EC2 User Guide for Windows Instances at the AWS website.
Follow the steps in the Create a Microsoft AD Directory section, in the AWS Directory Service Administration Guide at the AWS website, to create a fully-managed Samba-based directory in AWS. When you create a directory with Microsoft AD, the AWS Directory Service creates two directory servers and DNS servers. The directory servers are created in different subnets in your Amazon VPC for redundancy, so that your directory remains accessible even if a failure occurs.
Use the two private subnets available within your Amazon VPC to create the Microsoft AD so that you can run Tableau Server across Availability Zones.
Deploy three Amazon EC2 instances across three Availability Zones, as shown in the following figure. You’ll use the node you installed previously as the primary server and these two new nodes as workers. All of the instances should be of the same type and capacity.
These Amazon EC2 instances can be auto-joined to the Simple AD domain created in step 2 either via the console or by following the steps in Joining a Windows Instance to an AWS Directory Service Domain in the Amazon EC2 User Guide for Windows Instances at the AWS website.
After you have launched the EC2 instances, connect to them from one of the Remote Desktop Gateway (RDGW) instances by using the credentials that you decrypted for the local administrator account.
You’ll install Tableau Server on the Amazon EC2 instances you launched in Step 3: Deploy Three Amazon EC2 Instances and configure the instances as primary and worker servers. For more information about installing and configuring Tableau Server on a primary and worker nodes, see Distributed Environments.
Follow the steps outlined in Getting Started with Elastic Load Balancing in the Elastic Load Balancing User Guide at the AWS website to launch a load balancer within your VPC.
In Step 1: Select a Load Balancer Type, if you want the load balancer to be publicly accessible, select the two public subnets. Otherwise, select the Create an internal load balancer check box and choose the two private subnets.
If you choose to expose the load balancer with a public endpoint, make sure that you configure Elastic Load Balancing with SSL, as explained in Create a Classic Load Balancer with an HTTPS Listener in the Elastic Load Balancing Classic Load Balancer Guide at the AWS website.
In Step 2: Configure Your Load Balancer and Listener of the instructions, in the Elastic Load Balancing User Guide at the AWS website, ensure that your security group is configured to allow access on port 80 or 443 only, with the source limited to hosts or ranges of hosts that will access Tableau Server.
In Step 4: Configure Your Target Group, you can specify the ping path as /.
In Step 5: Register Targets with Your Target Group, select the Tableau Server instances and ensure that Enable CrossZone Load Balancing is selected so that the load balancer can load-balance the traffic across the instances in multiple Availability Zones.
Update Tableau Server to use the load balancer. For more information, see Add a Load Balancer in the Tableau Server Help.
Alternatively, you can configure Tableau Server to work with a load balancer by performing the following steps.
Create a subnet for your load balancer that has a CIDR block with a /27 bitmask, for 32 IP addresses.
Note: The IP addresses provided by Elastic Load Balancing are dynamic, and Tableau Server needs a list of static IP addresses for this configuration. To make this work, we’re creating a subnet with the smallest possible CIDR range so that the IP addresses the load balancer has are limited to a finite set.
For the next steps we’ll use the tabadmin command. This command enables you to perform administrative tasks from the command line on Tableau Server and installs with Tableau Server by default. For a general overview, see How to Use tabadmin in the Tableau Server Help
In the Tableau Server bin directory, enter the following command, where name is the URL that will be used to reach Tableau Server through the load balancer:
tabadmin set gateway.public.host "name"
Enter the following command, where server1, server2, and so on are the IP addresses for the given CIDR range of subnets for Elastic Load Balancing:
tabadmin set gateway.trusted "server1,server2,..,server30"
Apply the changes:
Start the server so the changes can take effect.