Open in app

Sign in

Write

Sign in

Unleashing Tableau’s Potential Part 1: Creating a Scalable and Reliable Tableau Server on AWS Windows Instance

VineethPanicker
17 min readJul 24, 2023

--

Tableau & AWS

In today’s data-driven world, organizations are increasingly relying on powerful visualization tools like Tableau to gain valuable insights and make informed decisions. However, as data volumes grow and user demands increase, it becomes crucial to deploy a Tableau Server infrastructure that can handle the load without compromising performance or availability. That’s where Amazon Web Services (AWS) comes in, offering a robust and scalable cloud platform that empowers you to unlock the full potential of Tableau.

In Part-1 of the blog we are going to deploy a Distributed three node highly available Tableau server on AWS windows 2019 server. Below is the architecture of the same.

Distributed 3-node Tableau Server deployment on AWS

Prerequisites

Minimum Hardware Requirements

PROCESSOR

  • 64-bit ( x64 chipsets)
  • ARM-based processors are not supported

CPU

  • 4 cores (8 vCPUs)

RAM

Version 2022.3 and later:

  • 64 GB — initial node
  • 16 GB — additional nodes

Version 2022.1 and earlier:

  • 16 GB — all nodes

FREE DISK SPACE :- 15 GB

Operating system requirements

The following 64-bit Microsoft Windows Server operating systems are supported:

  • Tableau Server 2021.3.0 and later:
  • Windows Server 2016
  • Windows Server 2019

Hardware Guidelines for High Availability

Here are some guidelines for the systems you use for failover and high availability:

  • Failover — three computers: To configure a cluster that provides failover support for the file store and repository processes, you need at least three computers or VMs: one for the initial Tableau Server node and two for additional nodes.
  • Multiple gateways — three computers and a load balancer: Adding multiple Gateway processes to your Tableau Server installation and using a load balancer to automatically distribute requests to those gateways enhances the reliability of Tableau further. To configure a cluster that provides failover support and multiple gateways, you need to add a load balancer to front your three-node cluster.
  • Failover & multiple gateway support — three computers and a load balancer: To configure a cluster that provides the above plus support for multiple gateways, you need at least three computers or VMs, and a load balancer to front the cluster.
  • High availability — three computers and a load balancer: To configure for high availability, you need the resources described above.
  • Initial computers: If you configure for high availability, the initial Tableau Server node may be running few or no Tableau Server processes. Therefore, the computer that serves as the initial node does not need as many cores as the ones running your additional nodes. You will, however, need adequate disk space for backups because the initial computer is used during the backup and restore processes.

Software

All nodes in a distributed installation must be running the same version of Tableau Server.

Installation location

The installation location for Tableau Server must be the same on all nodes in a cluster. This is true whether you install to the default location or to a non-default location.

Networking and Ports

  • Ports: As with any distributed system, the computers or VMs you use need to be able to communicate with one another.
  • Same domain: If Tableau Server is installed in a Windows Active Directory environment, then all computers in a cluster must be members of the same domain.

Introduction

You can run Tableau Server on two virtual machines (VMs) in a distributed environment, also known as a cluster. However, if you want to run Tableau Server in a highly available (HA) distributed environment, you need to launch three or more Amazon EC2 instances of the same type and capacity on your Amazon Virtual Private Cloud (VPC) and configure them as additional nodes.

Step 1: Create a Virtual Private Cloud (VPC)

Create an Amazon VPC with at least six subnets (three public and three private) in different Availability Zones as seen below. Create a public and private route table as well as Internet Gateway(IGW) and nat-gateway and assign it to the respective subnets with route respectively.

VPC and subnets
Private routes
Public routes

Step 2: Create an AWS Directory Service for the VPC

For this blog we are going to create a Simple AD directory. The directory servers are created in different subnets in your Amazon VPC for redundancy, so that your directory remains accessible even if a failure occurs.

Use the two private subnets available within your Amazon VPC to create the Simple AD so that you can run Tableau Server across Availability Zones.

  1. In the AWS Directory Service console navigation pane, choose Directories and then choose Set up directory.
  2. On the Select directory type page, choose Simple AD, and then choose Next.
  3. On the Enter directory information page, provide the following information:

Directory size : Choose from either the Small or Large size option.

Organization name : A unique organization name for your directory that will be used to register client devices.

Directory DNS name : The fully qualified name for the directory, such as TABLEAU.TEST.COM.

Directory NetBIOS name :The short name for the directory, such as TABLEAU.

Administrator password :The password for the directory administrator. The directory creation process creates an administrator account with the user name Administrator and this password.

Confirm password : Retype the administrator password.

4. On the Choose VPC and subnets page, provide the following information, and then choose Next.

VPC : The VPC for the directory.

Subnets : Choose the subnets for the domain controllers. The two subnets must be in different Availability Zones.

5. On the Review & create page, review the directory information and make any necessary changes. When the information is correct, choose Create directory. It takes several minutes for the directory to be created. Once created, the Status value changes to Active.

Simple AD

Step 3: Deploy Three Amazon EC2 Instances

Deploy three Amazon EC2 instances across three Availability Zones. You’ll install Tableau Server on the first node as the initial server and install Tableau Server on the remaining two nodes as additional servers. All of the instances should be of the same type and capacity.

For creating the EC2 instance follow the below steps,

  1. Open the Amazon EC2 console and choose Launch Instance.
  2. Choose Microsoft Windows Server 2019 Base — ami-xxxxxx and click Select
  3. Select m5.8xlarge and then choose Next: Configure Instance Details.
  4. Select the VPC and the subnets created previously for the Simple AD and in Domain join directory, choose domain created in the previous step.(eg. tableau.test.com)
  5. Choose Enable for Auto-assign Public IP setting and attach a role that has AmazonSSMManagedInstanceCore and AmazonSSMDirectoryServiceAccess permission policies attached to it.
  6. Attach an existing or create a new security group that allows RDP connection from your IP address ,allows access on ports 80,8850,8088,8000–9000,ICMP port and keep the rest of the settings at their defaults.
  7. Now Review and Launch your Instance by selecting an existing key-pair or by creating a new one.
Tableau EC2 Instances
EC2 Security Group Rules

Step 4: Install and Configure Tableau Server

After you have launched the EC2 instances, connect to one of them using RDP by using the credentials that you decrypted for the local administrator account. You’ll install Tableau Server on the Amazon EC2 instances you launched and configure the instances as an initial server and the rest as additional servers.

Before installing the Tableau server we need to edit the Windows hosts file to add an entry for each of the additional nodes. This is because DNS cannot resolve Elastic Compute Cloud (EC2) instance names.

To edit the Windows host file:

  1. Run Notepad as an administrator.
  2. Open the C:\Windows\system32\drivers\etc\hosts file.
  3. Add an entry in the hosts file for each of the nodes. Each entry should include the IP address of the node followed by the domain name.
  4. Save the file.
Hosts File

Firewall requirements

Also if you are running a firewall on the computer where you will be installing Tableau Server we need to allow the following default ports for Tableau Server traffic.

Firewall ports

In the EC2 instance ,Click on Start→Control Panel →Hardware

Now Click on System and Security →Windows Defender Firewall →Advanced Settings on the left pane.

Now Windows Defender Firewall with Advanced Security Tab is opened

Click on Inbound Rules and add the above ports as shown below.

Inbound Rules

Install Tableau Server

Now we need Tableau Services Manager (TSM) for Tableau Server so download the Tableau Server installation file from the Tableau website.

  1. Sign in as a user with administrator access to the computer where you want to install Tableau Server and double-click the installation file.
  2. Follow the on-screen instructions to complete Setup and install the application.
Tableau Service Manager(TSM)

The default installation path is C:\Program Files\Tableau\Tableau Server\<version>. You can choose a different location, including a different drive, either by browsing to or typing in a new path. If you browse to a location, the Setup program appends \Tableau Server to the end of the path.

3. Click Next.

On the Server installation type page, you can specify whether you are installing the first node of a Server installation, or additional nodes in a multi-node installation. You do not need to change this from the default (Create new Tableau Server installation.) unless you are installing a multi-node Tableau Server

4. Click Next.

On the Product activation type page, select whether you want to use the Tableau authorization-to-run (ATR) service to activate Tableau Server (the default), and then click Install.

5. After the installation completes, click Finish. Setup will then open the TSM configuration web page on the computer where you are installing Tableau Server.

Activate and Register Tableau Server

  1. Sign in to Tableau Services Manager Web UI.The account you use must have administrative privileges on the computer where TSM is installed.
  2. On the Activate page, Enter or paste your product key and click Activate Product Key. After your product key is activated, it appears under Activated Product Keys.For our blog we are going to go forward with the default keys.

3. When you’re finished activating product keys, click Next.

4. On the Register page, enter your information into the fields and click Register.

5. After you have activated and registered Tableau Server, the installation program will display the Setup page.

6. In our case we select Active Directory, Tableau Server will populate the Domain and NetBIOS fields from the computer on which you are running Setup.

7. By default, Tableau Server runs under the Network Service account. To use an account that will accommodate NT authentication with data sources, specify a user name and password. (e.g. TABLEAU\Admin)

8. Also checkmark the Include Sample workbooks tab and Click Initialize. The initialization process can take a while. When initialization is complete the following page is displayed:

After Tableau Server is finished initializing, the installation program will display a page to create the Tableau Server administrator. If you configured a LDAP or Active Directory identity store during setup, then you must specify a user account that is a member of the directory.

By default, the Tableau Server installer configures the number of process instances that Tableau Server runs based on the hardware detected by the installer. The default configuration applies to single-server installations and to the initial server of a multi-node installation.

Here’s an example default configuration for a computer with 16 cores:

Default TSM configs

Install and Configure Additional Nodes

After you install Tableau Server on one computer (or node), the server is functional and ready for use, but it has no redundancy. If there is a problem with a process or a problem with the computer itself, Tableau Server may be unavailable. In addition, all processes are running on a single computer, so there can be contention for resources on that computer. You can extend your Tableau Server installation by adding Tableau to additional nodes, creating a distributed installation.

Now to install on another computer connect to that instance and perform the same steps related to editing the hosts file and updating the firewall port as mentioned previously.

For installing the Tableau, first you need to generate the node bootstrap file from the instance where we completed the tableau installation.

  1. Open Tableau Service Manager(TSM) in a browser of the instance where tableau installation has been completed:

https://<tsm-computer-name>:8850

2. Click the Configuration tab, and in the Add a Node box, click Download Bootstrap File. The bootstrap file is created and copied to your local computer.

3. Now you need to connect to the instance where you need to install and initialize an additional tableau node. Copy the original installer you used on the first computer along with the bootstrap file you generated and put them in the new instance.

4. On the new node, run the Tableau Server Setup program. This should be the same installer program you ran on the initial node to install Tableau Server. Accept the terms of the license agreement and click Next.

5. The Install location must be the same on every node in the cluster.Enter the Install location, or click Browse to navigate to the Install location. Click Next to continue.

6. During installation you will be asked to select an installation type.Select Add additional node to existing Tableau Server cluster and click Next to continue.

7. The Use ATR for product activation option which was set for Node 1 will automatically be selected and Click Install to continue.

8. In the installer, after the Tableau Server files are copied, you will be prompted to provide the bootstrap file and the name and password of the TSM administrator.Enter the location of the bootstrap file, or click Browse to navigate to the location and enter the TSM administrator username and password. These credentials must be the credentials of the user that you used during the installation process on the initial node.Click Next to continue.

9. A browser window opens and you are prompted to sign in to TSM. Enter the TSM administrator user name and password.If no browser window opens automatically, open a window and navigate to TSM:

https://<tsm-computer-name>:8850

10. In TSM, click Configuration a message displays, telling you the node was added. Now click Continue.

11. Each node must run Cluster Controller. Cluster Controller is part of the minimum topology and is already selected. If you only want to set the minimum topology for the node, go to next Step below. You might do this if you will be adding additional nodes and are not ready to configure this node beyond the minimum.

If you want to add additional processes to the minimum topology, specify the processes that should run on the node. Do this by selecting the processes you want, or specifying the number of processes that should run on the node.

For example, to add a Gateway and two instances of the Backgrounder on the node:Select Gateway and Set the Backgrounder count to 2.

12. Click Pending Changes at the top of the page. As we are configuring a cluster with three nodes, a Coordination Service ensemble warning displays. You can continue. You will deploy a Coordination Service ensemble in a separate step.

13. Click Apply Changes and Restart and Confirm to confirm a restart of Tableau Server.

14. Repeat the steps mentioned in “Install and Configure additional nodes” on the third instance to install the tableau server.

Deploy a Coordination Service ensemble and Client File Services (CFS)

If you install a total of three or more nodes, you should also deploy a Coordination Service ensemble. If you do not, you will get a warning message every time you make changes to the server configuration or topology. You can ignore this message, but as a best practice you should deploy a multi-node Coordination Service ensemble. In a three-node installation of Tableau Server, the recommended number of Coordination Service instances is three, one on each node.

  1. On the initial node, open a command prompt as administrator.
  2. Stop Tableau Server :tsm stop .If prompted, sign in as a TSM administrator.
  3. Confirm there are no pending changes:tsm pending-changes list.If there are pending changes, you need to either discard the changes or apply them.
  4. Get the node IDs for each node in the cluster:

tsm topology list-nodes -v

5. Use the tsm topology deploy-coordination-service command to add a new Coordination Service ensemble by adding the Coordination Service to specified nodes. For example, deploy the Coordination Service to all three nodes of a three-node cluster, where the nodes are node1, node2, and node3:

tsm topology deploy-coordination-service -n node1,node2,node3

Wait until the command completes and you are returned to the system prompt.

6. If the deployment fails, you need to run the tsm topology cleanup-coordination-service command to remove the unsuccessfully deployed ensemble.

7. Start Tableau Server:tsm start

Now we need to add CFS to additional nodes. We recommend you add CFS to every node running the Coordination Service.

  1. On the initial node, open a command prompt as administrator.
  2. Find the node ID for the node you are adding CFS to:tsm topology list-nodes -v
  3. Add CFS on the node by specifying the node, the process, and a single instance.For example, this command adds an instance of CFS to node2:tsm topology set-process -n node2 -pr clientfileservice -c 1
  4. If you attempt to add an instance of CFS to a node that already is configured with CFS, an error message will let you know there is already an instance on the node.
  5. To add CFS to additional nodes, repeat this step for each node.
  6. Apply the changes:tsm pending-changes apply

Configure processes for node 2

  1. Open TSM in a browser:https://<tsm-computer-name>:8850
  2. Click the Configuration tab.
  3. Specify the processes and number of instances that should run on the first additional node. In this example: Select Gateway. Set the Application Server count to 2.Set the VizQL Server count to 2.Set the Cache Server count to 2.Select Search & Browse.Set the Backgrounder count to 2.Adding Backgrounder to a node will also add an instance of Data Engine if one is not already on the node.Set the Data Server count to 2.Select File Store.Select Repository (pgsql).Select Metrics Service.Select Messaging Service.Select Data Source Properties.Select Content Exploration Service.Select Collections Service.
  4. The specific processes and process counts you set will depend on your organizational environment and needs.

Now configure processes for node 2

  1. In TSM, on the Configuration tab, specify the processes and number of instances that should run on the second additional node.
  2. In this example: Select Gateway. Set the Application Server count to 2.Set the VizQL Server count to 2.Set the Cache Server count to 2.Select Search & Browse. Set the Backgrounder count to 2.Adding Backgrounder to a node will also add an instance of Data Engine if one is not already on the node. Set the Data Server count to 2.Select File Store. Select Metrics Service. Select Data Source Properties. Select Content Exploration Service. Select Collections Service.
  3. Click Pending Changes at the top of the page:

4. The Pending Changes list displays.

5. Click Apply Changes and Restart and Confirm to confirm a restart of Tableau Server.

Step 5: Create a Load Balancer for the Tableau Server Cluster

At this point, all three nodes have gateways, which are used to route requests to available server processes. All gateways are active, but to further reduce the potential for downtime in the cluster, you can configure a load balancer.

  1. In the AWS Console you need to go to EC2 web console and select Target Group and Create Target Group.
  2. Now provide a Target group Name, Target Type, Protocol, Port and Select the VPC where the instances have been created. Keep the Health check setting as default. Now click Create.

3. Once the Target Group is created .Select it and go to Target tab and click Edit. Now Select the instance which you want to add to this target group as registered. Now click on Save.

4. Now go to Load Balancer and create Application Load Balancer. In the Configure Load Balancer Settings provide the Name, Scheme as internet-facing ,IP address Type as IPv4, Listeners Load Balancer Protocol and Port as HTTP and 80 respectively and the VPC and AZ. Select the VPC in which the instance has been created.Click Next

5. Since we are using HTTP protocol and port 80 for this blog we can click Next in the Configure Security Settings tab otherwise we choose HTTPs and port 443 then we need to provide Certificate type and name in this section.

6. In the Configure Security Group choose an existing security group or Create a new one and click Next.

7. In Configure Routing we need to select the Target Group that we created earlier and rest of the settings will be chosen by default.Now click Next.

8. In Register Targets the instances that we selected when creating the Target group is already added .Click Next and now Review the details provided and click Create.

Load Balancer

9. Once the load balancer is created we need to change the load-balancer configuration key-value pairs in the Tableau instance with the tsm configuration set command.

In the Tableau Server bin directory, enter the following command, where name is the URL that will be used to reach Tableau Server through the load balancer:tsm configuration set gateway.public.host "name"

10. Enter the following command, where server1, server2, and so on are the IP addresses for the given CIDR range of subnets for Elastic Load Balancing :tsm configuration set gateway.trusted "server1,server2,..,server30"

11. Apply the changes :tsm apply-pending-changes and start the server so the changes can take effect. tsm start

Now use the DNS name available in the load balancer and paste it on the browser and you would be able to see the Tableau Service Manger screen to logon.

Hope you try out the steps and do comment if you have any issues.In Part 2 of this blog I am going to share how to deploy tableau on AWS linux EC2 instances.

Thanks and Happy Reading !!

References:

  1. Get Started with Tableau Server on Windows(https://help.tableau.com/current/server/en-us/get_started_server.htm)
AWS
Tableau

--

--

VineethPanicker

Written by VineethPanicker

10 Followers

AWS Enthusiast and Lifelong Tech Learner: Exploring the World of Cloud Computing

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams