Edge for Private Cloud v. 4.16.05
It is a good practice to disable reachability on a server during maintenance, such as for a server restart or upgrade. When reachability is disabled, no traffic is directed to the server. For example, when reachability is disabled on a Message Processor, Routers will not direct any traffic to that Message Processor.
For example, to upgrade a Message Processor, you can use the following procedure:
- Disable reachability on the Message Processor.
- Upgrade the Message Processor.
- Enable reachability on the Message Processor.
Disabling/enabling reachability on a Message Processor
To disable reachability on Message Processor, you can just stop the Message Processor:
> /opt/apigee/apigee-service/bin/apigee-service edge-message-processor stop
The Message Processor first processes any pending messages before it shuts down. Any new requests are routed to other available Message Processors.
To restart the Message Processor, use the following commands:
> /opt/apigee/apigee-service/bin/apigee-service edge-message-processor start > /opt/apigee/apigee-service/bin/apigee-service edge-message-processor wait_for_ready
The wait_for_ready command returns the following message when the Message Processor is ready to process messages:
Checking if message-processor is up: message-processor is up.
Disabling/enabling reachability on a Router
In a production environment, you typically have a load balancer in front of the Edge Routers. Load balancers monitor port 15999 on the Routers to ensure that the Route is available. To make a Router unreachable, you can block port 15999 on the Router. If the load balancer is unable to access the Router on port 15999 it no longer forwards requests to the Router.
For example, you can block the port by using the following iptables command on the Router node:
> sudo iptables -A INPUT -i eth0 -p tcp --dport 15999 -j REJECT
To later make the Router available, flush iptables:
> sudo iptables -F
You might be using iptables to manage other ports on the node so you have to take that into consideration when you flush iptables or use iptables to block port 15999. If you are using iptables for other rules, you can use the -D option to reverse the specific change:
> sudo iptables -D INPUT -i eth0 -p tcp --dport 15999 -j REJECT
Checking reachability status
To get the reachable status of a Router, make a request to port 15999 on the Router:
> curl -v http://<routerIP>:15999/v1/servers/self/up
If the Router is reachable, the request returns HTTP 200.
To get reachable status of a Message Processor:
> curl http://<mpIP>:8082/v1/servers/self