Edge for Private Cloud v. 4.17.09
It is a good practice to disable reachability on a server during maintenance, such as for a server restart or upgrade. When reachability is disabled, no traffic is directed to the server. For example, when reachability is disabled on a Message Processor, Routers will not direct any traffic to that Message Processor.
For example, to upgrade a Message Processor, you can use the following procedure:
- Disable reachability on the Message Processor.
- Upgrade the Message Processor.
- Enable reachability on the Message Processor.
Disabling/enabling reachability on a Message Processor
To disable reachability on Message Processor, you can just stop the Message Processor:
> /opt/apigee/apigee-service/bin/apigee-service edge-message-processor stop
The Message Processor first processes any pending messages before it shuts down. Any new requests are routed to other available Message Processors.
To restart the Message Processor, use the following commands:
> /opt/apigee/apigee-service/bin/apigee-service edge-message-processor start > /opt/apigee/apigee-service/bin/apigee-service edge-message-processor wait_for_ready
The wait_for_ready command returns the following message when the Message Processor is ready to process messages:
Checking if message-processor is up: message-processor is up.
Disabling/enabling reachability on a Router
In a production environment, you typically have a load balancer in front of the Edge Routers. Load balancers monitor port 15999 on the Routers to ensure that the Route is available.
Configure the load balancer to perform an HTTP or TCP health check on the Router using the following URL:
This URL returns an HTTP 200 response code if the Router is reachable.
To make a Router unreachable, you can block port 15999 on the Router. If the load balancer is unable to access the Router on port 15999 it no longer forwards requests to the Router. For example, you can block the port by using the following iptables command on the Router node:
> sudo iptables -A INPUT -i eth0 -p tcp --dport 15999 -j REJECT
To later make the Router available, flush iptables:
> sudo iptables -F
You might be using iptables to manage other ports on the node so you have to take that into consideration when you flush iptables or use iptables to block port 15999. If you are using iptables for other rules, you can use the -D option to reverse the specific change:
> sudo iptables -D INPUT -i eth0 -p tcp --dport 15999 -j REJECT
Checking the status of Router or Message Processor
To get the status of a Router, make a request to port 8081 on the Router:
> curl -v http://<routerIP>:8081/v1/servers/self/up
If the Router is up, the request returns "true" in the response and HTTP 200. Note that this call only checks if the Router is up and running. Control of the Router's reachability from a load balancer is determinedby port 15999
To get the status of a Message Processor:
> curl http://<mpIP>:8082/v1/servers/self/up