Edge for Private Cloud v. 4.17.09
A typical Edge installation consists of Edge components distributed across multiple nodes. After you install Edge on a node, you then install and configure one or more Edge components on the node.
Installation process
Installing Edge on a node is a multi-step process:
- Disable SELinux on the node or set it to permissive mode. See Install the Edge apigee-setup utility for more.
- Decide if you want to enable Cassandra authentication.
- Decide if you want to set up master-standby replication for Postgres.
- Select your Edge configuration from the list of recommended topologies. For example, you can install Edge on a single node for testing, or on 13 nodes for production. See Installation Topologies for more.
- On each node in your selected topology, install the Edge apigee-setup utility:
- Download the Edge bootstrap_4.17.09.sh file to /tmp/bootstrap_4.17.09.sh.
- Install the Edge apigee-service utility and dependencies.
- Install the Edge apigee-setup utility and
dependencies.
See Install the Edge apigee-setup utility for more.
- Use the apigee-setup
utility to install one or more Edge components on each node based on your selected
topology.
See Install Edge components on a node on a node. - On the Management Server node, use the apigee-setup utility to install apigee-provision,
the utilities that you use to create and manage Edge organizations.
See Onboard an organization for more.
Who can perform the install
The Apigee Edge distribution files are installed as a set of RPMs and dependencies. To install, uninstall, and update Edge RPMs, the commands must be run by the root user or by a user that has full sudo access. For full sudo access, that means the user has sudo access to perform the same operations as root.
Any user who wants to run the following commands or scripts must either be root, or be a user with full sudo access:
-
apigee-service utility:
- apigee-service commands: install, uninstall, update.
- apigee-all commands: install, uninstall, update.
- setup.sh script to install Edge components (Unless you have already used "apigee-service install" to install the required RPMs. Then root or full sudo access if not required.)
- update.sh script to update Edge components
Also, the Edge installer creates a new user on your system, named "apigee". Many Edge commands invoke sudo to run as the "apigee" user.
Any user who wants to run all other commands than the ones shown above must be a user with full sudo access to the "apigee" user. These commands include:
-
apigee-service utility commands, including:
- apigee-service commands such as start, stop, restart, configure.
- apigee-all commands such as start, stop, restart, configure.
Creating a user with full sudo access to "apigee" user
To configure a user to have full sudo access to the "apigee" user, use the "visudo" command to edit the sudoers file to add:
installUser ALL=(apigee) NOPASSWD: ALL
where installUser is the username of the person working with Edge.
Setting permissions on configuration files
Any files or resources used by the Edge commands must be accessible to the "apigee" user. This includes the Edge license file and any config files.
When creating a configuration file, you can change its owner to "apigee:apigee" to ensure that it is accessible to Edge commands:
- Create the file in an editor as any user.
- Chown the owner of the file to "apigee:apigee" or, if you changed the user running the Edge service from the "apigee" user, chown the file to the user who is running the Edge service.
Separating Edge install tasks between root and non-root user
While it is simplest to perform the entire Edge install process as root or by a user that has full sudo access, that is not always possible. Instead, you can separate the process into tasks performed by root and tasks performed by a user with full sudo access to the "apigee" user.
- Tasks performed by root:
- Download and run the bootstrap_4.17.09.sh file:
> curl https://software.apigee.com/bootstrap_4.17.09.sh -o /tmp/bootstrap_4.17.09.sh
> sudo bash /tmp/bootstrap_4.17.09.sh apigeeuser=uName apigeepassword=pWord
This step installs the apigee-service utility and creates the "apigee" user. - Configure a user to have full sudo access to the "apigee" user as described above.
- Install the apigee-setup utility:
> /opt/apigee/apigee-service/bin/apigee-service apigee-setup install - Use the apigee-setup
utility to install Edge RPMs on the node:
> /opt/apigee/apigee-service/bin/apigee-service compName install
The Edge RPMs that you install on the node depend on your topology. The list of available components includes: apigee-provision, apigee-validate, apigee-zookeeper, apigee-cassandra, apigee-openldap, edge-ui, edge-management-server, edge-ui, edge-router, edge-message-processor, apigee-postgresql, apigee-qpidd, edge-postgres-server, edge-qpid-server.
- Download and run the bootstrap_4.17.09.sh file:
-
After the root user installs the Edge RPMs on the node, the user with full sudo access to the "apigee" user completes the configuration process:
- Use the setup.sh
utility to complete the configuration of the Edge components on the node. The form of the
command depends on the components that you installed on the node. For a complete list, see
Install Edge components
on a node.
For example, to complete the installation of ZooKeeper and Cassandra, use the following command:
> /opt/apigee/apigee-setup/bin/setup.sh -p ds -f configFile
where configFile is the Edge configuration file.
Or, to perform an all-in-one install, use the following command:
> /opt/apigee/apigee-setup/bin/setup.sh -p aio -f configFile
- Use the setup.sh
utility to complete the configuration of the Edge components on the node. The form of the
command depends on the components that you installed on the node. For a complete list, see
Install Edge components
on a node.
Location of installation configuration files
You must pass a configuration file to the apigee-setup utility that contains the information about the Edge installation. The only requirement on silent installations is that the configuration file must be accessible or readable by the "apigee" user. For example, put the file in the /usr/local/var or /usr/local/share directory on the node and chown it to "apigee:apigee".
All information in the configuration file is required except for the Edge system administrator's password. If you omit the password, the apigee-setup utility prompts you to enter it on the command line.
See Install Edge components on a node for more.
Handling an installation failure
In the case of a failure during the installation of an Edge component, you can try to correct the issue, and then run the installer again. The installer is designed to be run repeatedly in cases where it detects a failure, or if you later want to change or update a component after installation.
Internet or non-Internet installation
To install Edge on a node, the node must be able to access the Apigee repository:
- Nodes with an external Internet connection
Nodes with an external internet connection access the Apigee repository to install the Edge RPMs and dependencies. - Nodes without an external Internet connection
Nodes without an external Internet connection can access a mirrored version of the Apigee repository that you set up internally. This repository contains all Edge RPMs, but you have to ensure that you have all other dependencies available from repos on the internal network.
To create the internal Apigee repository, you do require a node with an external internet access to be able to download the Edge RPMs and dependencies. Once you have created the internal repo, you can then move it to another node or make that node accessible to the Edge nodes for installation.
Note: Apigee does not host all third-party dependencies in our public repositories. You must download and install these dependencies from publicly accessible repositories.
Using a local Edge repository to maintain your Edge version
One of the reasons to use a local, or mirrored, repository is for installing Edge on nodes with no external internet connection, as described in the previous section.
However, there is another advantage to using a local repo, even for nodes with an external internet connection. When you install Edge from the Apigee public repository, you always install the latest Edge RPMs. Therefore, if you want to download and store Edge RPMs for a specific version of Edge, then you should create a local repo for that Edge version. You can then use that local repo to perform installations for any version of Edge.
For example, you first use the local repo to install an Edge development environment. Then, when you are ready to move to a production environment, you again install Edge from the local repo. By installing from the local repo, you guarantee that your development and production environments match.
A mirrored repo is very flexible. For example, you can create a mirrored repo from the latest Edge RPMs or from a specific version of Edge. After you create the repo, you can also update it to add RPMs from difference Edge versions. See Install the Edge apigee-setup utility for more.
Resolving RPM installation dependencies
The Apigee Edge distribution files are installed as a set of RPM files, each of which can have its own chain of installation dependencies. Many of these dependencies are defined by third-party components that are outside the control of Apigee and can change at any time. Therefore, the documentation does not list the explicit version number of each dependency.
If you are performing an installation on a machine with internet access, the node can download the necessary RPMs and dependencies. However, if you are installing from a node without internet access, you typically set up an internal repo containing all necessary dependencies. The only way to guarantee that all dependencies are included in your local repo is to attempt an installation, identify any missing dependencies, and copy them to the local repo until the installation succeeds.
Common Yum commands
The Edge installation tools for Linux rely on Yum to install and update components. You might have to use several Yum commands to manage an installation on a node.
- Clean all Yum caches:
sudo yum clean all - To update an Edge component:
sudo yum update componentName
For example:
sudo yum update apigee-setup
sudo yum update edge-management-server
File System Structure
Edge installs all files in the /opt/apigee directory.
In this guide and in the Edge Operations Guide, the root installation directory is noted as:
/opt/apigee
The installation uses the following file system structure to deploy Apigee Edge for Private Cloud.
Log Files
The log file for apigee-setup and the setup.sh script is written to /tmp/setup-root.log.
The log files for each component are contained in the /opt/apigee/var/log directory. Each component has its own subdirectory. For example, the logs for the Management Server are in the directory:
/opt/apigee/var/log/edge-management-server
The following tables lists the location of the log files:
Components |
Location |
---|---|
Management Server |
/opt/apigee/var/log/edge-management-server |
Router |
/opt/apigee/var/log/edge-router The Edge Router is implemented by using Nginx. For additional logs, see: /opt/apigee/var/log/edge-router/nginx /opt/nginx/logs |
Message Processor |
/opt/apigee/var/log/edge-message-processor |
Apigee Qpid Server |
/opt/apigee/var/log/edge-qpid-server |
Apigee Postgres Server |
/opt/apigee/var/log/edge-postgres-server |
Edge UI |
/opt/apigee/var/log/edge-ui |
ZooKeeper |
/opt/apigee/var/log/apigee-zookeeper |
OpenLDAP |
/opt/apigee/var/log/apigee-openldap |
Cassandra |
/opt/apigee/var/log/apigee-cassandra |
Qpidd |
/opt/apigee/var/log/apigee-qpidd |
PostgreSQL database |
/opt/apigee/var/log/apigee-postgresql |
Data
Components |
Location |
---|---|
Management Server |
/opt/apigee/data/edge-management-server |
Router |
/opt/apigee/data/edge-router |
Message Processor |
/opt/apigee/data/edge-message-processor |
Apigee Qpid agent |
/opt/apigee/data/edge-qpid-server |
Apigee Postgres agent |
/opt/apigee/data/edge-postgres-server |
ZooKeeper |
/opt/apigee/data/apigee-zookeeper |
OpenLDAP |
/opt/apigee/data/apigee-openldap |
Cassandra |
/opt/apigee/data/apigee-cassandra/data |
Qpidd |
/opt/apigee/data/apigee-qpid/data |
PostgreSQL database |
/opt/apigee/data/apigee-postgres/pgdata |
Post installation tasks
After installation completes, you can perform additional actions on Edge components.
Configuring Edge components post installation
To configure Edge after installation, you use a combination of .properties files and Edge utilities. For example, to configure TLS/SSL on the Edge UI, you edit .properties files to set the necessary properties. Changes to .properties files require you to restart the affected Edge component.
The .properties files are located in the /opt/apigee/customer/application directory. Each component has its own .properties file in that directory. For example, router.properties and management-server.properties.
To set a property for a component, edit the corresponding .properties file, and then restart the component:
> /opt/apigee/apigee-service/bin/apigee-service component restart
For example:
> /opt/apigee/apigee-service/bin/apigee-service edge-router restart
When you update Edge, the .properties files in the /opt/apigee/customer/application directory are read. That means the update retains any properties that you set on the component.
See How to Configure Edge for more information on Edge configuration.
Invoking commands on Edge components
Edge installs management utilities under /opt/apigee/apigee-service/bin that you can use to manage an Edge installation. For example, you can use the apigee-all utility to start, stop, restart, or determine the status of all Edge components on the node:
/opt/apigee/apigee-service/bin/apigee-all stop|start|restart|status|version
Use the apigee-service utility to control and configure individual components. The apigee-service utility has the form:
/opt/apigee/apigee-service/bin/apigee-service component action
For example, to restart the Edge Router:
/opt/apigee/apigee-service/bin/apigee-service edge-router restart
You can determine the list of components installed on the node by examining the /opt/apigee directory. That directory contains a subdirectory for every Edge component installed on the node. Each subdirectory is prefixed by:
- apigee - a third-party component used by Edge. For example, apigee-cassandra.
- edge - an Edge component from Apigee. For example, edge-management-server.
- edge-mint - a Monetization component. For example edge-mint-management-server.
- baas - an API BaaS component. For example baas-usergrid.
The complete list of actions for a component depends on the component itself, but all components support the following actions:
- start, stop, restart
- status, version
- backup, restore
- install, uninstall