After the install

After a successful Edge installation, there are some common tasks that you might want to perform to validate the installation, tune your settings, and customize your configuration. These tasks include:

Task Description
Invoke commands on Edge components Use the apigee-service utility to start, stop, restart, and get the status of each Edge component.
Configure Edge components Use properties files to change the default Edge component settings.
Run apigee-validate Invoke the test scripts to ensure that your installation of each component was successful.
Tune JVM heap settings Optimize your Java memory settings for each node.
Manage LDAP password policy Change the default LDAP password and configure various authentication settings.
Install apigee-monit on the node Install and use a tool that monitors the components on the node and attempts to restart them if they fail.
Change the default PostgreSQL password Apigee recommends that you change the default PostgreSQL password after installing Edge for Private Cloud to maintain the security of your data.
Set up PostgreSQL purge job(s) Prune excess data collected by the analytics service.
Set up Cassandra nodetool repair Periodic maintenance you should perform on your Cassandra ring to ensure consistency across all nodes.
Enable autostart Instruct Edge for Private Cloud to restart automatically during a reboot.
Install the new Edge UI Apigee recommends that you install the new Edge UI, which is an enhanced user interface for developers and administrators of Apigee Edge for Private Cloud.

Note that these are just some of the more common tasks you typically perform after installing Edge. For additional operations and administration tasks, see How to configure Edge and Operations.

Invoke commands on Edge components

Edge installs management utilities under /opt/apigee/apigee-service/bin that you can use to manage an Edge installation. For example, you can use the apigee-all utility to start, stop, restart, or determine the status of all Edge components on the node:

/opt/apigee/apigee-service/bin/apigee-all stop|start|restart|status|version

Use the apigee-service utility to control and configure individual components. The apigee-service utility has the form:

/opt/apigee/apigee-service/bin/apigee-service component_name action

Where component_name identifies the component. The component must be on the node on which you execute apigee-service. Depending on your configuration, values of component_name can include:

  • apigee-cassandra (Cassandra)
  • apigee-openldap (OpenLDAP)
  • apigee-postgresql (PostgreSQL database)
  • apigee-qpidd (Qpidd)
  • apigee-sso (Edge SSO)
  • apigee-zookeeper (ZooKeeper)
  • edge-management-server (Management Server)
  • edge-management-ui (new Edge UI)
  • edge-message-processor (Message Processor)
  • edge-postgres-server (Postgres Server)
  • edge-qpid-server (Qpid Server)
  • edge-router (Edge Router)
  • edge-ui (Classic UI)

In addition to these components, you can also invoke apigee-service on the apigee-provision and apigee-validate components depending on your configuration.

For example, to restart the Edge Router, execute the following command:

/opt/apigee/apigee-service/bin/apigee-service edge-router restart

You can determine the list of components installed on the node by examining the /opt/apigee directory. That directory contains a subdirectory for every Edge component installed on the node. Each subdirectory is prefixed by:

  • apigee: A third-party component used by Edge. For example, apigee-cassandra.
  • edge: An Edge component from Apigee. For example, edge-management-server.
  • edge-mint: A Monetization component. For example edge-mint-management-server.

The complete list of actions for a component depends on the component itself, but all components support the following actions:

  • start, stop, restart
  • status, version
  • backup, restore
  • install, uninstall

Configure Edge components

To configure Edge after installation, you use a combination of .properties files and Edge utilities. For example, to configure TLS/SSL on the Edge UI, you edit .properties files to set the necessary properties. Changes to .properties files require you to restart the affected Edge component.

The .properties files are located in the /opt/apigee/customer/application directory. Each component has its own .properties file in that directory. For example, router.properties and management-server.properties.

To set a property for a component, edit the corresponding .properties file, and then restart the component:

/opt/apigee/apigee-service/bin/apigee-service component restart

For example:

/opt/apigee/apigee-service/bin/apigee-service edge-router restart

When you update Edge, the .properties files in the /opt/apigee/customer/application directory are read. That means the update retains any properties that you set on the component.

See How to configure Edge for more information on Edge configuration.

Install apigee-monit on the node

After you have completed installing components on a node, you can optionally add the apigee-monit utility. apigee-monit will monitor the components on the node and attempt to restart them if they fail. For more information, see Self healing with apigee-monit.

Configure an OpenLDAP server to be read-only

If your Edge installation contains an OpenLDAP server that does not need to have traffic switched to it, we recommend that you configure the server to be read-only. To do so:

  1. Create a file mark_readonly.ldif on the server with the following lines:
    dn: olcDatabase={2}bdb,cn=config
      changetype: modify
      replace: olcReadOnly
      olcReadOnly: TRUE
  2. Execute the following command on the server to mark it readonly:
      ldapmodify -a -x -w "$APIGEE_LDAPPW" -D "$CONFIG_BIND_DN" -H "ldap://:10389" -f mark_readonly.ldif

In case the primary server fails, you can switch back to use standby server as primary as follow:

  1. Create a file mark_writable.ldif on the standby server with the following line:
      dn: olcDatabase={2}bdb,cn=config
      changetype: modify
      replace: olcReadOnly
      olcReadOnly: FALSE
  2. Execute the following command on the standby server:
      ldapmodify -a -x -w "$APIGEE_LDAPPW" -D "$CONFIG_BIND_DN" -H "ldap://:10389" -f mark_writable.ldif