After a successful Edge installation, there are some common tasks that you might want to perform to validate the installation, tune your settings, and customize your configuration. These tasks include:
Task | Description |
---|---|
Invoke commands on Edge components | Use the apigee-service utility to start, stop, restart, and get the status
of each Edge component. |
Configure Edge components | Use properties files to change the default Edge component settings. |
Run apigee-validate | Invoke the test scripts to ensure that your installation of each component was successful. |
Tune JVM heap settings | Optimize your Java memory settings for each node. |
Manage LDAP password policy | Change the default LDAP password and configure various authentication settings. |
Install apigee-monit on the node | Install and use a tool that monitors the components on the node and attempts to restart them if they fail. |
Change the default PostgreSQL password | Apigee recommends that you change the default PostgreSQL password after installing Edge for Private Cloud to maintain the security of your data. |
Set up PostgreSQL purge job(s) | Prune excess data collected by the analytics service. |
Set up Cassandra nodetool repair | Periodic maintenance you should perform on your Cassandra ring to ensure consistency across all nodes. |
Enable autostart | Instruct Edge for Private Cloud to restart automatically during a reboot. |
Install the new Edge UI | Apigee recommends that you install the new Edge UI, which is an enhanced user interface for developers and administrators of Apigee Edge for Private Cloud. |
Note that these are just some of the more common tasks you typically perform after installing Edge. For additional operations and administration tasks, see How to configure Edge and Operations.
Invoke commands on Edge components
Edge installs management utilities under /opt/apigee/apigee-service/bin
that you can
use to manage an Edge installation. For example, you can use the apigee-all
utility
to start, stop, restart, or determine the status of all Edge components on the node:
/opt/apigee/apigee-service/bin/apigee-all stop|start|restart|status|version
Use the apigee-service
utility
to control and configure individual components. The apigee-service
utility has the form:
/opt/apigee/apigee-service/bin/apigee-service component_name action
Where component_name identifies the component. The component must be on the node on
which you execute apigee-service
. Depending on your configuration, values of
component_name can include:
apigee-cassandra
(Cassandra)apigee-openldap
(OpenLDAP)apigee-postgresql
(PostgreSQL database)apigee-qpidd
(Qpidd)apigee-sso
(Edge SSO)apigee-zookeeper
(ZooKeeper)edge-management-server
(Management Server)edge-management-ui
(new Edge UI)edge-message-processor
(Message Processor)edge-postgres-server
(Postgres Server)edge-qpid-server
(Qpid Server)edge-router
(Edge Router)edge-ui
(Classic UI)
In addition to these components, you can also invoke apigee-service
on the
apigee-provision
and apigee-validate
components depending on your
configuration.
For example, to restart the Edge Router, execute the following command:
/opt/apigee/apigee-service/bin/apigee-service edge-router restart
You can determine the list of components installed on the node by examining the
/opt/apigee
directory. That directory contains a subdirectory for every Edge
component installed on the node. Each subdirectory is prefixed by:
apigee
: A third-party component used by Edge. For example,apigee-cassandra
.edge
: An Edge component from Apigee. For example,edge-management-server
.edge-mint
: A Monetization component. For exampleedge-mint-management-server
.
The complete list of actions for a component depends on the component itself, but all components support the following actions:
start, stop, restart
status, version
backup, restore
install, uninstall
Configure Edge components
To configure Edge after installation, you use a combination of .properties
files
and Edge utilities. For example, to configure TLS/SSL on the Edge UI, you edit
.properties
files to set the necessary properties. Changes to .properties
files require you to restart the affected Edge component.
The .properties
files are located in
the /opt/apigee/customer/application
directory.
Each component has its own .properties
file in that directory.
For example, router.properties
and management-server.properties
.
To set a property for a component, edit the corresponding .properties
file, and
then restart the component:
/opt/apigee/apigee-service/bin/apigee-service component restart
For example:
/opt/apigee/apigee-service/bin/apigee-service edge-router restart
When you update Edge, the .properties
files in the
/opt/apigee/customer/application
directory are read. That means the update retains
any properties that you set on the component.
See How to configure Edge for more information on Edge configuration.
Install apigee-monit on the node
After you have completed installing components on a node, you can optionally add the apigee-monit
utility. apigee-monit
will monitor the components on the node and attempt to restart them if they fail.
For more information, see Self healing with apigee-monit.
Configure an OpenLDAP server to be read-only
If your Edge installation contains an OpenLDAP server that does not need to have traffic switched to it, we recommend that you configure the server to be read-only. To do so:
- Create a file
mark_readonly.ldif
on the server with the following lines:dn: olcDatabase={2}bdb,cn=config changetype: modify replace: olcReadOnly olcReadOnly: TRUE
- Execute the following command on the server to mark it readonly:
ldapmodify -a -x -w "$APIGEE_LDAPPW" -D "$CONFIG_BIND_DN" -H "ldap://:10389" -f mark_readonly.ldif
In case the primary server fails, you can switch back to use standby server as primary as follow:
- Create a file
mark_writable.ldif
on the standby server with the following line:dn: olcDatabase={2}bdb,cn=config changetype: modify replace: olcReadOnly olcReadOnly: FALSE
- Execute the following command on the standby server:
ldapmodify -a -x -w "$APIGEE_LDAPPW" -D "$CONFIG_BIND_DN" -H "ldap://:10389" -f mark_writable.ldif