Specify configuration overrides
The Apigee hybrid installer uses defaults for many settings; however, there are a few settings that do not have defaults. You must provide values for these settings, as explained next.
- Be sure you are in the
hybrid-base-directory /hybrid-filesdirectory. - Copy the
overrides-small.yamlfile from the$APIGEECTL_HOME/examplesoverridesdirectory:cp
$APIGEECTL_HOME/examples/overrides-small.yaml ./overrides/overrides-aks.yamlThis example file provides a basic configuration for a small-footprint hybrid runtime installation, a configuration that is suitable for a your first installation.
-
cdinto theoverridesdirectory: - Open
overrides-aks.yamland add the required property values, shown below. A detailed description of each property is also provided below:Syntax
The
overrides-aks.yamlfile has the following structure and syntax. Values in red, bold italics are property values that you must provide:gcpProjectID : project - id k8sClusterName : aks - cluster - name org : org - name envs : - name : environment - name # The same name of the env you created in the UI hostAlias : test - host - alias sslCertPath : ./ certs / test - cert - name . pem sslKeyPath : ./ certs / test - key - name . key serviceAccountPaths : synchronizer : ./ service - accounts / synchronizer - service - account - name . json udca : ./ service - accounts / udca - service - account - name . json mart : hostAlias : mart - host - alias serviceAccountPath : ./ service - accounts / mart - service - account - name . json sslCertPath : ./ certs / mart - cert - name . pem sslKeyPath : ./ certs / mart - key - name . key metrics : serviceAccountPath : ./ service - accounts / metrics - service - account - name . json logger : enabled : true
Example
The following example shows a completed overrides file with example property values added:
gcpProjectID : hybrid - project k8sClusterName : apigee - hybrid org : hybrid - org envs : - name : test hostAlias : "*" sslCertPath : ./ certs / keystore . pem sslKeyPath : ./ certs / keystore . key serviceAccountPaths : synchronizer : ./ service - accounts / hybrid - project - apigee - synchronizer . json udca : ./ service - accounts / hybrid - project - apigee - udca . json mart : hostAlias : "mart.apigee-hybrid-docs.net" serviceAccountPath : ./ service - accounts / hybrid - project - apigee - mart . json sslCertPath : ./ certs / fullchain . pem sslKeyPath : ./ certs / privkey . key metrics : serviceAccountPath : ./ service - accounts / hybrid - project - apigee - metrics . json logger : enabled : true
- When your finished, save the file.
cd overrides
The following table describes each of the property values that you must provide in the overrides file.
| Variable | Description |
|---|---|
| project-id | Your GCP project ID. |
| aks-cluster-name | Your AKS Kubernetes cluster name. |
| org-name | The name of your Apigee hybrid organization. |
| environment-name | Use the same name that you used when you created an environment in the UI, as explained in Step 5: Add a new environment in the hybrid UI . |
| test-host-alias | (Required) For the quickstart, use the wildcard character " The use of |
| test-cert-name test-key-name | Enter the name of the self-signed TLS key and certificate files that you generated previously in the step Create TLS credentials for the runtime gateway
. These files must be located in
the base_directory
/hybrid-files/certs
directory. For example: sslCertPath: ./certs/keystore.pem sslKeyPath: ./certs/keystore.key |
| synchronizer-service-account-name | The name of the synchronizer service account key file that you generated with the create-service-account
tool. For example: synchronizer: ./service-accounts/hybrid-project-apigee-synchronizer.json |
| udca-service-account-name | The name of the udca service account key file that you generated with the create-service-account
tool. For example: udca: ./service-accounts/hybrid-project-apigee-udca.json |
| mart-host-alias | A qualified DNS name for the MART server endpoint. This name must match
the common name (CN) used in the authorized TLS certificate required for
this configuration. For example, mart.mydomain.com
|
| mart-service-account-name | The name of the mart service account key file that you generated with the create-service-account
tool. |
| mart-cert-name
mart-key-name |
Enter the name of the authorized TLS key and certificate files that you generated previously in the step Create TLS credentials for the MART gateway
.
These files must be located in
the base_directory
/hybrid-files/certs
directory. For example: sslCertPath: ./certs/fullchain.pem sslKeyPath: ./certs/privkey.key |
| metrics-service-account-name | The name of the metrics service account key file that you generated with the create-service-account
tool. For example: serviceAccountPath: ./service-accounts/hybrid-project-apigee-metrics.json |
Summary
The configuration file tells Kubernetes how to deploy the hybrid components to a cluster. Next, you will apply this configuration to your cluster.
1 2 3 (NEXT) Step 4: Install hybrid runtime