This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Google Cloud
- Articles & Information
- Cloud Product Articles
- Install Apigee Microgateway on Kubernetes v1.16.0 ...
Topic Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
LinkedIn
Twitter
imesh
Staff
Topic Options
- Article History
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
0
1
521
Background
At the time this article being written on 14th of July 2020 there are two known issues in the instructions given on the documentation for installing Apigee Microgateway on Kubernetes:
- The first problem is that the Microgateway Installer for Kubernetes (edgemicroctl) is only available for v3.0.2 and the command given on the documentation for downloading edgemicroctl fails.
- Secondly, in Kubernetes v1.16.0 release the extensions/v1beta1 API has been removed. As a result, the generated Microgateway Deployment definition cannot be deployed on Kubernetes releases greater than or equals to v1.16.0.
You could follow below steps for resolving above two problems and installing the latest version of Apigee Microgateway on Kubernetes.
Installation Process
Apigee Microgateway installation process on Kubernetes uses three packages:
Apigee Microgateway v3.1.5, or any other version
- This is used for generating Microgateway configuration file, key and secret.
Apigee Microgateway Installer for Kubernetes v3.0.2 (
edgemicroctl)
- edgemicroctl is used for generating Kubernetes manifests required for deploying Microgateway on Kubernetes.
Apigee Microgateway Docker Image v3.1.5, or any other version
- This is the actual Microgateway runtime Docker image used for deploying Microgateway on Kubernetes.
Steps to Follow
1. First install and configure Apigee Microgateway on the local machine:
organization=# Apigee Cloud organization name environment=# Apigee Cloud environment name username=# Apigee Cloud username
npm install -g edgemicro
edgemicro configure -o ${organization} -e ${environment} -u ${username}
2. Find following values once the installation is completed:
config_file_path=# The path of the Microgateway {org}-{env}-config.yaml file
key=# The key generated at the end of the Microgateway installation
secret=# The secret generated at the end of the Microgateway installation
3. Download Apigee Microgateway Installer for Kubernetes v3.0.2:
curl -L https://raw.githubusercontent.com/apigee-internal/microgateway/master/kubernetes/release/downloadEdg... | sh -s v3.0.2
4. Add `edgemicroctl` client to your PATH. For example, run the following command on a MacOS or Linux system:
cd microgateway_v3.0.2__{OS_ARCH}/
export PATH=$PWD/bin:$PATH
5. Generate Kubernetes resources for Microgateway (Microgateway Deployment, Service and Secret) using Microgateway v3.0.2 installer:
edgemicroctl -org=${organization} -env=${environment} -key=${key} -sec=${secret} -conf=${config_file_path} > microgateway-k8s.yaml
If you are using a Kubernetes release greater than or equal to v1.16.0, please update following two configurations of the Microgateway Deployment definition in the microgateway-k8s.yaml file:
5.1. Change "apiVersion: extensions/v1beta1" of the Deployment to "apiVersion: apps/v1" in the microgateway-k8s.yaml file generated by edgemicoctl.
5.2. Add following label selector for the Deployment under spec/selector section in the microgateway-k8s.yaml file generated by edgemicoctl:
... apiVersion: apps/v1 kind: Deployment metadata: name: edge-microgateway namespace: default spec: replicas: 1 selector: matchLabels: app: edge-microgateway ...
6. Deploy Apigee Microgateway latest release on Kubernetes:
kubectl apply -f microgateway-k8s.yaml
7. Check the status of the Microgateway pod and service:
kubectl get pods -l app=edge-microgateway
If everything goes well, Microgateway pod status should be in Running state:
NAME READY STATUS RESTARTS AGE edge-microgateway-768747d877-nz9hv 1/1 Running 0 18m
Check the status of the service:
kubectl get services -l app=edge-microgateway
If the service is correctly deployed, something similar to following should be shown:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE edge-microgateway NodePort 10.83.247.42 <none> 8000:32134/TCP 19m
8. Either use the NodePort of the above Microgateway service or expose it using a Load Balancer/Ingress to be able to access it from an external network.
References
- Integrate Edge Microgateway with Kubernetes overview: https://docs.apigee.com/api-platform/integrations/kubernetes/k8s-introduction
- How to expose a Service via a Load Balancer: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
- extensions/v1beta1 is removed in Kubernetes v1.16.0 release: https://github.com/kubernetes/kubernetes/blob/v1.16.0/CHANGELOG-1.16.md
Topic Labels
Comments
mw970
Staff
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
05-11-2023
03:03 PM
Note, the default runAsUser is 101 in the edgemicro:latest image as per edgemicro-sidecar-injector-configmap-release.yaml , however the k8s manifest generated by:
edgemicroctl -org=${ORG} -env=${ENV} -key=${EDGEMICRO_KEY} -sec=${EDGEMICRO_SECRET} -conf=${EDGEMICRO_CONF}Still uses runUser: 100:
securityContext:
runAsNonRoot: true
runAsUser: 100In order to use the microgateway-k8s.yaml manifest generated by edgemicroctl with the current edgemicro image, please update the generated manifest as follows:
securityContext:
runAsNonRoot: true
runAsUser: 101In addition to the changes mentioned in the original post.
For convenience, following is a full example microgateway-k8s.yaml manifest which includes:
- apps/v1 change on Deployment mentioned in step 5.1 above
- app selector change on the Deployment spec in step 5.2 above
- runAsUser change
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app: edge-microgateway
name: edge-microgateway
namespace: default
spec:
ports:
- name: http
port: 8000
protocol: TCP
targetPort: 8000
selector:
app: edge-microgateway
type: NodePort
status:
loadBalancer: {}
---
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
name: edge-microgateway
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: edge-microgateway
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: edge-microgateway
spec:
containers:
- env:
- name: EDGEMICRO_ORG
valueFrom:
secretKeyRef:
key: mgorg
name: mgwsecret
- name: EDGEMICRO_ENV
valueFrom:
secretKeyRef:
key: mgenv
name: mgwsecret
- name: EDGEMICRO_KEY
valueFrom:
secretKeyRef:
key: mgkey
name: mgwsecret
- name: EDGEMICRO_SECRET
valueFrom:
secretKeyRef:
key: mgsecret
name: mgwsecret
- name: EDGEMICRO_CONFIG
valueFrom:
secretKeyRef:
key: mgconfig
name: mgwsecret
- name: EDGEMICRO_CONFIG_DIR
value: /opt/apigee/.edgemicro
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: INSTANCE_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
image: gcr.io/apigee-microgateway/edgemicro:latest
imagePullPolicy: Always
name: edge-microgateway
ports:
- containerPort: 8000
resources:
limits:
cpu: "1"
memory: 2Gi
requests:
cpu: "1"
memory: 1Gi
securityContext:
runAsNonRoot: true
runAsUser: 101
status: {}
---
apiVersion: v1
data:
mgconfig: {base64Encoded_mgconfig}
mgenv: {base64Encoded_mgenv}
mgkey: {base64Encoded_mgkey}
mgorg: {base64Encoded_mgorg}
mgsecret: {base64Encoded_mgsecret}
kind: Secret
metadata:
creationTimestamp: null
name: mgwsecret
type: Opaque
kind: Secret
metadata:
creationTimestamp: null
name: mgwsecret
type: Opaque