This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Apigee Hybrid 1.8 fresh install

Posted on 08-24-2022 03:21 PM
aramkrishna6
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

Hi,
This with reference to fresh install of Apigee hybrid 1.8.x with GKE and EKS
1)As per link 
Lists following "If you have followed the instructions for Anthos Service Mesh (ASM), Workload Identity is already enabled for the cluster"
Is this statement applicable for Apigee ingress gateway as well, in case if we opt to use Apigee ingress gateway instead of using ASM ?

 

2) As per link 
Did not find the EKS Tab or section for EKS under listed topic “Configure Apigee hybrid for multi-region”
It lists Tabs for GKE, GKE-Onprem,AKS and OpenShift only

@dino 

Solved Solved
0 6 616
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
kidiyoor
Staff
In response to aramkrishna6
Reply posted on --/--/---- --:-- AM

1. Workload identify is not a hard pre-requisite for Apigee Ingress Gateway.
2. We will update our docs to include(or link) instructions to enable workload identity in cluster. For now - you can use this Enable Workload Identity link. Rest of the instructions at Enabling Workload Identity with Apigee hybrid is still valid to enable workload identify in Apigee hybrid.

View solution in original post

Jump to Solution
6 REPLIES 6

Posted on --/--/---- --:-- AM
kidiyoor
Staff
Reply posted on --/--/---- --:-- AM

The first link is not working. However, I think what you are asking is - if workload identity is by default enabled during Apigee ingress gateway installation(which happens by default in 1.8). No, Apigee ingress gateway installation does not enable workload identity of the cluster.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
aramkrishna6
Bronze 5
Bronze 5
In response to kidiyoor
Reply posted on --/--/---- --:-- AM

Thanks @kidiyoor  for clarity.

Any specific reason Workload Identity is enabled for ASM but not for Apigee ingress gateway ?

If so what's the option to enable Workload Identity for Apigee ingress gateway ?

How do i enable 

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
kidiyoor
Staff
In response to aramkrishna6
Reply posted on --/--/---- --:-- AM

1. Workload identify is not a hard pre-requisite for Apigee Ingress Gateway.
2. We will update our docs to include(or link) instructions to enable workload identity in cluster. For now - you can use this Enable Workload Identity link. Rest of the instructions at Enabling Workload Identity with Apigee hybrid is still valid to enable workload identify in Apigee hybrid.

Jump to Solution

Posted on --/--/---- --:-- AM
aramkrishna6
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

@kidiyoor    Just want to make sure, we don't loose this point (which i raise initially in this topic) . I am assuming Google is working on updating below information ?

2) As per link 
Did not find the EKS Tab or section for EKS under listed topic “Configure Apigee hybrid for multi-region”
It lists Tabs for GKE, GKE-Onprem,AKS and OpenShift only

Jump to Solution

Posted on --/--/---- --:-- AM
kidiyoor
Staff
In response to aramkrishna6
Reply posted on --/--/---- --:-- AM

Yes, we are working on adding the tab for EKS.

Jump to Solution

Posted on --/--/---- --:-- AM
guid1984
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

It would be really great if we have a section dedicated to configuring WorkloadIdentity for Apigee hybrid on EKS. We want to mitigate the management of ServiceAccounts but I am not able to find documentation that lists the steps for enabling WorkloadIdentity support for Apigee Hybrid runtime on EKS.

Jump to Solution
0 Likes
Top Solution Authors
View all