This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Error running new Edge Experience 4.51.00

Posted on 09-21-2021 12:12 PM
FelipeAvilis
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Hi community!

After complete the Edge NewUI install on premise we are facing a strange issue. Its unable to start edge-management-ui. I'll show here all steps:

1. We start all componets:

 

[]$ sudo apigee-all start
+ apigee-service edge-management-ui start
apigee-configutil: edge-management-ui: # OK
apigee-service: edge-management-ui: Not running (NO_LOCKFILE)
apigee-service: edge-management-ui: status=2, continuing
apigee-service: edge-management-ui: OK
apigee-service: edge-management-ui: edge-management-ui is running
+ apigee-service edge-ui start
apigee-configutil: edge-ui: # OK
apigee-service: edge-ui: Not running (NO_PIDFILE)
apigee-service: edge-ui: status=1, continuing
apigee-service: edge-ui: OK
apigee-service: edge-ui: edge-ui is running
[]$

 

2. A feel moments later we check status:

 

[]$ sudo apigee-all status
+ apigee-service edge-management-ui status
apigee-service: edge-management-ui: Not running (DEAD)
+ apigee-service edge-ui status
apigee-service: edge-ui: OK
apigee-all: Error: status failed on [edge-management-ui]

 

3. Looking at logs comes this message:

 

apigee-configutil: edge-management-ui: # OK
# in pid 112172, pgrp=112095 -> 112172
2021/09/21 10:53:57 cwc.searchRoot: /opt/apigee/edge-management-ui-4.51.00-0.0.20004
2021/09/21 10:53:57 Read config file: /opt/apigee/edge-management-ui-4.51.00-0.0.20004/conf/uebe.yaml
2021/09/21 10:53:57 Read config file: /opt/apigee/edge-management-ui-4.51.00-0.0.20004/conf/alm.yaml
2021/09/21 10:53:57 Read config file: /opt/apigee/edge-management-ui-4.51.00-0.0.20004/conf/routes.yaml
2021/09/21 13:54:07 ERROR _ SYSTEM | routes.go:38 | Could not retrieve JWT public key: Get "https://login.e2e.apigee.net/token_key": net/http: TLS handshake timeout
2021/09/21 10:54:07 static.contentRoot: /opt/apigee/edge-management-ui-static
2021/09/21 10:54:07 found single-file navbar content
2021/09/21 10:54:07 missing SSO configuration: ClientID
2021/09/21 10:54:07 missing SSO configuration: ClientSecret
2021/09/21 10:54:07 configuration errors -- exiting

 

Why is it asking for SSO ClientID and ClientSecret? Is SSO Module pre-req for Edge NewUI? This node has no access to the internet.

Here is the conf file. For privacy we replaced some informations by [ ]:

 

#
# PLANET HOMOLOG
#
# IP of the Edge Management Server.
# This node also hosts the Apigee SSO module and the current, or Classic, UI.
IP1=[]

# IP of the Edge UI node.
IP2=[]

# Edge sys admin credentials.
ADMIN_EMAIL=[]
APIGEE_ADMINPW=[] # If omitted, you are prompted for it.

# Edge Management Server information.
APIGEE_PORT_HTTP_MS=8080
MSIP=$IP1
MS_SCHEME=http

#
# Edge UI configuration.
#

# Enable the Edge UI.
EDGEUI_ENABLE_UNIFIED_UI=y
# Specify IP and port for the Edge UI.
# The management UI port must be open for requests to the Edge UI
MANAGEMENT_UI_PORT=3001
MANAGEMENT_UI_IP=$IP2
# Set to 'OPDK' to specify a Private Cloud deployment.
MANAGEMENT_UI_APP_ENV=OPDK
# Disable TLS on the Edge UI.
MANAGEMENT_UI_SCHEME=http

# Location of Edge UI.
MANAGEMENT_UI_PUBLIC_URIS=$MANAGEMENT_UI_SCHEME://$MANAGEMENT_UI_IP:$MANAGEMENT_UI_PORT
MANAGEMENT_UI_SSO_REGISTERED_PUBLIC_URIS=$MANAGEMENT_UI_PUBLIC_URIS
MANAGEMENT_UI_SSO_CSRF_SECRET=[]
# Duration of CSRF token.
MANAGEMENT_UI_SSO_CSRF_EXPIRATION_HOURS=24
# Defaults to 8760 hours, or 365 days.
MANAGEMENT_UI_SSO_STRICT_TRANSPORT_SECURITY_AGE_HOURS=8760

## SSO configuration for the Edge UI.
MANAGEMENT_UI_SSO_ENABLED=n

# Only required if MANAGEMENT_UI_SSO_ENABLED is 'y'
MANAGEMENT_UI_SSO_CLIENT_OVERWRITE=y

MANAGEMENT_UI_SSO_CLIENT_ID=newueclient
MANAGEMENT_UI_SSO_CLIENT_SECRET=[]

#
# Shoehorn UI configuration
#
# Set to http even if you enable TLS on the Edge UI.
SHOEHORN_SCHEME=http
SHOEHORN_IP=$MANAGEMENT_UI_IP
SHOEHORN_PORT=9000

#
# Edge Classic UI configuration.
# Some settings are for the Classic UI, but are still required to configure the Edge UI.
#

# These settings assume that Classic UI is installed on the Management Server.
CLASSIC_UI_IP=$MSIP
CLASSIC_UI_PORT=9000
CLASSIC_UI_SCHEME=http
EDGEUI_PUBLIC_URIS=$CLASSIC_UI_SCHEME://$CLASSIC_UI_IP:$CLASSIC_UI_PORT

# Information about publicly accessible URL for Classic UI.
EDGEUI_SSO_REGISTERD_PUBLIC_URIS=$EDGEUI_PUBLIC_URIS

# Enable SSO
EDGEUI_SSO_ENABLED=n

# The name of the OAuth client used to connect to apigee-sso.
# The default client name is 'edgeui'.
# Apigee recommends that you use the same settings as you used
# when enabling your IDP on the Classic UI.
EDGEUI_SSO_CLIENT_NAME=edgeui
# Oauth client password using uppercase, lowercase, number, and special chars.
EDGEUI_SSO_CLIENT_SECRET=[]
# If set, existing EDGEUI client will deleted and new one will be created.
EDGEUI_SSO_CLIENT_OVERWRITE=y

# Apigee SSO Component configuration
# Externally accessible IP or DNS of Edge SSO module.
SSO_PUBLIC_URL_HOSTNAME=$IP1
SSO_PUBLIC_URL_PORT=9099
# Default is http. Set to https if you enabled TLS on the Apigee SSO module.
# If Apigee SSO uses a self-signed cert, you must also set MANAGEMENT_UI_SKIP_VERIFY to "y".
SSO_PUBLIC_URL_SCHEME=http
# MANAGEMENT_UI_SKIP_VERIFY=y
# SSO admin credentials as set when you installed Apigee SSO module.
SSO_ADMIN_NAME=[]
SSO_ADMIN_SECRET=[]

#
##      SSO Configuration (define external IDP)           #
#
# Use one of the following configuration blocks to        #
# define your IDP settings:                               #
#  - SAML configuration properties                        #
#  - LDAP Direct Binding configuration properties         #
#  - LDAP Indirect Binding configuration properties       #


## LDAP Direct Binding configuration
# Insert this section into your base configuration file, as described previously.

# The type of LDAP profile; in this case, "direct"
SSO_LDAP_PROFILE=direct

# The base URL to which SSO connects; in the form: "ldap://hostname_or_IP:port
SSO_LDAP_BASE_URL=ldap://[]:389

# Attribute name used by the LDAP server to refer to the user's email address; for example, "mail"
SSO_LDAP_MAIL_ATTRIBUTE=[]

# Pattern of the user's DN; for example: =cn={0},ou=people,dc=example,dc=org
# If there is more than one pattern, separate with semicolons (";"); for example:
# =cn={0},ou=people,dc=example,dc=org;=cn={0},ou=people,dc=example,dc=com
SSO_LDAP_USER_DN_PATTERN=[]

## SMTP Configuration (required)
#
SKIP_SMTP=y       # Skip now and configure later by specifying "y".
SMTPHOST=[]
SMTPUSER=[]
SMTPPASSWORD=[]
SMTPSSL=n
SMTPPORT=25     # If no SSL, use a different port, such as 25.
SMTPMAILFROM=[]

 

I've already oppened a ticket on Apigee Support (#1505599) but i think was a good idea to share it with u guys.

About our planet:

 

Thanks for help.

0 3 724
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
FelipeAvilis
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

The support team contacted me and i installed SSO module. Sad but no changes. I've runned the SSO Config and the error persists.

 

0 Likes

Posted on --/--/---- --:-- AM
FelipeAvilis
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

No one , nobody from this community had this problem? Am i the only one?! Is it a IMPOSSIBLE ISSUE? 

If im doing something wrong, please, tell me! Support is taking 24h to give a silmple answer!! 

0 Likes

Posted on --/--/---- --:-- AM
aramkrishna6
Bronze 5
Bronze 5
In response to FelipeAvilis
Reply posted on --/--/---- --:-- AM

@FelipeAvilis  we have just started the edge ui configuration, would like to know, how did you get value for MANAGEMENT_UI_SSO_CSRF_SECRET &  MANAGEMENT_UI_SSO_CLIENT_SECRET (who will provide such value, hence we can configure to edge ui ?)

To answer one of your question "Is SSO Module pre-req for Edge NewUI?" listed link gives the answer

The new Edge UI for Private Cloud  |  Edge for Private Cloud v4.51.00 (apigee.com) 

 

0 Likes
Top Solution Authors
View all