Hi folks,
hope you are doing great
I have set up an apigee hybrid 1.7 on GKE and haven't face any issues so far while installing but when i come to apigee api page and try to create a proxy and deploy but while in deployment I am facing the below error
reference = just for a clear picture of error message in the error message "my-hybrid" is the value that i have passed in my overrides.yaml file
in the step of configure cluster configure
and if i show you the status of deployment
but I am not sure where I am doing mistake
any kind of clue or help would be grateful
Solved! Go to Solution.
It looks like there were some small mistakes in the apigee hybrid doc. You should use that version with the following adjustments:
Can you paste the virtualhost section in the overrides.yaml
First review in your overrides.yaml,
1. That the env matches the name of your environment in Apigee (test)
2. The virtual host matches your environment group in Apigee (test-env-group)
virtualhosts: - name: environment-group-name sslCertPath: ./certs/cert-name.pem sslKeyPath: ./certs/key-name.key envs: - name: environment-name
You may want to also start reviewing the logs of your runtime, apigee-connect, mart, syncronizer pods for errors.
@dknezic @saurabhcbsa hii
my overrides.yaml file looks like this
virtualhosts:
- name: test-env-group
sslCertPath: ./certs/keystore.pem
sslKeyPath: ./certs/keystore.key
envs:
- name: test
so my group name is test-env-group and the environment is test
Does istio ingressgateway pod have the following label ?
app: istio-ingressgateway
If not, pod needs that label
If the label is set on the istio ingressgateway pods, check the following:
* ingressgateway pods are running.
* Apigee watcher pod is running
* Check for errors in ingressgateway and watcher pod logs
@saurabhcbsa hi thanks for quick respond
so i just would like to highlight something while i have installed asm using custom-overlay.yaml file but while installation i got some error log captured
Error from server (NotFound): services "istio-ingressgateway" not found
i got this error message but although asm is successfully installed and even I do not have any pod name as ingress gateway or istio-ingress gateway
below is the workload deployment
and here is the service
ASM installation doesn't look correct, its missing
k8s deployment: "istio-ingressgateway"
k8s service: "istio-ingressgateway"
Above mentioned deployment and service should be there
@saurabhcbsa yes
but i am not sure where i am doing mistake could you guide me on it or if it good if you have a script only for the cluster and asm apart from that i will do
Hi @rohanjangid,
Before getting into it, please note that Apigee 1.7.0 supports up to ASM 1.12, so I recommend using ASM 1.12 (https://cloud.google.com/service-mesh/v1.12/docs/unified-install/install-dependent-tools#download_as...). The simplest way is to add the flag --option legacy-default-ingressgateway with asmcli, like below
./asmcli \
install \
--verbose \
--project_id $PROJECT_ID \
--cluster_name $CLUSTER_NAME \
--cluster_location $CLUSTER_LOCATION \
--output_dir out \
--custom_overlay custom_overlay.yaml \
--enable_all \
--option legacy-default-ingressgateway
and with the custom_overlay.yaml
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
components:
ingressGateways:
- name: istio-ingressgateway
enabled: true
k8s:
nodeSelector:
# default node selector, if different or not using node selectors, change accordingly.
cloud.google.com/gke-nodepool: apigee-runtime
resources:
requests:
cpu: 1000m
service:
type: LoadBalancer
ports:
- name: http-status-port
port: 15021
- name: http2
port: 80
targetPort: 8080
- name: https
port: 443
targetPort: 8443
Alternatively you can also try installing the istio-ingressgateway using the ASM guide (https://cloud.google.com/service-mesh/docs/unified-install/install-anthos-service-mesh#install_gatew...) but you may have to modify the sample ingressgateway they provide. Also, Apigee 1.7.0 only supports ingressgateways in the istio-system namespace, so you'll have to use that one.
@mcdomingo thanks for such a great explanation just would like to ask two more things 😁
1 . In the apigee hybrid 1.7 docs there is also a command as asmcli validate before the installation
./asmcli validate \
--project_id $PROJECT_ID \
--cluster_name $CLUSTER_NAME \
--cluster_location $CLUSTER_LOCATION \
--fleet_id $FLEET_PROJECT_ID \
--output_dir $DIR_PATH
so there i am also facing issues like this
asmcli: [ERROR]: The istio-system namespace doesn't exist.
Please create the "istio-system" and retry, or run the script with the
'--enable_namespace_creation' flag to allow the script to enable it on your behalf.
Alternatively, use --enable_all|-e to allow this tool to handle all dependencies.
so when i try to use the flat --enable_all or -e or anything that start with --enable
it failed and said validation can't run with --enable or -e flag but this flag perfectly run in asmcli install command
2. )
should I have to use your overlay file or i have to use the custom_overlay.yaml file that is mentioned on the doc of apigee hybrid below shown
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
components:
ingressGateways:
- name: istio-ingressgateway
enabled: true
k8s:
nodeSelector:
# default node selector, if different or not using node selectors, change accordingly.
cloud.google.com/gke-nodepool: apigee-runtime
resources:
requests:
cpu: 1000m
readinessProbe:
initialDelaySeconds: 45
periodSeconds: 60
service:
type: LoadBalancer
loadBalancerIP: STATIC_IP # If you do not have a reserved static IP, leave this out.
ports:
- name: http-status-port
port: 15021
- name: http2
port: 80
targetPort: 8080
- name: https
port: 443
targetPort: 8443
meshconfig:
accessLogFormat:
'{"start_time":"%START_TIME%","remote_address":"%DOWNSTREAM_DIRECT_REMOTE_ADDRESS%","user_agent":"%REQ(USER-AGENT)%","host":"%REQ(:AUTHORITY)%","request":"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%","request_time":"%DURATION%","status":"%RESPONSE_CODE%","status_details":"%RESPONSE_CODE_DETAILS%","bytes_received":"%BYTES_RECEIVED%","bytes_sent":"%BYTES_SENT%","upstream_address":"%UPSTREAM_HOST%","upstream_response_flags":"%RESPONSE_FLAGS%","upstream_response_time":"%RESPONSE_DURATION%","upstream_service_time":"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%","upstream_cluster":"%UPSTREAM_CLUSTER%","x_forwarded_for":"%REQ(X-FORWARDED-FOR)%","request_method":"%REQ(:METHOD)%","request_path":"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%","request_protocol":"%PROTOCOL%","tls_protocol":"%DOWNSTREAM_TLS_VERSION%","request_id":"%REQ(X-REQUEST-ID)%","sni_host":"%REQUESTED_SERVER_NAME%","apigee_dynamic_data":"%DYNAMIC_METADATA(envoy.lua)%"}'
like I have already reserved an external IP so I can use it here
also i will give it a try with your shared asmcli install command
Thanks
It looks like there were some small mistakes in the apigee hybrid doc. You should use that version with the following adjustments:
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |