Using apigee-edge-js Node js utilities to Load PEM...

markruscitto · 07-06-2018 12:00 PM

Our on prem managment server is only accessible on https. Im trying to use the apigee-edge-js library to load a pem file into the kvm. I'm looking for guidance on how to connect to the management api. I'm trying to specify the Authorization header when setting the --M parameter for the management api parameter, this is the error:

[2018-Jul-06 14:07:36] start invalid option M

sample:

node examples/loadPemIntoKvm --M= -H "Authorization:Basic blahblahblah==" https://car0381bz006.myplace.com:9305/gbts/v1/managementAPI/environments/my-dev ----o=myplace --e=my-dev --m=my_KVM_JWT -F

The only thing I haven't tried is to put the encoded values in for the --u and --p parameters?

dchiesa1

Hi

I'm not clear on the actual options you're using.

BUT, following are some examples for using that command-line tool. Maybe these will help.

Invoke against Edge SaaS, using username + password

node loadPemIntoKvm.js -o myorg -e myenv -m myKvmMap -F file.pem -N keyvalue -u user@example.com

Invoke against Edge OPDK with a specific mgmt server address:

node loadPemIntoKvm.js -o myorg -e myenv -m myKvmMap -F file.pem -N keyvalue -u user@example.com -M https://apigee-edge-mgmtserver.myplace.com:9305 -T

In either case you will be prompted for the password.

I don't understand the URL path you have like /gbts/v1/managementAPI/environments/my-dev .

That's not an endpoint for the Apigee Edge admin API. It might be a URL that is specific to your environment. Maybe you have set up a reverse proxy in front of the Apigee Edge Admin API? If that URL is ... for an API Proxy that is exposed by Apigee Edge, it does not belong in this command.

Some key points:

you should never have an option with three or four dashes (your -o option)
The -M option doesn't take an equals sign. It accepts the URL base for the Edge mgmt server.
There is no possibility to include a -H option. (This isn't curl)

Check the HELP for that loadPemIntoKvm .... it provides a usage statement. (To see help invoke with -h)

markruscitto

Thanks for the guidance Dino , it helped. I tried them both, I get the same response code, ECONNRESET. Which I'm guessing is related to priveleges on my ID, I will follow up with our infra team.

dchiesa1

To troubleshoot, you should be able to do something like

curl -i $mgmtserverurl/v1/o

...and it should return something like this:

HTTP/1.1 401 Unauthorized
Date: Wed, 11 Jul 2018 00:12:42 GMT
Server: Apigee LB
WWW-Authenticate: Basic realm="o"
Content-Length: 0
Connection: keep-alive

That tells you that you can reach the mgmt server API endpoint, but you don't have the proper credentials. If you don't get a valid HTTP response like that, and if you get a message like "Could not resolve host" ... That means you either cannot reach the mgmt server API endpoint, or you've got the wrong endpoint.

Once you resolve that, you can try the nodejs script again.

From your command, it looks like you think the mgmt server url might be https://car0381bz006.myplace.com:9305 .

But.... that's a strange URL for a management server, and it might be wrong. I would start there. Normally the mgmt server for Apigee Edge listens on port 9001, if it has a custom port, but you can set this to be anything when you install Apigee Edge. Regardless of the actual port, often people just define a vhost alias , or port forwarding, to allow direct connection to the management server via a well-known DNS name, without the port.

So do check that. The people who installed Apigee Edge will know what the URL needs to be.

Using apigee-edge-js Node js utilities to Load PEM file into kvm