Step 10: Check cluster readiness

Check hybrid cluster readiness

Before applying your configuration and installing the hybrid helm charts, you should check that your Kubernetes cluster is ready for Apigee hybrid installation.

To check the readiness of your cluster, you will create a YAML file with a Kubernetes Job definition and apply that file with kubectl commands to check the cluster. You then check the status of the Kubernetes test job with a kubectl get jobs command.

  1. Verify that kubectl is set to the correct context using the following command. The current context should be set to the cluster to which you are deploying Apigee hybrid.
    kubectl config current-context

    The result should include the name of the cluster you are deploying Apigee hybrid in. For example, on GKE, the context name is usually in the form gke_project-id_cluster-location_cluster-name, as in:

    gke_my-project_us-central1_my-cluster

    If the name cluster name in the context does not match, the following command will get the gcloud credentials of the cluster and set the kubectl context:

    Regional clusters

    gcloud container clusters get-credentials $CLUSTER_NAME \
    --region $CLUSTER_LOCATION \
    --project $PROJECT_ID

    Zonal clusters

    gcloud container clusters get-credentials $CLUSTER_NAME \
    --zone $CLUSTER_LOCATION \
    --project $PROJECT_ID
  2. In your helm-charts directory, create a cluster-check directory:
    mkdir $APIGEE_HELM_CHARTS_HOME/cluster-check
  3. In the $APIGEE_HELM_CHARTS_HOME/cluster-check directory, create a file named apigee-k8s-cluster-ready-check.yaml with the following contents:
    apiVersion: v1
    kind: ServiceAccount
    metadata:
      name: apigee-k8s-cluster-ready-check
    ---
    apiVersion: batch/v1
    kind: Job
    metadata:
      name: apigee-k8s-cluster-ready-check
    spec:
      template:
        spec:
          hostNetwork: true
          serviceAccountName: apigee-k8s-cluster-ready-check
          containers:
            - name: manager
              image: gcr.io/apigee-release/hybrid/apigee-operators:1.14.0
              command:
                - /manager
              args:
              - --k8s-cluster-ready-check
              env:
              - name: POD_IP
                valueFrom:
                  fieldRef:
                    fieldPath: status.podIP
              securityContext:
                runAsGroup: 998
                runAsNonRoot: true
                runAsUser: 999
          restartPolicy: Never
      backoffLimit: 1
    
  4. Apply the apigee-k8s-cluster-ready-check.yaml with the following kubectl command. This will run the test:
    kubectl apply -f $APIGEE_HELM_CHARTS_HOME/cluster-check/apigee-k8s-cluster-ready-check.yaml

    The output should show that the service account and job were created. For example:

    kubectl apply -f $APIGEE_HELM_CHARTS_HOME/cluster-check/apigee-k8s-cluster-ready-check.yaml
    serviceaccount/apigee-k8s-cluster-ready-check created
    job.batch/apigee-k8s-cluster-ready-check created
  5. Check the status of the Kubernetes job with the following command:
    kubectl get jobs apigee-k8s-cluster-ready-check

    If your cluster is ready, the output should look something like:

    NAME                            COMPLETIONS   DURATION   AGE
    apigee-k8s-cluster-ready-check  1/1           8s         1h23m

    If the test failed and your cluster is not ready, the output will look something like:

    NAME                            COMPLETIONS   DURATION   AGE
    apigee-k8s-cluster-ready-check  0/1           44s         44s

    Look for the number of completions:

    • 1/1 Success, your cluster is ready for Apigee hybrid installation.
    • 0/1 The test failed. The cluster is not ready. Proceed to the following steps to troubleshoot the cluster.

  6. If the test did not succeed, check the logs with the following commands.
    1. Get the name of the pod for the cluster pre-check job:
      kubectl get pods | grep apigee-k8s-cluster-ready-check
    2. Get the Kubernetes logs for the pod:
      kubectl logs pod_name

      Where pod_name is the name of the apigee-k8s-cluster-ready-check pod.

  7. Clean up before proceeding to the next step. Delete the Kubernetes job with the following command:
    kubectl delete -f $APIGEE_HELM_CHARTS_HOME/cluster-check/apigee-k8s-cluster-ready-check.yaml

    The output should show that the service account and job were deleted. For example:

    kubectl delete -f $APIGEE_HELM_CHARTS_HOME/cluster-check/apigee-k8s-cluster-ready-check.yaml
    serviceaccount "apigee-k8s-cluster-ready-check" deleted
    job.batch "apigee-k8s-cluster-ready-check" deleted

You have now made sure your Apigee hybrid cluster is ready. Next, let's install the charts to apply your configuration to the hybrid runtime.

Troubleshooting

  1. Cassandra DNS check: If you find error logs similar to DNS resolution was successful but IP doesn't match POD IP, could not resolve hostname or error determining hostname it means your cluster DNS is not configured correctly for a multi-region setup. You can ignore this error if you do not intend to set up multi-region.
  2. Control Plane connectivity check: If you find error logs similar to error creating TCP connection with host then you need to resolve the connectivity from cluster to apigee.googleapis.com and re-run the job.

Next step

1 2 3 4 5 6 7 8 9 10 (NEXT) Step 11: Set up Workload Identity