Step 1: Create a cluster

Before you begin:

These steps assume you have created environment variables in the previous steps. Check them with the following commands:

echo $PROJECT_ID
echo $ANALYTICS_REGION
echo $ORG_NAME
echo $ENV_NAME

This procedure explains how to set up the cluster in which you will run Apigee hybrid. The instructions vary depending on the platform in which you are running hybrid. Select your platform to see the instructions.

GKE

This step explains how to set up your shell environment and create a GKE cluster in your Google Cloud project.

Creating a cluster

  1. Gather your cluster requirements for Apigee hybrid cluster: The minimum configurations for your cluster are:
    Configuration Stateful node pool Stateless node pool
    Number of nodes 3 (per region) 3 (per region)
    CPU 4 4
    RAM 15 15
    Default label name apigee-data apigee-runtime
    Storage dynamic Managed with the ApigeeDeployment CRD

    For more details on minimum cluster configuration see: Minimum cluster configurations

  2. Check the version of GKE supported by this version of hybrid version 1.6.3:
  3. Use the following instructions to create a regional cluster with a minimum of 6 nodes:
    • Creating a regional cluster.
  4. Create a minimum of two node pools for your cluster. The minimum node pool requirements are:
    Default node pool name Description Minimum nodes Minimum CPUs per node pool Minimum CPUs per node
    apigee-data A stateful node pool. 3 4 4/number of nodes in the pool
    apigee-runtime A stateless node pool. 3 4 4/number of nodes in the pool

    Follow the instructions in Adding and managing node pools.

    For more details about node pool configuration see: Configure dedicated node pools

  5. After creating the cluster enable workload identity on the cluster with the following command:
    gcloud container clusters update ${CLUSTER_NAME} \
      --workload-pool=$PROJECT_ID.svc.id.goog \
      --region ${ANALYTICS_REGION}

    For more information see Enabling Workload Identity on a cluster

  6. Get the gcloud credentials of the cluster you just created with the following command:
    gcloud container clusters get-credentials ${CLUSTER_NAME} \
      --region ${ANALYTICS_REGION} \
      --project ${PROJECT_ID}

When you have a cluster installed and running, go to the next step.

GKE on prem

Creating a cluster

  1. Gather your cluster requirements for Apigee hybrid cluster:
    • The minimum configurations for your cluster are:
      Configuration Stateful node pool Stateless node pool
      Number of nodes 3 (per region) 3 (per region)
      CPU 4 4
      RAM 15 15
      Default label name apigee-data apigee-runtime
      Storage dynamic Managed with the ApigeeDeployment CRD

      For more details on minimum cluster configuration see: Minimum cluster configurations

    • Create a minimum of two node pools:
      Default node pool name Description
      apigee-data A stateful node pool.
      apigee-runtime A stateless node pool.

      For more details about node pool configuration see: Configure dedicated node pools

  2. Check the version of GKE supported by this version of hybrid version 1.6.3:
  3. Use the following instructions to create a user cluster:

When you have a cluster installed and running, go to the next step.

Anthos on bare metal

Requirements and prerequisites

Anthos clusters on bare metal lets you run Kubernetes clusters directly on your own machine resources.

Review the following requirements and prerequisites:

Creating a cluster

  1. Gather your cluster requirements for Apigee hybrid cluster:
    • The minimum configurations for your cluster are:
      Configuration Stateful node pool Stateless node pool
      Number of nodes 3 (per region) 3 (per region)
      CPU 4 4
      RAM 15 15
      Default label name apigee-data apigee-runtime
      Storage dynamic Managed with the ApigeeDeployment CRD

      For more details on minimum cluster configuration see: Minimum cluster configurations

    • Create a minimum of two node pools:
      Default node pool name Description
      apigee-data A stateful node pool.
      apigee-runtime A stateless node pool.

      For more details about node pool configuration see: Configure dedicated node pools

  2. Check the version of GKE supported by this version of hybrid version 1.6.3:
  3. Use the following instructions in the Anthos clusters on bare metal documentation to create a user cluster:

When you have a cluster installed and running, go to the next step.

AKS

Create an AKS cluster

  1. Gather your cluster requirements for Apigee hybrid cluster:
    • The minimum configurations for your cluster are:
      Configuration Stateful node pool Stateless node pool
      Number of nodes 3 (per region) 3 (per region)
      CPU 4 4
      RAM 15 15
      Default label name apigee-data apigee-runtime
      Storage dynamic Managed with the ApigeeDeployment CRD

      For more details on minimum cluster configuration see: Minimum cluster configurations

    • Create a minimum of two node pools:
      Default node pool name Description
      apigee-data A stateful node pool.
      apigee-runtime A stateless node pool.

      For more details about node pool configuration see: Configure dedicated node pools

  2. Check the version of AKS supported by this version of hybrid version 1.6.3:
  3. Use one of the following sets of instructions to create a cluster:

EKS

Creating a cluster

  1. Gather your cluster requirements for Apigee hybrid cluster:
    • The minimum configurations for your cluster are:
      Configuration Stateful node pool Stateless node pool
      Number of nodes 3 (per region) 3 (per region)
      CPU 4 4
      RAM 15 15
      Default label name apigee-data apigee-runtime
      Storage dynamic Managed with the ApigeeDeployment CRD

      For more details on minimum cluster configuration see: Minimum cluster configurations

    • Create a minimum of two node pools:
      Default node pool name Description
      apigee-data A stateful node pool.
      apigee-runtime A stateless node pool.

      For more details about node pool configuration see: Configure dedicated node pools

  2. Check the version of EKS supported by this version of hybrid version 1.6.3:
  3. Use the following instructions to create a user cluster:

When you have a cluster installed and running, go to the next step.

GKE on AWS

Creating a cluster

  1. Gather your cluster requirements for Apigee hybrid cluster:
    • The minimum configurations for your cluster are:
      Configuration Stateful node pool Stateless node pool
      Number of nodes 3 (per region) 3 (per region)
      CPU 4 4
      RAM 15 15
      Default label name apigee-data apigee-runtime
      Storage dynamic Managed with the ApigeeDeployment CRD

      For more details on minimum cluster configuration see: Minimum cluster configurations

    • Create a minimum of two node pools:
      Default node pool name Description
      apigee-data A stateful node pool.
      apigee-runtime A stateless node pool.

      For more details about node pool configuration see: Configure dedicated node pools

  2. Check the version of GKE supported by this version of hybrid version 1.6.3:
  3. Use the following instructions to create a user cluster:

When you have a cluster installed and running, go to the next step.

OpenShift

Creating a cluster

  1. Gather your cluster requirements for Apigee hybrid cluster:
    • The minimum configurations for your cluster are:
      Configuration Stateful node pool Stateless node pool
      Number of nodes 3 (per region) 3 (per region)
      CPU 4 4
      RAM 15 15
      Default label name apigee-data apigee-runtime
      Storage dynamic Managed with the ApigeeDeployment CRD

      For more details on minimum cluster configuration see: Minimum cluster configurations

    • Create a minimum of two node pools:
      Default node pool name Description
      apigee-data A stateful node pool.
      apigee-runtime A stateless node pool.

      For more details about node pool configuration see: Configure dedicated node pools

  2. Check the version of GKE supported by this version of hybrid version 1.6.3:
  3. Use the following instructions to install Apigee on your OpenShift user cluster and register it with GKE Hub.
    1. Install and configure the oc CLI tool. See Getting started with the OpenShift CLI in the OpenShift documentation.
    2. Register with GKE Hub
      1. Create the a file named gke-connect-scc.yaml with the following contents:
        # Connect Agent SCC
        apiVersion: v1
        kind: SecurityContextConstraints
        metadata:
          name: gke-connect-scc
        allowPrivilegeEscalation: false
        requiredDropCapabilities:
        - ALL
        runAsUser:
          type: MustRunAsNonRoot
        seLinuxContext:
          type: RunAsAny
        supplementalGroups:
          type: MustRunAs
          ranges:
          - min: 1
            max: 65535
        fsGroup:
          type: MustRunAs
          ranges:
          - min: 1
            max: 65535
        volumes:
        - secret
        readOnlyRootFilesystem: true
        seccompProfiles:
        - docker/default
        users:
        groups:
          - system:serviceaccounts:gke-connect
                
      2. Create the component in oc with the following command:
        oc create -f gke-connect-scc.yaml
      3. Create the environment variables for the context with the following commands:
        export KUBECONFIG=<> # Cluster kubeconfig file path
        export CONTEXT=admin
      4. Register with GKE Hub with the following command:
        gcloud --project=${PROJECT_ID} container hub memberships register ${CLUSTER_NAME} \
          --kubeconfig=${KUBECONFIG} \
          --context=${CONTEXT} \
          --service-account-key-file=KEY_FILE_PATH

        Where:

        • PROJECT_ID is your Google Cloud project ID.
        • CLUSTER_NAME is the name of the cluster you just created.
        • KUBECONFIG is the path to your cluster kubeconfig file.
        • CONTEXT is the context under which gcloud is registering the cluster. CONTEXT must be admin for this command.
        • KEY_FILE_PATH is the path to your service account key file, for example ./dist/apigee-my-project-ro-sa.json. The service account must have the the following two IAM roles:
          • GKE Hub Admin
          • GKE Connect Agent

When you have a cluster installed and registered with GKE Hub, go to the next step.

 

Next step

1 (NEXT) Step 2: Install cert-manager 3 4 5 6 7 8 9