Supported platforms
See Apigee hybrid: supported platforms.
Minimum cluster configurations
Your cluster must meet minimum configuration requirements. For details, see Minimum cluster configurations.
Cluster permissions
Each supported platform has its own permission requirements for creating a cluster. As cluster owner, you can proceed to install the Apigee-specific components (including cert-manager and the Apigee runtime) into the cluster. However, if you want to delegate to another user the installation of the runtime components into the cluster, you can manage the necessary permissions through Kubernetes authn-authz.
To install the hybrid runtime components into the cluster, a non-cluster-owner user should have CRUD permission on these resources:
- ClusterRole
- Webhooks (ValidatingWebhookConfiguration and MutatingWebhookConfiguration)
- PriorityClass
- ClusterIssuer
- CustomerResourceDefinitions
- StorageClass (Optional, if the default StorageClass is not used. For information on changing the default and creating a custom storage class, see StorageClass configuration.)
IAM Roles
IAM Roles
You need to have the following IAM roles assigned to your user account in order to perform these steps. If your account does not have these roles, have a user with the roles perform the steps. For more information on IAM roles, see IAM basic and predefined roles reference.
To create service accounts and grant them access to your project:
- Create Service Accounts (
roles/iam.serviceAccountCreator) - Project IAM Admin (
roles/resourcemanager.projectIamAdmin)
To grant synchronizer access to your project.
- Apigee Organization Admin (
roles/apigee.admin)
Prerequisites
This section describes tasks you must accomplish before you begin the runtime plane quickstart install.
| Complete the following tasks to ensure that you can successfully begin the runtime installation (as described in this section): |
|---|
|
|
|
|
| Let's get started and create a cluster |