├── .env ├── README.md ├── apigee_base └── Dockerfile ├── build_apigee_base.sh ├── docker-compose.yml ├── response-dp.txt ├── response-provision.txt ├── response-sso.txt ├── response.txt └── wait-for-it.sh /.env: -------------------------------------------------------------------------------- 1 | ADMIN_EMAIL=admin@example.com 2 | ADMIN_PWD=Apigee123! 3 | ORG=docker 4 | ORG_ENV=test 5 | DEVPORTAL_ADMIN_USER=dpAdmin 6 | DEVPORTAL_ADMIN_EMAIL=dpadmin@example.com 7 | DEVPORTAL_ADMIN_PWD=Apigee123! 8 | DP_PG_USER=drupaladmin 9 | DP_PG_PASS=portalSecret 10 | SSO_METADATA_URL=https://dev-720616.oktapreview.com/app/exkcvyg7hq6eF0cSI0h7/sso/saml/metadata 11 | SUBNET=10.5.0.0/16 12 | NODE1_IP=10.5.0.2 13 | NODE2_IP=10.5.0.3 14 | NODE3_IP=10.5.0.4 15 | NODE4_IP=10.5.0.5 16 | NODE5_IP=10.5.0.6 17 | NODE6_IP=10.5.0.7 -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Apigee Edge Docker 5-node installation 2 | 3 | ## Overview 4 | This project installs and runs a 5-node [Apigee Edge for Private Cloud 4.17.09](https://docs.apigee.com/private-cloud/latest/overview) 5 | with Developer Services portal using docker containers for testing purposes only. 6 | 7 | Optionally you can install [Saml on Edge](https://docs.apigee.com/private-cloud/latest/supporting-saml-edge-private-cloud). 8 | 9 | The steps of the _docker-composer.yml_ could be used as a guide for the installation. 10 | Please note the [wait-for-it](https://github.com/vishnubob/wait-for-it) commands that enforce 11 | the containers to be ran in the correct order. 12 | 13 | To see a complete list of system requirements, OS settings, supported software and full installation steps 14 | please refer to the [Official Documentation](https://docs.apigee.com/private-cloud/latest/installing-edge-private-cloud). 15 | 16 | ## Requirements 17 | - docker >= 17.05.0-ce 18 | - docker-compose >= 1.11.2 19 | 20 | It's recommended to have more than 8GB of RAM to run the 6 containers and \*nix OS. 21 | 22 | ## Description 23 | - Builds an Apigee 4.17.09 image with the **apigee-setup-utility** that will run Centos7 with OpenJDK 1.8. 24 | 25 | - Installs 5-node Apigee Edge planet and Developer portal: 26 | - node1: 27 | - ZK, CS, OpenLDAP, MS and UI. 28 | - node2: 29 | - ZK, CS and RMP. 30 | - node3: 31 | - ZK, CS and RMP. 32 | - node4: 33 | - PS, PG master, QS and QPID. 34 | - node5: 35 | - PS, PG standby, QS and QPID. 36 | - node6: 37 | - Developer Services portal . 38 | - Provision with an organization and an environment. 39 | 40 | ## Usage 41 | 42 | ### Clone the repo 43 | ``` 44 | $ git clone https://github.com/maurogonzalez/apigee-docker.git 45 | ``` 46 | 47 | ### Fresh install 48 | 1. Set `.env` file: 49 | - ADMIN_USER: MS admin user and OrgAdmin user. 50 | - ADMIN_PWD: MS admin user, OpenLDAP password and Org Admin user. 51 | - ORG: organization name used in the provisioning. 52 | - ORG_ENV: environment name used in the provisioning. 53 | 2. Build the Apigee base image. This will create a local Docker image with the **apigee-setup utility**: 54 | - Run `./build_apigee_base.sh`. 55 | - This will ask for your apigee credentials (software.apigee.com) and the path of the license (this should be in the project folder). 56 | 3. Install and run the 5-node planet: 57 | - Run `docker-compose up`. 58 | - This could take several minutes depending on your internet bandwidth and hardware. 59 | 60 | ### Start Apigee Edge 61 | - Run `docker-compose up` 62 | 63 | ### Stop Apigee Edge 64 | - Run `docker-compose stop` 65 | 66 | ### Test your installation: 67 | - Edge UI: http://10.5.0.2:9000 68 | - MS API: http://10.5.0.2:8080/v1 69 | - DevPortal: http://10.5.0.7:8079 70 | - Proxy Endpoint: 71 | - Router on node 2: http://10.5.0.3:9001/{PROXY_BASE_PATH} 72 | - Router on node 3: http://10.5.0.4:9001/{PROXY_BASE_PATH} 73 | 74 | ### SAML for Edge 75 | 1. Configure your [Okta](https://www.okta.com/) account with: 76 | - Single sign on URL: http://10.5.0.2:9099/saml/SSO/alias/apigee-saml-login-opdk 77 | - Audience URI: apigee-saml-login-opdk 78 | - SAML Issuer ID (Show Advanced Settings): okta 79 | 2. Modify **.env** and set **SSO_METADATA_URL** to the given Metadata URL. 80 | 3. Access MS: 81 | - `docker exec -it docker_apigee_node1_1 bash`, or 82 | - `docker exec -it docker_apigee_node1_1 {COMMAND}` 83 | 84 | 4. Configure SSO: 85 | - `/opt/apigee/apigee-setup/bin/setup.sh -p sso -f /tmp/apigee/response-sso.txt` 86 | 5. Enable SSO in Edge UI: 87 | - `/opt/apigee/apigee-service/bin/apigee-service edge-ui configure-sso -f /tmp/apigee/response-sso.txt` 88 | 89 | **NOTE:** 90 | - Please take a look into 91 | [Edge Users with SSO](https://docs.apigee.com/private-cloud/latest/register-new-edge-users) 92 | before enabling SSO. 93 | 94 | 95 | ## Troubleshooting 96 | List running containers: 97 | - `docker ps -f "name=docker_apigee*"` 98 | 99 | List existing containers: 100 | - `docker ps -a -f "name=docker_apigee*"` 101 | 102 | Access a running container: 103 | - `docker exec -it apigeedocker_apigee_node{NODE_NUMBER}_1 bash` 104 | 105 | Run a command inside a running container: 106 | - `docker exec -it apigeedocker_apigee_node{NODE_NUMBER}_1 {COMMAND}` 107 | 108 | ## Remove docker containers 109 | Remove containers: 110 | - Single container: `docker rm {DOCKER_CONTAINER_ID}` 111 | - All containers: `docker rm $(docker ps -aq -f "name=apigeedocker_apigee*")` 112 | 113 | Remove docker volumes: 114 | - `docker volume rm $(docker volume ls -q -f "name=apigeedocker_apigee*")` 115 | 116 | ## NOTES 117 | - This will have your apigee license so **DO NOT** push it to a public docker registry. 118 | - This is only for testing **DO NOT** use in production. 119 | 120 | ## References 121 | - [Apigee](https://apigee.com/api-management/#/homepage) 122 | - [Apigee for Private Cloud](https://docs.apigee.com/private-cloud/latest/overview) 123 | - [Docker](https://www.docker.com/) 124 | - [wait-for-it](https://github.com/vishnubob/wait-for-it) 125 | - [Okta](https://www.okta.com/) 126 | 127 | ## Author 128 | 129 | If you have any questions regarding this project contact: 130 | Mauro González 131 | -------------------------------------------------------------------------------- /apigee_base/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM centos:7 2 | 3 | ARG ftp_user 4 | ARG ftp_pwd 5 | ARG license_path 6 | 7 | ENV JAVA_HOME /usr/lib/jvm/java 8 | ENV PATH=$PATH:$JAVA_HOME 9 | 10 | RUN mkdir /tmp/apigee 11 | 12 | ADD response.txt /tmp/apigee/response.txt 13 | ADD response-provision.txt /tmp/apigee/response-provision.txt 14 | ADD response-dp.txt /tmp/apigee/response-dp.txt 15 | ADD $license_path /tmp/apigee/license.txt 16 | ADD wait-for-it.sh /wait-for-it.sh 17 | 18 | RUN chmod +x /wait-for-it.sh 19 | 20 | # Replace shell with bash so we can source files 21 | RUN rm /bin/sh && ln -s /bin/bash /bin/sh 22 | 23 | RUN yum install -y wget which openssl && \ 24 | wget https://software.apigee.com/bootstrap_4.17.09.sh -O /tmp/apigee/bootstrap_4.17.09.sh && \ 25 | wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm && \ 26 | rpm -ivh epel-release-latest-7.noarch.rpm && \ 27 | chmod +x /tmp/apigee/bootstrap_4.17.09.sh 28 | 29 | RUN ./tmp/apigee/bootstrap_4.17.09.sh apigeeuser=${ftp_user} apigeepassword=${ftp_pwd} JAVA_FIX=I 30 | RUN /opt/apigee/apigee-service/bin/apigee-service apigee-setup install 31 | 32 | CMD ["/bin/bash"] -------------------------------------------------------------------------------- /build_apigee_base.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | read -p 'License path: ' license 4 | read -p 'Username (software.apigee.com): ' user 5 | read -sp 'Password (software.apigee.com): ' pwd 6 | 7 | docker build -t apigee_base:1709 -f apigee_base/Dockerfile . --build-arg ftp_user=$user --build-arg ftp_pwd=$pwd --build-arg license_path=$license --no-cache 8 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | 4 | apigee_node1: 5 | image: apigee_base:1709 6 | environment: 7 | - ADMIN_EMAIL=${ADMIN_EMAIL} 8 | - ADMIN_PWD=${ADMIN_PWD} 9 | - ORG=${ORG} 10 | - ORG_ENV=${ORG_ENV} 11 | - NODE1_IP=${NODE1_IP} 12 | - NODE2_IP=${NODE2_IP} 13 | - NODE3_IP=${NODE3_IP} 14 | - NODE4_IP=${NODE4_IP} 15 | - NODE5_IP=${NODE5_IP} 16 | command: 17 | - /bin/bash 18 | - -c 19 | - | 20 | if [ ! -d "/opt/apigee/edge-management-server" ]; then 21 | # Create keys for SSO 22 | mkdir -p /opt/apigee/customer/application/apigee-sso/jwt-keys 23 | mkdir -p /opt/apigee/customer/application/apigee-sso/saml 24 | openssl genrsa -out privkey.pem 2048; openssl rsa -pubout -in privkey.pem -out pubkey.pem 25 | openssl genrsa -passout pass:Apigee123! -aes256 -out server.key 1024 26 | openssl rsa -passin pass:Apigee123! -in server.key -out server.key 27 | openssl req -x509 -sha256 -new -key server.key -out server.csr -subj "/C=US/ST=US/L=US/O=Some O/OU=IT Department/CN=example.com" 28 | openssl x509 -sha256 -days 365 -in server.csr -signkey server.key -out selfsigned.crt 29 | mv server.key selfsigned.crt server.csr /opt/apigee/customer/application/apigee-sso/saml/ 30 | mv *.pem /opt/apigee/customer/application/apigee-sso/jwt-keys/ 31 | chown -R apigee:apigee /opt/apigee/customer/application/ 32 | # Install apigee-provision utility 33 | ./opt/apigee/apigee-service/bin/apigee-service apigee-provision install 34 | # Install ZK+CS_1 35 | /opt/apigee/apigee-setup/bin/setup.sh -p ds -f /tmp/apigee/response.txt 36 | # Wait for CS ring 37 | ./wait-for-it.sh -t 90 ${NODE1_IP}:7199 --strict -- echo "CS_1 is up" 38 | ./wait-for-it.sh -t 90 ${NODE2_IP}:7199 --strict -- echo "CS_2 is up" 39 | ./wait-for-it.sh -t 90 ${NODE3_IP}:7199 --strict -- echo "CS_3 is up" 40 | # Install OpenLDAP, Management Server and Edge UI 41 | /opt/apigee/apigee-setup/bin/setup.sh -p ms -f /tmp/apigee/response.txt 42 | # Wait for last component to install 43 | ./wait-for-it.sh -t 1000 ${NODE5_IP}:5432 --strict -- echo "PG_standby is up" 44 | # Org provisioning 45 | /opt/apigee/apigee-service/bin/apigee-service apigee-provision setup-org -f /tmp/apigee/response-provision.txt 46 | tail -f /dev/null 47 | else 48 | # Start ZK+CS_1 49 | /opt/apigee/apigee-service/bin/apigee-service apigee-zookeeper start 50 | /opt/apigee/apigee-service/bin/apigee-service apigee-cassandra start 51 | # Wait for CS ring 52 | ./wait-for-it.sh -t 30 ${NODE1_IP}:7199 --strict -- echo "CS_1 is up" 53 | ./wait-for-it.sh -t 30 ${NODE2_IP}:7199 --strict -- echo "CS_2 is up" 54 | ./wait-for-it.sh -t 30 ${NODE3_IP}:7199 --strict -- echo "CS_3 is up" 55 | # Start MS and UI 56 | /opt/apigee/apigee-service/bin/apigee-all start 57 | tail -f /dev/null 58 | fi 59 | volumes: 60 | - apigee_node1_vol:/opt 61 | networks: 62 | vpcbr: 63 | ipv4_address: ${NODE1_IP} 64 | 65 | apigee_node2: 66 | image: apigee_base:1709 67 | environment: 68 | - NODE1_IP=${NODE1_IP} 69 | - NODE2_IP=${NODE2_IP} 70 | - NODE3_IP=${NODE3_IP} 71 | - NODE4_IP=${NODE4_IP} 72 | - NODE5_IP=${NODE5_IP} 73 | command: 74 | - /bin/bash 75 | - -c 76 | - | 77 | if [ ! -d "/opt/apigee/edge-router" ]; then 78 | # Wait for CS_1 node 79 | ./wait-for-it.sh -t 90 ${NODE1_IP}:7199 --strict -- echo "CS_1 is up" 80 | # Install ZK+CS_2 81 | /opt/apigee/apigee-setup/bin/setup.sh -p ds -f /tmp/apigee/response.txt 82 | # Wait for MS 83 | ./wait-for-it.sh -t 520 ${NODE1_IP}:8080 --strict -- echo "MS_1 is up" 84 | # Install RMP_1 85 | /opt/apigee/apigee-setup/bin/setup.sh -p rmp -f /tmp/apigee/response.txt 86 | tail -f /dev/null 87 | else 88 | # Start ZK+CS_2 89 | /opt/apigee/apigee-service/bin/apigee-service apigee-zookeeper start 90 | /opt/apigee/apigee-service/bin/apigee-service apigee-cassandra start 91 | # Wait for MS 92 | ./wait-for-it.sh -t 60 ${NODE1_IP}:8080 -- echo "MS is up" 93 | # Start RMP_1 94 | /opt/apigee/apigee-service/bin/apigee-all start 95 | tail -f /dev/null 96 | fi 97 | volumes: 98 | - apigee_node2_vol:/opt 99 | networks: 100 | vpcbr: 101 | ipv4_address: ${NODE2_IP} 102 | 103 | apigee_node3: 104 | image: apigee_base:1709 105 | environment: 106 | - NODE1_IP=${NODE1_IP} 107 | - NODE2_IP=${NODE2_IP} 108 | - NODE3_IP=${NODE3_IP} 109 | - NODE4_IP=${NODE4_IP} 110 | - NODE5_IP=${NODE5_IP} 111 | command: 112 | - /bin/bash 113 | - -c 114 | - | 115 | if [ ! -d "/opt/apigee/edge-router" ]; then 116 | # Wait for CS_1 and CS_2 nodes 117 | ./wait-for-it.sh -t 90 ${NODE1_IP}:7199 --strict -- echo "CS_1 is up" 118 | ./wait-for-it.sh -t 120 ${NODE2_IP}:7199 --strict -- echo "CS_2 is up" 119 | # Install ZK+CS_3 120 | /opt/apigee/apigee-setup/bin/setup.sh -p ds -f /tmp/apigee/response.txt 121 | # Wait for MS 122 | ./wait-for-it.sh -t 520 ${NODE1_IP}:8080 --strict -- echo "MS_1 is up" 123 | # Install RMP_2 124 | /opt/apigee/apigee-setup/bin/setup.sh -p rmp -f /tmp/apigee/response.txt 125 | tail -f /dev/null 126 | else 127 | # Start ZK+CS_3 128 | /opt/apigee/apigee-service/bin/apigee-service apigee-zookeeper start 129 | /opt/apigee/apigee-service/bin/apigee-service apigee-cassandra start 130 | # Wait for MS 131 | ./wait-for-it.sh -t 60 ${NODE1_IP}:8080 -- echo "MS is up" 132 | # Start RMP_2 133 | /opt/apigee/apigee-service/bin/apigee-all start 134 | tail -f /dev/null 135 | fi 136 | volumes: 137 | - apigee_node3_vol:/opt 138 | networks: 139 | vpcbr: 140 | ipv4_address: ${NODE3_IP} 141 | 142 | apigee_node4: 143 | image: apigee_base:1709 144 | environment: 145 | - NODE1_IP=${NODE1_IP} 146 | - NODE2_IP=${NODE2_IP} 147 | - NODE3_IP=${NODE3_IP} 148 | - NODE4_IP=${NODE4_IP} 149 | - NODE5_IP=${NODE5_IP} 150 | command: 151 | - /bin/bash 152 | - -c 153 | - | 154 | if [ ! -d "/opt/apigee/edge-postgres-server" ]; then 155 | # Wait for MP_1 and MP_2 156 | ./wait-for-it.sh -t 600 ${NODE2_IP}:8082 --strict -- echo "MP_1 is up" 157 | ./wait-for-it.sh -t 600 ${NODE3_IP}:8082 --strict -- echo "MP_2 is up" 158 | # Install PG_master, QPID, QS and PS 159 | /opt/apigee/apigee-setup/bin/setup.sh -p sax -f /tmp/apigee/response.txt 160 | tail -f /dev/null 161 | else 162 | # Start PG_master, QPID, QS and PS 163 | /opt/apigee/apigee-service/bin/apigee-all start 164 | tail -f /dev/null 165 | fi 166 | volumes: 167 | - apigee_node4_vol:/opt 168 | networks: 169 | vpcbr: 170 | ipv4_address: ${NODE4_IP} 171 | 172 | apigee_node5: 173 | image: apigee_base:1709 174 | environment: 175 | - NODE1_IP=${NODE1_IP} 176 | - NODE2_IP=${NODE2_IP} 177 | - NODE3_IP=${NODE3_IP} 178 | - NODE4_IP=${NODE4_IP} 179 | - NODE5_IP=${NODE5_IP} 180 | command: 181 | - /bin/bash 182 | - -c 183 | - | 184 | # Wait for PG_master 185 | ./wait-for-it.sh -t 700 ${NODE4_IP}:5432 -- echo "PG_Master is up" 186 | if [ ! -d "/opt/apigee/edge-postgres-server" ]; then 187 | # Install PG_standby, QPID, QS and PS 188 | /opt/apigee/apigee-setup/bin/setup.sh -p sax -f /tmp/apigee/response.txt 189 | tail -f /dev/null 190 | else 191 | # Start PG_standby, QPID, QS and PS 192 | /opt/apigee/apigee-service/bin/apigee-all start 193 | tail -f /dev/null 194 | fi 195 | volumes: 196 | - apigee_node5_vol:/opt 197 | networks: 198 | vpcbr: 199 | ipv4_address: ${NODE5_IP} 200 | 201 | apigee_node6: 202 | image: apigee_base:1709 203 | environment: 204 | - ADMIN_EMAIL=${ADMIN_EMAIL} 205 | - ADMIN_PWD=${ADMIN_PWD} 206 | - DP_PG_USER=${DP_PG_USER} 207 | - DP_PG_PASS=${DP_PG_PASS} 208 | - DEVPORTAL_ADMIN_USER=$DEVPORTAL_ADMIN_USER 209 | - DEVPORTAL_ADMIN_PWD=${DEVPORTAL_ADMIN_PWD} 210 | - DEVPORTAL_ADMIN_EMAIL=${DEVPORTAL_ADMIN_EMAIL} 211 | - ORG=${ORG} 212 | - ORG_ENV=${ORG_ENV} 213 | - NODE1_IP=${NODE1_IP} 214 | - NODE4_IP=${NODE4_IP} 215 | command: 216 | - /bin/bash 217 | - -c 218 | - | 219 | if [ ! -d "/opt/apigee/apigee-lb" ]; then 220 | # Wait for last component to install 221 | ./wait-for-it.sh -t 1000 ${NODE5_IP}:5432 --strict -- echo "PG_standby is up" 222 | # Install DP 223 | /opt/apigee/apigee-setup/bin/setup.sh -p dp -f /tmp/apigee/response-dp.txt 224 | tail -f /dev/null 225 | else 226 | # Wait for MS 227 | ./wait-for-it.sh -t 1000 ${NODE1_IP}:8080 --strict -- echo "MS is up" 228 | # Start DP and PG 229 | /opt/apigee/apigee-service/bin/apigee-all start 230 | tail -f /dev/null 231 | fi 232 | volumes: 233 | - apigee_node6_vol:/opt 234 | networks: 235 | vpcbr: 236 | ipv4_address: ${NODE6_IP} 237 | 238 | networks: 239 | vpcbr: 240 | driver: bridge 241 | ipam: 242 | config: 243 | - subnet: ${SUBNET} 244 | 245 | volumes: 246 | apigee_node1_vol: 247 | apigee_node2_vol: 248 | apigee_node3_vol: 249 | apigee_node4_vol: 250 | apigee_node5_vol: 251 | apigee_node6_vol: -------------------------------------------------------------------------------- /response-dp.txt: -------------------------------------------------------------------------------- 1 | MGMT_IP="$NODE1_IP" 2 | PG_MASTER="$NODE4_IP" 3 | HOSTIP="$(hostname -i)" 4 | 5 | SKIP_SMTP="n" 6 | SMTPHOST="smtp.gmail.com" 7 | SMTPUSER="smtp@example.com" 8 | SMTPPASSWORD="$ADMIN_PWD" 9 | SMTPMAILFROM="test " 10 | SMTPSSL="n" 11 | SMTPPORT="25" 12 | 13 | PG_NAME="devportal" 14 | PG_USER="apigee" 15 | PG_PWD="postgres" 16 | PG_HOST="$PG_MASTER" 17 | DEFAULT_DB="postgres" 18 | DRUPAL_PG_USER="$DP_PG_USER" 19 | DRUPAL_PG_PASS="$DP_PG_PASS" 20 | DEVPORTAL_ADMIN_FIRSTNAME="Mr" 21 | DEVPORTAL_ADMIN_LASTNAME="Dev" 22 | DEVPORTAL_ADMIN_USERNAME="$DEVPORTAL_ADMIN_USER" 23 | DEVPORTAL_ADMIN_PWD="$DEVPORTAL_ADMIN_PWD" 24 | DEVPORTAL_ADMIN_EMAIL="$DEVPORTAL_ADMIN_EMAIL" 25 | # The portal uses this information to connect to Edge 26 | EDGE_ORG="$ORG" 27 | MGMT_URL="http://$MGMT_IP:8080/v1" 28 | DEVADMIN_USER="$ADMIN_EMAIL" 29 | DEVADMIN_PWD="$ADMIN_PWD" 30 | PHP_FPM_PORT=8888 -------------------------------------------------------------------------------- /response-provision.txt: -------------------------------------------------------------------------------- 1 | IP1="$(hostname -i)" 2 | 3 | MSIP="$IP1" 4 | 5 | ADMIN_EMAIL="$ADMIN_EMAIL" 6 | APIGEE_ADMINPW="$ADMIN_PWD" 7 | 8 | ORG_NAME="$ORG" 9 | 10 | NEW_USER="y" 11 | USER_NAME="$ADMIN_EMAIL" 12 | FIRST_NAME="Mr" 13 | LAST_NAME="Apigee" 14 | USER_PWD="$ADMIN_PWD" 15 | ORG_ADMIN="$ADMIN_EMAIL" 16 | 17 | ENV_NAME="$ORG_ENV" 18 | 19 | VHOST_PORT="9001" 20 | VHOST_NAME="default" 21 | 22 | VHOST_ALIAS="$NODE2_IP:9001 $NODE3_IP:9001" 23 | 24 | # Optionally configure TLS/SSL for virtual host. 25 | # VHOST_SSL=y # Set to "y" to enable TLS/SSL on the virtual host. 26 | # KEYSTORE_JAR= # JAR file containing the cert and private key. 27 | # KEYSTORE_NAME= # Name of the keystore. 28 | # KEYSTORE_ALIAS= # The key alias. 29 | # KEY_PASSWORD= # The key password, if it has one. 30 | 31 | # Specify the analytics group. 32 | # AXGROUP=axgroup-001 # Default name is axgroup-001. -------------------------------------------------------------------------------- /response-sso.txt: -------------------------------------------------------------------------------- 1 | MSIP="$NODE1_IP" 2 | MGMT_PORT="8080" 3 | 4 | HOSTIP="$(hostname -i)" 5 | 6 | ADMIN_EMAIL="$ADMIN_EMAIL" 7 | APIGEE_ADMINPW="$ADMIN_PWD" 8 | 9 | MS_SCHEME="http" 10 | 11 | PG_HOST="$NODE4_IP" 12 | PG_PORT="5432" 13 | 14 | PG_USER="apigee" 15 | PG_PWD="postgres" 16 | 17 | SSO_PROFILE="saml" 18 | SSO_PUBLIC_URL_HOSTNAME="$IP1" 19 | SSO_PUBLIC_URL_PORT="9099" 20 | SSO_TOMCAT_PORT="9099" 21 | SSO_TOMCAT_PROFILE="DEFAULT" 22 | SSO_PUBLIC_URL_SCHEME="http" 23 | SSO_ADMIN_NAME="ssoadmin" 24 | SSO_ADMIN_SECRET="$ADMIN_PWD" 25 | SSO_JWT_SIGNINIG_KEY_FILEPATH="/opt/apigee/customer/application/apigee-sso/jwt-keys/privkey.pem" 26 | SSO_JWT_VERIFICATION_KEY_FILEPATH="/opt/apigee/customer/application/apigee-sso/jwt-keys/pubkey.pem" 27 | SSO_SAML_IDP_NAME="okta" 28 | SSO_SAML_IDP_LOGIN_TEXT="Please log in to your IDP" 29 | SSO_SAML_IDP_METADATA_URL="$SSO_METADATA_URL" 30 | SSO_SAML_IDPMETAURL_SKIPSSLVALIDATION="n" 31 | SSO_SAML_SERVICE_PROVIDER_KEY="/opt/apigee/customer/application/apigee-sso/saml/server.key" 32 | SSO_SAML_SERVICE_PROVIDER_CERTIFICATE="/opt/apigee/customer/application/apigee-sso/saml/selfsigned.crt" 33 | SSO_SAML_SERVICE_PROVIDER_PASSWORD="$ADMIN_PWD" 34 | 35 | EDGEUI_PUBLIC_URIS="http://$NODE1_IP:9000" 36 | EDGEUI_SSO_REGISTERD_PUBLIC_URIS="$EDGEUI_PUBLIC_URIS" 37 | EDGEUI_SSO_ENABLED="y" 38 | EDGEUI_SSO_CLIENT_NAME="edgeui" 39 | EDGEUI_SSO_CLIENT_SECRET="$ADMIN_PWD" 40 | EDGEUI_SSO_CLIENT_OVERWRITE="y" 41 | 42 | SKIP_SMTP="n" 43 | SMTPHOST="smtp.gmail.com" 44 | SMTPUSER="smtp@example.com" 45 | SMTPPASSWORD="$ADMIN_PWD" 46 | SMTPMAILFROM="test " 47 | SMTPSSL="n" 48 | SMTPPORT="25" -------------------------------------------------------------------------------- /response.txt: -------------------------------------------------------------------------------- 1 | # IP address or DNS name of nodes. 2 | IP1="$NODE1_IP" 3 | IP2="$NODE2_IP" 4 | IP3="$NODE3_IP" 5 | IP4="$NODE4_IP" 6 | IP5="$NODE5_IP" 7 | HOSTIP="$(hostname -i)" 8 | 9 | # Set Edge sys admin credentials. 10 | ADMIN_EMAIL="$ADMIN_EMAIL" 11 | APIGEE_ADMINPW="$ADMIN_PWD" 12 | 13 | LICENSE_FILE="/tmp/apigee/license.txt" 14 | 15 | MSIP="$HOSTIP" 16 | USE_LDAP_REMOTE_HOST="n" 17 | APIGEE_LDAPPW="$ADMIN_PWD" 18 | LDAP_TYPE="1" 19 | 20 | BIND_ON_ALL_INTERFACES="y" 21 | 22 | MP_POD="gateway" 23 | 24 | REGION="dc-1" 25 | ZK_HOSTS="$IP1 $IP2 $IP3" 26 | ZK_CLIENT_HOSTS="$IP1 $IP2 $IP3" 27 | CASS_CLUSTERNAME="Apigee" 28 | CASS_HOSTS="$IP1:1,1 $IP2:1,1 $IP3:1,1" 29 | 30 | PG_MASTER="$IP4" 31 | PG_STANDBY="$IP5" 32 | 33 | SKIP_SMTP="n" 34 | SMTPHOST="smtp.gmail.com" 35 | SMTPUSER="smtp@example.com" 36 | SMTPPASSWORD="$ADMIN_PWD" 37 | SMTPMAILFROM="test " 38 | SMTPSSL="n" 39 | SMTPPORT="25" -------------------------------------------------------------------------------- /wait-for-it.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # Use this script to test if a given TCP host/port are available 3 | 4 | cmdname=$(basename $0) 5 | 6 | echoerr() { if [[ $QUIET -ne 1 ]]; then echo "$@" 1>&2; fi } 7 | 8 | usage() 9 | { 10 | cat << USAGE >&2 11 | Usage: 12 | $cmdname host:port [-s] [-t timeout] [-- command args] 13 | -h HOST | --host=HOST Host or IP under test 14 | -p PORT | --port=PORT TCP port under test 15 | Alternatively, you specify the host and port as host:port 16 | -s | --strict Only execute subcommand if the test succeeds 17 | -q | --quiet Don't output any status messages 18 | -t TIMEOUT | --timeout=TIMEOUT 19 | Timeout in seconds, zero for no timeout 20 | -- COMMAND ARGS Execute command with args after the test finishes 21 | USAGE 22 | exit 1 23 | } 24 | 25 | wait_for() 26 | { 27 | if [[ $TIMEOUT -gt 0 ]]; then 28 | echoerr "$cmdname: waiting $TIMEOUT seconds for $HOST:$PORT" 29 | else 30 | echoerr "$cmdname: waiting for $HOST:$PORT without a timeout" 31 | fi 32 | start_ts=$(date +%s) 33 | while : 34 | do 35 | if [[ $ISBUSY -eq 1 ]]; then 36 | nc -z $HOST $PORT 37 | result=$? 38 | else 39 | (echo > /dev/tcp/$HOST/$PORT) >/dev/null 2>&1 40 | result=$? 41 | fi 42 | if [[ $result -eq 0 ]]; then 43 | end_ts=$(date +%s) 44 | echoerr "$cmdname: $HOST:$PORT is available after $((end_ts - start_ts)) seconds" 45 | break 46 | fi 47 | sleep 1 48 | done 49 | return $result 50 | } 51 | 52 | wait_for_wrapper() 53 | { 54 | # In order to support SIGINT during timeout: http://unix.stackexchange.com/a/57692 55 | if [[ $QUIET -eq 1 ]]; then 56 | timeout $BUSYTIMEFLAG $TIMEOUT $0 --quiet --child --host=$HOST --port=$PORT --timeout=$TIMEOUT & 57 | else 58 | timeout $BUSYTIMEFLAG $TIMEOUT $0 --child --host=$HOST --port=$PORT --timeout=$TIMEOUT & 59 | fi 60 | PID=$! 61 | trap "kill -INT -$PID" INT 62 | wait $PID 63 | RESULT=$? 64 | if [[ $RESULT -ne 0 ]]; then 65 | echoerr "$cmdname: timeout occurred after waiting $TIMEOUT seconds for $HOST:$PORT" 66 | fi 67 | return $RESULT 68 | } 69 | 70 | # process arguments 71 | while [[ $# -gt 0 ]] 72 | do 73 | case "$1" in 74 | *:* ) 75 | hostport=(${1//:/ }) 76 | HOST=${hostport[0]} 77 | PORT=${hostport[1]} 78 | shift 1 79 | ;; 80 | --child) 81 | CHILD=1 82 | shift 1 83 | ;; 84 | -q | --quiet) 85 | QUIET=1 86 | shift 1 87 | ;; 88 | -s | --strict) 89 | STRICT=1 90 | shift 1 91 | ;; 92 | -h) 93 | HOST="$2" 94 | if [[ $HOST == "" ]]; then break; fi 95 | shift 2 96 | ;; 97 | --host=*) 98 | HOST="${1#*=}" 99 | shift 1 100 | ;; 101 | -p) 102 | PORT="$2" 103 | if [[ $PORT == "" ]]; then break; fi 104 | shift 2 105 | ;; 106 | --port=*) 107 | PORT="${1#*=}" 108 | shift 1 109 | ;; 110 | -t) 111 | TIMEOUT="$2" 112 | if [[ $TIMEOUT == "" ]]; then break; fi 113 | shift 2 114 | ;; 115 | --timeout=*) 116 | TIMEOUT="${1#*=}" 117 | shift 1 118 | ;; 119 | --) 120 | shift 121 | CLI=("$@") 122 | break 123 | ;; 124 | --help) 125 | usage 126 | ;; 127 | *) 128 | echoerr "Unknown argument: $1" 129 | usage 130 | ;; 131 | esac 132 | done 133 | 134 | if [[ "$HOST" == "" || "$PORT" == "" ]]; then 135 | echoerr "Error: you need to provide a host and port to test." 136 | usage 137 | fi 138 | 139 | TIMEOUT=${TIMEOUT:-15} 140 | STRICT=${STRICT:-0} 141 | CHILD=${CHILD:-0} 142 | QUIET=${QUIET:-0} 143 | 144 | # check to see if timeout is from busybox? 145 | # check to see if timeout is from busybox? 146 | TIMEOUT_PATH=$(realpath $(which timeout)) 147 | if [[ $TIMEOUT_PATH =~ "busybox" ]]; then 148 | ISBUSY=1 149 | BUSYTIMEFLAG="-t" 150 | else 151 | ISBUSY=0 152 | BUSYTIMEFLAG="" 153 | fi 154 | 155 | if [[ $CHILD -gt 0 ]]; then 156 | wait_for 157 | RESULT=$? 158 | exit $RESULT 159 | else 160 | if [[ $TIMEOUT -gt 0 ]]; then 161 | wait_for_wrapper 162 | RESULT=$? 163 | else 164 | wait_for 165 | RESULT=$? 166 | fi 167 | fi 168 | 169 | if [[ $CLI != "" ]]; then 170 | if [[ $RESULT -ne 0 && $STRICT -eq 1 ]]; then 171 | echoerr "$cmdname: strict mode, refusing to execute subprocess" 172 | exit $RESULT 173 | fi 174 | exec "${CLI[@]}" 175 | else 176 | exit $RESULT 177 | fi 178 | --------------------------------------------------------------------------------