Config file for multiple Management Servers

kkhanna
Participant IV

Hi,

For on-prem apigee install.

I have two management server nodes which also host open ldap and edge UI within a D.C. How should I specify multiple management servers and openldap in a silent config file.

Can I specify using quotes like-

MSIP = "$IP1 $IP2" 

Thanks!

Solved Solved
1 18 1,433
1 ACCEPTED SOLUTION

Not applicable

On Edge each Management Server (MS) requires a dedicated response file (configuration file for setup.sh). If both MS are on the same region you will have something like:

  • edge-region1-ms1.txt
  • edge-region1-ms2.txt

The same is applicable to regions. Each region requires a dedicated response file. So in the case of two regions each with a MS server you will have something like:

  • edge-region1-ms1.txt
  • edge-region2-ms2.txt

Please notice that there are multiple variables with values specific to the Management Servers and LDAP on these files. Those will contain different values on each of the cases above.

Review the sample configuration on the Installation Guide. Follow the link shared by Maruti above.

View solution in original post

18 REPLIES 18

Not applicable

Hi @kkhanna, What you described is same as the topology mentioned here http://docs.apigee.com/private-cloud/latest/install-edge-components-node#installedgecomponents-13hos...
Have a look at that and post here if you have any questions.

@Maudrit @Maruti Chand, We are getting an error "LDAP_PEER...Unknown" while trying to install management server (on-prem) in multiple data centers using the below configuration files. Looks like LDAP_PEER field doesn't accept multiple IP(s). Any thoughts on configuring management server in 3 DC(s)?

#edge-dc1-ms1.txt
MSIP=$IP1
USE_LDAP_REMOTE_HOST=n
LDAP_TYPE=2
LDAP_SID=1
LDAP_PEER="$IP2 $IP3"

#edge-dc2-ms2.txt
MSIP=$IP2
USE_LDAP_REMOTE_HOST=n
LDAP_TYPE=2
LDAP_SID=2
LDAP_PEER="$IP1 $IP3"

#edge-dc3-ms3.txt
MSIP=$IP3
USE_LDAP_REMOTE_HOST=n
LDAP_TYPE=2
LDAP_SID=3
LDAP_PEER="$IP1 $IP2"

Yes the config file can only have 1 peer per ldap_sid. So peer for DC 1 would be DC 2 and swapped for DC 2. As for DC 3, you would need to choose which peer you would want, recommend DC 1.

As a side note, not sure what the dc3 is buying you here. If you are looking for full redundancy you would need 4 DC's. Also, typically in global deployments you do not have more than 2 mgmt servers.

That being said, I still need to test but to setup all peers you would need to run setup twice on dc2 and dc3 ldap instances with config file changing out peers from DC 1 to DC 2 and 3 respectively

On the question above. LDAP_PEER is a single value corresponding to any of the LDAP acting as peer.

Example:

edge-region1-ms1.txt
IP1="192.168.1.1" #MS1 host on DC1
IP2="192.168.1.2" #MS2 host on DC1
IP3="192.168.1.3" #MS1 host on DC2
IP4="192.168.1.4" #MS2 host on DC2
LDAP_SID=1
LDAP_PEER="$IP2"
USE_LDAP_REMOTE_HOST="n"

edge-region1-ms2.txt
IP1="192.168.1.1"
IP2="192.168.1.2"
IP3="192.168.1.3"
IP4="192.168.1.4"
LDAP_SID=2
LDAP_PEER="$IP3"
USE_LDAP_REMOTE_HOST="n"

edge-region2-ms1.txt
IP1="192.168.1.1"
IP2="192.168.1.2"
IP3="192.168.1.3"
IP4="192.168.1.4"
LDAP_SID=3
LDAP_PEER="$IP4"
USE_LDAP_REMOTE_HOST="n"

edge-region2-ms2.txt
IP1="192.168.1.1"
IP2="192.168.1.2"
IP3="192.168.1.3"
IP4="192.168.1.4"
LDAP_SID=4
LDAP_PEER="$IP1"
USE_LDAP_REMOTE_HOST="n"

Not applicable

On Edge each Management Server (MS) requires a dedicated response file (configuration file for setup.sh). If both MS are on the same region you will have something like:

  • edge-region1-ms1.txt
  • edge-region1-ms2.txt

The same is applicable to regions. Each region requires a dedicated response file. So in the case of two regions each with a MS server you will have something like:

  • edge-region1-ms1.txt
  • edge-region2-ms2.txt

Please notice that there are multiple variables with values specific to the Management Servers and LDAP on these files. Those will contain different values on each of the cases above.

Review the sample configuration on the Installation Guide. Follow the link shared by Maruti above.

Thanks @Maudrit @Maruti Chand

Just to make sure I got it right, for single region install for all the components except MS-2 I'll be using edge-region1-ms1.txt as a configuration file.

For MS-2 (OpenLDAP-2 + Edge UI-2) I'll be using edge-region1-ms2.txt as a

Correct.

But remember, edge-region1-ms2.txt will contain all variables, just different values for MS and LDAP.

@Maudrit

In case of two regions having two MS (MS+OpenLdap+UI) in each region.
We will be having four config file, two for each region.

In each config file the ldap variables will be like -

#edge-region1-ms1.txt
USE_LDAP_REMOTE_HOST=n
LDAP_SID=1 LDAP_PEER="$IP2 $IP3 $IP4"
#edge-region1-ms2.txt
USE_LDAP_REMOTE_HOST=n LDAP_SID=2 LDAP_PEER="$IP1 $IP3 $IP4"
#edge-region2-ms1.txt USE_LDAP_REMOTE_HOST=n
LDAP_SID=3 LDAP_PEER="$IP1 $IP2 $IP4" #edge-region2-ms2.txt
USE_LDAP_REMOTE_HOST=n LDAP_SID=4 LDAP_PEER="$IP1 $IP2 $IP3"

Correct me if I am wrong.

Thanks!

zheji143
Participant I

Hi, do you get the answer from Apigee team? Thanks!

paulmooney
Participant II

Each management server config file is is run with its own MSIP value, two separate config files.

MGMTSVRA config file:

MSIP= "$IPOFMGMTSVRA"

MGMTSVRB config file:

MSIP="$IPOFMGMTSVRB"

Thanks for the clarification!

It works only for multiple data centers as each component of apigee is managed by management server and since components in different datacenter is managed by its own management server.

How does this work within a single datacenter.

Not applicable

Hi @Thulasiram, in a single datacenter one management server is there and that manages all the components of the datacenter.

@Priyadarshi In Apigee documentation, they showed single data center and multiple management servers, I am not sure how to create configFile for such situation for postgres, rmp as the connection from these components are bi-directional.

Do you have any idea?

You can have single data center with one management server, that works good. For reference gi through 9 node Architecture instead of 13node.

what if we want to have 13 node installation with 2 mgmt servers. openldap is good but mgmt server, we always need to take the same ip since other services know this ip.

For who ever struggling with this installation.

In 13 node installation config reference file, for ldap and mgmt nodes some of the configuration parameters changes.

Each mgmt server has its own ldap. Since mgmt server is stateless apart from having ldap admin password.

each ldap knows its own peer. i.e, in the config file for ldap during installation, ldap peer should be mentioned so that they would be in sync.


For routers, message processors, qpid, postgres, data store components provide a load balancer ip or dns that points to both the management servers.