Apigee supports "Amazon AWS Linux: latest version" as per the doc.
we have hardened base image ami which was 2017.03, so we updated the ami as per:
https://aws.amazon.com/amazon-linux-ami/2017.09-release-notes/
from the doc:
To upgrade to Amazon Linux AMI 2017.09 from 2011.09 or later, run sudo yum clean all followed by sudo yum update. When the upgrade is complete, reboot your instance.
and have done
~ cat /etc/system-release
Amazon Linux AMI release 2017.09
Now when we install ms profile on the node it fails at the openldap install attaching openldap and the setup logs. Is it the right approach to update the ami and install edge?
because as long as we are using the aws ami 2017.09 we should be able to install apigee edge 4.17.09.
@Nagendra Buddhala can you include what is in your openldap.properties file as well ? I appears to be erroring out once it hits a config parameter in that file.
@Christin Brown we dont have any custom tokens set for openldap at /opt/apigee/customer/application/openldap.properties. Please, fill in more details on the openldap.properties file you were reffering to.
Do you see any errors in the management server logs?
I also see [ChangeDelta, position: 1, lines: [LDAP_PORT=${LDAP_PORT:-10389}] to [LDAP_PORT=${LDAP_PORT:-10391}]]
why are you changing the port?
We installed Apigee Edge 4.17.09 using the same version of of Amazon Linux (2017.09) and ran into the same failures. The fix for us was to set localhost in /etc/hosts as an alias of the Eth0 IP address and not the loopback.
FAIL: ldapsearch -h localhost -p 10389 -x -b '' -s base supportedFeatures
SUCCESS: ldapsearch -h $(hostname) -p 10389 -x -b '' -s base supportedFeatures
we figured this out by adding 'set -ex' to the top of /opt/apigee/apigee-service/bin/apigee-service
This could be TCP Wrappers. Can you check /etc/hosts.allow and /etc/hosts.deny to see whether there are any restrictions?
100% correct! we had ALL : ALL in the deny and the loopback was missing from the allow. Thanks a bunch!
I ran into same issue, added loopback address to /etc/hosts.allow file and its started working
Nagendra,
Would the doc on TCP wrappers here have helped:
https://docs.apigee.com/private-cloud/latest/installation-requirements#networksetting-tcpwrappers
Or was there more you had to do? I just want to make sure I understand the problem ad if any doc updates are needed.
Thanks,
Stephen
My bad I missed this question @sgilson we don't need any update on the docs. The issue was with prebaked AMI used within the enterprise.