Installing and Running Mashery Local for Docker Using GCP

To install and run Mashery Local for Docker using GCP (Google Cloud Platform), follow the steps below.

Procedure

  1. Install the Google Cloud SDK.
    Follow the instructions on the Google Cloud SDK page. Verify your installation using the following command: 
    gcloud -v
    The output should look like the following: 
    Google Cloud SDK 169.0.0
bq 2.0.25
core 2017.08.28
gcloud
gsutil 4.27
  2. Create the cluster.
    Use the GCP console to create a new cluster:

    When your cluster is ready, it should be listed as follows:

    Note: Use n1-standard-2 as the minimum machine type for the cluster (2 vCPUs and 7.5 GB of memory).
  3. Install the Kubernetes Dashboard UI.

    Click the Connect button in the console to reveal the gcloud commands to execute (the following is an excerpt):

    The output from the first command should look like the following: 
    Fetching cluster endpoint and auth data.
kubeconfig entry generated for rkdemo-ml411.
    The output from the second command should look like the following: 
    Starting to serve on 127.0.0.1:8001

    Access the dashboard app at https://localhost:8081/ui.

  4. Upload the Docker Images to the GCP Container Registry.
    1. In order to deploy Mashery Local to your Kubernetes cluster on GCP, you will need to upload the images to your GCP Container Registry. The registry console is available at https://cloud.google.com/container-registry. The ML Docker images need to be tagged first before they can be uploaded to the registry. Use the following command to tag them: docker tag [IMAGE] [HOSTNAME]/[PROJECT-ID]/[IMAGE], for example: 
      docker tag ml-core:v4.1.1.0 us.gcr.io/ml-4-1-1/ml-core:v4.1.1.0
docker tag ml-mem:v4.1.1.0 us.gcr.io/ml-4-1-1/ml-mem:v4.1.1.0
docker tag ml-db:v4.1.1.0 us.gcr.io/ml-4-1-1/ml-db:v4.1.1.0
      Note:
      The following is the list of available gcr.io (container registry) hostnames:
      • us.gcr.io hosts your images in the United States
      • eu.gcr.io hosts your images in the European Union
      • asia.gcr.io hosts your images in Asia
      • gcr.io without a prefix hosts your images in the United States, but this behavior may change in a future release.

      See https://cloud.google.com/container-registry/docs/pushing-and-pulling for more details.

    2. Upload the images using the gcloud docker push command: 
      gcloud docker -- push us.gcr.io/ml-4-1-1/ml-core
gcloud docker -- push us.gcr.io/ml-4-1-1/ml-mem
gcloud docker -- push us.gcr.io/ml-4-1-1/ml-db
      Note:

      The space separating the '--' characters from the push parameter in the above commands is required.

    3. Once the push commands complete, the new images should be listed in the container registry console.

      You can also verify the pushed images using the gcloud container images command: 
      gcloud container images list-tags us.gcr.io/ml-4-1-1/ml-core
DIGEST        TAGS      TIMESTAMP
b20b0700bf3a  v4.1.1.0  2017-08-03T22:33:02
    4. With the Docker images in the container registry, you can inspect the images in the container registry console.

    5. Execute the pull command for each image: 
      gcloud docker -- pull us.gcr.io/ml-4-1-1/ml-core:v4.1.1.0
gcloud docker -- pull us.gcr.io/ml-4-1-1/ml-mem:v4.1.1.0
gcloud docker -- pull us.gcr.io/ml-4-1-1/ml-db:v4.1.1.0


    6. Create a new shell script to setup GCP environment variable (replaces aws-env.sh): 
      gcp-env.sh
      Source the new shell script: 
      source gcp-env.sh
      Copy deploy-master.sh to deploy-master-gcp.sh. Edit deploy-master-gcp.sh and change all filename references from: 
      cat >> ml-master.yaml << EOF
      to: 
      cat >> ml-master-gcp.yaml << EOF
    7. Additionally, change all image registry references from: 
      image: $ML_REGISTRY_HOST/$ML_REGISTRY_NAME:ml-core-$ML_IMAGE_TAG
image: $ML_REGISTRY_HOST/$ML_REGISTRY_NAME:ml-mem-$ML_IMAGE_TAG
image: $ML_REGISTRY_HOST/$ML_REGISTRY_NAME:ml-db-$ML_IMAGE_TAG
      to: 
      image: $ML_REGISTRY_HOST/$ML_REGISTRY_NAME/ml-core:$ML_IMAGE_TAG
image: $ML_REGISTRY_HOST/$ML_REGISTRY_NAME/ml-mem:$ML_IMAGE_TAG
image: $ML_REGISTRY_HOST/$ML_REGISTRY_NAME/ml-db:$ML_IMAGE_TAG
    8. Execute the following script to store the Docker registry key as Kubernetes "Secret": 
      set-registry-key.sh
    9. Execute the following script to store MOM host and key as Kubernetes "Secret": 
      set-mom-secret.sh create <MOM key> <MOM secret>
      Note: If you want to enable HTTPS or OAuth, see the section Customizing for Kubernetes for additional configuration steps.
    10. Create storage classes for Mashery Local for Docker persistent stores: 
      set-storage-classes.sh
    11. Create Mashery Local Traffic Manager service and Mashery Local Master service: 
      set-ml-services.sh
      You can check the services with the following commands: 
      kubectl describe service ml-traffic-manager
      kubectl describe service ml-master

      The ml-traffic-manager is configured with load balancer. You can find the load balancer DNS name with the following command: 

      kubectl describe service ml-traffic-manager|grep Ingress|awk -F' ' '{print $3}'
      The load balancer can also be found on the AWS EC2 dashboard Load Balancers list.
      Note: API invocation should be done solely via the AWS ELB (Elastic Load Balancer). The ELB configuration uses the internal IPs of the customer nodes for load balancing, so invoking API calls directly via the public IP addresses of the master or slave nodes is not an option.
    12. Deploy Mashery Local master instance: 
      deploy-master-gcp.sh
      You can check the ML instance pods with the command: 
      kubectl get pods
      The ML master pod is named ml-master-<name>. When it's fully up, you should see 4/4 under the READY column with STATUS "Running" for the master instance pod.
      You can check the startup init instance log with the following command: 
      kubectl exec -ti `kubectl get pods |grep ml-master |cut -d " " -f 1` -c ml-cm -- cat /var/log/mashery/init-instance.log
      When it's fully ready to serve traffic, you should see something like the following: 
      ....
 
Register status: Content-Type: application/json Status: 200 {"results": [{"results": [{"address": "10.0.22.98"}], "error": null}, {"results": [{"area_name": "Roger"}], "error": null}, {"results": [{"credentials_updated": true}], "error": null}, {"results": [{"name": "ml-master-4209822619-sxq40", "id": 0}], "error": null}, {"results": [{"is_master": true}], "error": null}], "error": null}
 
****  04/06 05:27:38  Register instance succeeded
 
Load service result:
 
Load service result:
 
Load service result: 70a0b42e-2b9a-4f60-a4d6-8c5503894043 [SERVICES] 04/06/17 05:27:45 - 04/06/17 05:27:47: 254 records (Success) 70a0b42e-2b9a-4f60-a4d6-8c5503894043 [KEYS] 04/06/17 05:27:47 - 04/06/17 05:27:55: 10963 records (Success) 70a0b42e-2b9a-4f60-a4d6-8c5503894043 [APPS] 04/06/17 05:27:55 - 04/06/17 05:28:23: 6884 records (Success) 70a0b42e-2b9a-4f60-a4d6-8c5503894043 [CLASSES] 04/06/17 05:28:23 - 04/06/17 05:28:23: 0 records (Success) 70a0b42e-2b9a-4f60-a4d6-8c5503894043 [PACKAGES] 04/06/17 05:28:23 - 04/06/17 05:29:54: 28824 records (Success) 70a0b42e-2b9a-4f60-a4d6-8c5503894043 [PACKAGEKEYS] 04/06/17 05:29:54 - 04/06/17 05:30:17: 5553 records (Success)
 
****  04/06 05:30:17  Service info loaded
 
Load cache output first ten lines: - Trying to load mapi data for spkey: m8hxx3wxy5wjyjhfzc328wqh key: MAPI_m8hxx3wxy5wjyjhfzc328wqh::2011w25DeveloperJay key: MAPI_m8hxx3wxy5wjyjhfzc328wqh::2011w25DeveloperRoger key: MAPI_m8hxx3wxy5wjyjhfzc328wqh::3skjegt4ddpam6a5r8sfgpkz key: MAPI_m8hxx3wxy5wjyjhfzc328wqh::4q5t7z4gduy388z9nk5tmptm key: MAPI_m8hxx3wxy5wjyjhfzc328wqh::4tzw5p5h5mx8gr8ez6m34wak key: MAPI_m8hxx3wxy5wjyjhfzc328wqh::5s8ds7dcyj7cjz4h9h5tv7ev key: MAPI_m8hxx3wxy5wjyjhfzc328wqh::5yy6dkjbq7sr922j4wt6u2hc key: MAPI_m8hxx3wxy5wjyjhfzc328wqh::6mbcz48nabrz682xn2hdmhzn key: MAPI_m8hxx3wxy5wjyjhfzc328wqh::8tng6tk5bzhpfqexn525cqnj
 
****  04/06 05:31:01  Cache Loaded
 
****  04/06 05:31:01  Ping Traffic Manager succeeded
 
****  04/06 05:31:01  Setting status ready
      When the ML master instance containers are up, you can find the ML master instance node public IP with the following command: 
      kubectl describe node `kubectl get pods -o wide |grep ml-master |awk -F' ' 'ml-master'`|\
awk '/Addresses/ {for(i=1; i<=6; i++) {getline; print}{print "\n"}}'
 
 
  InternalIP:   10.138.0.2
  ExternalIP:   104.198.13.169
  Hostname:     gke-rkdemo-ml411-default-pool-ca67e8bf-c9vp
Capacity:
 cpu:           2
 memory:        7664944Ki
 
 
  InternalIP:   10.138.0.4
  ExternalIP:   35.197.13.37
  Hostname:     gke-rkdemo-ml411-default-pool-ca67e8bf-f5s0
Capacity:
 cpu:           2
 memory:        7664944Ki
 
 
  InternalIP:   10.138.0.3
  ExternalIP:   35.185.213.163
  Hostname:     gke-rkdemo-ml411-default-pool-ca67e8bf-x9g4
Capacity:
 cpu:           2
 memory:        7664944Ki
      If you need to access the Mashery Local instance Cluster Manager UI, you need to open the port 5480 for UI access. For convenience, you can open the port for all minion nodes in the cluster with the following GCP command: 
      gcloud compute firewall-rules create
      Alternatively, you can create the firewall rule in the GCP console. For more information, see https://cloud.google.com/sdk/gcloud/reference/compute/firewall-rules/create.

      Then you can login to the ML master instance Cluster Manager UI with https://< ML master instance node ip>:5480.

      You can get into any ML master instance container with the following command: 
      kubectl exec -ti `kubectl get pods |grep ml-master |cut -d " " -f 1` -c <container name> -- /bin/bash

      The container names are: ml-db, ml-mem, ml-tm, ml-cm.

      You can also execute some simple remote command on a container directly: 
      kubectl exec -ti `kubectl get pods |grep ml-master |cut -d " " -f 1` -c <container name> -- <remote command>
 
for example:

kubectl exec -ti `kubectl get pods |grep ml-master |cut -d " " -f 1` -c ml-tm -- ls -l /var/log/trafficmgr/access

      At any time, you could also get in the Kubernetes dashboard UI to check the progress, such as checking the deployment, replica sets, services, pods, containers and their logs.

    13. Copy deploy-slaves.sh to deploy-slaves-gcp.sh. Edit deploy-slaves-gcp.sh and change all filename references from: 
      cat >> ml-slave.yaml << EOF
      to: 
      cat >> ml-slave-gcp.yaml << EOF
    14. Additionally, change all image registry references from: 
      image: $ML_REGISTRY_HOST/$ML_REGISTRY_NAME:ml-core-$ML_IMAGE_TAG
image: $ML_REGISTRY_HOST/$ML_REGISTRY_NAME:ml-mem-$ML_IMAGE_TAG
image: $ML_REGISTRY_HOST/$ML_REGISTRY_NAME:ml-db-$ML_IMAGE_TAG
      to: 
      image: $ML_REGISTRY_HOST/$ML_REGISTRY_NAME/ml-core:$ML_IMAGE_TAG
image: $ML_REGISTRY_HOST/$ML_REGISTRY_NAME/ml-mem:$ML_IMAGE_TAG
image: $ML_REGISTRY_HOST/$ML_REGISTRY_NAME/ml-db:$ML_IMAGE_TAG
    15. Deploy Mashery Local slave instances: 
      deploy-slaves-gcp.sh
      You can check the Mashery Local instance pods with the command: 
      kubectl get pods
      The Mashery Local slaves instance pods are named with ml-slave-0, ml-slave-1, ml-slave-2.

      When it's fully up, you should see 4/4 under the READY column with STATUS "Running" for the slave instance pod.

      You can check the startup init instance log with the following command: 
      kubectl exec -ti `kubectl get pods |grep <slave pod name> |cut -d " " -f 1` -c ml-cm -- cat /var/log/mashery/init-instance.log
 
for example:
 
kubectl exec -ti `kubectl get pods |grep ml-slave-0 |cut -d " " -f 1` -c ml-cm -- cat /var/log/mashery/init-instance.log
      You can find the Mashery Local slave instance node IP with the following command: 
      kubectl describe node `kubectl get pods -o wide |grep <slave pod name> |awk -F' ' '{print $7}'` |grep Addresses |cut -d "," -f 3
      Then, login to the ML slave instance Cluster Manager UI with https://<ML slave instance node ip>:5480
      Note: If you didn't open the port 5480 for all nodes in the previous step, you need to open the port for each ML slave instance individually with additional security group through AWS UI or CLI.
      You can get into any ML slave instance container with the following command: 
      kubectl exec -ti `kubectl get pods |grep <slave pod name> |cut -d " " -f 1` -c <container name> -- /bin/bash
      The container names are: ml-db, ml-mem, ml-tm, ml-cm.
      You can also execute some simple remote command on a container directly: 
      kubectl exec -ti `kubectl get pods |grep <slave pod name> |cut -d " " -f 1` -c <container name> -- <remote command>

for example:
 
kubectl exec -ti `kubectl get pods |grep ml-slave-0 |cut -d " " -f 1` -c ml-tm -- ls -l /var/log/trafficmgr/access
      At any time, you could also get into the Kubernetes dashboard UI to check the progress, such as checking the stateful sets, services, pods, and containers and their logs.

      By default, it's configured to run two slave instances.

      You can use the following command to increase or reduce the number of slaves: 
      kubectl patch statefulset ml-slave --type='json' -p='[{"op": "replace", "path": "/spec/replicas", "value":<the desired replica number>}]'
      However, you must have enough worker nodes to run all the slave instances.
    16. If everything works properly, you should have a fully deployed cluster with one master and two slaves.

    17. You can also use the following command (the values under the READY column should all read 4/4): 
      kubectl get pods
 
NAME                         READY     STATUS    RESTARTS   AGE
ml-master-3287073518-j540c   4/4       Running   0          26m
ml-slave-0                   4/4       Running   0          19m
ml-slave-1                   4/4       Running   0          15m
    18. Finally, the Mashery Local Cluster Manager console should look like this: