ahr user guide - apigee/ahr GitHub Wiki

AHR User Guide

'Bootstrap' Environment Variables

  • AHR_HOME - defined in $AHR_HOME/bin/ahr-env as a directory from which ahr-env is sourced unless set

  • HYBRID_HOME - defined in $HYBRID_HOME/ as a directory from which ahr-env is sourced unless set

  • PROJECT - defined in and sourced from $HYBRID_HOME/

  • KUBECONFIG -config file that kubectl uses to hold cluster credentials configuration

Autocomplete

Staying in the flow is important. One of the usability aspects, autocomplete functionality facilitate it.

ahr implements bash autocompletion. Two files, ahr-completion.bash and apigeectl-completion.bash are provided in the $AHR_HOME/bin directory. They are sourced via $AHR_HOME/bin/ahr-env.

In addition, $AHR_HOME/bin/ahr-env scripts configures kubectl completion and aliases it to k.

Functions

bin/ahr-lib.sh contains source-able collection of useful bash functions. Every ahr-*-ctl scripts sources it at the beginning of its execution. However, you can source it into your shell environment.

source $AHR_HOME/bin/ahr-lib.sh

token()

token() function solves the problem of active access token for your logged in identity that you can use for curl requests as Apigee Org Administrator. It piggybacks on gcloud config config-helper command that checks if the access token hasn't expired and if it did, refreshes it automatically. It is especially useful in CI/CD use case scenarios.

You can use the token by supplying it in the following fashion:

curl -X POST -H "Authorization: Bearer $(token)" -H "Content-Type:application/json" "https://apigee.googleapis.com/v1/organizations/$ORG"

vaml()

vaml() invokes vim with color-coding for yaml inputs.

k get pods apigee-cassandra-0 -o yaml | vaml

get_password()

'get_password()' function accepts a password in a secure way during interactive session, ie, without reflecting it at the command line. As we do not flash the password, there is a danger of mis-typing it. Therefore, it is important to ask it twice and compare inputs, then repeat unless equals.

export PASSWORD=$(get_password)

Idioms

Idiom: Using code as documentation

Usually, you just run a command with an action. Job done.

Sometime, you need to experiment, investigate, extend the tool or [it happans too] fix the bug.

The ahr-runtime-ctl org-config command provides you with current property values of your Hybrid organisation.

ahr-runtime-ctl org-config

Hybrid Organization emea-cs-hybrid-demo6  properties:
{
  "name": "emea-cs-hybrid-demo6",
  "createdAt": "1569264223187",
  "lastModifiedAt": "1584993859021",
  "environments": [
    "test"
  ],
  "properties": {
    "property": [
      {
        "name": "features.hybrid.enabled",
        "value": "true"
      },
      {
        "name": "features.mart.apigee.connect.enabled",
        "value": "true"
      },
      {
        "name": "features.mart.server.endpoint",
        "value": "emea-cs-hybrid-demo6-mart.hybrid-apigee.net"
      }
    ]
  },
  "analyticsRegion": "europe-west1",
  "runtimeType": "HYBRID",
  "subscriptionType": "PAID"
}
Sync Authorization:
{
  "identities": [
    "serviceAccount:[email protected]"
  ],
  "etag": "BwWhZdJXjh4="
}

There are different ways to glimpse under the hood of ahr-*-ctl code.

Action implementation

If you want to re-use commands that ahr uses, look at the source code. It is copy-paste friendly.

For `org-runtime-ctl org-config command, we need to open the $AHR_HOME/bin/ahr-runtime-ctl file and search for "org-config" == "$ACTION"

?. Open the source file

less $AHR_HOME/bin/ahr-runtime-ctl

?. Enter the search regex

/"org-config"

?. Look around the action implementation

elif [ "org-config" == "$ACTION" ]; then

    check_envvars "ORG"

echo "Hybrid Organization $ORG  properties:"
curl -H "Authorization: Bearer $(token)" -H "Content-Type:application/json" "https://apigee.googleapis.com/v1/organizations/$ORG"

echo "Sync Authorization:"
curl -X POST -H "Authorization: Bearer $(token)" -H "Content-Type:application/json" "https://apigee.googleapis.com/v1/organizations/$ORG:getSyncAuthorization"
#-----------------------------------------------------------------------

?. Check that the required ORG environment variable is set:

echo $ORG

?. Verify that token ahr bash function is available.

echo $(token)

ya29.a0Ae4lvC0YyJtbd6y_...ip_0VOw9Z3FfQ

?. Copy-and-paste to execute the curl command directly

curl -X POST -H "Authorization: Bearer $(token)" -H "Content-Type:application/json" "https://apigee.googleapis.com/v1/organizations/$ORG:getSyncAuthorization"
{
  "identities": [
    "serviceAccount:[email protected]"
  ],
  "etag": "BwWhZdJXjh4="
}

Bash Tracing output with -x

To troubleshoot ahr-*-ctl execution, we can prepend ahr command with bash -x prefix. This way we can see bash tracing output for the executed script.

?. Execute ahr action in a tracing mode

bash -x ahr-runtime-ctl org-config
+ set -e
+++ dirname ahr-runtime-ctl
++ cd .
++ pwd
+ BASEDIR=/home/yuriyl/apigee-hybrid/ahr/bin
+ . /home/yuriyl/apigee-hybrid/ahr/bin/ahr-lib.sh
+ ACTION=org-config
+ '[' get == org-config ']'
+ '[' apigeectl == org-config ']'
...
+ '[' org-config == org-config ']'
+ check_envvars ORG
+ local varlist=ORG
+ local varsnotset=F
+ for v in $varlist
+ '[' -z emea-cs-hybrid-demo6 ']'
+ '[' F = T ']'
+ echo 'Hybrid Organization emea-cs-hybrid-demo6  properties:'
Hybrid Organization emea-cs-hybrid-demo6  properties:
++ token
+++ grep access_token
+++ gcloud config config-helper --force-auth-refresh
+++ grep -o -E '[^ ]+$'
++ echo -n ya29.a0Ae4...2aF2GZnyg
+ curl -H 'Authorization: Bearer ya29.a0Ae4...2aF2GZnyg' -H Content-Type:application/json https://apigee.googleapis.com/v1/organizations/emea-cs-hybrid-demo6
{
  "name": "emea-cs-hybrid-demo6",
  "createdAt": "1569264223187",
<snap-snap>
}
+ echo 'Sync Authorization:'
Sync Authorization:
++ token
+++ grep access_token
+++ grep -o -E '[^ ]+$'
+++ gcloud config config-helper --force-auth-refresh
++ echo -n ya29.a0Ae4...2aF2GZnyg
+ curl -X POST -H 'Authorization: Bearer ya29.a0Ae4...2aF2GZnyg' -H Content-Type:application/json https://apigee.googleapis.com/v1/organizations/emea-cs-hybrid-demo6:getSyncAuthorization
{
  "identities": [
    "serviceAccount:[email protected]"
  ],
  "etag": "BwWhZdJXjh4="
}

Idioms: Ad-hoc cluster delete with subshell

(CLUSTER=emea-cs-hybrid-demo6-cluster; CLUSTER_ZONE=europe-west1-b; ahr-cluster-ctl delete)
⚠️ **GitHub.com Fallback** ⚠️