Enabling gateway peering and verifying cluster status

Scale the replicas to 0 and back up to reset gateway-peering.

Before you begin

This task is only needed under certain scenarios, such as when you rotate the root CA, and is not automatically required for an upgrade.

About this task

Follow these steps to fix gateway peering. When the ingress issuer changes, the gateway pods must be scaled down and back up. This process causes 5 to 10 minutes of API downtime.

Procedure

  1. Verify that the management, portal, and analytics subsystems report Running status.
  2. Scale down the gateway firmware containers by editing the gateway CR and setting replicaCount to 0:
    kubectl edit gw <gw-cr-name>

    For example:

    ...
    spec:
      replicaCount: 0
    ...
  3. Wait for the gateway firmware pods to scale down and terminate. Ensure that the gateway firmware pods are terminated before you move to next step.
  4. Scale up the gateway firmware containers back to their original value, or remove the replicaCount field if none was there before.
    kubectl edit gw <gw-cr-name>
  5. Wait for the cluster status to become Running. If you performed an upgrade, verify that the RECONCILED VERSION displays the new version number.

    For example:

    kubectl get apic -n <namespace>
    
    NAME                                                      READY   STATUS    VERSION              RECONCILED VERSION      AGE
    analyticscluster.analytics.apiconnect.example.com/analytics   8/8     Running   10.0.8.1   10.0.8.10-1074   121m
    
    NAME                                     PHASE     READY   SUMMARY                           VERSION    AGE
    datapowerservice.datapower.example.com/gw1   Running   True    StatefulSet replicas ready: 1/1   10.0.8.1   100m
    
    NAME                                     PHASE     LAST EVENT   WORK PENDING   WORK IN-PROGRESS   AGE
    datapowermonitor.datapower.example.com/gw1   Running                false          false              100m
    
    NAME                                            READY   STATUS    VERSION              RECONCILED VERSION      AGE
    gatewaycluster.gateway.apiconnect.example.com/gw1   2/2     Running   10.0.8.1   10.0.8.1-1074  100m
    
    NAME                                                 READY   STATUS    VERSION              RECONCILED VERSION      AGE
    managementcluster.management.apiconnect.example.com/m1   16/16   Running   10.0.8.1   10.0.8.1-1074   162m
    
    
    NAME                                             READY   STATUS    VERSION              RECONCILED VERSION      AGE
    portalcluster.portal.apiconnect.example.com/portal   3/3     Running   10.0.8.1   10.0.8.1-1074   139m
    

    Troubleshooting: If you find your gateways do not sync with your management service, see known upgrade issues.