Scale the replicas to 0 and back up to reset gateway-peering.
Before you begin
This task is only needed under certain scenarios, such as when you rotate the root CA, and is not
automatically required for an upgrade.
About this task
Follow these steps to fix gateway peering. When the ingress issuer changes, the gateway pods
must be scaled down and back up. This process causes 5 to 10 minutes of API downtime.
Procedure
-
Verify that the management, portal, and analytics subsystems report
Running
status.
- Scale down the gateway firmware containers by editing the gateway CR and setting
replicaCount
to 0:
kubectl edit gw <gw-cr-name>
For example:
...
spec:
replicaCount: 0
...
- Wait for the gateway firmware pods to scale down and terminate. Ensure that the gateway
firmware pods are terminated before you move to next step.
- Scale up the gateway firmware containers back to their original value, or remove the
replicaCount
field if none was there before.
kubectl edit gw <gw-cr-name>
- Wait for the cluster status to become
Running
. If you performed an
upgrade, verify that the RECONCILED VERSION
displays the new version number.
For example:
kubectl get apic -n <namespace>
NAME READY STATUS VERSION RECONCILED VERSION AGE
analyticscluster.analytics.apiconnect.example.com/analytics 8/8 Running 10.0.9.0 10.0.9.00-1074 121m
NAME PHASE READY SUMMARY VERSION AGE
datapowerservice.datapower.example.com/gw1 Running True StatefulSet replicas ready: 1/1 10.0.9.0 100m
NAME PHASE LAST EVENT WORK PENDING WORK IN-PROGRESS AGE
datapowermonitor.datapower.example.com/gw1 Running false false 100m
NAME READY STATUS VERSION RECONCILED VERSION AGE
gatewaycluster.gateway.apiconnect.example.com/gw1 2/2 Running 10.0.9.0 10.0.9.0-1074 100m
NAME READY STATUS VERSION RECONCILED VERSION AGE
managementcluster.management.apiconnect.example.com/m1 16/16 Running 10.0.9.0 10.0.9.0-1074 162m
NAME READY STATUS VERSION RECONCILED VERSION AGE
portalcluster.portal.apiconnect.example.com/portal 3/3 Running 10.0.9.0 10.0.9.0-1074 139m
Troubleshooting: If you find your gateways do not sync with your management service, see
known upgrade issues.