The Apigee hybrid installer uses defaults for many settings; however, there are a few settings
that do not have defaults. You must provide values for these settings, as explained next.
Be sure you are in the hybrid-base-directory/hybrid-files directory.
Copy the overrides-small.yaml file from the $APIGEECTL_HOME/examples directory to
your overrides directory:
This example file provides a basic configuration for a small-footprint hybrid
runtime installation, a configuration that is suitable for a your first installation.
cd into the overrides directory:
cd overrides
Open overrides.yaml and add the required property values, shown below. A detailed
description of each property is also provided below:
Syntax
The overrides.yaml file has the following structure and syntax.
Values in red, bold italics are
property values that you must provide:
gcpProjectID:project-idk8sClusterName:cluster-nameorg:org-nameenvs:-name:environment-name# The same name of the env you created in the UIhostAlias:test-host-aliassslCertPath:./certs/test-cert-name.pemsslKeyPath:./certs/test-key-name.keyserviceAccountPaths:synchronizer:./service-accounts/synchronizer-service-account-name.jsonudca:./service-accounts/udca-service-account-name.jsoncassandra:hostNetwork:truednsPolicy:ClusterFirstWithHostNetingress:runtime:loadBalancerIP:virtual_IP_runtimemart:loadBalancerIP:virtual_IP_martmart:hostAlias:mart-host-aliasserviceAccountPath:./service-accounts/mart-service-account-name.jsonsslCertPath:./certs/mart-cert-name.pemsslKeyPath:./certs/mart-key-name.keymetrics:serviceAccountPath:./service-accounts/metrics-service-account-name.jsonlogger:enabled:false
Example
The following example shows a completed overrides file with example property values
added:
(Required) For the quickstart, use the wildcard character "*".
The use of *
is only recommended for a trial installation when using self-signed TLS credentials.
Later, as you develop more complex
Apigee hybrid configurations, such as creating multiple environments, you will
need to use a qualified domain name for this value.
test-cert-nametest-key-name
Enter the name of the self-signed TLS key and certificate files that you generated previously in the step
Create TLS credentials for the runtime gateway. These files must be located in
the base_directory/hybrid-files/certs directory. For example:
To use GKE on-prem integrated load balancing, you need to provide
virtual IPs for LoadBalancers on the hybrid MART and runtime services.
GKE on-prem automatically configures the virtual IP on the F5 BIG-IP
load balancer. For more information, see
Setting
up your load balancer for GKE on-prem
mart-host-alias
A qualified DNS name for the MART server endpoint. This name must match
the common name (CN) used in the authorized TLS certificate required for
this configuration. For example,
mart.mydomain.com
mart-service-account-name
The name of the mart service account key file that you generated with the
create-service-account tool.
mart-cert-name mart-key-name
Enter the name of the authorized TLS key and certificate files that you generated previously in the step
Create TLS credentials for the MART gateway.
These files must be located in
the base_directory/hybrid-files/certs directory. For example:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThis documentation version 1.1 is end-of-life, and users are advised to upgrade to a newer version for continued support.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eoverrides.yaml\u003c/code\u003e file is used to configure the Apigee hybrid installation, and it requires specific property values to be set.\u003c/p\u003e\n"],["\u003cp\u003eYou must copy the example configuration file \u003ccode\u003eoverrides-small.yaml\u003c/code\u003e to the overrides directory and modify it accordingly to reflect your specific project requirements.\u003c/p\u003e\n"],["\u003cp\u003eLogging should be disabled in the \u003ccode\u003eoverrides.yaml\u003c/code\u003e file by setting \u003ccode\u003elogger:enabled:false\u003c/code\u003e because logging is provided by default with GKE on-prem.\u003c/p\u003e\n"],["\u003cp\u003eSpecific values such as project ID, cluster name, organization name, and various service account paths and TLS credentials must be provided in the \u003ccode\u003eoverrides.yaml\u003c/code\u003e file.\u003c/p\u003e\n"]]],[],null,["# Step 3: Configure the GKE on-prem user cluster\n\n| You are currently viewing version 1.1 of the Apigee hybrid documentation. **This version is end of life.** You should upgrade to a newer version. For more information, see [Supported versions](/apigee/docs/hybrid/supported-platforms#supported-versions).\n\nSpecify configuration overrides\n-------------------------------\n\n\nThe Apigee hybrid installer uses defaults for many settings; however, there are a few settings\nthat do not have defaults. You must provide values for these settings, as explained next.\n\n1. Be sure you are in the \u003cvar translate=\"no\"\u003ehybrid-base-directory\u003c/var\u003e`/hybrid-files` directory.\n2. Copy the `overrides-small.yaml` file from the `$APIGEECTL_HOME``/examples` directory to your `overrides` directory: \n\n cp $APIGEECTL_HOME/examples/overrides-small.yaml ./overrides/overrides.yaml\n\n\n This example file provides a basic configuration for a small-footprint hybrid\n runtime installation, a configuration that is suitable for a your first installation.\n3. `cd` into the `overrides` directory: \n\n```\ncd overrides\n```\n 4. Open `overrides.yaml` and add the required property values, shown below. A detailed description of each property is also provided below: **NOTE:** Be sure to disable logging by setting `logger:enabled:false` in the overrides file. Logging is provided by default as part of GKE on-prem. \n\n ### Syntax\n\n The `overrides.yaml` file has the following structure and syntax.\n Values in \u003cvar translate=\"no\"\u003ered, bold italics\u003c/var\u003e are\n property values that you must provide: \n\n ```gdscript\n gcpProjectID: project-id\n k8sClusterName: cluster-name\n org: org-name\n\n envs:\n - name: environment-name # The same name of the env you created in the UI\n hostAlias: test-host-alias\n sslCertPath: ./certs/test-cert-name.pem\n sslKeyPath: ./certs/test-key-name.key\n serviceAccountPaths:\n synchronizer: ./service-accounts/synchronizer-service-account-name.json\n udca: ./service-accounts/udca-service-account-name.json\n\n cassandra:\n hostNetwork: true\n dnsPolicy: ClusterFirstWithHostNet\n\n ingress:\n runtime:\n loadBalancerIP: virtual_IP_runtime\n mart:\n loadBalancerIP: virtual_IP_mart\n\n\n mart:\n hostAlias: mart-host-alias\n serviceAccountPath: ./service-accounts/mart-service-account-name.json\n sslCertPath: ./certs/mart-cert-name.pem\n sslKeyPath: ./certs/mart-key-name.key\n\n metrics:\n serviceAccountPath: ./service-accounts/metrics-service-account-name.json\n\n logger:\n enabled: false\n ```\n\n ### Example\n\n The following example shows a completed overrides file with example property values\n added: \n\n ```gdscript\n gcpProjectID: hybrid-project\n k8sClusterName: apigee-hybrid\n org: hybrid-org\n\n envs:\n - name: test\n hostAlias: \"*\"\n sslCertPath: ./certs/keystore.pem\n sslKeyPath: ./certs/keystore.key\n serviceAccountPaths:\n synchronizer: ./service-accounts/hybrid-project-apigee-synchronizer.json\n udca: ./service-accounts/hybrid-project-apigee-udca.json\n\n cassandra:\n hostNetwork: true\n dnsPolicy: ClusterFirstWithHostNet\n\n ingress:\n runtime:\n loadBalancerIP: 21.0.124.13\n mart:\n loadBalancerIP: 21.0.124.14\n\n mart:\n hostAlias: \"mart.apigee-hybrid-docs.net\"\n serviceAccountPath: ./service-accounts/hybrid-project-apigee-mart.json\n sslCertPath: ./certs/fullchain.pem\n sslKeyPath: ./certs/privkey.key\n\n metrics:\n serviceAccountPath: ./service-accounts/hybrid-project-apigee-metrics.json\n\n logger:\n enabled: false\n ```\n5. When your finished, save the file.\n\n\nThe following table describes each of the property values that you must provide in the\noverrides file.\n\nSummary\n-------\n\n\nThe configuration file tells Kubernetes how to deploy the hybrid components to\na cluster. Next, you will apply this configuration to your cluster.\n[1](/apigee/docs/hybrid/v1.1/install-create-cluster-anthos) [2](/apigee/docs/hybrid/v1.1/install-download-install-anthos) [3](/apigee/docs/hybrid/v1.1/install-copy-overrides-anthos) [(NEXT) Step 4: Install hybrid runtime](/apigee/docs/hybrid/v1.1/install-apply-hybrid-anthos)\n\n\u003cbr /\u003e"]]
