The Apigee hybrid installer uses defaults for many settings; however, there are a few settings
that do not have defaults. You must provide values for these settings, as explained next.
Be sure you are in the hybrid-base-directory/hybrid-files directory.
Copy the overrides-small.yaml file from the $APIGEECTL_HOME/examples directory to
your overrides directory:
This example file provides a basic configuration for a small-footprint hybrid
runtime installation, a configuration that is suitable for a your first installation.
cd into the overrides directory:
cd overrides
Open overrides.yaml and add the required property values, shown below. A detailed
description of each property is also provided below:
Syntax
The overrides.yaml file has the following structure and syntax.
Values in red, bold italics are
property values that you must provide. They are also described in the table below.
gcp:region:gcp-regionprojectID:gcp-project-idk8sCluster:name:cluster-nameregion:cluster-regionorg:org-namevirtualhosts:-name:virtual-host-namehostAliases:-"host-alias-1"-"host-alias-2"-"host-alias-n"sslCertPath:./certs/test-cert-name.pemsslKeyPath:./certs/test-key-name.keyroutingRules:-paths:-/path1-/path2-/pathnenv:environment-nameenvs:-name:environment-name# The same name of the env you created in the UIserviceAccountPaths:synchronizer:./service-accounts/synchronizer-service-account-name.jsonudca:./service-accounts/udca-service-account-name.jsonmart:hostAlias:mart-host-aliasserviceAccountPath:./service-accounts/mart-service-account-name.jsonsslCertPath:./certs/mart-cert-name.pemsslKeyPath:./certs/mart-key-name.keycassandra:hostNetwork:truednsPolicy:ClusterFirstWithHostNetingress:runtime:loadBalancerIP:virtual_IP_runtimemart:loadBalancerIP:virtual_IP_martmetrics:serviceAccountPath:./service-accounts/metrics-service-account-name.jsonlogger:enabled:false
Example
The following example shows a completed overrides file with example property values
added:
The following table describes each of the property values that you must provide in the
overrides file. For more information, see
Configuration property reference.
(Required) For the quickstart, use the wildcard character "*".
The use of *
is only recommended for a trial installation when using self-signed TLS credentials.
Later, as you develop more complex
Apigee hybrid configurations, such as creating multiple environments, you will
need to use a qualified domain name for this value.
test-cert-nametest-key-name
Enter the name of the self-signed TLS key and certificate files that you generated previously in the step
Create TLS credentials for the runtime gateway. These files must be located in
the base_directory/hybrid-files/certs directory. For example:
To use GKE on-prem integrated load balancing, you need to provide
virtual IPs for LoadBalancers on the hybrid MART and runtime services.
GKE on-prem automatically configures the virtual IP on the F5 BIG-IP
load balancer. For more information, see
Setting
up your load balancer for GKE on-prem
mart-host-alias
A qualified DNS name for the MART server endpoint. This name must match
the common name (CN) used in the authorized TLS certificate required for
this configuration. For example,
mart.mydomain.com
mart-service-account-name
The name of the mart service account key file that you generated with the
create-service-account tool.
mart-cert-name mart-key-name
Enter the name of the authorized TLS key and certificate files that you generated previously in the step
Create TLS credentials for the MART gateway.
These files must be located in
the base_directory/hybrid-files/certs directory. For example:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThis documentation covers configuring overrides for Apigee hybrid version 1.2, which is now end-of-life and should be upgraded to a newer version.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eoverrides.yaml\u003c/code\u003e file is essential for customizing the hybrid installation, requiring specific property values for settings like GCP project ID, cluster name, and service accounts.\u003c/p\u003e\n"],["\u003cp\u003eUsers must copy the \u003ccode\u003eoverrides-small.yaml\u003c/code\u003e file to their \u003ccode\u003eoverrides\u003c/code\u003e directory and edit it, adding values for the required properties and disabling logging.\u003c/p\u003e\n"],["\u003cp\u003eThe configuration file utilizes specific placeholders, such as \u003ccode\u003e<var translate="no">red, bold italics</var>\u003c/code\u003e, to identify values that must be provided by the user.\u003c/p\u003e\n"],["\u003cp\u003eFor a quick start, using a wildcard character (\u003ccode\u003e*\u003c/code\u003e) is acceptable for host aliases when using self-signed TLS credentials, but qualified domain names are necessary for more complex configurations later.\u003c/p\u003e\n"]]],[],null,["# Step 3: Configure the GKE on-prem user cluster\n\n| You are currently viewing version 1.2 of the Apigee hybrid documentation. **This version is end of life.** You should upgrade to a newer version. For more information, see [Supported versions](/apigee/docs/hybrid/supported-platforms#supported-versions).\n\nSpecify configuration overrides\n-------------------------------\n\n\nThe Apigee hybrid installer uses defaults for many settings; however, there are a few settings\nthat do not have defaults. You must provide values for these settings, as explained next.\n| **UPGRADING:** If you are upgrading from v1.1.x to v1.2.0, see [Upgrading Apigee hybrid](/apigee/docs/hybrid/v1.2/upgrade) for instructions. If you are performing a new installation, continue with the configurations described below.\n\n1. Be sure you are in the \u003cvar translate=\"no\"\u003ehybrid-base-directory\u003c/var\u003e`/hybrid-files` directory.\n2. Copy the `overrides-small.yaml` file from the `$APIGEECTL_HOME``/examples` directory to your `overrides` directory: \n\n cp $APIGEECTL_HOME/examples/overrides-small.yaml ./overrides/overrides.yaml\n\n\n This example file provides a basic configuration for a small-footprint hybrid\n runtime installation, a configuration that is suitable for a your first installation.\n3. `cd` into the `overrides` directory: \n\n```\ncd overrides\n```\n 4. Open `overrides.yaml` and add the required property values, shown below. A detailed description of each property is also provided below: **NOTE:** Be sure to disable logging by setting `logger:enabled:false` in the overrides file. Logging is provided by default as part of GKE on-prem. \n\n ### Syntax\n\n The `overrides.yaml` file has the following structure and syntax.\n Values in \u003cvar translate=\"no\"\u003ered, bold italics\u003c/var\u003e are\n property values that you must provide. They are also described in the table below. \n\n ```gdscript\n gcp:\n region: gcp-region\n projectID: gcp-project-id\n\n k8sCluster:\n name: cluster-name\n region: cluster-region\n\n org: org-name\n\n virtualhosts:\n - name: virtual-host-name\n hostAliases:\n - \"\u003cvar translate=\"no\"\u003ehost-alias-1\u003c/var\u003e\"\n - \"\u003cvar translate=\"no\"\u003ehost-alias-2\u003c/var\u003e\"\n - \"\u003cvar translate=\"no\"\u003ehost-alias-\u003cem\u003en\u003c/em\u003e\u003c/var\u003e\"\n sslCertPath: ./certs/test-cert-name.pem\n sslKeyPath: ./certs/test-key-name.key\n routingRules:\n - paths:\n - /path1\n - /path2\n - /pathn\n env: environment-name\n\n envs:\n - name: environment-name # The same name of the env you created in the UI\n serviceAccountPaths:\n synchronizer: ./service-accounts/synchronizer-service-account-name.json\n udca: ./service-accounts/udca-service-account-name.json\n\n mart:\n hostAlias: mart-host-alias\n serviceAccountPath: ./service-accounts/mart-service-account-name.json\n sslCertPath: ./certs/mart-cert-name.pem\n sslKeyPath: ./certs/mart-key-name.key\n\n cassandra:\n hostNetwork: true\n dnsPolicy: ClusterFirstWithHostNet\n\n ingress:\n runtime:\n loadBalancerIP: virtual_IP_runtime\n mart:\n loadBalancerIP: virtual_IP_mart\n\n\n metrics:\n serviceAccountPath: ./service-accounts/metrics-service-account-name.json\n\n logger:\n enabled: false\n ```\n\n ### Example\n\n The following example shows a completed overrides file with example property values\n added: \n\n ```gdscript\n gcp:\n region: us-central1\n projectID: my-gcp-project\n\n k8sCluster:\n name: apigee-hybrid\n region: us-central1\n\n org: hybrid-org\n\n virtualhosts:\n - name: default\n hostAliases:\n - \"*.acme.com\"\n sslCertPath: ./certs/keystore.pem\n sslKeyPath: ./certs/keystore.key\n routingRules:\n - paths:\n - /foo\n - /bar\n env: test\n\n envs:\n - name: test\n serviceAccountPaths:\n synchronizer: ./service-accounts/hybrid-project-apigee-synchronizer.json\n udca: ./service-accounts/hybrid-project-apigee-udca.json\n\n mart:\n hostAlias: \"mart.apigee-hybrid-docs.net\"\n serviceAccountPath: ./service-accounts/hybrid-project-apigee-mart.json\n sslCertPath: ./certs/fullchain.pem\n sslKeyPath: ./certs/privkey.key\n\n cassandra:\n hostNetwork: true\n dnsPolicy: ClusterFirstWithHostNet\n\n ingress:\n runtime:\n loadBalancerIP: 21.0.124.13\n mart:\n loadBalancerIP: 21.0.124.14\n\n metrics:\n serviceAccountPath: ./service-accounts/hybrid-project-apigee-metrics.json\n\n logger:\n enabled: false\n ```\n | Although not required for this quick start installation, it's a good practice to create static IP addresses for the two ingress gateways that are exposed outside the cluster. These ingress gateways are used for MART and for handling API proxy traffic. For configuration details, see [Configure static IP addresses](/apigee/docs/hybrid/v1.2/static-ip).\n5. When your finished, save the file.\n\n\nThe following table describes each of the property values that you must provide in the\noverrides file. For more information, see\n[Configuration property reference](/apigee/docs/hybrid/v1.2/config-prop-ref).\n\nSummary\n-------\n\n\nThe configuration file tells Kubernetes how to deploy the hybrid components to\na cluster. Next, you will apply this configuration to your cluster.\n[1](/apigee/docs/hybrid/v1.2/install-create-cluster-anthos) [2](/apigee/docs/hybrid/v1.2/install-download-install-anthos) [3](/apigee/docs/hybrid/v1.2/install-copy-overrides-anthos) [(NEXT) Step 4: Install hybrid runtime](/apigee/docs/hybrid/v1.2/install-apply-hybrid-anthos)\n\n\u003cbr /\u003e"]]
