apigee-setup-setups

 AUTH="Authorization: Bearer $(gcloud auth print-access-token)"
PROJECT_ID="poc-saas"
MIG_NAME=apigee-mig-us-east1
VPC_NAME=default
VPC_SUBNET=default
REGION=us-east1

APIGEE_ENDPOINT=$(curl -X GET -H "$AUTH" \
  "https://apigee.googleapis.com/v1/organizations/$PROJECT_ID/instances" | jq -r .instances[0].host)

gcloud compute instance-templates create $MIG_NAME \
  --project $PROJECT_ID \
  --region $REGION \
  --network $VPC_NAME \
  --subnet $VPC_SUBNET \
  --tags=https-server,apigee-mig-proxy,gke-apigee-proxy \
  --machine-type e2-medium --image-family debian-10 \
  --image-project debian-cloud --boot-disk-size 20GB \
  --metadata ENDPOINT=$APIGEE_ENDPOINT,startup-script-url=gs://apigee-5g-saas/apigee-envoy-proxy-release/latest/conf/startup-script.sh

gcloud compute instance-groups managed create $MIG_NAME \
  --project $PROJECT_ID --base-instance-name apigee-mig \
  --size 2 --template $MIG_NAME --region $REGION

gcloud compute instance-groups managed set-autoscaling $MIG_NAME \
  --project $PROJECT_ID --region $REGION --max-num-replicas 20 \
  --target-cpu-utilization 0.75 --cool-down-period 90

gcloud compute instance-groups managed set-named-ports $MIG_NAME \
  --project $PROJECT_ID --region $REGION --named-ports https:443

gcloud compute addresses create lb-ipv4-vip-1 \
  --project $PROJECT_ID \
  --ip-version=IPV4 \
  --global

PUBLIC_IP=$(gcloud compute addresses describe lb-ipv4-vip-1 \
--project $PROJECT_ID --format="get(address)" --global)
DOMAIN=$PUBLIC_IP.nip.io

gcloud compute firewall-rules create k8s-allow-lb-to-apigee-mig \
  --description "Allow incoming from GLB on TCP port 443 to Apigee Proxy" \
  --project $PROJECT_ID --network $VPC_NAME --allow=tcp:443 \
  --source-ranges=130.211.0.0/22,35.191.0.0/16 --target-tags=gke-apigee-proxy

gcloud compute ssl-certificates create apigee-ssl-cert \
    --description="Apigee SSL Cert"\
    --domains=$DOMAIN \
    --global

gcloud compute health-checks create https hc-apigee-mig-443 \
  --project $PROJECT_ID --port 443 --global \
  --request-path /healthz/ingress

gcloud compute backend-services create apigee-mig-backend \
  --project $PROJECT_ID --protocol HTTPS --health-checks hc-apigee-mig-443 \
  --port-name https --timeout 60s --connection-draining-timeout 300s --global

gcloud compute backend-services add-backend apigee-mig-backend \
  --project $PROJECT_ID --instance-group $MIG_NAME \
  --instance-group-region $REGION \
  --balancing-mode UTILIZATION --max-utilization 0.8 --global

gcloud compute url-maps create apigee-mig-proxy-map \
  --project $PROJECT_ID --default-service apigee-mig-backend

gcloud compute target-https-proxies create apigee-mig-https-proxy \
  --project $PROJECT_ID --url-map apigee-mig-proxy-map \
  --ssl-certificates apigee-ssl-cert

gcloud compute forwarding-rules create apigee-mig-https-lb-rule \
  --project $PROJECT_ID --address lb-ipv4-vip-1 --global \
  --target-https-proxy apigee-mig-https-proxy --ports 443

curl "https://apigee.googleapis.com/v1/organizations/poc-saas:setAddons" \
-X POST \
-H "Authorization: Bearer $TOKEN" \
-H "Content-type: application/json" \
-d '{
"addonsConfig": {
"monetizationConfig": {
"enabled": "true"
},
"advancedApiOpsConfig": {
"enabled": true
}
}
}'