Anypoint Runtime Fabric Overview
Anypoint Runtime Fabric is a container service that automates the deployment and orchestration of Mule applications and API gateways. Runtime Fabric runs within a customer-managed infrastructure on AWS, Azure, virtual machines (VMs), and bare-metal servers.
Some of the capabilities of Anypoint Runtime Fabric include:
-
Isolation between applications by running a separate Mule runtime per application.
-
Ability to run multiple versions of Mule runtime on the same set of resources.
-
Scaling applications across multiple replicas.
-
Automated application fail-over.
-
Application management with Anypoint Runtime Manager.
Contact your Customer Success Manager for information on how enable Anypoint Runtime Fabric on your account. |
Runtime Fabric and Other PaaS Providers
Anypoint Runtime Fabric contains all of the components it requires. These components, including Docker and Kubernetes, are optimized to work efficiently with Mule runtimes and other MuleSoft services.
Installing Runtime Fabric within an existing Kubernetes-based PaaS is not supported. |
If you are already using a PaaS solution, MuleSoft recommends deploying Runtime Fabric in parallel with your PaaS. This enables you to take advantage of the complete benefits of Anypoint Platform.
Connecting Runtime Fabric to Anypoint Management Center
Anypoint Runtime Fabric supports the following:
-
Deploying applications from Anypoint Runtime Manager.
-
Deploying policy updates of API gateways using API Manager.
-
Storing and retrieving assets with Anypoint Exchange.
To enable integration with the Anypoint Management Center, Runtime Fabric requires outbound access to Anypoint Platform on port 443. This connection is secured using mutual TLS. A set of services running on the controller VMs initiates outbound connections to retrieve the metadata and assets required to deploy an application. These services then translate and communicate with other internal services to cache the assets locally and deploy the application.
Check with your network administrator about enabling required outbound connections from your organization’s network. |
Anypoint Runtime Fabric and Standalone Mule Runtimes (Hybrid Deployments)
Hybrid deployments of Mule applications require you to install a version of the Mule runtime on a server and deploy one or more applications on the server. Each application shares the Mule runtime and the resources made available to it. Other resources such as certificates or database connections may also be shared using domains.
Anypoint Runtime Fabric provisions resources differently. Each Mule application and API gateway runs within their own Mule runtime and in their own container. The resources the container can access is specified when deploying a Mule application or API proxy. This enables Mule applications to horizontally scale across VMs without relying on other dependencies. It also ensures that different applications do not compete with each other for resources on the same VM.
Checklist for Using Anypoint Runtime Fabric
The following sections list the general requirements and considerations for successfully using Anypoint Runtime Fabric. Ensure the following criteria have been met before beginning the installation.
Consult your network or operations administrators to ensure that these are in place before installing Anypoint Runtime Fabric.
Anypoint Platform Roles and Permissions
To succesfully use Anypoint Runtime Fabric, your Anypoint Platform account must have the following roles and permissions enabled:
-
Ability to use Anypoint Runtime Manager to deploy and manage applications.
-
Ability to use Anypoint Access Management to manage permissions for Anypoint Platform users.
-
To use Anypoint Runtime Fabric, you must have the Organization Administrators role or the Manage Runtime Fabrics permission on the corresponding environments.
-
-
You may also require the following permissions to enable inbound traffic to Runtime Fabric:
-
Grant Access to Secrets
-
Manage Secret Groups
-
Read Secrets Metadata
-
Write Secrets
These permissions are available from the Secrets Manager tab in Access Management .
-
To deploy applications, you must have the Exchange Contributors role enabled for your Anypoint Platform account.
-
Network and Security
To successfully install and use Anypoint Runtime Fabric, you must know and verify the following about your network:
-
Your organization requires outbound connections to be routed to a proxy.
-
Outbound access is allowed using websockets (via port 443) to Anypoint Platform.
-
Your organization’s network and security policies, including:
-
Internal network IP address range in CIDR notation.
-
The subnet range used for Runtime Fabric in CIDR notation.
-
If virtual machines are allowed public IP addresses.
-
How to gain shell access to each VM.
-
-
Know if inbound traffic should be enabled for Anypoint Runtime Fabric. This will likely be based on the function of your organization’s Mule applications.
-
If so, you must have a TLS certificate with the desired Common Name set to route traffic to Runtime Fabric.
-
Ability to create or configure an external TCP load balancer to manage traffic to applications running in Runtime Fabric.
-
Ability to configure DNS settings to associate the Common Name on the TLS certificate to the IP address of the external load balancer.
-
Infrastructure and Operations
To successfully install and use Anypoint Runtime Fabric, your network infrastructure must have:
-
Required hardware provisioned, or have enough quota with your infrastructure provider to create the required hardware. This includes:
-
Virtual machines
-
Disks with provisioned IOPS
-
Virtual networks
-
Firewall rules / security groups
-
Load balancers
-
-
If provisioning hardware with AWS or Azure, you must have the right permissions to create the above resources.
-
You must understand how to forward logs to your organization’s logging provider.
-
Details on your organization’s SMTP provider to configure alerts.