MuleSoft new Flex-gateway deployed on top of Oracle Container Engine for Kubernetes
I work a lot with Oracle Cloud Infrastructure (OCI), I like it and find it pretty simple to use. And that is the case for OKE (Oracle Containers for Kubernetes) which is the OCI service to deploy a Kubernetes cluster on top of OCI.
A common use case for Kubernetes is the deployment and management of microservices. Typically we have an application/system conformed by multiple microservices, and in some cases, those microservices are being called from applications, for example, web applications or mobile applications.
But if we want to create APIs on top of those microservices, and then connect our applications through those APIs, then the model described very briefly in the previous paragraph is not going to be good enough. For example, if we want to apply policies such as:
- AuthZ flows like OAuth 2.0, Basic Authentication, SAML, JWT validation, etc
- Rate Limiting
- Throttling
- Client Identification
- JSON and XML validation
- Headers validation
- Headers rewriting
- etc
Then the need for an API Gateway may be a good choice. And here we may have a discussion on which API gateway will be the best for this, or if we may use a Service Mesh for some of those needs and we easily can have a very large (hours) discussion trying to justify why one or the other alternative is better.
But there are scenarios where our organization or our customers already own an API Management platform and would like to manage all the APIs centrally no matter where they are deployed or running. If our API Management solution is capable to go to different environments/places to manage APIs, then we have a powerful solution to solve what we described at the beginning of this post, which is to create APIs, manage them and apply policies on top of the group of microservices that we already have deployed inside a Kubernetes cluster.
Oracle Containers for Kubernetes is a good place for deploying microservices, I strongly recommend you to use it. And in the other hand, for Universal API Management, MuleSoft is also a top choice. If you put them together, you will have a very robust solution for your modern applications.
I have written an article about the new MuleSoft Flex Gateway, you can find it here. And if you want to learn more about it you can go to the official documentation here. In my article, I explained how easy is to install the flex gateway using Docker. But now we are going to take a step further and deploy it on top of Oracle Containers for Kubernetes.
You need the following to test this:
- A free-trial (30 days) OCI account
- A free-trial MuleSoft Anypoint Platform account (https://anypoint.mulesoft.com)
- Deploy an OKE cluster
- A terminal (your laptop for example) with access to the OKE cluster, with kubectl and helm, installed
- Docker install in your terminal
With that, you will have the Flex Gateway deployed on top of OKE in less than 10 minutes.
The first step is to login into the MuleSoft Anypoint Platform console at https://anypoint.mulesoft.com and go to Runtime Manager:
Click on Flex Gateway (highlighted in yellow) and you will see this:
Click on the Add Gateway blue button and choose Kubernetes:
Once you click on that option you will get the list of steps:
It is pretty straightforward, but let’s go step-by-step to avoid any type of confusion.
There are five steps to follow, let’s describe them and execute them:
- Installed dependencies. In your terminal, you should have docker, kubectl, and helm. And, in our case, we already have an OKE cluster installed.
In my case, this is helm:
This is kubectl:
And this is my OKE:
2. Prepare your environment. In our case we already have a Kubernetes cluster, so we do not need to do anything extra at this point.
3. Register the Flex Gateway. In our case, the name of our Flex Gateway is okegtwgy. Therefore the command we are going to use is:
docker run — entrypoint flexctl -w /registration \ -v “$(pwd)”:/registration mulesoft/flex-gateway:1.0.0 \ register okegtwy \ — token=cc4ca4780803fbae87c \ — organization=ef8cab-80dcf5230051 \ — connected=true
After executing that command, in the directory where you are working, you will see three new files. Something like this:
- 6eb79785-c2–4e06-b574–afafadsf.conf
- 6eb79785-c2–4e06-b574–afafadsf.key
- 6eb79785-c2–4e06-b574–afafadsf.pem
Take a note of the ID because we will need it later on.
4. We need to create a Kubernetes namespace where we will install the gateway. For that regard, execute this:
kubectl creates a namespace gateway
After that you will have a new namespace on your system:
Now we need to create a Kubernetes secret with three values, those values are based on the ID that I’ve mentioned in step #3:
kubectl -n gateway create secret generic <UUID-of-your-file> \ — from-file=platform.conf=<UUID-of-your-file>.conf \ — from-file=platform.key=<UUID-of-your-file>.key \ — from-file=platform.pem=<UUID-of-your-file>.pem
After that we need to add the helm chart to our system, executing this:
helm repo add flex-gateway https://flex-packages.anypoint.mulesoft.com/helm
Something similar to this will be written as the output of the previous command:
Then execute this:
helm repo up
We are just one step away to install the gateway on top of our OKE cluster, the following command will install the helm chart and in terms of Kubernetes, it will create a deployment and a service. All that will be within the gateway namespace that we’ve created previously.
Execute this (change the UUID with the one we got in step #3 of this list):
helm -n gateway upgrade -i — wait ingress flex-gateway/flex-gateway \ — set registerSecretName=<UUID-of-your-file>
After that we will get this deployment:
Also a service:
And our okegtwy running within the pod:
From the Anypoint Platform Console, you will see:
OK. The gateway is there, but now what? What’s next?
As we’ve mentioned at the beginning of the article, the use-case is oriented toward creating APIs on top of services/microservices that are running on your Kubernetes cluster, and you will see how easy is that. But that will happen in the next article.
In this article, we’ve learned how to deploy a MuleSoft Flex Gateway on top of an existing Oracle COntainers for Kubernetes (OKE).