Navigating CloudHub 2.0: Key Considerations for Platform Readiness and Migration

Considering the enhanced features offered by CloudHub 2.0, migration from CloudHub 1.0 to 2.0 has become essential, and we’ve observed enterprises beginning to plan to leverage the advantages of 2.0. Having extensively worked on platform setup, API Management, and Center for Enablement (C4E), as well as serving in an advisory capacity for migrations, drawing from experience with both versions, we’ll share key considerations for platform reediness for transitioning to CloudHub 2.0.

Lets recollect some of the improved features in CH 2.0:

• Container-Based Deployment: Applications can now be deployed using containers, ensuring resource efficiency.
• AWS Service Roles: CH 2.0 supports AWS service roles for better access control.
• Granular vCore Allocation: More flexible vCore allocation options.
• Outbound Firewall Rules: Configure outbound firewall rules.
• Ingress Self-Service Logs: Access self-service logs for ingress traffic.
• Private Spaces: Enhanced VPCs with automatic private network assignment.
• Endpoints and Internal Endpoints: Applications now have endpoints and internal endpoints.
• TLS Context and Truststore Edits: In-place edits for TLS context and truststore.
• Unique Application Names: Application names must be unique per private space.

Platform readiness is foundational step to kick start the migration. Here are key considerations you need to consider while setting up CloudHub 2.0

1.Setting up Private Spaces- private spaces which is virtual, private, and isolated logical space in CloudHub 2.0 in which to run your APIs / Integrations.

• Consider factors such as data sovereignty and latency when selecting the region closest to your business operations.
• Leverage the flexibility of private spaces to customize networking configurations, security policies, and resource allocation according to application requirements.

2.Connectivity to Data Centers

• Utilize Transit Gateway attachments to establish scalable and resilient connectivity between CloudHub 2.0 and on-premises data centers or other cloud environments.
• Alternatively, IPsec tunneling for secure communication between CloudHub 2.0 and external data centers, ensuring data integrity and confidentiality.
• Evaluate network bandwidth requirements and latency constraints to optimize performance across distributed environments.

3.Defining and Setting up Anypoint Teams

• Define Anypoint Teams to organize users, roles, and permissions effectively within CloudHub 2.0, streamlining collaboration and governance.
• Assign specific roles such as administrators, developers, and operators to team members based on their responsibilities and access requirements.
• Implement fine-grained access controls and role-based policies to enforce security measures and compliance standards across the organization.

4.End-to-End DevOps Setup

• Establish robust CI/CD pipelines tailored for CloudHub 2.0 to automate the build, test, and deployment processes for applications.
• Integrate version control systems, such as Git, with Anypoint Platform to manage code repositories and track changes seamlessly.
• Implement deployment strategies, such as blue-green deployments or canary releases, to minimize downtime and ensure smooth transitions between versions.
• Monitor pipeline performance and application health using telemetry data and analytics tools, enabling proactive troubleshooting and optimization of DevOps workflows.

5.Setting up TLS Context:

• TLS (Transport Layer Security) contexts are essential for securing inbound traffic to a private space in CloudHub 2.0. They enable your applications to be reached at custom domains while ensuring encryption.
• Each private space includes one default TLS context (for traffic to cloudhub.io), which cannot be removed. The default certificate renews automatically without user intervention.
• You can create additional TLS contexts as needed. These contexts define the domains available when deploying apps to private spaces.