From cf41b96563adb84c91d3ac838aad80f3d8860bb9 Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Fri, 3 Jan 2025 12:49:36 -0500 Subject: [PATCH 01/17] Edits --- gateway/1.9/modules/ROOT/nav.adoc | 1 + .../pages/flex-gateway-managed-set-up.adoc | 113 ++++++++++++++++++ .../ROOT/pages/flex-gateway-set-up.adoc | 2 +- 3 files changed, 115 insertions(+), 1 deletion(-) create mode 100644 gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc diff --git a/gateway/1.9/modules/ROOT/nav.adoc b/gateway/1.9/modules/ROOT/nav.adoc index e563a0289..1c353c8f7 100644 --- a/gateway/1.9/modules/ROOT/nav.adoc +++ b/gateway/1.9/modules/ROOT/nav.adoc @@ -15,6 +15,7 @@ ** xref:flex-gateway-managed-getting-started.adoc[] ** xref:flex-gateway-getting-started.adoc[] ** xref:flex-gateway-k8-getting-started.adoc[] +* xref:flex-gateway-managed-set-up.adoc[] * xref:flex-gateway-set-up.adoc[] ** xref:flex-install.adoc[Download Flex Gateway] ** xref:flex-conn-reg-run.adoc[Register and Run in Connected Mode] diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc new file mode 100644 index 000000000..0f67691e3 --- /dev/null +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -0,0 +1,113 @@ += Setting Up Managed Flex Gateway +ifndef::env-site,env-github[] +include::_attributes.adoc[] +endif::[] +:imagesdir: ../assets/images + +The goal of this tutorial is to quickly get started with Anypoint Managed Flex Gateway deployed on CloudHub 2.0. The tutorial describes how to create and run Managed Flex Gateway. + +Additionally, the tutorial describes how to publish an API that is secured with a basic authentication policy. + +== Before You Begin + +Before getting started with Flex Gateway, ensure that you have: + +* Created a private space in CloudHub 2.0 or have access to a private space created by someone else. To create a private space, see xref::cloudhub-2::ps-create-configure.adoc[]. + +== Deploy a Managed Flex Gateway + +. Log in to https://anypoint.mulesoft.com/login/[Anypoint Platform^] with your Anypoint username and password. +. Select *Runtime Manager*. +. Click *Flex Gateways* in the side navigation panel. +. Click *Managed Flex Gateway*. +. Click *Add Managed Flex Gateway*. +. Enter a *Gateway name*. +. Select a your private space as your *Deployment target*. +. Select *Edge* for *Release channel*. +. Select *Small Managed Flex Gateway* for *Gateway type*. +. Click *Save & deploy*. ++ +The UI returns to the *Managed Flex Gateway* page. +. In the list of Managed Gateways, find your new gateway and wait until its status is *Running*. + +== Publish a Simple API + +. Select *API Manager* from the Anypoint Platform menu. +. Click *Add API*, followed by *Add new API*. +. From the *Add API* page, select *Flex Gateway* as your runtime. +. Select your deployed Managed Flex Gateway in the *Select a gateway* section. +. Click *Next*. +. Click *Create New API*. +. Specify an API name and select *HTTP API* as the asset type. +. Click *Next*. +. From the *Downstream* page: +.. Select *HTTP*. +.. Enter `8081` in the *Port* field. +. Click *Next*. +. From the *Upstream* page: +.. Enter the following in the *Upsream URL* field: ++ +[source] +---- +https://jsonplaceholder.typicode.com/ +---- +. Click *Next*. +. Click *Save & Deploy*. ++ +The UI takes you to the *API Summary* page of the newly created API instance. ++ +Inside the private space the Managed Flex Gateway is deployed in, all HTTP requests made to `localhost` on port `8081` are now proxied to the `jsonplaceholder` service. +. To test the API Instance, run the following command in a new terminal window: ++ +[source,ssh] +---- +curl -s -o /dev/null -w "%{http_code}\n" --request GET 'http://localhost:8081/' +---- ++ +The command executes a `GET` request to the API, and then prints the resulting `200` status code, indicating success. + + + +== Secure Your API Using the Basic Authentication Policy + +. From the *API Summary* page, select *Policies* from the side navigation panel. +. In the *Policies* page, click *Add policy*. ++ +The following screenshot of the *Policies* page highlights the specified options: ++ +image::gateway-quickstart-add-policy.png["Add Policy page with Add policy button",width=65%] + +. Select the *Basic Authentication - Simple* policy. +. Click *Next*. +. For *User Name*, enter `user`. +. For *User Password*, enter `password`. +. Click *Apply*. ++ +The following screenshot of the *Configure Basic Authentication - Simple policy* page highlights the specified options: ++ +image::gateway-quickstart-config-basic-auth.png["Configure Basic Authentication Policy page with User Password field selected",width=65%] + +. To test the API Instance _without_ authentication, run the following `curl` command in the terminal window: ++ +[source,ssh] +---- +curl -s -o /dev/null -w "%{http_code}\n" --request GET 'http://localhost:8081/' +---- ++ +The command prints a resulting `401 (Unauthorized)` status code, because the request does not include the Authentication context. +. To test the API Instance _with_ authentication, run the following command in the terminal window: ++ +[source,ssh] +---- +curl -s -o /dev/null -w "%{http_code}\n" --request GET 'http://localhost:8081/' -u user:password +---- ++ +[NOTE] +The `user` and `password` parameters must match what was specified when you applied the policy via *API Manager*. ++ +The command prints the resulting `200` status code, indicating success. + +== Next Steps + +* xref:flex-review-prerequisites.adoc[] +* xref:flex-gateway-set-up.adoc[] diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-set-up.adoc index b4177fa6f..48dbe42a3 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-set-up.adoc @@ -1,4 +1,4 @@ -= Setting Up Flex Gateway += Setting Up Self-Managed Flex Gateway ifndef::env-site,env-github[] include::_attributes.adoc[] endif::[] From 4a0dcddc578b86289cbe880d949aa92838210513 Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Fri, 3 Jan 2025 14:03:25 -0500 Subject: [PATCH 02/17] Update flex-gateway-managed-set-up.adoc --- .../pages/flex-gateway-managed-set-up.adoc | 94 +++---------------- 1 file changed, 15 insertions(+), 79 deletions(-) diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc index 0f67691e3..c0c0488c7 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -4,9 +4,7 @@ include::_attributes.adoc[] endif::[] :imagesdir: ../assets/images -The goal of this tutorial is to quickly get started with Anypoint Managed Flex Gateway deployed on CloudHub 2.0. The tutorial describes how to create and run Managed Flex Gateway. -Additionally, the tutorial describes how to publish an API that is secured with a basic authentication policy. == Before You Begin @@ -22,90 +20,28 @@ Before getting started with Flex Gateway, ensure that you have: . Click *Managed Flex Gateway*. . Click *Add Managed Flex Gateway*. . Enter a *Gateway name*. -. Select a your private space as your *Deployment target*. -. Select *Edge* for *Release channel*. -. Select *Small Managed Flex Gateway* for *Gateway type*. -. Click *Save & deploy*. -+ -The UI returns to the *Managed Flex Gateway* page. -. In the list of Managed Gateways, find your new gateway and wait until its status is *Running*. - -== Publish a Simple API - -. Select *API Manager* from the Anypoint Platform menu. -. Click *Add API*, followed by *Add new API*. -. From the *Add API* page, select *Flex Gateway* as your runtime. -. Select your deployed Managed Flex Gateway in the *Select a gateway* section. -. Click *Next*. -. Click *Create New API*. -. Specify an API name and select *HTTP API* as the asset type. -. Click *Next*. -. From the *Downstream* page: -.. Select *HTTP*. -.. Enter `8081` in the *Port* field. -. Click *Next*. -. From the *Upstream* page: -.. Enter the following in the *Upsream URL* field: -+ -[source] ----- -https://jsonplaceholder.typicode.com/ ----- -. Click *Next*. -. Click *Save & Deploy*. -+ -The UI takes you to the *API Summary* page of the newly created API instance. +. Select the private space where you want to deploy your Managed Flex Gateway as your *Deployment target*. +. Select *Release channel*: + -Inside the private space the Managed Flex Gateway is deployed in, all HTTP requests made to `localhost` on port `8081` are now proxied to the `jsonplaceholder` service. -. To test the API Instance, run the following command in a new terminal window: +[cols="1a,1a,1a"] +|=== +| Release channel | Description +| *Edge* | This channel releases a new minor version every four months. It has the latest features and shorter support windows. +| *Long-Term Support* | This channel releases a new minor version once a year. +|=== + -[source,ssh] ----- -curl -s -o /dev/null -w "%{http_code}\n" --request GET 'http://localhost:8081/' ----- -+ -The command executes a `GET` request to the API, and then prints the resulting `200` status code, indicating success. - - +To learn more about the differences between release channels, see xref:flex-gateway-version-lifecycle.adoc[]. -== Secure Your API Using the Basic Authentication Policy - -. From the *API Summary* page, select *Policies* from the side navigation panel. -. In the *Policies* page, click *Add policy*. -+ -The following screenshot of the *Policies* page highlights the specified options: +. If you chose *Long-Term Support*, select *Version*. + -image::gateway-quickstart-add-policy.png["Add Policy page with Add policy button",width=65%] +Select the latest version unless if a later is specifically needed. -. Select the *Basic Authentication - Simple* policy. -. Click *Next*. -. For *User Name*, enter `user`. -. For *User Password*, enter `password`. -. Click *Apply*. -+ -The following screenshot of the *Configure Basic Authentication - Simple policy* page highlights the specified options: -+ -image::gateway-quickstart-config-basic-auth.png["Configure Basic Authentication Policy page with User Password field selected",width=65%] -. To test the API Instance _without_ authentication, run the following `curl` command in the terminal window: -+ -[source,ssh] ----- -curl -s -o /dev/null -w "%{http_code}\n" --request GET 'http://localhost:8081/' ----- -+ -The command prints a resulting `401 (Unauthorized)` status code, because the request does not include the Authentication context. -. To test the API Instance _with_ authentication, run the following command in the terminal window: -+ -[source,ssh] ----- -curl -s -o /dev/null -w "%{http_code}\n" --request GET 'http://localhost:8081/' -u user:password ----- -+ -[NOTE] -The `user` and `password` parameters must match what was specified when you applied the policy via *API Manager*. +. Select *Small Managed Flex Gateway* for *Gateway type*. +. Click *Save & deploy*. + -The command prints the resulting `200` status code, indicating success. +The UI returns to the *Managed Flex Gateway* page. +. In the list of Managed Gateways, find your new gateway and wait until its status is *Running*. == Next Steps From ce156066a6a9dca8cea292c9ab3514d38d97a3d3 Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Tue, 7 Jan 2025 11:16:52 -0500 Subject: [PATCH 03/17] Update flex-gateway-managed-set-up.adoc --- .../ROOT/pages/flex-gateway-managed-set-up.adoc | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc index c0c0488c7..a37a06502 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -37,7 +37,17 @@ To learn more about the differences between release channels, see xref:flex-gate Select the latest version unless if a later is specifically needed. -. Select *Small Managed Flex Gateway* for *Gateway type*. +. Select *Gateway type*: ++ +[cols="1a,1a,1a"] +|=== +| Size | Description +| *Small Managed Flex Gateway* | Use for testing and staging purposes. Small Managed Flex Gateways can deploy up to 50 APIs with a maximum of 100 requests per second. +| *Large Managed Flex Gateway* | Use for production purposes. Large Managed Flex Gateways can deploy up to 500 APIs with a maximum of 500 requests per second. +|=== ++ +To learn more about Managed Flex Gateway sizing, see xref:flex-managed-sizing-guide.adoc[]. + . Click *Save & deploy*. + The UI returns to the *Managed Flex Gateway* page. From f71c52a567d0271a6d834f8fd1016bd2c11308de Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Tue, 7 Jan 2025 11:16:59 -0500 Subject: [PATCH 04/17] Update flex-gateway-managed-set-up.adoc --- .../ROOT/pages/flex-gateway-managed-set-up.adoc | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc index a37a06502..9acd9a8f9 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -48,6 +48,16 @@ Select the latest version unless if a later is specifically needed. + To learn more about Managed Flex Gateway sizing, see xref:flex-managed-sizing-guide.adoc[]. +. Optionally, click *Advanced options* to configure additional gateway details: ++ +** *Ingress*: ++ +** *Properties*: ++ +** *Logging*: + + + . Click *Save & deploy*. + The UI returns to the *Managed Flex Gateway* page. From ecf41922c5ad287ae4473426c38f8ee376398ba3 Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Wed, 8 Jan 2025 10:53:48 -0500 Subject: [PATCH 05/17] Update flex-gateway-managed-set-up.adoc --- .../pages/flex-gateway-managed-set-up.adoc | 43 ++++++++++++++++--- 1 file changed, 38 insertions(+), 5 deletions(-) diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc index 9acd9a8f9..ff0b9e14b 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -52,17 +52,50 @@ To learn more about Managed Flex Gateway sizing, see xref:flex-managed-sizing-gu + ** *Ingress*: + +*** *Public endpoint*: ++ +[cols="1a,1a,1a"] +|=== +| Parameter | Description +| *Host* | +| *Path* | +|=== ++ +*** *Ingress options*: ++ +[cols="1a,1a,1a"] +|=== +| Parameter | Description +| *Path rewrite* | +| *Forward SSL session* | +| *Last-mile security* | +|=== ++ ** *Properties*: -+ -** *Logging*: - - - ++ +[cols="1a,1a,1a"] +|=== +| Parameter | Description +| *Upstream connection idle timeout* | The time a upstream connection can remain idle without receiving client requests. Upstream response are not included in this timeout. +| *Upstream response timeout* | The time the upstream service has to respond from when Flex Gateway sends a request. +| *Stream idle timeout* | The time a stream can remain idle without receiving additional client requests or upstream responses. +|=== ++ +** *Logging* ++ +[cols="1a,1a,1a"] +|=== +| Parameter | Description +| *Forward application logs to Anypoint Monitoring* | Forwards Flex Gateway logs to Anypoint Monitoring. When disabled, logs are only available in Runtime Manager. +| *Additional log levels* | Configures the log level. To learn more, see +|=== . Click *Save & deploy*. + The UI returns to the *Managed Flex Gateway* page. . In the list of Managed Gateways, find your new gateway and wait until its status is *Running*. +== Log Levels + == Next Steps * xref:flex-review-prerequisites.adoc[] From 751e2c469a0b5effe66afdffaec40cba60d9a2d2 Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Wed, 8 Jan 2025 15:36:34 -0500 Subject: [PATCH 06/17] Update flex-gateway-managed-set-up.adoc --- .../1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc index ff0b9e14b..c27696ad1 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -76,7 +76,7 @@ To learn more about Managed Flex Gateway sizing, see xref:flex-managed-sizing-gu [cols="1a,1a,1a"] |=== | Parameter | Description -| *Upstream connection idle timeout* | The time a upstream connection can remain idle without receiving client requests. Upstream response are not included in this timeout. +| *Upstream connection idle timeout* | The time a upstream connection can remain idle without receiving client requests. Upstream responses are not included in this timeout. | *Upstream response timeout* | The time the upstream service has to respond from when Flex Gateway sends a request. | *Stream idle timeout* | The time a stream can remain idle without receiving additional client requests or upstream responses. |=== @@ -87,7 +87,7 @@ To learn more about Managed Flex Gateway sizing, see xref:flex-managed-sizing-gu |=== | Parameter | Description | *Forward application logs to Anypoint Monitoring* | Forwards Flex Gateway logs to Anypoint Monitoring. When disabled, logs are only available in Runtime Manager. -| *Additional log levels* | Configures the log level. To learn more, see +| *Additional log levels* | Configures the log level. |=== . Click *Save & deploy*. + From 2557a1cae908b2122f75587b1374ac71abd706ac Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Thu, 9 Jan 2025 15:10:52 -0500 Subject: [PATCH 07/17] Update flex-gateway-managed-set-up.adoc --- .../ROOT/pages/flex-gateway-managed-set-up.adoc | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc index c27696ad1..32df9dc12 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -34,7 +34,7 @@ To learn more about the differences between release channels, see xref:flex-gate . If you chose *Long-Term Support*, select *Version*. + -Select the latest version unless if a later is specifically needed. +Select the latest version unless if a later version is specifically needed. . Select *Gateway type*: @@ -47,30 +47,35 @@ Select the latest version unless if a later is specifically needed. |=== + To learn more about Managed Flex Gateway sizing, see xref:flex-managed-sizing-guide.adoc[]. - +ps-create-configure . Optionally, click *Advanced options* to configure additional gateway details: + ** *Ingress*: + +Configure a public endpoint to expose your Flex Gateway hosted on a CloudHub 2.0 private pace to the public internet: ++ *** *Public endpoint*: + [cols="1a,1a,1a"] |=== | Parameter | Description -| *Host* | -| *Path* | +| *Domain* | Domain your endpoint is accessible from. To learn more, see xref:cloudhub-2::ps-create-configure.adoc[]. +| *Host* | CloudHub 2.0 host your endpoint is accessible from. |=== + +Add additional endpoints by clicking *Add endpoint*. ++ *** *Ingress options*: + [cols="1a,1a,1a"] |=== | Parameter | Description -| *Path rewrite* | | *Forward SSL session* | | *Last-mile security* | |=== + +To learn more about CloudHub 2.0 public endpoints, see xref:cloudhub-2::index.adoc[]. ++ ** *Properties*: + [cols="1a,1a,1a"] From 1459bf7f53db75b351b2700cb173841c579b39ed Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Fri, 10 Jan 2025 11:37:48 -0500 Subject: [PATCH 08/17] Update flex-gateway-managed-set-up.adoc --- .../ROOT/pages/flex-gateway-managed-set-up.adoc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc index 32df9dc12..298b42cfb 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -56,7 +56,7 @@ Configure a public endpoint to expose your Flex Gateway hosted on a CloudHub 2.0 + *** *Public endpoint*: + -[cols="1a,1a,1a"] +[cols="1a,1a"] |=== | Parameter | Description | *Domain* | Domain your endpoint is accessible from. To learn more, see xref:cloudhub-2::ps-create-configure.adoc[]. @@ -67,18 +67,18 @@ Add additional endpoints by clicking *Add endpoint*. + *** *Ingress options*: + -[cols="1a,1a,1a"] +[cols="1a,1a"] |=== | Parameter | Description | *Forward SSL session* | | *Last-mile security* | |=== + -To learn more about CloudHub 2.0 public endpoints, see xref:cloudhub-2::index.adoc[]. +To learn more about CloudHub 2.0 public endpoints, see xref:cloudhub-2::ch2-deploy-private-space.adoc[]. + ** *Properties*: + -[cols="1a,1a,1a"] +[cols="1a,1a"] |=== | Parameter | Description | *Upstream connection idle timeout* | The time a upstream connection can remain idle without receiving client requests. Upstream responses are not included in this timeout. @@ -88,7 +88,7 @@ To learn more about CloudHub 2.0 public endpoints, see xref:cloudhub-2::index.ad + ** *Logging* + -[cols="1a,1a,1a"] +[cols="1a,1a"] |=== | Parameter | Description | *Forward application logs to Anypoint Monitoring* | Forwards Flex Gateway logs to Anypoint Monitoring. When disabled, logs are only available in Runtime Manager. From f0448776560f79cd8c6d287ef212ecbf557f86ac Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Fri, 10 Jan 2025 11:50:50 -0500 Subject: [PATCH 09/17] Update flex-gateway-managed-set-up.adoc --- .../1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc index 298b42cfb..df34141a9 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -23,7 +23,7 @@ Before getting started with Flex Gateway, ensure that you have: . Select the private space where you want to deploy your Managed Flex Gateway as your *Deployment target*. . Select *Release channel*: + -[cols="1a,1a,1a"] +[cols="1a,1a"] |=== | Release channel | Description | *Edge* | This channel releases a new minor version every four months. It has the latest features and shorter support windows. @@ -39,7 +39,7 @@ Select the latest version unless if a later version is specifically needed. . Select *Gateway type*: + -[cols="1a,1a,1a"] +[cols="1a,1a"] |=== | Size | Description | *Small Managed Flex Gateway* | Use for testing and staging purposes. Small Managed Flex Gateways can deploy up to 50 APIs with a maximum of 100 requests per second. From 5bb7620158f71ea33d33d9e2f77ed46c4b95c8d9 Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Fri, 10 Jan 2025 13:18:29 -0500 Subject: [PATCH 10/17] Update flex-gateway-managed-set-up.adoc --- .../modules/ROOT/pages/flex-gateway-managed-set-up.adoc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc index df34141a9..62fd0ceb6 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -1,10 +1,11 @@ -= Setting Up Managed Flex Gateway += Deploy a Managed Flex Gateway to CloudHub 2.0 ifndef::env-site,env-github[] include::_attributes.adoc[] endif::[] :imagesdir: ../assets/images +Deploy a Managed Flex Gateway to a CloudHub 2.0 private space to launch a completely cloud hosted gateway. Configure the Managed Flex Gateway as an ingress to you private space by exposing a public endpoint, or configure the gateway to only handle internal traffic. == Before You Begin @@ -71,10 +72,10 @@ Add additional endpoints by clicking *Add endpoint*. |=== | Parameter | Description | *Forward SSL session* | -| *Last-mile security* | +| *Last-mile security* | Specifies that TLS termination and decryption for the forwarded HTTPS connections occurs in the application. This option requires that the Flex Gateway application include an SSL certificate and also requires more CPU resources. |=== + -To learn more about CloudHub 2.0 public endpoints, see xref:cloudhub-2::ch2-deploy-private-space.adoc[]. +To learn more about CloudHub 2.0 public endpoints, see xref:cloudhub-2::ch2-deploy-private-space.adoc#configure-endpoint-path[Configure Endpoints and Paths for the App]. Flex Gateway does not support all parameters mentioned here. + ** *Properties*: + @@ -99,7 +100,6 @@ To learn more about CloudHub 2.0 public endpoints, see xref:cloudhub-2::ch2-depl The UI returns to the *Managed Flex Gateway* page. . In the list of Managed Gateways, find your new gateway and wait until its status is *Running*. -== Log Levels == Next Steps From 59764baa54ed53dd6516fde62abfcdedc611ed69 Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Fri, 10 Jan 2025 13:28:55 -0500 Subject: [PATCH 11/17] Update flex-gateway-managed-set-up.adoc --- .../1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc index 62fd0ceb6..89a38b092 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -71,7 +71,9 @@ Add additional endpoints by clicking *Add endpoint*. [cols="1a,1a"] |=== | Parameter | Description -| *Forward SSL session* | +| *Forward SSL session* | Enables SSL forwarding during a session. + +SSL forwarding is mostly used with client authentication. See Enable Client Authentication. SSL forwarding forwards client certificate details in HTTP request headers so they are available to the application. These fields can identify an authenticated client and allow an application to determine and use the identity. + | *Last-mile security* | Specifies that TLS termination and decryption for the forwarded HTTPS connections occurs in the application. This option requires that the Flex Gateway application include an SSL certificate and also requires more CPU resources. |=== + From 955455937ec399bcd4da84327ce60c795e6a9ac1 Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Tue, 14 Jan 2025 13:36:37 -0500 Subject: [PATCH 12/17] Update flex-gateway-managed-set-up.adoc --- .../pages/flex-gateway-managed-set-up.adoc | 66 ++++++++++++------- 1 file changed, 43 insertions(+), 23 deletions(-) diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc index 89a38b092..985a36cb6 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -33,12 +33,11 @@ Before getting started with Flex Gateway, ensure that you have: + To learn more about the differences between release channels, see xref:flex-gateway-version-lifecycle.adoc[]. -. If you chose *Long-Term Support*, select *Version*. +. Select *Version*. + Select the latest version unless if a later version is specifically needed. - -. Select *Gateway type*: +. Select *Flow Plans*: + [cols="1a,1a"] |=== @@ -49,13 +48,11 @@ Select the latest version unless if a later version is specifically needed. + To learn more about Managed Flex Gateway sizing, see xref:flex-managed-sizing-guide.adoc[]. ps-create-configure -. Optionally, click *Advanced options* to configure additional gateway details: -+ -** *Ingress*: +. Configure *Advanced options*: + -Configure a public endpoint to expose your Flex Gateway hosted on a CloudHub 2.0 private pace to the public internet: +Ingress:: + -*** *Public endpoint*: +* *Public endpoint*: + [cols="1a,1a"] |=== @@ -64,22 +61,21 @@ Configure a public endpoint to expose your Flex Gateway hosted on a CloudHub 2.0 | *Host* | CloudHub 2.0 host your endpoint is accessible from. |=== + -Add additional endpoints by clicking *Add endpoint*. +Managed Flex Gateway supports one *Public endpoint* per domain in your private space. + -*** *Ingress options*: +* *Ingress options*: + [cols="1a,1a"] |=== | Parameter | Description | *Forward SSL session* | Enables SSL forwarding during a session. + SSL forwarding is mostly used with client authentication. See Enable Client Authentication. SSL forwarding forwards client certificate details in HTTP request headers so they are available to the application. These fields can identify an authenticated client and allow an application to determine and use the identity. - | *Last-mile security* | Specifies that TLS termination and decryption for the forwarded HTTPS connections occurs in the application. This option requires that the Flex Gateway application include an SSL certificate and also requires more CPU resources. |=== + -To learn more about CloudHub 2.0 public endpoints, see xref:cloudhub-2::ch2-deploy-private-space.adoc#configure-endpoint-path[Configure Endpoints and Paths for the App]. Flex Gateway does not support all parameters mentioned here. +Properties:: + -** *Properties*: +To configure how long Managed Flex Gateway waits for response or idle connections, configure the timeout properties: + [cols="1a,1a"] |=== @@ -88,19 +84,43 @@ To learn more about CloudHub 2.0 public endpoints, see xref:cloudhub-2::ch2-depl | *Upstream response timeout* | The time the upstream service has to respond from when Flex Gateway sends a request. | *Stream idle timeout* | The time a stream can remain idle without receiving additional client requests or upstream responses. |=== +. Click *Save & deploy*. + -** *Logging* +Logging:: + -[cols="1a,1a"] -|=== -| Parameter | Description -| *Forward application logs to Anypoint Monitoring* | Forwards Flex Gateway logs to Anypoint Monitoring. When disabled, logs are only available in Runtime Manager. -| *Additional log levels* | Configures the log level. -|=== -. Click *Save & deploy*. +* *Forward application logs to Anypoint Monitoring*: + -The UI returns to the *Managed Flex Gateway* page. -. In the list of Managed Gateways, find your new gateway and wait until its status is *Running*. +Forwards Flex Gateway logs to Anypoint Monitoring. When disabled, logs are only available in Runtime Manager. ++ +* *Additional Log Levels*: ++ +** *INFO*: Informative messages +** *DEBUG*: Debugging messages +** *WARNING*: Warning messages +** *ERROR*: Error messages, such as when an exception occurs +** *FATAL*: Fatal messages for when an application fails +* Click *Save & deploy*. + +== Edit a Managed Flex Gateway Settings + +To edit a Managed Flex Gateway settings: + +. From Anypoint Platform, select *Runtime Manager > Flex Gateways*. +. Click the Managed Flex Gateway name. +. In the navigation menu, click Settings. +. Make the necessary edits. +. Click *Apply changes*. + +== Remove an Endpoint + +To remove an endpoint: + +. From Anypoint Platform, select *Runtime Manager > Flex Gateways*. +. Click the Managed Flex Gateway name. +. In the navigation menu, click Settings. +. Click *Advanced options*. +. In the *Public endpoint* row, click *X* (Delete). +. Click *Apply changes*. == Next Steps From c5323f42a7942edb5034316e5b8886a2a6e5feba Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Tue, 14 Jan 2025 14:03:48 -0500 Subject: [PATCH 13/17] Update flex-gateway-managed-set-up.adoc --- .../pages/flex-gateway-managed-set-up.adoc | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc index 985a36cb6..ac7625103 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -20,9 +20,9 @@ Before getting started with Flex Gateway, ensure that you have: . Click *Flex Gateways* in the side navigation panel. . Click *Managed Flex Gateway*. . Click *Add Managed Flex Gateway*. -. Enter a *Gateway name*. -. Select the private space where you want to deploy your Managed Flex Gateway as your *Deployment target*. -. Select *Release channel*: +. Enter a *Gateway Name*. +. Select the private space where you want to deploy your Managed Flex Gateway as your *Deployment Target*. +. Select a *Release Channel*: + [cols="1a,1a"] |=== @@ -47,7 +47,7 @@ Select the latest version unless if a later version is specifically needed. |=== + To learn more about Managed Flex Gateway sizing, see xref:flex-managed-sizing-guide.adoc[]. -ps-create-configure + . Configure *Advanced options*: + Ingress:: @@ -61,7 +61,7 @@ Ingress:: | *Host* | CloudHub 2.0 host your endpoint is accessible from. |=== + -Managed Flex Gateway supports one *Public endpoint* per domain in your private space. +Click *Add Endpoint* to add an additional endpoint to a different domain. Managed Flex Gateway supports one *Public endpoint* per domain in your private space. + * *Ingress options*: + @@ -80,11 +80,10 @@ To configure how long Managed Flex Gateway waits for response or idle connection [cols="1a,1a"] |=== | Parameter | Description -| *Upstream connection idle timeout* | The time a upstream connection can remain idle without receiving client requests. Upstream responses are not included in this timeout. -| *Upstream response timeout* | The time the upstream service has to respond from when Flex Gateway sends a request. -| *Stream idle timeout* | The time a stream can remain idle without receiving additional client requests or upstream responses. +| *Upstream Connection Idle Timeout* | The time a upstream connection can remain idle without receiving client requests. Upstream responses are not included in this timeout. +| *Upstream Response Timeout* | The time the upstream service has to respond from when Flex Gateway sends a request. +| *Stream Idle Timeout* | The time a stream can remain idle without receiving additional client requests or upstream responses. |=== -. Click *Save & deploy*. + Logging:: + @@ -99,7 +98,7 @@ Forwards Flex Gateway logs to Anypoint Monitoring. When disabled, logs are only ** *WARNING*: Warning messages ** *ERROR*: Error messages, such as when an exception occurs ** *FATAL*: Fatal messages for when an application fails -* Click *Save & deploy*. +. Click *Save & deploy*. == Edit a Managed Flex Gateway Settings From be72e5823d6a745486b1925c3296bb7382836baa Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Tue, 14 Jan 2025 16:15:44 -0500 Subject: [PATCH 14/17] Update flex-gateway-managed-set-up.adoc --- .../pages/flex-gateway-managed-set-up.adoc | 28 +++++++++++++++---- 1 file changed, 23 insertions(+), 5 deletions(-) diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc index ac7625103..dcd7ba532 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -65,14 +65,32 @@ Click *Add Endpoint* to add an additional endpoint to a different domain. Manage + * *Ingress options*: + -[cols="1a,1a"] +** *Forward SSL Session*: ++ +Enables SSL forwarding during a session. + +SSL forwarding is mostly used with client authentication. See xref:anypoint-security::enable-client-authentication.adoc[]. +SSL forwarding forwards client certificate details in HTTP request headers so they are available to the application. +These fields can identify an authenticated client and allow an application to determine and use the identity. ++ +The following headers are available: ++ +[%header,cols="2*a"] |=== -| Parameter | Description -| *Forward SSL session* | Enables SSL forwarding during a session. + -SSL forwarding is mostly used with client authentication. See Enable Client Authentication. SSL forwarding forwards client certificate details in HTTP request headers so they are available to the application. These fields can identify an authenticated client and allow an application to determine and use the identity. -| *Last-mile security* | Specifies that TLS termination and decryption for the forwarded HTTPS connections occurs in the application. This option requires that the Flex Gateway application include an SSL certificate and also requires more CPU resources. +| Header Name | Value +| x-ssl-client-verify | SUCCESS/FAIL +| x-ssl-issuer | Client certificate issuer +| x-ssl-client-serial | Client certificate serial number +| x-ssl-client-dn | Contents of the client certificate DN field +| x-ssl-client-cert | Contents of the client certificate |=== + +** *Last-mile Security*: ++ +Specifies that TLS termination and decryption for the forwarded HTTPS connections occurs in the application. ++ +This option requires that the Flex Gateway include an SSL certificate and also requires more CPU resources. ++ Properties:: + To configure how long Managed Flex Gateway waits for response or idle connections, configure the timeout properties: From 207c844a560894fee017cef4f0cf96c0c347f7de Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Tue, 14 Jan 2025 16:27:08 -0500 Subject: [PATCH 15/17] Update flex-gateway-managed-set-up.adoc --- gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc | 2 -- 1 file changed, 2 deletions(-) diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc index dcd7ba532..49e53066e 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -89,8 +89,6 @@ The following headers are available: + Specifies that TLS termination and decryption for the forwarded HTTPS connections occurs in the application. + -This option requires that the Flex Gateway include an SSL certificate and also requires more CPU resources. -+ Properties:: + To configure how long Managed Flex Gateway waits for response or idle connections, configure the timeout properties: From bcd1d6ed565edbc1432cca27663837e7728e68c5 Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Tue, 14 Jan 2025 17:19:06 -0500 Subject: [PATCH 16/17] Update flex-gateway-managed-set-up.adoc --- .../modules/ROOT/pages/flex-gateway-managed-set-up.adoc | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc index 49e53066e..3b1943c37 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -5,7 +5,7 @@ endif::[] :imagesdir: ../assets/images -Deploy a Managed Flex Gateway to a CloudHub 2.0 private space to launch a completely cloud hosted gateway. Configure the Managed Flex Gateway as an ingress to you private space by exposing a public endpoint, or configure the gateway to only handle internal traffic. +Deploy a Managed Flex Gateway to a CloudHub 2.0 private space to launch a completely cloud hosted gateway. Configure the Managed Flex Gateway as an ingress to you private space by exposing a public endpoint, or configure the gateway to only handle internal traffic. You can have one or more Managed Gateway in each Environment that the private space is shared with. Gateways can protect any API from the same Environment of the gateway. == Before You Begin @@ -17,6 +17,7 @@ Before getting started with Flex Gateway, ensure that you have: . Log in to https://anypoint.mulesoft.com/login/[Anypoint Platform^] with your Anypoint username and password. . Select *Runtime Manager*. +. Ensure you're in environment where you would like to deploy your Managed Gateway . Click *Flex Gateways* in the side navigation panel. . Click *Managed Flex Gateway*. . Click *Add Managed Flex Gateway*. @@ -70,8 +71,8 @@ Click *Add Endpoint* to add an additional endpoint to a different domain. Manage Enables SSL forwarding during a session. SSL forwarding is mostly used with client authentication. See xref:anypoint-security::enable-client-authentication.adoc[]. -SSL forwarding forwards client certificate details in HTTP request headers so they are available to the application. -These fields can identify an authenticated client and allow an application to determine and use the identity. +SSL forwarding forwards client certificate details in HTTP request headers so they are available to the gateway. +These fields can identify an authenticated client and allow the gateway policies to determine and use the identity. + The following headers are available: + @@ -87,7 +88,7 @@ The following headers are available: + ** *Last-mile Security*: + -Specifies that TLS termination and decryption for the forwarded HTTPS connections occurs in the application. +Specifies that TLS termination and decryption for the forwarded HTTPS connections occurs in the gateway. + Properties:: + From 916800a3b94836562d93f6227ef59a3f2246ba36 Mon Sep 17 00:00:00 2001 From: Glenn Rodgers Date: Tue, 14 Jan 2025 17:19:42 -0500 Subject: [PATCH 17/17] Update flex-gateway-managed-set-up.adoc --- gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc index 3b1943c37..0a2ef02e3 100644 --- a/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc +++ b/gateway/1.9/modules/ROOT/pages/flex-gateway-managed-set-up.adoc @@ -5,7 +5,7 @@ endif::[] :imagesdir: ../assets/images -Deploy a Managed Flex Gateway to a CloudHub 2.0 private space to launch a completely cloud hosted gateway. Configure the Managed Flex Gateway as an ingress to you private space by exposing a public endpoint, or configure the gateway to only handle internal traffic. You can have one or more Managed Gateway in each Environment that the private space is shared with. Gateways can protect any API from the same Environment of the gateway. +Deploy a Managed Flex Gateway to a CloudHub 2.0 private space to launch a completely cloud hosted gateway. Configure the Managed Flex Gateway as an ingress to you private space by exposing a public endpoint, or configure the gateway to only handle internal traffic. You can have one or more Managed Gateway in each environment that the private space is shared with. Gateways can protect any API from the same environment of the gateway or APIs in an external network. == Before You Begin