mulesoft · glenn-rodgers-sf · Jan 15, 2025 · Jan 3, 2025 · Jan 3, 2025 · Jan 7, 2025
@@ -15,6 +15,7 @@
 ** xref:flex-gateway-managed-getting-started.adoc[]
 ** xref:flex-gateway-getting-started.adoc[]
 ** xref:flex-gateway-k8-getting-started.adoc[]
+* xref:flex-gateway-managed-set-up.adoc[]
 * xref:flex-gateway-set-up.adoc[]
 ** xref:flex-install.adoc[Download Flex Gateway]
 ** xref:flex-conn-reg-run.adoc[Register and Run in Connected Mode]

@@ -0,0 +1,144 @@
+= Deploy a Managed Flex Gateway to CloudHub 2.0
+ifndef::env-site,env-github[]
+include::_attributes.adoc[]
+endif::[]
+:imagesdir: ../assets/images
+
+
+Deploy a Managed Flex Gateway to a CloudHub 2.0 private space to launch a completely cloud hosted gateway. Configure the Managed Flex Gateway as an ingress to you private space by exposing a public endpoint, or configure the gateway to only handle internal traffic.
+
+== Before You Begin
+
+Before getting started with Flex Gateway, ensure that you have:
+
+* Created a private space in CloudHub 2.0 or have access to a private space created by someone else. To create a private space, see xref::cloudhub-2::ps-create-configure.adoc[].
+
+== Deploy a Managed Flex Gateway
+
+. Log in to https://anypoint.mulesoft.com/login/[Anypoint Platform^] with your Anypoint username and password.
+. Select *Runtime Manager*.
+. Click *Flex Gateways* in the side navigation panel.
+. Click *Managed Flex Gateway*.
+. Click *Add Managed Flex Gateway*.
+. Enter a *Gateway Name*.
+. Select the private space where you want to deploy your Managed Flex Gateway as your *Deployment Target*.
+. Select a *Release Channel*:
++
+[cols="1a,1a"]
+|===
+| Release channel | Description
+| *Edge* | This channel releases a new minor version every four months. It has the latest features and shorter support windows.
+| *Long-Term Support* | This channel releases a new minor version once a year.
+|===
++
+To learn more about the differences between release channels, see xref:flex-gateway-version-lifecycle.adoc[].
+
+. Select *Version*.
++
+Select the latest version unless if a later version is specifically needed.
+
+. Select *Flow Plans*:
++
+[cols="1a,1a"]
+|===
+| Size | Description
+| *Small Managed Flex Gateway* | Use for testing and staging purposes. Small Managed Flex Gateways can deploy up to 50 APIs with a maximum of 100 requests per second.
+| *Large Managed Flex Gateway* | Use for production purposes. Large Managed Flex Gateways can deploy up to 500 APIs with a maximum of 500 requests per second.
+|===
++
+To learn more about Managed Flex Gateway sizing, see xref:flex-managed-sizing-guide.adoc[].
+
+. Configure *Advanced options*:
++
+Ingress::
++
+* *Public endpoint*:
++
+[cols="1a,1a"]
+|===
+| Parameter | Description
+| *Domain* | Domain your endpoint is accessible from. To learn more, see xref:cloudhub-2::ps-create-configure.adoc[].
+| *Host* | CloudHub 2.0 host your endpoint is accessible from.
+|===
++
+Click *Add Endpoint* to add an additional endpoint to a different domain. Managed Flex Gateway supports one *Public endpoint* per domain in your private space.
++
+* *Ingress options*:
++
+** *Forward SSL Session*:
++
+Enables SSL forwarding during a session.
+
+SSL forwarding is mostly used with client authentication. See xref:anypoint-security::enable-client-authentication.adoc[].
+SSL forwarding forwards client certificate details in HTTP request headers so they are available to the application.
+These fields can identify an authenticated client and allow an application to determine and use the identity.
++
+The following headers are available:
++
+[%header,cols="2*a"]
+|===
+| Header Name | Value
+| x-ssl-client-verify | SUCCESS/FAIL
+| x-ssl-issuer | Client certificate issuer
+| x-ssl-client-serial | Client certificate serial number
+| x-ssl-client-dn | Contents of the client certificate DN field
+| x-ssl-client-cert | Contents of the client certificate
+|===
++
+** *Last-mile Security*:
++
+Specifies that TLS termination and decryption for the forwarded HTTPS connections occurs in the application.
++
+Properties::
++
+To configure how long Managed Flex Gateway waits for response or idle connections, configure the timeout properties:
++
+[cols="1a,1a"]
+|===
+| Parameter | Description
+| *Upstream Connection Idle Timeout* | The time a upstream connection can remain idle without receiving client requests. Upstream responses are not included in this timeout.
+| *Upstream Response Timeout* | The time the upstream service has to respond from when Flex Gateway sends a request.
+| *Stream Idle Timeout* | The time a stream can remain idle without receiving additional client requests or upstream responses.
+|===
++
+Logging::
++
+* *Forward application logs to Anypoint Monitoring*:
++
+Forwards Flex Gateway logs to Anypoint Monitoring. When disabled, logs are only available in Runtime Manager.
++
+* *Additional Log Levels*:
++
+** *INFO*: Informative messages
+** *DEBUG*: Debugging messages
+** *WARNING*: Warning messages
+** *ERROR*: Error messages, such as when an exception occurs
+** *FATAL*: Fatal messages for when an application fails
+. Click *Save & deploy*.
+
+== Edit a Managed Flex Gateway Settings
+
+To edit a Managed Flex Gateway settings:
+
+. From Anypoint Platform, select *Runtime Manager > Flex Gateways*.
+. Click the Managed Flex Gateway name.
+. In the navigation menu, click Settings.
+. Make the necessary edits.
+. Click *Apply changes*.
+
+== Remove an Endpoint
+
+To remove an endpoint:
+
+. From Anypoint Platform, select *Runtime Manager > Flex Gateways*.
+. Click the Managed Flex Gateway name.
+. In the navigation menu, click Settings.
+. Click *Advanced options*.
+. In the *Public endpoint* row, click *X* (Delete).
+. Click *Apply changes*.
+
+
+== Next Steps
+
+* xref:flex-review-prerequisites.adoc[]
+* xref:flex-gateway-set-up.adoc[]
@@ -1,4 +1,4 @@
-= Setting Up Flex Gateway
+= Setting Up Self-Managed Flex Gateway
 ifndef::env-site,env-github[]
 include::_attributes.adoc[]
 endif::[]