Contact Us 1-800-596-4880

CloudHub 2.0 Operating System Patch Updates

Because CloudHub 2.0 is an integration platform as a service (iPaaS), it manages operating system patching for you, enabling you to focus on developing and updating your applications.

CloudHub 2.0 applies security patches as needed to ensure that your application is secure.

Patch updates use blue-green deployment for applications that use the Rolling Update deployment model, which ensures zero downtime for applications that support it.

CloudHub 2.0 applies continuous updates to two MuleSoft-managed deployment platforms:

  • US cloud

  • EU cloud

CloudHub 2.0 Infrastructure Updates

As a container-based platform, CloudHub 2.0 applies infrastructure fixes and security patches as needed to ensure the infrastructure is secure and up-to-date. Patch updates use rolling upgrade deployment (when selected as the deployment model) and can include operating system changes or changes to internal software. An update rotates, drains, and replaces the underlying hosts gradually to ensure zero downtime when using the Rolling Update deployment model. During the upgrade, the Mule application might be restarted onto a new secure host. If the Mule worker is not running with multiple replicas or is using the Recreate deployment model, it will experience slight downtime.

When an update is available, CloudHub 2.0 includes it in Production environments as the default for new private spaces. The existing infrastructure patching schedule occurs in the same maintenance window as CloudHub 2.0 Runtime patches. Infrastructure and runtime updates might cause your applications to restart.

Anypoint VPNs used in CloudHub 2.0 are upgraded continuously. Whenever a new update is available, the VPN is patched within the service-level agreement. If the Anypoint VPN is not setup as high availability or if the non-high-availability VPN is not set up with two tunnels, downtime is expected.

Monthly Date-Patch Updates

In the first full week of each month, MuleSoft releases a date-patch update, which includes backward-compatible bug fixes to address any issues discovered in Mule runtime engine. The monthly date-patch update might include security patches if the scheduled date is within the security SLA.

The format of the version number for these updates is:

Major.Minor.Patch : Date

Here’s an example version number, including the patch date:

4.5.0:20211015

The monthly patches update applications only to the latest date patch for the patch version. They do not change the patch version number.

Update Schedule

  • In the first full week of the month, MuleSoft releases the date patch.

  • In the third full week of the month, MuleSoft automatically applies the date patch that was released during the first week of the month.

    • Applications in environments other than production are updated during the week.

    • Production applications are updated on the weekend.

When an automatic update occurs, the audit log for your application adds an entry by user Anypoint Staff, which shows the date and time an update occurred and whether it was successful. If the update is successful, no action is required. If your application does not support zero-downtime updates or requires a manual update, you can manually apply the date patch released in the first full week of the month in week 1 or week 2. See Update the Runtime Version Manually.

Update the Runtime Version Manually

  1. Log in to Anypoint Platform.

  2. Navigate to Runtime Manager.

  3. In the Runtime Manager navigation menu, click Applications

  4. Select the application you want to update.

  5. In Settings, in the Deployment Target tab, click the Runtime Version drop-down.

  6. Select the latest build for your version.

  7. Click Deploy.
    The application redeploys with the new runtime version.

Security Updates

MuleSoft regularly runs scans to identify security vulnerabilities in JVM and the underlying operating system, and then automatically applies security patches based on the following SLA:

Severity Level Severity Definition Patch Applied Within

P0

Critical

7 days

P1

High

30 days