Contact Us 1-800-596-4880

Registering and Running in Local Mode with a Username and Password

Before You Begin

Before registering Flex Gateway, you must complete the following tasks:

  • Install a Flex Gateway

  • Request Manage Servers and Read Servers permissions in Runtime Manager from your Anypoint Platform admin

  • Collect the following information from your Anypoint Platform instance:

    • The Organization ID for the organization where you want to run Flex Gateway

      See Find your Organization ID for more information on how to find your Organization ID.

    • The Environment ID for the environment where you want to run Flex Gateway

      See What API Manager Looks Like for more information on how to find your Environment ID.

    • The Username and Password of a user with Read Servers and Manage Servers permissions for Runtime Manager

Register and Run with a Username and Password as a Linux Service

Flex Gateway runs on the following Long Term Support (LTS) versions of Linux:

  • Amazon Linux 2023

  • CentOS 8

  • Debian (Buster, Bullseye, Bookworm)

  • Red Hat Enterprise Linux (8, 9)

  • Red Hat Enterprise Linux (8, 9) on IBM Power (ppc64le)

  • SUSE Linux Enterprise (SLES 15 SP3)

  • SUSE Linux Enterprise (SLES 15 SP3) on IBM Power (ppc64le)

  • Ubuntu (Bionic, Focal, Jammy)

To register a Flex Gateway with Anypoint Platform, you must enter the registration command and then the start command. Each command includes information specific to your Anypoint Platform instance and must be updated before executing. See Before You Begin for more information on how to find the information you will need.

Collect Your Registration Data

Before registering your Flex Gateway instance, collect information for the following registration command options:

  • --username = the username for an Anypoint Platform user with Read Servers and Manage Servers permissions for Runtime Manager

  • --password = the password for an Anypoint Platform user with Read Servers and Manage Servers permissions for Runtime Manager

  • --environment = the Environment Id for the environment in Anypoint Platform where you want the Flex Gateway to run

  • --organization = your Organization ID in Anypoint Platform

  • --split (optional) = the flag that determines whether registration information should split into multiple files. The default value is false.

    If split is set to true, registration information is split into two files: registration.yaml and certificate.yaml. If false, all registration information is contained in one file: registration.yaml.

  • --output-directory (optional) = the directory in which registration information is output

  • my-gateway = the name you want to assign the gateway cluster

Register Flex Gateway

Register your Flex Gateway instance using the data that you gathered for the command options.

flexctl registration create \
--username=<your-username> \
--password=<your-password> \
--environment=<your-environment-id> \
--organization=<your-org-id> \
--output-directory=/usr/local/share/mulesoft/flex-gateway/conf.d \
my-gateway

Use sudo if you encounter file permission issues when running this command.

If you are in Europe you will need to add the --anypoint-url=https://eu1.anypoint.mulesoft.com flag to your command.

In the output directory, you should see the following new registration file(s):

  • registration.yaml

  • certificate.yaml (generated only if the split registration parameter is set to true, otherwise certificate information will be contained in registration.yaml)

These generated files are credentials for you to connect your Flex Gateway. If you lose them you can no longer connect your Flex Gateway.

Start Commands

Start Flex Gateway with the following command:

sudo systemctl start flex-gateway

Verify that the Flex Gateway service is running successfully:

systemctl list-units flex-gateway*

If flex-gateway.service has a status of active, Flex Gateway is successfully running.

  UNIT                              LOAD   ACTIVE SUB     DESCRIPTION
  flex-gateway.service              loaded active running Application

Register and Run with a Username and Password in a Container

You can register and run Flex Gateway for use in one of the following containers:

15%

12%

Register and Run with a Username and Password in a Docker Container

To register a Flex Gateway with Anypoint Platform, you must enter the registration command and then the start command. Each command includes information specific to your Anypoint Platform instance and must be updated before executing. See Before You Begin for more information on how to find the information you will need.

Collect Your Registration Data

Before registering your Flex Gateway instance, collect information for the following registration command options:

  • --username = the username for an Anypoint Platform user with Read Servers and Manage Servers permissions for Runtime Manager

  • --password = the password for an Anypoint Platform user with Read Servers and Manage Servers permissions for Runtime Manager

  • --environment = the Environment Id for the environment in Anypoint Platform where you want the Flex Gateway to run

  • --organization = your Organization ID in Anypoint Platform

  • --split (optional) = the flag that determines whether registration information should split into multiple files. The default value is false.

    If split is set to true, registration information is split into two files: registration.yaml and certificate.yaml. If false, all registration information is contained in one file: registration.yaml.

  • --output-directory (optional) = the directory in which registration information is output

  • my-gateway = the name you want to assign the gateway cluster

Register Flex Gateway

Register your Flex Gateway instance using the data that you gathered for the command options.

Create a new directory called flex-registration (or similar) and then run the registration command in this new directory. The command creates registration files in this location.
docker run --entrypoint flexctl \
-v "$(pwd)":/registration -u $UID mulesoft/flex-gateway \
registration create \
--username=<your-username> \
--password=<your-password> \
--environment=<your-environment-id> \
--organization=<your-org-id> \
--output-directory=/registration \
my-gateway

Use sudo if you encounter file permission issues when running this command.

If you are in Europe you will need to add the --anypoint-url=https://eu1.anypoint.mulesoft.com flag to your command.

In the output directory, you should see the following new registration file(s):

  • registration.yaml

  • certificate.yaml (generated only if the split registration parameter is set to true, otherwise certificate information will be contained in registration.yaml)

These generated files are credentials for you to connect your Flex Gateway. If you lose them you can no longer connect your Flex Gateway.

Start Command

Run the following start command in the same directory where you ran the registration command:

docker run --rm \
-v "$(pwd)":/usr/local/share/mulesoft/flex-gateway/conf.d \
-p 8080:8080 \
mulesoft/flex-gateway
Specify an optional name you want to assign to your Flex Replica by including the following: -e FLEX_NAME=<name-for-flex-replica> \.

The output logs should include this line:

[flex-gateway-envoy][info] all dependencies initialized. starting workers

Register and Run with a Username and Password in a Podman Container

To register a Flex Gateway with Anypoint Platform, you must enter the registration command and then the start command. Each command includes information specific to your Anypoint Platform instance and must be updated before executing. See Before You Begin for more information on how to find the information you will need.

Collect Your Registration Data

Before registering your Flex Gateway instance, collect information for the following registration command options:

  • --username = the username for an Anypoint Platform user with Read Servers and Manage Servers permissions for Runtime Manager

  • --password = the password for an Anypoint Platform user with Read Servers and Manage Servers permissions for Runtime Manager

  • --environment = the Environment Id for the environment in Anypoint Platform where you want the Flex Gateway to run

  • --organization = your Organization ID in Anypoint Platform

  • --split (optional) = the flag that determines whether registration information should split into multiple files. The default value is false.

    If split is set to true, registration information is split into two files: registration.yaml and certificate.yaml. If false, all registration information is contained in one file: registration.yaml.

  • --output-directory (optional) = the directory in which registration information is output

  • my-gateway = the name you want to assign the gateway cluster

Register Flex Gateway

Register your Flex Gateway instance using the data that you gathered for the command options.

Create a new directory called flex-registration (or similar) and then run the registration command in this new directory. The command creates registration files in this location.
podman run --entrypoint flexctl --userns=keep-id \
-v "$(pwd)":/registration:Z -u $UID docker.io/mulesoft/flex-gateway \
registration create \
--username=<your-username> \
--password=<your-password> \
--environment=<your-environment-id> \
--organization=<your-org-id> \
--output-directory=/registration \
my-gateway

Use sudo if you encounter file permission issues when running this command.

If you are in Europe you will need to add the --anypoint-url=https://eu1.anypoint.mulesoft.com flag to your command.

In the output directory, you should see the following new registration file(s):

  • registration.yaml

  • certificate.yaml (generated only if the split registration parameter is set to true, otherwise certificate information will be contained in registration.yaml)

These generated files are credentials for you to connect your Flex Gateway. If you lose them you can no longer connect your Flex Gateway.

Start Command

Run the following start command in the same directory where you ran the registration command:

podman run --rm \
-v "$(pwd)":/usr/local/share/mulesoft/flex-gateway/conf.d \
-p 8080:8080 \
docker.io/mulesoft/flex-gateway
Specify an optional name you want to assign to your Flex Replica by including the following: -e FLEX_NAME=<name-for-flex-replica> \.

The output logs should include this line:

[flex-gateway-envoy][info] all dependencies initialized. starting workers

Register and Run with a Username and Password in a Kubernetes Cluster

Register Flex Gateway, and then use Helm to deploy Flex Gateway to a node in your cluster.

When deploying Flex Gateway to a Kubernetes cluster that enables role-based access control (RBAC), you must have cluster-level permissions to permit installation of custom resource definitions (CRDs) used by Flex Gateway.

Complete the following steps:

In Local Mode, Flex Gateway typically acts as an ingress controller that manages external access to your cluster. Flex Gateway can also act as a standalone gateway for internal (east-west) traffic.

When using this mode, you must know what resources to create and apply, and use kubectl apply to deploy Kubernetes targets and resources such as APIs, policies, or Flex Gateway-related resources to your gateway.

Flex Gateway acts as an ingress controller when you apply an Ingress resource to configure gateway routing rules. You provide this configuration through a YAML file. The file supports other properties, such as apiVersion, kind, metadata, spec to configure a load balancer or proxy server, and rules for directing HTTP and HTTPS traffic. For more information about how Flex Gateway manages Ingress resources, see Configure Flex Gateway as an Ingress Controller in Local Mode.

Collect Your Registration Data

Before registering your Flex Gateway instance, collect information for the following registration command options:

  • --username = the username for an Anypoint Platform user with Read Servers and Manage Servers permissions for Runtime Manager

  • --password = the password for an Anypoint Platform user with Read Servers and Manage Servers permissions for Runtime Manager

  • --environment = the Environment Id for the environment in Anypoint Platform where you want the Flex Gateway to run

  • --organization = your Organization ID in Anypoint Platform

  • --split (optional) = the flag that determines whether registration information should split into multiple files. The default value is false.

    If split is set to true, registration information is split into two files: registration.yaml and certificate.yaml. If false, all registration information is contained in one file: registration.yaml.

  • --output-directory (optional) = the directory in which registration information is output

  • my-gateway = the name you want to assign the gateway cluster

Register Flex Gateway

Register your Flex Gateway instance using the data that you gathered for the command options.

You can register using one of the following container runtimes:

Docker

Run the following command to register using Docker:

docker run --entrypoint flexctl \
-v "$(pwd)":/registration -u $UID mulesoft/flex-gateway \
registration create \
--username=<your-username> \
--password=<your-password> \
--environment=<your-environment-id> \
--organization=<your-org-id> \
--output-directory=/registration \
my-gateway

Use sudo if you encounter file permission issues when running this command.

If you are in Europe you will need to add the --anypoint-url=https://eu1.anypoint.mulesoft.com flag to your command.

In the output directory, you should see the following new registration file(s):

  • registration.yaml

  • certificate.yaml (generated only if the split registration parameter is set to true, otherwise certificate information will be contained in registration.yaml)

These generated files are credentials for you to connect your Flex Gateway. If you lose them you can no longer connect your Flex Gateway.
Podman

Run the following command to register using Podman:

podman run --entrypoint flexctl --userns=keep-id \
-v "$(pwd)":/registration:Z -u $UID docker.io/mulesoft/flex-gateway \
registration create \
--username=<your-username> \
--password=<your-password> \
--environment=<your-environment-id> \
--organization=<your-org-id> \
--output-directory=/registration \
my-gateway

Use sudo if you encounter file permission issues when running this command.

If you are in Europe you will need to add the --anypoint-url=https://eu1.anypoint.mulesoft.com flag to your command.

In the output directory, you should see the following new registration file(s):

  • registration.yaml

  • certificate.yaml (generated only if the split registration parameter is set to true, otherwise certificate information will be contained in registration.yaml)

These generated files are credentials for you to connect your Flex Gateway. If you lose them you can no longer connect your Flex Gateway.

Install Helm Chart into the Namespace

A Helm chart installs Flex Gateway, monitoring tools, and applications. A minimum Helm version of 3.0.0 is required. Refer to Helm Chart Settings for configuration options.

  1. Add a Helm repository named flex-gateway for your chart:

    helm repo add flex-gateway https://flex-packages.anypoint.mulesoft.com/helm

    The command either adds the repository or skips this process if a Helm repository with that name already exists on your machine:

    • If the repository is new, the command returns the following message:

      "flex-gateway" has been added to your repositories
    • If the repository already exists, the command returns the following message:

      "flex-gateway" already exists with the same configuration, skipping
  2. Run helm repo up.

    The command returns the following message:

    Hang tight while we grab the latest from your chart repositories...
    ...Successfully got an update from the "flex-gateway" chart repository
    Update Complete. ⎈Happy Helming!⎈

    If you have more than one Helm repository on your machine, the message in your terminal window lists all of the repositories.

  3. Run the Helm command for deploying your gateway in Local Mode:

    helm -n gateway upgrade -i --create-namespace \
    --wait ingress flex-gateway/flex-gateway \
    --set-file registration.content=registration.yaml

    This command creates the gateway namespace and a release named ingress if they do not exist. You can use names of your choice for your namespace and release. The command syntax for the Helm repository and chart names is <helm-repo-name>/<helm-chart-name>.

    When you install Flex Gateway, a Service type LoadBalancer is created by default. You must have the appropriate permissions to create a load balancer in your cloud. If the load balancer is not provisioned or has issues with the provisioning process, you must choose another type by changing the service.type property during the installation.

    When successful, the command prints a message indicating an upgrade to your ingress release:

    Release "ingress" does not exist. Installing it now.
    NAME: ingress
    LAST DEPLOYED: Mon Mar 20 21:36:19 2023
    NAMESPACE: gateway
    STATUS: deployed
    REVISION: 1
    TEST SUITE: None

    The REVISION value increments the ingress release by 1 each time you run this command with the same namespace, repository, and chart names. For example, if you run the command a second time, you find a new revision number (REVISION: 2). The LAST DEPLOYED date reflects the date of that revision.

Helm Chart Settings

To modify the default Helm settings with new values, such as resource values for CPU and memory settings, see Update Pod Settings for a Flex Gateway Deployment Through a Helm Chart. For additional Helm chart configurations, see Manage Kubernetes Deployments.

Before modifying a Helm chart for a Flex Gateway deployment, review the default Helm chart settings:

  • Open the flex-gateway page in ArtifactHUB

  • Run helm show values <repository-name>/<chart-name> from a terminal window.

    Example:
    helm show values flex-gateway/flex-gateway

    The example returns default values of a repository and chart with the same name.

To view the Helm chart README, run helm show readme <repository-name>/<chart-name> from a terminal window.

Example:
helm show readme flex-gateway/flex-gateway

Register and Run with a Username and Password in an OpenShift Cluster

Register Flex Gateway, and then use Helm to deploy Flex Gateway to a node in your cluster.

When deploying Flex Gateway to a Kubernetes cluster that enables role-based access control (RBAC), you must have cluster-level permissions to permit installation of custom resource definitions (CRDs) used by Flex Gateway. In OpenShift, the cluster-admin role provides this level of access.

From the command line, OpenShift procedures match Kubernetes procedures. Complete the following steps:

In Local Mode, Flex Gateway typically acts as an ingress controller that manages external access to your cluster. Flex Gateway can also act as a standalone gateway for internal (east-west) traffic.

When using this mode, you must know what resources to create and apply, and use kubectl apply to deploy Kubernetes targets and resources such as APIs, policies, or Flex Gateway-related resources to your gateway.

Flex Gateway acts as an ingress controller when you apply an Ingress resource to configure gateway routing rules. You provide this configuration through a YAML file. The file supports other properties, such as apiVersion, kind, metadata, spec to configure a load balancer or proxy server, and rules for directing HTTP and HTTPS traffic. For more information about how Flex Gateway manages Ingress resources, see Configure Flex Gateway as an Ingress Controller in Local Mode.

Collect Your Registration Data

Before registering your Flex Gateway instance, collect information for the following registration command options:

  • --username = the username for an Anypoint Platform user with Read Servers and Manage Servers permissions for Runtime Manager

  • --password = the password for an Anypoint Platform user with Read Servers and Manage Servers permissions for Runtime Manager

  • --environment = the Environment Id for the environment in Anypoint Platform where you want the Flex Gateway to run

  • --organization = your Organization ID in Anypoint Platform

  • --split (optional) = the flag that determines whether registration information should split into multiple files. The default value is false.

    If split is set to true, registration information is split into two files: registration.yaml and certificate.yaml. If false, all registration information is contained in one file: registration.yaml.

  • --output-directory (optional) = the directory in which registration information is output

  • my-gateway = the name you want to assign the gateway cluster

Register Flex Gateway

Register your Flex Gateway instance using the data that you gathered for the command options.

You can register using one of the following container runtimes:

Docker

Run the following command to register using Docker:

docker run --entrypoint flexctl \
-v "$(pwd)":/registration -u $UID mulesoft/flex-gateway \
registration create \
--username=<your-username> \
--password=<your-password> \
--environment=<your-environment-id> \
--organization=<your-org-id> \
--output-directory=/registration \
my-gateway

Use sudo if you encounter file permission issues when running this command.

If you are in Europe you will need to add the --anypoint-url=https://eu1.anypoint.mulesoft.com flag to your command.

In the output directory, you should see the following new registration file(s):

  • registration.yaml

  • certificate.yaml (generated only if the split registration parameter is set to true, otherwise certificate information will be contained in registration.yaml)

These generated files are credentials for you to connect your Flex Gateway. If you lose them you can no longer connect your Flex Gateway.
Podman

Run the following command to register using Podman:

podman run --entrypoint flexctl --userns=keep-id \
-v "$(pwd)":/registration:Z -u $UID docker.io/mulesoft/flex-gateway \
registration create \
--username=<your-username> \
--password=<your-password> \
--environment=<your-environment-id> \
--organization=<your-org-id> \
--output-directory=/registration \
my-gateway

Use sudo if you encounter file permission issues when running this command.

If you are in Europe you will need to add the --anypoint-url=https://eu1.anypoint.mulesoft.com flag to your command.

In the output directory, you should see the following new registration file(s):

  • registration.yaml

  • certificate.yaml (generated only if the split registration parameter is set to true, otherwise certificate information will be contained in registration.yaml)

These generated files are credentials for you to connect your Flex Gateway. If you lose them you can no longer connect your Flex Gateway.

Install Helm Chart into the Namespace

A Helm chart installs Flex Gateway, monitoring tools, and applications. A minimum Helm version of 3.0.0 is required. Refer to Helm Chart Settings for configuration options.

  1. Add a Helm repository named flex-gateway for your chart:

    helm repo add flex-gateway https://flex-packages.anypoint.mulesoft.com/helm

    The command either adds the repository or skips this process if a Helm repository with that name already exists on your machine:

    • If the repository is new, the command returns the following message:

      "flex-gateway" has been added to your repositories
    • If the repository already exists, the command returns the following message:

      "flex-gateway" already exists with the same configuration, skipping
  2. Run helm repo up.

    The command returns the following message:

    Hang tight while we grab the latest from your chart repositories...
    ...Successfully got an update from the "flex-gateway" chart repository
    Update Complete. ⎈Happy Helming!⎈

    If you have more than one Helm repository on your machine, the message in your terminal window lists all of the repositories.

  3. Run the Helm command for deploying your gateway in Local Mode:

    helm -n gateway upgrade -i --create-namespace \
    --wait ingress flex-gateway/flex-gateway \
    --set-file registration.content=registration.yaml

    This command creates the gateway namespace and a release named ingress if they do not exist. You can use names of your choice for your namespace and release. The command syntax for the Helm repository and chart names is <helm-repo-name>/<helm-chart-name>.

    When you install Flex Gateway, a Service type LoadBalancer is created by default. You must have the appropriate permissions to create a load balancer in your cloud. If the load balancer is not provisioned or has issues with the provisioning process, you must choose another type by changing the service.type property during the installation.

    When successful, the command prints a message indicating an upgrade to your ingress release:

    Release "ingress" does not exist. Installing it now.
    NAME: ingress
    LAST DEPLOYED: Mon Mar 20 21:36:19 2023
    NAMESPACE: gateway
    STATUS: deployed
    REVISION: 1
    TEST SUITE: None

    The REVISION value increments the ingress release by 1 each time you run this command with the same namespace, repository, and chart names. For example, if you run the command a second time, you find a new revision number (REVISION: 2). The LAST DEPLOYED date reflects the date of that revision.

Helm Chart Settings

To modify the default Helm settings with new values, such as resource values for CPU and memory settings, see Update Pod Settings for a Flex Gateway Deployment Through a Helm Chart. For additional Helm chart configurations, see Manage Kubernetes Deployments.

Before modifying a Helm chart for a Flex Gateway deployment, review the default Helm chart settings:

  • Open the flex-gateway page in ArtifactHUB

  • Run helm show values <repository-name>/<chart-name> from a terminal window.

    Example:
    helm show values flex-gateway/flex-gateway

    The example returns default values of a repository and chart with the same name.

To view the Helm chart README, run helm show readme <repository-name>/<chart-name> from a terminal window.

Example:
helm show readme flex-gateway/flex-gateway