Hear from Salesforce leaders on how to create and deploy Agentforce agents.
Register now
Contact Us 1-800-596-4880
  1. Homepage
  2. Flex Gateway

  3. Deploy a Managed Flex Gateway to CloudHub 2.0

Deploy a Managed Flex Gateway to CloudHub 2.0

Deploy a Managed Flex Gateway to a CloudHub 2.0 private space to launch a completely cloud hosted gateway. Configure the Managed Flex Gateway as an ingress to you private space by exposing a public endpoint, or configure the gateway to only handle internal traffic. You can have one or more Managed Gateway in each environment that the private space is shared with. Gateways can protect any API from the same environment of the gateway or APIs in an external network.

Before You Begin

Before getting started with Flex Gateway, ensure that you have:

  • Created a private space in CloudHub 2.0 or have access to a private space created by someone else. To create a private space, see Creating Private Spaces.

Deploy a Managed Flex Gateway

  1. Log in to Anypoint PlatformLeaving the Site with your Anypoint username and password.

  2. Select Runtime Manager.

  3. Ensure you’re in environment where you would like to deploy your Managed Gateway

  4. Click Flex Gateways in the side navigation panel.

  5. Click Managed Flex Gateway.

  6. Click Add Managed Flex Gateway.

  7. Enter a Gateway Name.

  8. Select the private space where you want to deploy your Managed Flex Gateway as your Deployment Target.

  9. Select a Release Channel:

    Release channel

    Description

    Edge

    This channel releases a new minor version every four months. It has the latest features and shorter support windows.

    Long-Term Support

    This channel releases a new minor version once a year.

    To learn more about the differences between release channels, see Flex Gateway Version Lifecycle.

  10. Select Version.

    Select the latest version unless if a later version is specifically needed.

  11. Select Flow Plans:

    Size

    Description

    Small Managed Flex Gateway

    Use for testing and staging purposes. Small Managed Flex Gateways can deploy up to 50 APIs with a maximum of 100 requests per second.

    Large Managed Flex Gateway

    Use for production purposes. Large Managed Flex Gateways can deploy up to 500 APIs with a maximum of 500 requests per second.

    To learn more about Managed Flex Gateway sizing, see Managed Flex Gateway Limits.

  12. Configure Advanced options:

    Ingress

    • Public endpoint:

      1. Select your desired private space Domain.

        To learn more, see Creating Private Spaces.

      2. Enter a Host.

      3. Click Add Endpoint to add an additional endpoint to a different domain.

        Managed Flex Gateway supports one Public endpoint per domain in your private space.

    • Ingress options:

      • Forward SSL Session:

        Enables SSL forwarding during a session.

        SSL forwarding is mostly used with client authentication. See Enable Client Authentication. SSL forwarding forwards client certificate details in HTTP request headers so they are available to the gateway. These fields can identify an authenticated client and allow the gateway policies to determine and use the identity.

        The following headers are available:

        Header Name Value

        x-ssl-client-verify

        SUCCESS/FAIL

        x-ssl-issuer

        Client certificate issuer

        x-ssl-client-serial

        Client certificate serial number

        x-ssl-client-dn

        Contents of the client certificate DN field

        x-ssl-client-cert

        Contents of the client certificate

      • Last-mile Security:

        Specifies that TLS termination and decryption for the forwarded HTTPS connections occurs in the gateway.

    Properties

    To configure how long Managed Flex Gateway waits for response or idle connections, configure the timeout properties:

    Parameter

    Description

    Upstream Connection Idle Timeout

    The time a upstream connection can remain idle without receiving client requests. Upstream responses are not included in this timeout.

    Upstream Response Timeout

    The time the upstream service has to respond from when Flex Gateway sends a request.

    Stream Idle Timeout

    The time a stream can remain idle without receiving additional client requests or upstream responses.
    Logging

    • Forward application logs to Anypoint Monitoring:

      Forwards Flex Gateway logs to Anypoint Monitoring. When disabled, logs are only available in Runtime Manager.

    • Additional Log Levels:

      • INFO: Informative messages

      • DEBUG: Debugging messages

      • WARNING: Warning messages

      • ERROR: Error messages, such as when an exception occurs

      • FATAL: Fatal messages for when an application fails

  13. Click Save & deploy.

Edit a Managed Flex Gateway Settings

To edit a Managed Flex Gateway settings:

  1. From Anypoint Platform, select Runtime Manager > Flex Gateways.

  2. Click the Managed Flex Gateway name.

  3. In the navigation menu, click Settings.

  4. Make the necessary edits.

  5. Click Apply changes.

Remove an Endpoint

To remove an endpoint:

  1. From Anypoint Platform, select Runtime Manager > Flex Gateways.

  2. Click the Managed Flex Gateway name.

  3. In the navigation menu, click Settings.

  4. Click Advanced options.

  5. In the Public endpoint row, click X (Delete).

  6. Click Apply changes.

Next Steps