Contact Free trial Login

Manage Proxies Used by Runtime Fabric

You can update the proxy settings used by Anypoint Runtime Fabric outbound connections to the internet. This includes updating both HTTP proxies for connecting to the Anypoint Platform control plane and SOCKS5 proxies for sending metrics and logs to Anypoint Monitoring.

Install rtfctl

The rtftl tool is required to manage proxy settings on Runtime Fabric. Follow the steps to install rtfctl before moving forward with configuring proxy settings.

Update the Monitoring Proxy

  1. Log into a controller node where rtfctl is installed.

  2. Run the following command, replacing the placeholder values with the following:

    rtfctl apply monitoring-proxy "socks5://<user>:<pass>@<10.0.0.2>:<8080>"
    • <user>: the username needed to authenticate to the SOCKS5 proxy.

    • <pass>: the password needed to authenticate to the SOCKS5 proxy.

      The password must be URL encoded.
    • <10.0.0.2>: the IP address or hostname used to access the SOCKS5 proxy.

    • <8080>: the port on the host where the SOCKS5 proxy is listening for requests.

  3. To verify the change was successful, run the following command to output the current value of the monitoring proxy:
    rtfctl get monitoring-proxy

    The output should match the value expected.

Update the HTTP Proxy

Updating the HTTP proxy causes each machine in the cluster to restart all pods running on it. Although no downtime occurs if you are running multiple replicas, you should perform HTTP proxy updates during a maintenance window.

  • Apply the proxy values to the services running within Runtime Fabric.

  • If you are using Runtime Fabric installer 1.0.x, run the script on each node of your Runtime Fabric to update the cluster.

Apply Proxy Values to Runtime Fabric Services

  1. Log in to a controller node where rtfctl has been installed.

  2. Run the following command, replacing the placeholder values with the following:

    rtfctl apply http-proxy "http://<user>:<pass>@<10.0.0.1>:<8080>" --no-proxy "<1.1.1.1:8888,2.2.2.2:9999>"
    • <user>: the username needed to authenticate to the HTTP proxy.

    • <pass>: the password needed to authenticate to the HTTP proxy.

      The password must be URL encoded.
    • <10.0.0.1>: the IP address or hostname to access the HTTP proxy.

    • <8080>: the port on the host where the HTTP proxy is listening for requests.

    • <1.1.1.1:8888,2.2.2.2:9999>: the NO_PROXY hosts and ports, delimited by commas.

  3. To verify the change was successful, run the following command to output the current value of the HTTP proxy: rtfctl get http-proxy.

The output should match the value expected.

Run the Script on Each Node

  1. From the controller node used to install Runtime Fabric, copy set_dockerd_proxy.sh, which is located under /opt/anypoint/runtimefabric/scripts/, to the same location (/opt/anypoint/runtimefabric/scripts/) on each controller and worker node.

    If you are not able to locate this script, open a support ticket for assistance.
  2. Update the /opt/anypoint/runtimefabric/env file to set the values for RTF_HTTP_PROXY and RTF_NO_PROXY variables.
    The RTF_HTTP_PROXY value accepts authentication values in-line, for example, http://user:Password@1.1.1.1:80
    The RTF_NO_PROXY value accepts a comma-separated list of hosts that should not go through the proxy, for example, 1.1.1.1,no-proxy.com

  3. Run the script /opt/anypoint/runtimefabric/scripts/set_dockerd_proxy.sh.

  4. After repeating these steps on each controller and worker node, apply these proxy values to the services running within Runtime Fabric.

Was this article helpful?

💙 Thanks for your feedback!

Edit on GitHub