Contact Us 1-800-596-4880

Install Runtime Fabric on Azure

This topic describes how to install Anypoint Runtime Fabric on your Azure account.

Before installing Runtime Fabric ensure your infrastructure meets the minimum hardware, operating system, and networking requirements.

Your organization’s operations, networking and security teams should review these requirements. See System Requirements for Anypoint Runtime Fabric and Network and Port Requirements for Anypoint Runtime Fabric.

Before you Begin

Before installing Anypoint Runtime Fabric on Azure, ensure the following requirements have been met:

  • You have created a Runtime Fabric in Runtime Manager.

  • Your Anypoint user account has the Manage Runtime Fabrics permission.

  • Your Azure user has access to create VMs, Disks, Virtual Networks, and Network Security Groups.

  • Your Azure account has enough quota for the infrastructure being provisioned.

  • If your organization does not allow using public IPs for VMs, you may need to use an existing Virtual Network. Modify the Azure Resource Manager template to reference an existing Virtual Network.

  • You have disabled any antivirus agents, such as McAfee, running in your environment.


To begin installing Runtime Fabric, download the Azure Resource Manager template from Runtime Manager:

  1. From Anypoint Platform, navigate to Runtime Manager.

  2. Select Runtime Fabrics.

  3. Click on the Runtime Fabric you created. It should be in the Activating state.

  4. Click the Download files link.

  5. After the file has downloaded, unzip the file.

The rtf-install-scripts\azure directory contains the following installation files:

  • ARM-template-dev.template: the Azure Resource Manager template that describes the infrastructure for the development configuration requirements.

  • ARM-template-prod.template: the Azure Resource Manager template that describes the infrastructure for the production configuration requirements.

  • a shell script used to insert the Mule Enterprise license digest and initialization script in the ARM templates. This script outputs the JSON templates to use when deploying to Azure.

Base64 Encode your Mule License Key

Run the script to add the Mule Enterprise license key in the Azure Resource Manager templates. These templates are used to provision the infrastructure needed.

On Windows, you must have a shell terminal emulator (such as cygwin) or access to a Unix-based computer.
  1. Locate your organization’s Mule Enterprise license key file (license.lic) and transfer the file to your Unix environment if necessary.

  2. Open a terminal/shell and navigate to the azure sub-directory.

  3. Copy the following to a text editor:

  4. Using the terminal, encode the Mule Enterprise license key to base64 and paste the contents as the value for RTF_MULE_LICENSE in your text editor.

    base64 -w0 license.lic # Linux
    base64 -b0 license.lic # OSX / MacOS
  5. Copy the command from the text editor and run in the terminal pointed to the azure directory.

  6. Confirm the generated output of the ARM-template-dev.json and ARM-template-prod.json files in the azure directory.

Deploy using the ARM Template

Run the generated ARM template to provision the infrastructure on your Azure account. The following procedures describe how to run the template via the Azure Portal.

You must have a private and public key as a PEM file to provision the VMs. This is required to enable secure access to your VMs via SSH (Secure Shell).
  1. Log into your Azure portal.

  2. Navigate to Create a resource.

  3. From the Search the marketplace search bar, enter Template deployment.

  4. Click Create on the bottom of the window.

  5. Select Build your own template in the editor.

  6. In the bar above the editor, click Load file and select the desired Azure Resource Manager template from the azure directory. You must select a JSON file.

  7. When the file contents appears in the editor, click Save.

  8. Verify your Subscription selection, Resource group, and Region for your environment. In general, you should create a separate Resource group.

  9. Under Settings, enter the following:

    Variable Description Example

    Public Key

    contains the public key string. This enables you to SSH into each VM with your associated private key.

    ssh rsa …​

    Anypoint Activation Data

    specifies the encoded Runtime Fabric activation data. You can access this data by viewing your Runtime Fabric in Runtime Manager.


    SSH User Name

    specifies the user name to use when establishing a SSH connection to each VM.


    Controller Instance Type

    specifies the Azure machine type to provision for each controller VM. The defaults are 2 cores and 8 GiB memory.


    Worker Instance Type

    specifies the Azure machine type to provision for each worker VM. The defaults are 2 cores and 16 GiB memory.


    Virtual Network CIDR

    specifies the address range to specify for the Virtual Network. Refer to your network specialist for assistance, if necessary.

    Virtual Network Subnet

    specifies the address range for the subnet to use within the Virtual Network. Contact your system administrator for assistance, if necessary.

    Installer IP Address

    specifies the IP address to assign the controller VM acting as the installer VM. This should be an available address which is within the subnet range specified.

    Availability Set Update Domains

    specifies the number of update domains supported in the Azure region selected.


    Availability Set Fault Domains

    specifies the number of fault domains supported in the Azure region selected.


    Pod Network CIDR

    specifies a custom CIDR block to use for the pod network.

    Service CIDR

    specifies a custom CIDR block to use for the service network.

  10. Review and select the Terms and Conditions on the bottom of the page, then click Purchase.

Runtime Fabric is installed across all servers to form a cluster. This process takes time to complete. When complete, the status of Runtime Fabric displayed in Runtime Manager changes to Active status.

By default, the ARM templates are configured to set a public IP address for each VM. Modify the template to remove the publicIPAddresses, if necessary.

Monitoring Installation Progress

To follow the Azure provisioning process, follow these steps:

  1. On the left navigation bar in the Azure Portal, click on Resource groups.

  2. Select the Resource group used to provision your Runtime Fabric infrastructure.

  3. On the Overview pane under Deployments, click on the link below. This link should display something similar to 1 Deploying.

  4. Click the Deployment Name Microsoft.Template.

You should be able to see the list of infrastructure and its status. Click Refresh button to update the pane and status.

To view the progress during the installation, you can tail the output log on each VM:

  1. Open a shell (or SSH session) to the VM.

  2. Tail the output log, located at /var/log/rtf-init.log

    tail -f /var/log/rtf-init.log

You can tail the same log on each VM to view its progress.

When the installation completes successfully, the /opt/anypoint/runtimefabric/.state/init-complete file is created.

Common Errors

Depending on the policies set and the quotas defined with your Azure account, you may encounter errors during the provisioning process. The ARM template can be modified to accommodate the policies set by your organization. Consult your network administrator as needed.

  • Exceed max core quota: file a ticket with Azure Support to increase quota for your deployment region. If you believe you have enough quota, ensure the correct region is selected with the increased quota. Also, try modifying the Resource Group name to ensure it is unique to your account.

  • Network policy violation: By default, the Network Security Groups defined in the Azure Resource Template are associated at the subnet level and the NIC for each VM. Depending on your company’s policy, you may need to adjust the template to remove an association.

Access Ops Center

After installation is completed successfully, log in to Ops Center to view that status of your Runtime Fabric infrastructure. See Using Ops Center on Anypoint Runtime Fabric for information on accessing Ops Center and determining the Ops Center username and password.

By default, the Resource Manager script configures the Azure Network Security Group to not expose the Ops Center port to the internet. To use a public IP to manage your cluster using the Ops Center, the controller nodes must be provisioned with a public IP. Update your Network Security Group to allow internet access for TCP connections on port 32009.