Contact Us 1-800-596-4880

Install Runtime Fabric on Azure

This topic describes how to install Anypoint Runtime Fabric on VMs / Bare Metal on your Azure account. Note that you can also use Amazon Elastic Kubernetes Service (Amazon EKS), Azure Kubernetes Service (AKS), or Google Kubernetes Engine (GKE) to install Runtime Fabric on Self-Managed Kubernetes.

Before installing Runtime Fabric, refer to Shared Responsibility for Runtime Fabric on VMs / Bare Metal. If your infrastructure does not meet the minimum hardware, operating system, and networking requirements, Runtime Fabric cannot operate successfully.

Your organization’s operations, networking, and security teams must be involved. See Anypoint Runtime Fabric Installation Prerequisites.

Before You Begin

Before installing Anypoint Runtime Fabric on VMs / Bare Metal on Azure, ensure the following requirements have been met:

  • You have created a Runtime Fabric in Runtime Manager.

  • Your Anypoint user account has the Manage Runtime Fabrics permission.

  • Your Azure user has access to create VMs, Disks, Virtual Networks, and Network Security Groups.

  • Your Azure account has enough quota for the infrastructure being provisioned.

  • If your organization does not allow using public IPs for VMs, you may need to use an existing Virtual Network. Modify the Azure Resource Manager template to reference an existing Virtual Network.

  • You have disabled any antivirus agents, such as McAfee, running in your environment.

Installation

The Azure Resource Manager templates provided as part of the installation package are for reference only and should not be used as-is for either non-production or production Runtime Fabric installations. You must review and customize these templates to meet your needs. Runtime Fabric on VMs / Bare Metal is supported as long as you meet or exceed the minimum requirements specified in Runtime Fabric Installation Prerequisites.

If you require assistance, contact your MuleSoft representative.

Before installing Runtime Fabric on VMs / Bare Metal, download the Azure Resource Manager template from Runtime Manager:

  1. From Anypoint Platform, navigate to Runtime Manager.

  2. Select Runtime Fabrics.

  3. Click on the Runtime Fabric you created. It should be in the Activating state.

  4. Click the Download files link.

  5. After the file has downloaded, unzip the rtf-install-scripts.zip file.

    The rtf-install-scripts\azure directory contains the following installation files:

    • ARM-template-dev.template: A sample Azure Resource Manager template that describes the required infrastructure for a development configuration.

    • ARM-template-prod.template: A sample Azure Resource Manager template that describes the required infrastructure for a production configuration.

    • generate-templates.sh: A shell script that is used to insert the Mule Enterprise license digest and initialization script in the Azure Resource Manager templates. This script outputs the JSON templates to use when deploying to Azure.

      Copy the supplied sample templates and modify them based on your target topology and infrastructure requirements.

Base64 Encode your Mule License Key

Run the generate-templates.sh script to add the Mule Enterprise license key in the Azure Resource Manager templates. These templates are used to provision the infrastructure needed.

On Windows, you must have a shell terminal emulator (such as cygwin) or access to a Unix-based computer.
  1. Locate your organization’s Mule Enterprise license key file (license.lic) and transfer the file to your Unix environment if necessary.

  2. Open a terminal/shell and navigate to the azure sub-directory.

  3. Copy the following to a text editor:

    RTF_MULE_LICENSE='' \
    ./generate-templates.sh
  4. Using the terminal, encode the Mule Enterprise license key to base64 and paste the contents as the value for RTF_MULE_LICENSE in your text editor.

    base64 -w0 license.lic # Linux
    
    base64 -b0 license.lic # OSX / MacOS
  5. Copy the command from the text editor and run in the terminal pointed to the azure directory.

  6. Confirm the generated output of the ARM-template-dev.json and ARM-template-prod.json files in the azure directory.

Deploy using the ARM Template

Run the generated ARM template to provision the infrastructure on your Azure account. The following procedures describe how to run the template via the Azure Portal.

You must have a private and public key as a PEM file to provision the VMs. This is required to enable secure access to your VMs via SSH (Secure Shell).
  1. Log into your Azure portal.

  2. Navigate to Create a resource.

  3. From the Search the marketplace search bar, enter Template deployment.

  4. Click Create on the bottom of the window.

  5. Select Build your own template in the editor.

  6. In the bar above the editor, click Load file and select the desired Azure Resource Manager template from the azure directory. You must select a JSON file.

  7. When the file contents appears in the editor, click Save.

  8. Verify your Subscription selection, Resource group, and Region for your environment. In general, you should create a separate Resource group.

  9. Under Settings, enter the following:

    Table 1. Azure Settings
    Variable Description Example

    Public Key

    contains the public key string. This enables you to SSH into each VM with your associated private key.

    ssh rsa …​

    Anypoint Activation Data

    specifies the encoded Runtime Fabric activation data. You can access this data by viewing your Runtime Fabric in Runtime Manager.

    NzdlMzU1YTktMzAxMC00OGE0LWJlMGQtMDdxxxx

    SSH User Name

    specifies the user name to use when establishing a SSH connection to each VM.

    rtf-user

    Controller Instance Type

    specifies the Azure machine type to provision for each controller VM. The defaults are 2 cores and 8 GiB memory.

    Standard_D2s_v3

    Worker Instance Type

    specifies the Azure machine type to provision for each worker VM. The defaults are 2 cores and 16 GiB memory.

    Standard_E2s_v3

    Virtual Network CIDR

    specifies the address range to specify for the Virtual Network. Refer to your network specialist for assistance, if necessary.

    172.31.0.0/16

    Virtual Network Subnet

    specifies the address range for the subnet to use within the Virtual Network. Contact your system administrator for assistance, if necessary.

    172.31.3.0/28

    Installer IP Address

    specifies the IP address to assign the controller VM acting as the installer VM. This should be an available address which is within the subnet range specified.

    172.31.3.4

    Availability Set Update Domains

    specifies the number of update domains supported in the Azure region selected.

    3

    Availability Set Fault Domains

    specifies the number of fault domains supported in the Azure region selected.

    3

    Pod Network CIDR

    specifies a custom CIDR block to use for the pod network.

    10.244.0.0/16

    Service CIDR

    specifies a custom CIDR block to use for the service network.

    10.100.0.0/16

    disable_selinux

    A boolean variable that disables/enables SELinux on the host operating system. The default value is true to disable SELinux.

    If the host operating system is RHEL 8, do not set to false or installation will fail.

    true

    In Runtime Fabric on VMs / Bare Metal, the inbound load balancer runs in either shared or dedicated mode:

    • Shared Mode enables you to specify the number of CPU cores and amount of memory for the internal load balancer. In shared mode, the internal load balancer is distributed across the controller nodes. Shared Mode is the default setting.

    • Dedicated Mode specifies that all available resources are dedicated to the internal load balancer, so you cannot choose the number of CPU cores and memory amount. In dedicated mode, the internal load balancer is deployed on dedicated internal load balancer nodes.

      Refer to Manage Runtime Fabric for detailed information.

  10. Review and select the Terms and Conditions on the bottom of the page and then click Purchase.

    Runtime Fabric on VMs / Bare Metal is installed across all servers to form a cluster. This process takes time to complete. When complete, the status of Runtime Fabric displayed in Runtime Manager changes to Active status.

    • By default, the ARM templates are configured to set a public IP address for each VM. Modify the template to remove publicIPAddresses, if necessary.

    • The internal load balancer is distributed across the controller nodes for shared mode and is deployed on the internal load balancer nodes for dedicated mode.

Monitoring Installation Progress

To follow the Azure provisioning process, follow these steps:

  1. On the left navigation bar in the Azure Portal, click on Resource groups.

  2. Select the Resource group used to provision your Runtime Fabric infrastructure.

  3. On the Overview pane under Deployments, click on the link below. This link should display something similar to 1 Deploying.

  4. Click the Deployment Name Microsoft.Template.

You should be able to see the list of infrastructure and its status. Click Refresh button to update the pane and status.

To view the progress during the installation, you can tail the output log on each VM:

  1. Open a shell (or SSH session) to the VM.

  2. Tail the output log, located at /var/log/rtf-init.log

    tail -f /var/log/rtf-init.log

You can tail the same log on each VM to view its progress.

When the installation completes successfully, the /opt/anypoint/runtimefabric/.state/init-complete file is created.

Common Errors

Depending on the policies set and the quotas defined with your Azure account, you may encounter errors during the provisioning process. The ARM template can be modified to accommodate the policies set by your organization. Consult your network administrator as needed.

  • Exceed max core quota: file a ticket with Azure Support to increase quota for your deployment region. If you believe you have enough quota, ensure the correct region is selected with the increased quota. Also, try modifying the Resource Group name to ensure it is unique to your account.

  • Network policy violation: By default, the Network Security Groups defined in the Azure Resource Template are associated at the subnet level and the NIC for each VM. Depending on your company’s policy, you may need to adjust the template to remove an association.

Access Ops Center

After installation is completed successfully, log in to Ops Center to view that status of your Runtime Fabric infrastructure. See Using Ops Center on Anypoint Runtime Fabric for information on accessing Ops Center and determining the Ops Center username and password.

By default, the Resource Manager script configures the Azure Network Security Group to not expose the Ops Center port to the internet. To use a public IP to manage your cluster using the Ops Center, the controller nodes must be provisioned with a public IP. Update your Network Security Group to allow 0.0.0.0 internet access for TCP connections on port 32009.