Getting Started with Runtime Fabric on Amazon Elastic Kubernetes Service (EKS)

Tutorials
Getting Started with Runtime Fabric on Amazon Elastic Kubernetes Service (EKS)

30 min read

This tutorial was updated in March 2022 and is based on Runtime Fabric v1.10 release.

In this tutorial, we’ll walk you through deploying a hello world Mule app to an Amazon Elastic Kubernetes Service (EKS) cluster using Runtime Fabric. You’ll learn how to:

Create an Elastic Kubernetes Service (EKS) cluster using the AWS CLI
Use kubectl to create an ingress controller
Install Runtime Fabric using rtfctl
Deploy and test a simple Hello World Mule app to run on your new cluster

To get started as simply and quickly as possible, this tutorial includes steps to create an EKS cluster, nodes and a Runtime Fabric instance with default settings. Before creating a cluster, nodes and a Runtime Fabric instance for production use, we recommend that you familiarize yourself with all settings and deploy settings that meet your requirements. For more information, see Creating an Amazon EKS cluster and Amazon EKS nodes. For detailed Runtime Fabric documentation see Anypoint Runtime Fabric Overview.

Prerequisites

Anypoint Platform - We’ll need an Anypoint Platform account to create our Runtime Fabric service. You can sign up for a free trial account here - However, you will need an enterprise account to have access to Runtime Fabric from Runtime Manager.
curl - A command line tool for transferring data using various network protocols. See installing curl.
AWS CLI - A command line tool for working with AWS services, including Amazon EKS. This tutorial requires that you use version 2.2.37 or later or 1.20.40 or later. See installing the AWS CLI.
AWS Configuration Setup - In order for the AWS CLI tool to connect with your account, you need to run the aws configure command. For detailed instructions to set this up, see AWS CLI - Quick setup.
kubectl - A command line tool for working with Kubernetes clusters. This tutorial requires that you use version 1.21 or later. For more information, see installing kubectl.
eksctl - A command line tool for working with EKS clusters that automates many individual tasks. This guide requires that you use version 0.67.0 or later. See installing eksctl.
rtfctl - A command line tool to locally manage Runtime Fabrics. This tutorial requires that you use version 0.3.135 or later. See installing rtfctl.

In order to successfully deploy Mule applications to Runtime Fabric you also need:

A valid enterprise licence – Your MuleSoft account representative will help you acquire an Enterprise licence in the form of a licence.lic file.
A supported version of Kubernetes. This tutorial creates an EKS cluster using v1.20. For an up to date list of supported versions see Runtime Fabric on Self-Managed Kubernetes.
Required IAM permissions - The IAM security principal that you’re using must have permissions to work with Amazon EKS IAM roles and service linked roles, AWS CloudFormation, and a VPC and related resources. The minimum IAM policies needed for this tutorial are located in the eksctl documentation. See minimum IAM policies.

Create EKS cluster and nodes

To create your cluster with Amazon EC2 Linux managed nodes

1 - Replace myKeyPair with the name of an existing key pair. If you don’t have one use the following AWS CLI command.

1
aws ec2 create-key-pair --region ap-southeast-2 --key-name myKeyPair

2 - Create your cluster and nodes with the following command. Replace example values with your own.

1
2
3
4
5
6
7
eksctl create cluster \
--name my-mule-eks \
--version 1.20 \
--region ap-southeast-2 \
--with-oidc \
--ssh-access \
--ssh-public-key myKeyPair

This creates a cluster using primarily default settings. To see all resources created, view the stack named eksctl-my-mule-eks-cluster in the AWS CloudFormation console.

Output

You’ll see several lines of output as the cluster and nodes are created. Cluster and node creation takes several minutes. The first lines and last lines of output are similar to the following example line.

1
2
3
[ℹ]  eksctl version 0.67.0
...
[✔]  EKS cluster "my-mule-eks" in "ap-southeast-2" region is ready

View EKS resources

1 - To view your newly configured cluster nodes you can use the following command

1
kubectl get nodes -o wide

Amazon EC2 node output

1
2
3
NAME                                                STATUS   ROLES    AGE   VERSION              INTERNAL-IP      EXTERNAL-IP     OS-IMAGE         KERNEL-VERSION                CONTAINER-RUNTIME
ip-192-168-19-135.ap-southeast-2.compute.internal   Ready    <none>   10m   v1.20.7-eks-135321   192.168.19.135   54.253.160.66   Amazon Linux 2   5.4.141-67.229.amzn2.x86_64   docker://19.3.13
ip-192-168-62-246.ap-southeast-2.compute.internal   Ready    <none>   10m   v1.20.7-eks-135321   192.168.62.246   13.239.16.55    Amazon Linux 2   5.4.141-67.229.amzn2.x86_64   docker://19.3.13

Create Runtime Fabric

1 - Navigate to Anypoint Platform and log in.

2 - From the home page navigate to Runtime Manager.

Anypoint Platform Runtime Manager Home

3 - Clicking Runtime Fabrics then Create Runtime Fabric.

Anypoint Platform Create Runtime Fabric

4 - Create a deployment target for Mule apps you want to deploy. In this case we’re using the name rtf-demo. Select Amazon Elastic Kubernetes Service and click Next.

Anypoint Platform Create EKS Runtime Fabric

5 - Review the Support responsibility disclaimer, then if you agree click Accept.

6 - This page displays the activation data used to install Runtime Fabric on a Kubernetes service. Copy the activation code to your clipboard for use later on in this tutorial.

Anypoint Platform Runtime Fabric Activation Code

Install Runtime Fabric

1 - Validate MuleSoft setup by running the following command. You will need to replace with the value obtained in the previous step.

1
./rtfctl validate <activation-code>

The validate option verifies that:

The Kubernetes environment is running.
All required components exist.
All required services are available.
The rtfctl command-line utility outputs any incompatibilities with the Kubernetes environment.

Output

1
2
3
4
5
6
7
Clearing validate operation resources.
Waiting for rtf-validate namespace to be removed...
Checking Authorization ..
...
All validations successful. Proceed with installation  ✔
Clearing validate operation resources.
Waiting for rtf-validate namespace to be removed...

2 - Continue to install Runtime Fabric. You will need to replace with the value obtained in the previous step.

1
./rtfctl install <activation-code>

Output

The first lines and last lines of output are similar to the following example line.

1
2
3
4
5
6
7
Installing Runtime Fabric components
Upserting Namespace/rtf...
Upserting PodSecurityPolicy/rtf-install...
…
61s: Waiting for Runtime Fabric to become ready: [mule-clusterip-service]
66s: Waiting for Runtime Fabric to become ready: [mule-clusterip-service]
Runtime Fabric is ready.

3 - Verify the status of the Runtime Fabric installation.

1
./rtfctl status

Output

The first lines and last lines of output are similar to the following example lines.

1
2
3
4
5
6
7
8
9
10
11
12
Upserting Job/rtfctl-cluster-status...
Kubernetes Version:   1.20.7-eks-d88609
…
Runtime Fabric Information:

COMPONENTS               HEALTHY   REASON
agent                    true
mule-clusterip-service   true
resource-cache           true
…
CERTIFICATE   HEALTHY   REASON
client-cert   true      client certificate expires at 2022-03-12 02:08:39 +0000 UTC

Configure Runtime Fabric

1 - In Anypoint Platform verify that all systems are operational by checking the status and health of your Runtime Fabric. The status attribute should show as active and all systems should be operational.

Anypoint Platform Runtime Fabric Status

2 - Associate environments to be used with the Runtime Fabric by navigating to the Associated Environments tab - clicking Sandbox and then Apply Allocations.

Anypoint Platform Runtime Fabric Environments

3 - Update Runtime Fabric with a valid MuleSoft licence key. Replace the path and licence name where necessary.

To access your license key file. See Download your License Key File.
Make sure to base64 encode the license. See Base64 Encode your Mule License Key.

1
./rtfctl apply mule-license <licence-key-information>

Output

1
Updating rtf namespace… OK

Create ingress controller

For the purposes of this tutorial we will be using an NGINX controller. Other options are available.

1 - Create a NGINX ingress controller. For full complete installation instructions review the NGINX Installation Guide.

1
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.0/deploy/static/provider/aws/deploy.yaml

Output

1
2
3
4
5
namespace/ingress-nginx created
serviceaccount/ingress-nginx created
…
job.batch/ingress-nginx-admission-create created
job.batch/ingress-nginx-admission-patch created

Configure ingress controller

Anypoint Runtime Fabric on Self-Managed Kubernetes enables you to specify custom Ingress configurations using an ingress resource template. In a template, similar to a Kubernetes ingress spec, you can specify annotations, ingress class name, and HTTP and HTTPS rules. If you do not apply an ingress resource template for an application, you can’t add ingress endpoints when you deploy it. For complete details please refer to the documentation.

We want to use path-based routing where the application name is part of the path. On NGINX, we add the configuration-snippet annotation to remove this part of the path before forwarding it on to the Mule application.

1 - Create a custom Ingress configuration by creating a file from the markdown below and name it ingress-template.yaml.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    nginx.ingress.kubernetes.io/configuration-snippet: |
      rewrite ^/app-name(/|$)(.*) /$2 break;
  name: rtf-ingress-template
  namespace: rtf
spec:
  ingressClassName: rtf-nginx
  rules:
  - host: rtf.example.com
    http:
      paths:
      - path: /app-name
        pathType: ImplementationSpecific
        backend:
          service:
            name: service
            port:
              number: 80

2 - Apply the configuration to the rtf namespace using the following command. Update the path and name where appropriate.

1
kubectl apply -f path\ingress-template.yaml

Output

1
ingress.networking.k8s.io/rtf-ingress-template created

3 - Navigate back to Anypoint Runtime Manager and verify that your ingress template has been applied by checking the Inbound Traffic tab in Runtime Fabrics.

Anypoint Platform Runtime Fabric Traffic

Deploy Mule application

1 - Deploy the sample Hello World application. In Anypoint Platform click Applications then Deploy Application.

Anypoint Platform New App

2 - Enter a unique name hello-world-2921 as the Application Name, select the rtf-demo as our Deployment Target then click Import File from Exchange to select the Application File.

Anypoint Platform Import App

3 - Select Type - Example then enter hello-world into the Search assets by name input box. Then select Hello World from the available matches and click Select.

Anypoint Platform Select App

4 - Clicking Deploy Application will deploy the hello-world Mule application to your Runtime Fabric environment.

Anypoint Platform Deploy App

5 - Once the status of the deployed application changes to Running you can navigate to the application detail page to see the application url.

Anypoint Platform App Status

6 - Get external IP address of the nginx server.

1
kubectl get services -n ingress-nginx

Note that you may have to run the command more than once since the external IP may not be available immediately.

Output

1
2
3
NAME                                 TYPE           CLUSTER-IP      EXTERNAL-IP                                                                          PORT(S)                      AGE
ingress-nginx-controller             LoadBalancer   10.100.26.212   afe242ce2f06844c49762331c9ec1201-0d4836d4105c7524.elb.ap-southeast-2.amazonaws.com   80:30069/TCP,443:32190/TCP   7m4s
ingress-nginx-controller-admission   ClusterIP      10.100.243.12   <none>

For EKS we need to query the Domain Name System to get the corresponding IP addresses.

1
dig +short afe242ce2f06844c49762331c9ec1201-0d4836d4105c7524.elb.ap-southeast-2.amazonaws.com

Output

1
2
3
13.236.18.210
3.105.178.235
13.210.26.48

7 - Call the hello-world endpoint. Using the output above to replace the ingress controller IP address. Replace example values with your own.

To access the endpoint for the hello-world we need to resolve the domain name rtf.example.com. For this tutorial we will not create a domain address or use a local file - instead we’ll use the resolve switch to pass the hostname IP mapping on the command line pointing to the external IP address of the NGINX ingress controller above.

1
curl http://rtf.example.com/hello-world-2921/helloWorld --resolve rtf.example.com:80:<IP address of ingress controller>

Output

1
Hello World!

The deployed application should return the string 'Hello World!' proving that the application received and processed your request.

Next Steps

In this tutorial, we walked you through deploying a hello world Mule app to an Amazon Elastic Kubernetes Service (EKS) cluster using Runtime Fabric. You learned how to:

Create an Elastic Kubernetes Service (EKS) cluster using the AWS CLI
Use kubectl to create an ingress controller
Install Runtime Fabric using rtfctl
Deploy and test a simple Hello World Mule app running on your new cluster

Click on the Next button below to continue to the next tutorial in this series that configures TLS and last-mile security.

Runtime Fabric also runs as a service on Azure Kubernetes Service (AKS), Red Hat OpenShift and Google Kubernetes Engine (GKE). Check out their tutorials below.