Install Anypoint Flex Gateway (Connected Mode) On Docker With RedHat 8.2
Follow the steps in this tutorial to install Anypoint Flex Gateway on Docker with RedHat 8.2 to protect APIs.
CORE
·
Join the DZone community and get the full member experience.
Join For FreeFollow the steps in this tutorial to install Anypoint Flex Gateway on Docker with RedHat 8.2 to protect APIs. There are several discussions about non-compatibilities in regards to Docker and RedHat 8. While installing in Ubuntu, I have not found any difficulty.
Installing RedHat 8
Let's try and install the version of RedHat 8 on the server as below.
[root@docker-flex ~]# hostnamectl
Icon name: computer-vm
Chassis: vm
Machine ID: 01f1fc6758fc4be0ac74ff2d131626fb
Boot ID: 03a60ed7c9da4f3eb099e341b4c00d8b
Virtualization: oracle
Operating System: Red Hat Enterprise Linux 8.6 (Ootpa)
CPE OS Name: cpe:/o:redhat:enterprise_linux:8::baseos
Kernel: Linux 4.18.0-372.9.1.el8.x86_64
Architecture: x86-64
[root@docker-flex ~]#
Note: The package below needs to update on the server. It features server capabilities with yum-manager.
sudo yum install -y yum-utilsA Few Points About RedHat 8
The dnf config-manager utility allows us to execute several processes, such as enabling or disabling repositories. In general, there are a few repositories installed on RedHat 8, such as AppStream and BaseOS repositories.
After several efforts, the result was found that many Docker Engines are not built to support RedHat architecture. Here is the evidence:
[root@docker-flex ~]# sudo dnf install https://download.docker.com/linux/rhel/8/s390x/stable/Package s/containerd.io-1.4.11-3.1.el8.s390x.rpm
Updating Subscription Management repositories.
Last metadata expiration check: 0:08:29 ago on Wed 25 May 2022 08:27:08 AM EDT.
containerd.io-1.4.11-3.1.el8.s390x.rpm 12 MB/s | 23 MB 00:01
Error:
Problem: conflicting requests
- package containerd.io-1.4.11-3.1.el8.s390x does not have a compatible architecture
(try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candida te packages)
[root@docker-flex ~]# sudo dnf install https://download.docker.com/linux/rhel/8While following the recommended approach with skip/--nobest, I was without any successful result.
[root@docker-flex ~]# sudo dnf install https://download.docker.com/linux/rhel/8/s390x/stable/Package s/containerd.io-1.4.11-3.1.el8.s390x.rpm --nobest --skip-broken
Updating Subscription Management repositories.
Last metadata expiration check: 0:09:14 ago on Wed 25 May 2022 08:27:08 AM EDT.
containerd.io-1.4.11-3.1.el8.s390x.rpm 12 MB/s | 23 MB 00:01
Dependencies resolved.
Problem: conflicting requests
- package containerd.io-1.4.11-3.1.el8.s390x does not have a compatible architecture
Nothing to do.
Complete!
[root@docker-flex ~]# lFinally, I changed the package, and it worked.
sudo dnf config-manager \
> --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
Updating Subscription Management repositories.
Adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
[root@redhat-node-one ~]# sudo dnf install docker-ce
Updating Subscription Management repositories.
Docker CE Stable - x86_64 98 kB/s | 25 kB 00:00
Dependencies resolved.
===================================================================================================================================================================
Package Architecture Version Repository Size
===================================================================================================================================================================
Installing:
docker-ce x86_64 3:20.10.16-3.el8 docker-ce-stable 22 M
Installing dependencies:
container-selinux noarch 2:2.179.1-1.module+el8.6.0+14877+f643d2d6 rhel-8-for-x86_64-appstream-rpms 58 k
containerd.io x86_64 1.6.4-3.1.el8 docker-ce-stable 33 M
docker-ce-cli x86_64 1:20.10.16-3.el8 docker-ce-stable 29 M
docker-ce-rootless-extras x86_64 20.10.16-With the above command, we added a repository, and Docker is installed.
[root@docker-flex ~]# sudo dnf install docker-ce
Updating Subscription Management repositories.
Last metadata expiration check: 0:10:28 ago on Wed 25 May 2022 08:27:08 AM EDT.
Package docker-ce-3:19.03.15-3.el8.x86_64 is already installed.
Dependencies resolved.
=====================================================================================================
Package Arch Version Repository Size
=====================================================================================================
Upgrading:
docker-ce x86_64 3:20.10.16-3.el8 docker-ce-stable 22 M
Installing dependencies:
docker-ce-rootless-extras
x86_64 20.10.16-3.el8 docker-ce-stable 4.7 M
fuse-overlayfs x86_64 1.8.2-1.module+el8.6.0+14877+f643d2d6 rhel-8-for-x86_64-appstream-rpms 73 k
fuse3 x86_64 3.3.0-15.el8 rhel-8-for-x86_64-baseos-rpms 54 k
fuse3-libs x86_64 3.3.0-15.el8 rhel-8-for-x86_64-baseos-rpms 95 k
libslirp x86_64 4.4.0-1.module+el8.6.0+14877+f643d2d6 rhel-8-for-x86_64-appstream-rpms 70 k
slirp4netns x86_64 1.1.8-2.module+el8.6.0+14877+f643d2d6 rhel-8-for-x86_64-appstream-rpms 51 k
Transaction Summary
=====================================================================================================
Install 6 Packages
Upgrade 1 Package
Total download size: 27 MThe next step was to enable and start Docker services once the installation was done with success. In addition, we needed to open a few ports in the firewall to allow communication between the MuleSoft repository and server.
Follow the same step as explained MuleSoft document.
- Download
flex-gatewayimage:
[root@docker-flex ~]# docker pull mulesoft/flex-gateway:1.0.0
1.0.0: Pulling from mulesoft/flex-gateway
ddbb808fb52e: Pull complete
Digest: sha256:b408f563da559d352d32b0ca24d02835d5a8fb18ef6a4b6a1594af6ebe66c82f
Status: Downloaded newer image for mulesoft/flex-gateway:1.0.0
docker.io/mulesoft/flex-gateway:1.0.0
[root@docker-flex ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mulesoft/flex-gateway 1.0.0 4ba042860c8f 3 weeks ago 273MB
[root@docker-flex ~]#
- Register/associate it with the Anypoint Platform using the
docker-redhat8name.
[root@docker-flex ~]# docker run --entrypoint flexctl -w /registration -v "$(pwd)":/registration mulesoft/flex-gateway:1.0.0 register docker-redhat8 --token=8a61e5c0-3488-433e-add9-7d8e3e96dc39 --organization=464fcf12-56f8-4197-9f27-2fc9a8dde469 --connected=true
Starting registration, please be patient.
Registration completed, the configuration files were written in directory ".".
[root@docker-flex ~]#Once the above step is executed without error, we will find configuration and certificates which will be generated in the current folder location.
[root@docker-flex ~]# ls -ltrth
total 24K
-rw-------. 1 root root 1.4K May 24 21:45 anaconda-ks.cfg
-rw-r--r--. 1 root root 1.5K May 24 22:00 initial-setup-ks.cfg
-rw-------. 1 root root 6.2K May 25 08:41 6871cac6-fda9-4df9-a81f-51f8036e06a8.pem
-rw-------. 1 root root 1.7K May 25 08:41 6871cac6-fda9-4df9-a81f-51f8036e06a8.key
-rw-------. 1 root root 728 May 25 08:41 6871cac6-fda9-4df9-a81f-51f8036e06a8.conf
[root@docker-flex Now, start services to enable flex-gateway on the Anypoint Platform, which can be availed for API configuration.
[root@docker-flex ~]# docker run --rm -v /root/:/etc/flex-gateway/rtm -p 8081:8081 -e FLEX_RTM_ARM_AGENT_CONFIG=/etc/flex-gateway/rtm/6871cac6-fda9-4df9-a81f-51f8036e06a8.conf mulesoft/flex-gateway:1.0.0
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] done.
[services.d] starting services
[flex-gateway-agent][info] Running Envoy XDS Service...
[flex-gateway-envoy][info] cds: add 2 cluster(s), remove 2 cluster(s)
[flex-gateway-envoy][info] cds: added/updated 2 cluster(s), skipped 0 unmodified cluster(s)
[flex-gateway-envoy][info] cm init: all clusters initialized
[flex-gateway-envoy][info] all clusters initialized. initializing init manager
[flex-gateway-envoy][info] all dependencies initialized. starting workersAt the same time, we can find the container running as below.
In a few seconds, we will see Flex Gateway enabled in the Anypoint Platform as below.
API associated with registered/active Flex Gateway is as below:
We can apply policies/create a proxy to protect our API using Flex Gateway along with monitoring API performance.
Follow these easy steps to set up and use Anypoint Flex Gateway to protect APIs. For more details, please read the document Getting Started with Flex Gateway.
Opinions expressed by DZone contributors are their own.
Comments