Mulesoft CloudHub Custom Domain and HA Setup With AWS ELBs

Mulesoft's Anypoint CloudHub is the iPaaS that provides auto-scaling Mulesoft runtimes and other associated services for the entire infrastructure. CloudHub offers HA by default when any integration application is deployed on to the runtimes of Anypoint CloudHub. The underlying AWS services provide the HA based on the number of workers you assign to the application/integration.

One of the crucial components that helps in achieving this is the "load balancer."  As an organization, you may use the public load balancer that is available to any of the application deployed on CloudHub runtimes. This, however, comes with the default CloudHub domain,  "<your-vpc-region>.cloudhub.io." The other approach — a more appropriate and most used one — is to have a custom domain name for your organization application. And this is logical as well. If you have services and applications that are specific to your organization, you will want to have a custom domain name and not use the default CloudHub's domain. The other important features this would provide are the abilities to configure your own custom routing rules, TLS certificates, and firewall rules for your own custom load balancer, amongst other things.

The custom load balancer, however, comes at a price. This CloudHub LB has to be purchased separately in addition to the base Mulesoft CloudHub licenses and VPCs.

Another aspect is CloudHub essentially uses AWS services and infrastructure under the hood. An organization might already have an AWS account and a subscription and might want to make use of it. One of the ways to leverage the AWS is to use the load balancer from AWS to front the CloudHub workers.

The below section explores the option of using the gateway and network services available in  AWS to construct a custom domain and gateway for the CloudHub VPC and applications on it.

As the diagram explains, the applications deployed on workers in the Mulesoft Anypoint CloudHub are accessed only by allowing the traffic to the CloudHub from the AWS VPC and the private subnets on AWS VPC. The two VPC's are peered using VPC peering. The AWS VPC is a standard setup having private and public subnets with AWS Internet Gateway.

The load balancing and HA is achieved by using the Public and Private ELB setups on AWS Public and Private ELBs, and the NGINX workers direct the traffic to the applications instances on CloudHub.

Let us know your thoughts in the comments.