Anypoint Flex Gateway On Docker With RedHat 8.2

Sadik Ali
Published: May 27, 2022

Follow the steps in this tutorial to install Anypoint Flex Gateway on Docker with RedHat 8.2 to protect APIs. There are several discussions about non-compatibilities in regards to Docker and RedHat 8. While installing in Ubuntu, I have not found any difficulty. 

Installing RedHat 8

Let’s try and install the version of RedHat 8 on the server as below.

[root@docker-flex ~]# hostnamectl
         Icon name: computer-vm
           Chassis: vm
        Machine ID: 01f1fc6758fc4be0ac74ff2d131626fb
           Boot ID: 03a60ed7c9da4f3eb099e341b4c00d8b
    Virtualization: oracle
  Operating System: Red Hat Enterprise Linux 8.6 (Ootpa)
       CPE OS Name: cpe:/o:redhat:enterprise_linux:8::baseos
            Kernel: Linux 4.18.0-372.9.1.el8.x86_64
      Architecture: x86-64
[root@docker-flex ~]#

Install RedHat8

Note: The package below needs to update on the server. It features server capabilities with yum-manager.

sudo yum install -y yum-utils

A Few Points About RedHat 8

The dnf config-manager utility allows us to execute several processes, such as enabling or disabling repositories. In general, there are a few repositories installed on RedHat 8, such as AppStream and BaseOS repositories.

After several efforts, the result was found that many Docker Engines are not built to support RedHat architecture. Here is the evidence:

[root@docker-flex ~]# sudo dnf install  https://download.docker.com/linux/rhel/8/s390x/stable/Package                                                                s/containerd.io-1.4.11-3.1.el8.s390x.rpm
Updating Subscription Management repositories.
Last metadata expiration check: 0:08:29 ago on Wed 25 May 2022 08:27:08 AM EDT.
containerd.io-1.4.11-3.1.el8.s390x.rpm                                12 MB/s |  23 MB     00:01
Error:
 Problem: conflicting requests
  - package containerd.io-1.4.11-3.1.el8.s390x does not have a compatible architecture
(try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candida                                                                te packages)
[root@docker-flex ~]# sudo dnf install  https://download.docker.com/linux/rhel/8

While following the recommended approach with skip/--nobest, I was without any successful result.

[root@docker-flex ~]# sudo dnf install  https://download.docker.com/linux/rhel/8/s390x/stable/Package                                                                s/containerd.io-1.4.11-3.1.el8.s390x.rpm --nobest --skip-broken
Updating Subscription Management repositories.
Last metadata expiration check: 0:09:14 ago on Wed 25 May 2022 08:27:08 AM EDT.
containerd.io-1.4.11-3.1.el8.s390x.rpm                                12 MB/s |  23 MB     00:01
Dependencies resolved.
 Problem: conflicting requests
  - package containerd.io-1.4.11-3.1.el8.s390x does not have a compatible architecture
Nothing to do.
Complete!
[root@docker-flex ~]# l

Finally, I changed the package, and it worked.

sudo dnf config-manager \
> --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
Updating Subscription Management repositories.
Adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
[root@redhat-node-one ~]#  sudo dnf install docker-ce
Updating Subscription Management repositories.
Docker CE Stable - x86_64                                                                                                           98 kB/s |  25 kB     00:00
Dependencies resolved.
===================================================================================================================================================================
 Package                               Architecture       Version                                               Repository                                    Size
===================================================================================================================================================================
Installing:
 docker-ce                             x86_64             3:20.10.16-3.el8                                      docker-ce-stable                              22 M
Installing dependencies:
 container-selinux                     noarch             2:2.179.1-1.module+el8.6.0+14877+f643d2d6             rhel-8-for-x86_64-appstream-rpms              58 k
 containerd.io                         x86_64             1.6.4-3.1.el8                                         docker-ce-stable                              33 M
 docker-ce-cli                         x86_64             1:20.10.16-3.el8                                      docker-ce-stable                              29 M
 docker-ce-rootless-extras             x86_64             20.10.16-

With the above command, we added a repository, and Docker is installed. 

[root@docker-flex ~]# sudo dnf install docker-ce
Updating Subscription Management repositories.
Last metadata expiration check: 0:10:28 ago on Wed 25 May 2022 08:27:08 AM EDT.
Package docker-ce-3:19.03.15-3.el8.x86_64 is already installed.
Dependencies resolved.
=====================================================================================================
 Package         Arch   Version                               Repository                        Size
=====================================================================================================
Upgrading:
 docker-ce       x86_64 3:20.10.16-3.el8                      docker-ce-stable                  22 M
Installing dependencies:
 docker-ce-rootless-extras
                 x86_64 20.10.16-3.el8                        docker-ce-stable                 4.7 M
 fuse-overlayfs  x86_64 1.8.2-1.module+el8.6.0+14877+f643d2d6 rhel-8-for-x86_64-appstream-rpms  73 k
 fuse3           x86_64 3.3.0-15.el8                          rhel-8-for-x86_64-baseos-rpms     54 k
 fuse3-libs      x86_64 3.3.0-15.el8                          rhel-8-for-x86_64-baseos-rpms     95 k
 libslirp        x86_64 4.4.0-1.module+el8.6.0+14877+f643d2d6 rhel-8-for-x86_64-appstream-rpms  70 k
 slirp4netns     x86_64 1.1.8-2.module+el8.6.0+14877+f643d2d6 rhel-8-for-x86_64-appstream-rpms  51 k
Transaction Summary
=====================================================================================================
Install  6 Packages
Upgrade  1 Package
Total download size: 27 M

The next step was to enable and start Docker services once the installation was done with success. In addition, we needed to open a few ports in the firewall to allow communication between the MuleSoft repository and server.

Follow the same step as explained MuleSoft document.

  • Download flex-gateway image:
[root@docker-flex ~]# docker pull mulesoft/flex-gateway:1.0.0
1.0.0: Pulling from mulesoft/flex-gateway
ddbb808fb52e: Pull complete
Digest: sha256:b408f563da559d352d32b0ca24d02835d5a8fb18ef6a4b6a1594af6ebe66c82f
Status: Downloaded newer image for mulesoft/flex-gateway:1.0.0
docker.io/mulesoft/flex-gateway:1.0.0
[root@docker-flex ~]# docker images
REPOSITORY              TAG       IMAGE ID       CREATED       SIZE
mulesoft/flex-gateway   1.0.0     4ba042860c8f   3 weeks ago   273MB
[root@docker-flex ~]#

 

[root@docker-flex ~]# docker run --entrypoint flexctl -w /registration -v "$(pwd)":/registration mulesoft/flex-gateway:1.0.0 register docker-redhat8 --token=8a61e5c0-3488-433e-add9-7d8e3e96dc39 --organization=464fcf12-56f8-4197-9f27-2fc9a8dde469 --connected=true
Starting registration, please be patient.
Registration completed, the configuration files were written in directory ".".
[root@docker-flex ~]#

Once the above step is executed without error, we will find configuration and certificates which will be generated in the current folder location.

[root@docker-flex ~]# ls -ltrth
total 24K
-rw-------. 1 root root 1.4K May 24 21:45 anaconda-ks.cfg
-rw-r--r--. 1 root root 1.5K May 24 22:00 initial-setup-ks.cfg
-rw-------. 1 root root 6.2K May 25 08:41 6871cac6-fda9-4df9-a81f-51f8036e06a8.pem
-rw-------. 1 root root 1.7K May 25 08:41 6871cac6-fda9-4df9-a81f-51f8036e06a8.key
-rw-------. 1 root root  728 May 25 08:41 6871cac6-fda9-4df9-a81f-51f8036e06a8.conf
[root@docker-flex

Now, start services to enable flex-gateway on the Anypoint Platform, which can be availed for API configuration.

[root@docker-flex ~]# docker run --rm -v /root/:/etc/flex-gateway/rtm -p 8081:8081 -e FLEX_RTM_ARM_AGENT_CONFIG=/etc/flex-gateway/rtm/6871cac6-fda9-4df9-a81f-51f8036e06a8.conf mulesoft/flex-gateway:1.0.0
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] done.
[services.d] starting services
[flex-gateway-agent][info] Running Envoy XDS Service...
[flex-gateway-envoy][info] cds: add 2 cluster(s), remove 2 cluster(s)
[flex-gateway-envoy][info] cds: added/updated 2 cluster(s), skipped 0 unmodified cluster(s)
[flex-gateway-envoy][info] cm init: all clusters initialized
[flex-gateway-envoy][info] all clusters initialized. initializing init manager
[flex-gateway-envoy][info] all dependencies initialized. starting workers

At the same time, we can find the container running as below.

Running Docker Container

In a few seconds, we will see Flex Gateway enabled in the Anypoint Platform as below.

Flex-gateway enabled in the Anypoint Platform

API Manager: Flex Gateway

API associated with registered/active Flex Gateway is as below:

API associated with registered/active Flex Gateway

We can apply policies/create a proxy to protect our API using Flex Gateway along with monitoring API performance.

Apply policies/create a proxy to protect our API using Flex Gateway along with monitoring API performance

Follow these easy steps to set up and use Anypoint Flex Gateway to protect APIs. For more details, please read the document Getting Started with Flex Gateway.

Source: dzone.com