How to Install Mulesoft Runtime Fabric on K3s

In our previous post, we saw how we can quickly spin up a Kubernetes cluster using the K3s distribution provided by Rancher (with just one command!).

In this post, we'll see how to install Runtime Fabric on a K3s cluster. With that, we'll get in a few minutes a Runtime Fabric instance for our tests.

These are the steps to follow:

1. Set up the command line tools

For K3s, Runtime Fabric can only be installed using Helm. So, before installing RTF we will install Helm on our VM hosting K3s. Follow the below instructions

add the gpg key of helm to our repositories

curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | sudo tee /usr/share/keyrings/helm.gpg > /dev/null

Install the additional components required by Helm

sudo apt-get install apt-transport-https

Install Helm

echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
sudo apt-get update
sudo apt-get install helm

Verify installation

helm version

2. Create the Runtime Fabric Instance in Runtime Manager

Head to Anypoint Platform control plane
Go to Runtime Manager > Runtime Fabrics and click on Create Runtime Fabric

Next, provide a name for your RTF cluster and choose the Rancher installation type. Click Next

Click Accept in the Support responsibility message

3. Install RTF Components

First, create a namespace to install RTF components. Normally, we’ll call it rtf

kubectl create ns rtf

Create a secret for pulling Runtime Fabric component Docker images from Runtime Fabric registry. Copy and paste the command from the Runtime Fabric instance page. Make sure your namespace is called rtf from the previous step

kubectl create secret docker-registry rtf-pull-secret --namespace rtf --docker-server=rtf-runtime-registry.kprod.msap.io --docker-username=r7nHc1fe2a/us-east-1/b1227a8cc84e4a9899783f1fdc878a8c --docker-password=Ec749B34c44548B59d797B2180622a29

Add Runtime Fabric Helm repository for pulling Runtime Fabric agent charts. Again, copy and paste the command from the Runtime Fabric instance page:

helm repo add rtf https://rtf-runtime-registry.kprod.msap.io/charts --username r7nHc1fe2a/us-east-1/b1227a8cc84e4a9899783f1fdc878a8c --password Ec749B34c44548B59d797B2180622a29

Next, download the values.yaml file from the RTF instance page. You can download it to your computer and then create the values.yaml file in the remote VM copy-pasting the content

activationData: [YOUR_ACTIVATION_DATA_BASE64_ENCODED]
proxy:
  http_proxy:
  http_no_proxy:
  monitoring_proxy:
muleLicense:
customLog4jEnabled: false
global:
  crds:
    install: true
  authorizedNamespaces: false
  image:
    rtfRegistry: rtf-runtime-registry.kprod.msap.io
    pullSecretName: rtf-pull-secret
  containerLogPaths:
  - /var/lib/docker/containers
  - /var/log/containers
  - /var/log/pods

Install Runtime Fabric in your Kubernetes cluster, using the values.yaml file you configured in the previous step. Copy and paste the command from the Runtime Fabric instance page, it will contain the latest version of RTF available.

helm upgrade --install runtime-fabric rtf/rtf-agent -f values.yaml --version 2.6.52 -n rtf

If, at any point during the installation process, you get the Error: Kubernetes cluster unreachable, then make sure you set up the KUBECONFIG environment variable so that helm can connect to the K3s cluster

export KUBECONFIG=/etc/rancher/k3s/k3s.yaml

Now wait for a couple of minutes and you’ll see that your RTF instance will become Active in the Runtime Fabrics page.

Click on the name of your RTF K3s instance and verify the All systems operational message shows up

4. Apply your RTF license using Helm

Upload the license file (license.lic) from your local computer. If you’re using an AWS EC2 instance with Ubuntu like me, a quick option is the following:

scp -i <YOUR EC2 PEM FILE> license.lic <YOUR EC2 USERNAME>@<YOUR EC2 PUBLIC DNS NAME>:/home/ubuntu

Encode the file and store the content in an env variable

BASE64_ENCODED_LICENSE="$(base64 -w0 license.lic)"

Apply the license

helm upgrade runtime-fabric rtf/rtf-agent --set muleLicense=$BASE64_ENCODED_LICENSE -n rtf --reuse-values

helm upgrade runtime-fabric rtf/rtf-agent --set muleLicense=$BASE64_ENCODED_LICENSE -n rtf --reuse-values

Wait for a couple of minutes and you should see that now your RTF instance has a valid license

5. Initial Setup

Associate Environments

In this step, we make our Runtime Fabric instance available for our Anypoint environments. We can associate our RTF instance to one or multiple Business Groups and we can even select the specific environments on those Business Groups on which we want to make RTF available to deploy apps.

The best practice here is to have different RTF clusters for Production and Non-Production environments. That'll guarantee a minimum of isolation.

For that, from the home page of your RTF instance click on the Associated Environments tab and select the Business Groups first and the environments of that Business Group after.

Unless you associate your environment to this RTF instance you won't see this RTF available in the dropdown of available deployment targets.

Configure the Inbound Traffic for Runtime Fabric

Setup the Traefik Middleware

K3s uses Traefik as ingress controller. In order to make our RTF ingress template we need to create a Middleware object, which is the way Traefik creates rewrite rules. For that, create a file called traefik-middleware.yaml and paste the following:

apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  name: rtf-ks3-replacepath
  namespace: rtf
spec:
  stripPrefixRegex:
    regex:
    - "/rtf/[^/]*"

Then create the middleware resource by running

kubectl apply -f trafik-middleware.yaml

Create the Ingress Resource Template

Create a file called rtf-ingress.yaml and paste the content below:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: rtf-ingress
  namespace: rtf
  annotations:
    traefik.ingress.kubernetes.io/router.entrypoints: web
    traefik.ingress.kubernetes.io/router.middlewares: rtf-rtf-ks3-replacepath@kubernetescrd
spec:
  ingressClassName: rtf-traefik
  rules:
    - host: ec2-3-70-154-157.eu-central-1.compute.amazonaws.com #TO BE MODIFIED!
      http:
        paths: 
        - pathType: Prefix
          path: /rtf/app-name
          backend: 
            service:
              name: service-name
              port:
                name: service-port

Then create the ingress resource by running

kubectl apply -f rtf-ingress.yaml

Get back to the RTF instance page and verify you can see the new endpoint in the Inbound Traffic tab

6. Testing - Deploy an App

Finally, our RTF setup is complete on K3s, we only need to deploy a simple app to verify everything works.

Go to Runtime Manager > Applications and click on Deploy Application
Provide a name for your app and select our RTF cluster in the Deployment Target dropdown
Upload the jar file of a valid mule app. For testing purposes, you can choose to Import a Hello World app from Exchange (provided by MuleSoft)

Verify in the Ingress tab that the app will get a Public endpoint following our ingress template for RTF.

Wait for a bit till your app is deployed and test your app by verifying you can hit successfully your endpoint(s)