Processi di Automazione su CloudHub (Terraform, Infrastracture as a Code)

1. Mercoledì 07/12/2021
Rome MuleSoft Meetup Group
Processi di automazione su CloudHub

2. 2
Muleys, Meetup Leaders and… speakers Today’s moderator:
Contacts:
● aumbrico@mulesoft.com
● amartino@mulesoft.com
● sbenfari@mulesoft.com
Introductions

3. 3
● Anypoint Platform: Infrastructure as a Code (30 mins)
● Gestione degli API Proxy (30 mins)
● Q&A (15 mins)
● Trivia quiz (15 mins)
Agenda

4. Anypoint Platform:
Infrastructure as a Code

5. ● Developed by the MuleSoft Professional Services team using Open Source building blocks
● Automate CloudHub Platform setup using an Infrastructure as a Code approach
● Reduce setup time and keep track of Platform modifications through code version control
● Inject standard Platform Setup best practises (i.e. Segregation using BGs, Security using VPCs and DLBs
Firewall rules, User accountability by setting proper roles base on User’s scope, ... )
● Eliminate repetitive tasks for Platform Admins in order to focus on Architecture and Application design
Tool overview
CloudHub Automation Tool (CAT)

6. Our Operating Model
CloudHub Automation Tool (CAT)
2
Create OAS specification for every
Anypoint Platform identified
resource.
1
Establish Anypoint Platform use
cases and target resource.
Use-case should involve full resource
lifecycle (GET, POST, DELETE)
3
Generation of a Client Library
(Golang), using an automated,
pipeline for interacting with the API
previously identified
4
Creation of the first Anypoint Platform
Terraform provider for managing AP
Setup using an Infrastructure as a Code
paradigma

7. Features selection
CloudHub Automation Tool (CAT)

8. Product Roadmap
CloudHub Automation Tool (CAT)
8
Permissions
Roles
Environment
Self-service
Advanced Scope
MVP Scope
Permissions
Roles
Environment
Permissions
Roles
Environment
Permissions
Roles
Environment
Prototype
Prove the demand
and solution
MVP
Ready to offer
basic automation
Release 1
Advanced
automation
Release 2
Best practices via
automation
Advanced Scope
MVP Scope
Permissions
Roles
Environment
Best practices
Release 3
Self service
Organisation
Organisation Organisation Organisation Organisation
MVP Scope
Advanced Scope
Best practices
✅
✅
✅
✅
✅
✅
Teams Teams Teams Teams
✅
✅
✅
✅ ✅
✅
✅
✅
✅
MVP Scope
✅
✅

9. CloudHub Automation Tool (CAT)
Building Blocks - AP Postman Collection & OAS Specification
We created a Postman Collection and relative Open API Specification 3 (OAS3) for Anypoint Platform main
resources: BGs, Users, Teams, Envs, VPC,...
GitHub repository: https://github.com/mulesoft-consulting/cloudhub-automation-postman/

10. CloudHub Automation Tool (CAT)
Building Blocks - Anypoint Client Library
We used an automated pipeline together with an Open API generator plugin to generate a Golang client called
Anypoint Client Library to be used in Terraform as an abstraction layer to perform actions on the Anypoint
Platform.

11. CloudHub Automation Tool (CAT)
Building Blocks - Delivery Cycle
The delivery cycle is composed of 3 steps:
1. Pick one resource and understand how it works
using tools like Postman, Anypoint
documentation and your favorite browser's
inspector.
2. Create the OAS3 specification. The
specification should at least contain GET,
POST and DELETE operations. Using the OAS
spec, a go module will be automatically
generated.
3. Implement the resource and related data
sources in the provider using the generated
library.

12. What is Terraform?
A tool for building, changing and versioning infrastructure safely and efficiently.
CloudHub Automation Tool (CAT)

13. Terraform Provider deep dive
We used Terraform together with the Anypoint Client Library as an abstraction layer to perform actions on
Anypoint Platform.
CloudHub Automation Tool (CAT)
Terraform Core Plugins Mulesoft APIs
Anypoint Provider
RPC
Client Library
Golang
HTTPS

14. Terraform Official Registry
We released the first Terraform Anypoint Platform’s Provider on Terraform Official Registry
Terraform provider: https://registry.terraform.io/providers/mulesoft-anypoint/anypoint/latest
CloudHub Automation Tool (CAT)

15. How to contribute
● Try the tool yourself and give us a feedback/report an issue on the project’s GitHub repository.
● Write OAS3 specifications for missing resources.
● Implement resources/data sources in the provider.
CloudHub Automation Tool (CAT)
Resources
Anypoint Postman Collection: https://github.com/mulesoft-consulting/anypoint-automation-postman
Anypoint Client Go: https://github.com/mulesoft-consulting/anypoint-client-go
Anypoint Terraform Provider: https://github.com/mulesoft-consulting/terraform-provider-anypoint

16. Demo

17. Gestione degli API Proxy

18. Migration of API ecosystem to MuleSoft Platform
● Business needs: migrate a very large set of APIs from a legacy system to Anypoint Platform, to increase
delivery, cost reduction, increase both efficiency and effectiveness, more control of the entire lifecycle of
APIs ecosystem.
● Use the assets available in the MuleSoft’ developer portal to automate creation and configuration of
migrated APIs to the Anypoint Platform
● Business results: 100 APIs/days migrated for 3 environments, reduce time and effort to manage API
ecosystem, low impact on production activities
API Proxy management
Resources
MuleSoft’s developer portal: https://anypoint.mulesoft.com/exchange/portals/anypoint-platform

19. Implementation steps
The reusable assets in the Developer Portal allows to
fully automate all the required tasks to create,
configure, instantiate and monitor APIs.
Steps are executed sending REST requests to
different components of the architecture platform.
Each component exposes services to fully manage the
scope it has the ownership of.
● Access Management: allow accesses to the
platform, managing grants and roles.
● API Manager: creation, configuration and
monitoring of APIs
● Proxies and Runtime Manager: API client
instantiation and execution
API Proxy management

20. Migration process
● Extraction of API information from legacy systems (configuration, ownership, endpoints, policies, …)
● Select APIs to be migrate and complete missing information (delete duplicates, drop unuseful, identify items
without owner, ...)
● Run automation tool in test environment for a handable subset of APIs, to identify and solve migration
issues.
● Test of the full API lifecycle in the Anypoint Platform (accesses, policy application, monitoring, …) making
some tuning
● Migration of the overall large set of APIs for development, quality and production environments
API Proxy management

21. Tool execution
● Get access token
● Get environment information (organization and environment ids, TLS context ids, provider id, available
policies, ...)
● For each entry:
- Create a REST API asset in the Exchange (if it doesn’t exist yet)
- Create an API instance in the Exchange from API asset
- Applying default policies to all APIs, then apply specific policy at each API.
- Deploy proxy applications into Runtime Manager
- Create client applications to get client IDs and secrets
API Proxy management

22. Demo

23. Q&A

24. Trivia Quiz

25. What’s next

26. 26
● Share:
○ Tweet using the hashtag #MuleSoftMeetups
○ Invite your network to join: https://meetups.mulesoft.com/rome/
● Feedback:
○ Fill out the survey feedback and suggest topics for upcoming events
○ Contact MuleSoft at meetups@mulesoft.com for ways to improve the program
What’s next?

27. Thank you