SlideShare a Scribd company logo

Custom policies in mule 4 and a circuit breaker example

Royston Lobo, profile picture
Royston Lobo

The document discusses custom policies in Mule 4, detailing their architecture, setup, and applications, including a circuit breaker example. It emphasizes the process for creating and deploying custom policies, explains the differences between online and offline policies, and outlines the roles of inbound and outbound policies in API management. Additionally, it includes demo references and guidelines for using GitHub repositories to implement specific policies, such as a Salesforce OAuth injector.

Technology
1 of 25
Downloaded 33 times
1
2
3
4
Most read
5
6
7
Most read
8
Most read
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Custom Policies in Mule 4 and a Circuit Breaker Example SUSMIT D EY MULESOFT ARCHITECT
Agenda • Introduction • Policy Architecture • Autodiscovery Revisit • Resource LevelPolicies • CustomPolicies • Setup • Package & Deploy • Flow Execution • YAML Configurations • InboundandOutboundPolicies • CustomCircuit Breaker Policy - Demo • CustomSalesforceOAuth InjectorPolicy - Demo
Introduction • Policies are extended functionalities which you can apply on your API instances using API Manager. • API instances are instances of Mule applications defined in API Manager which are paired with the deployed application in the runtime manager using Auto-Discovery. • Alternatively, an offline custom policy is applied directly to the runtime and not through API Manager. • API policies are layered on the top of the API implementation to provide governance, security or visibility. • Majority of use cases are covered by default OOTB policies provided by MuleSoft: • Client ID Enforcement • Basic Authentication– Simple Policy • Basic Authentication- LDAP • IP Blacklist • IP Whitelist • Spike Control • Rate Limiting • Rate Limitingwith SLAetc.
Policy Architecture • MisconceptionthatAPI Manager interceptsrequeststo your API, it doesn’t. • API Instancesdefined in API Manager gets paired with the APIs deployed in the Mule Environmentvia Auto-Discovery. • A communicationagentwithin the Runtime manager checks any update in the API Managerand downloads and applies the policies on the top of the API instances. • Below applicationproperties allow pairing of API with the Mule application: anypoint.platform.analytics_base_uri=https://analytics-ingest.anypoint.mulesoft.com anypoint.platform.coreservice_base_uri=https://anypoint.mulesoft.com/accounts anypoint.platform.platform_base_uri=https://anypoint.mulesoft.com/apiplatform anypoint.platform.contracts_base_uri=https://anypoint.mulesoft.com/apigateway/ccs anypoint.platform.client_id=<environment_client_id> anypoint.platform.client_secret=<environment_client_secret>
Policy Architecture
Autodiscovery Revisit • API Autodiscovery is used to pair an API in API Manager to its deployed Mule application. • Runtime manager agent enforcesthe policies on the API by communicatingwith the API Manager. • GateKeeperprevents this trafficby blocking the trackedresource until all policies have been retrieved and applied without errors.During this period, the API returnsa 503 HTTP statuscode. <api-gateway:autodiscovery apiId="${apiId}" flowRef="myFlow" /> • Configure the apiIdwith the API ID that API Manager assigned to your API. • Set the flowRefelement to point to the HTTP flow that youwant to pair to the API in API Manager.
Resource Level Policies • In Mule 4, resource-level policies supportHTTP-based APIs in addition to RAML APIs.You can apply multiple conditions to filter your resources and HTTP methods using the URI template regex to any number of methods in your API.
Custom Policies • Custom Policies are extended functionalitieswhich are developed as per specific requirements and are applied to the Mule applicationin the same way as default policies provided by MuleSoft. • In Mule 4 and later,policies are assets in Exchange. You have to go to Exchange,instead of API Manager, to create policies. In Mule 3, custompolicies were createdin API manager by uploading the policy artefacts. Online Policy • An online policy is applied to an API by the runtime manager by connectingto the API Manager. Offline Policy • An offline policy is applied directly to the runtime and not throughAPI Manager.
Custom Policies Scenarios when custom policies can be useful: • Custom policies can be used for implementing any non-functionalrequirement that is related to API management and is not available as an OOTB policy in the API manager. • Implementing a custompolicy helps the policy logic to be applied on multiple APIs via API manager rather than implementing the logic in every API. • Inbound policies can be used to manage incoming requests or trafficto an API for example throttling, circuitbreaker, cachingor for implementing any customsecurity mechanism. • Outbound policies can be used to inject customheaders or perform any house-keeping tasks before and after any outboundHTTP request made in the Mule flow.
Custom Policies • The current workflow to get a working policy for Mule 4 thatcan be applied in Anypoint Platform consistsof: • Developthe policy. • Package the policy. • Uploadthe resulting policy assets to Exchange. • Apply the policy to any API through API Manager. • A custompolicy consistof two main artefactspackagedintoa JAR: • A Mule configurationfile containingthe policy logic. • A YAML file describing the policy configurations to be done via API manager UI. • Create the custompolicy projectusing the Mule archetyperepository: • https://repository-master.mulesoft.org/nexus/content/repositories/public
Custom Policies - Setup • Set up your maven settings- $M2_HOME/conf/settings.xmlto locate the archetype repository: <profile> <id>archetype-repository</id> <repositories> <repository> <id>archetype</id> <name>MuleRepository</name> <url>https://repository-master.mulesoft.org/nexus/content/repositories/public</url> <releases> <enabled>true</enabled> <checksumPolicy>fail</checksumPolicy> </releases> <snapshots> <enabled>true</enabled> <checksumPolicy>warn</checksumPolicy> </snapshots> </repository> </repositories> </profile>
Custom Policies - Setup • Create a maven projectusing the archetyperepository: • Enter the policy descriptionand policy name: mvn -Parchetype-repository archetype:generate -DarchetypeGroupId=org.mule.tools -DarchetypeArtifactId=api-gateway-custom-policy-archetype -DarchetypeVersion=1.2.0 -DgroupId=f2c80369-122e-2ea2-8362-464d7f1aa055 -DartifactId=custom-circuit-breaker-policy -Dversion=1.0.0 -Dpackage=mule-policy • The groupId shouldbe the org id of the organisationwhere the policy will be uploaded. • Get the org id fromthe Access Management → Organization.
Custom Policies - Setup • Custom policy project structure: • mule-artifact.json represents the descriptor for the custom policy application. Policies cannot export resources nor packages such as Java classes. • my-custom-policy.yaml renders the policy configuration UI. If this file is not provided, the policy won’t be able to be applied through API Platform’s UI. • template.xml where the actual logic of the policy and Mule configuration that defines the policy behaviour.
Custom Policies - Setup • Import the maven projectin Anypoint Studio: • File → Import → Maven→ ExistingMavenProjects → Browsethe root folder of the mavenproject whichgot generated → Click Finish. • The POM file of the projectwill containthe below segment, • Mention the URL with the Org Id in the properties section in the POM file: <distributionManagement> <repository> <id>exchange-server</id> <name>Corporate Repository</name> <url>${exchange.url}</url> <layout>default</layout> </repository> </distributionManagement> <exchange.url>https://maven.anypoint.mulesoft.com/api/v1/organizations/f2c80369-122e-2ea2-8362- 464d7f1aa055/maven</exchange.url> • Add the Anypoint platformuserwhichhas rights to upload artefactsinto Exchange,inthe server configurationin Mavensettings. The <id> field shouldmatchthe name of the <id> in distribution management in the POM file. <server> <id>exchange-server</id> <username>myapuser</username> <password>myappassword123</password> </server>
Custom Policies – Package & Deploy • Packagethe policy • mvn package • Deploy the policy into Exchange • mvn deploy
Custom Policies – Inbound and Outbound • Policies can be applied to an HTTP flow as a source type or an operationtype. • Sourcetype also called Inbound type is applicable to the HTTP Listener in the source of the HTTP flow. • Operationtype also called Outbound type are applicable on each HTTP Requester in the HTTP Flow. • To disable anoutbound policy for a specific HTTP requester,addthe below annotationotherwise the policy is applicable to all the HTTP requesters in the flow,this feature is releasedfor Mule runtime version4.3.0 : • api-gateway:disablePolicies=“true” • A Sample Inbound policy
Custom Policies – YAML id: circuit-breaker-policy name: circuit-breaker-policy description: A Circuit Breaker category: Custom type: custom resourceLevelSupported: true encryptionSupported: false standalone: true configuration: - propertyName: tripThreshold name: Trip Threshold description: Maximum number of errors allowed before the circuit is open. type: int minimumValue: 1 maximumValue: 2147483647 optional: false sensitive: false allowMultiple: false - propertyName: errorCodes name: Error Codes description: A comma separated list of error codes for which the circuit breaker criteria is evaluated. type: string optional: false sensitive: false allowMultiple: false • A YAML ConfigurationFile contains the policy parameters andmetadata.
Custom Policies – YAML Property Types • The ConfigurationUI properties are accessible in the policy templateusing Handlebar variables. • Handlebar expressionssupport different constructslike if-else, each (for multiple values/keyvalue lists) etc. • https://handlebarsjs.com/guide/builtin-helpers.html • Depending of the type of the parameter,the UI will render a different type of input such as:: • String: Any string expected. • Expression: A DataWeaveexpression starting with #[ and finished with ] is expected. • Boolean: true or false. • Int: A number is expected. This type requires additional properties. • minimumValue: -1 • maximumValue: 2147483647 • Radio: One valueof a group of options. This type requires additional properties: • Keyvalues: Collection of Key-Valuepairs. You can loop through all the Key-Valuepairs using handlebar #each construct. • Ex - {{#each responseHeaders}} <http-transform:header headerName="{{{this.key}}}" headerValue="{{{this.value}}}"/> {{/each}}
Custom Policies – Extensions • HTTP Policy TransformExtensionallows manipulation of HTTP request/responsemessages in the custompolicies. • Operationsallowed: • Add Headers Operations • Add Request Headers • Add Request Headers List (Since mule-http-policy-transform-extension3.1.0) • Add Response Headers • Add Response Headers List (Since mule-http-policy-transform-extension3.1.0) • Remove Headers • Set Response • Set Request Ref: https://docs.mulesoft.com/api-manager/2.x/http-policy-transform
Custom Policies – Inbound and Outbound Source Operation HTTPFlow HTTPListener HTTPRequester Mule Flow Steps Mule Flow Steps Execute next Execute next Pre-ExecutionSteps Post-ExecutionSteps Pre-ExecutionSteps Post-ExecutionSteps 1 2 3 4 5 6
Custom Policies – Inbound and Outbound Source Operation HTTPFlow HTTPListener HTTPRequester Mule Flow Steps Mule Flow Steps Execute next Execute next Pre-ExecutionSteps Post-ExecutionSteps Pre-ExecutionSteps Post-ExecutionSteps 1 2 3 4 5 6 • Default message propagation • Default message propagation To achieve message propagationin#1 and #5 use property propagateMessageTransforma tions=true in the Source and Operationelements respectively
Custom Circuit Breaker - Demo • This simple circuitbreakeravoids making the protected call when the circuitis open, butwould needan externalinterventiontoresetit when thingsare well again.This is a reasonable approachwith electrical circuitbreakersin buildings,but for softwarecircuit breakerswe can have the breakeritself detectif the underlyingcalls are working again.We can implement this self-resettingbehaviourby trying the protectedcall again aftera suitableinterval,andresettingthe breaker shouldit succeed. • Ref: https://martinfowler.com/bliki/CircuitBreaker.html
Custom Circuit Breaker - Demo • GitHub Code Repository: https://github.com/susmind/mule-circuit- breaker-policy ◦ Clone the project and import in your anypointstudio ◦ Modifypom.xml to inject your Org Id ◦ Configure your maven settings with the AnypointExchange server credentials ◦ Deploythe policyusing maven command: ◦ mvn deploy ◦ Open Anypoint Exchange to verifythat the custom policygot deployed. ◦ Go to API Manager API instance and apply the policyby selectingthe category – “Custom”
Custom Salesforce OAuth Injector Policy - Demo • GitHub Code Repository: https://github.com/susmind/mule-circuit-breaker-policy ◦ This is an outbound policythat calls the Salesforce Login API, stores,refreshes and injects OAuth Tokens for the outbound Salesforce REST API calls in the HTTP flow on which the policy is applied. ◦ This is implemented to demo an outboundpolicyand not suggested to use this mechanism to interact with Salesforce REST API in general. ◦ Use the steps mentioned in the previous slides to import the policyproject in the Anypoint studio and use Maven to deploy in the Exchange. ◦ Repositoryfor the sample API used in the Demo can be found here: https://github.com/susmind/mule-meetup-sample- api.git
Thank You

More Related Content

PPTX
Introduction to MuleSoft
Alexandra N. Martinez
 
PDF
10 things to consider when planning your Mule 4 migration
Coforge (Erstwhile WHISHWORKS)
 
PDF
Introduction to MuleSoft
Salesforce Developers
 
PPTX
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Akshata Sawant
 
PPTX
Building APIs with Mule and Spring Boot
Guilherme Pereira Silva
 
PPTX
Rtf v2 ingress muleSoft meetup self managed kubernetes
Sandeep Deshmukh
 
PPTX
RESTful API - Best Practices
Tricode (part of Dept)
 
PDF
MuleSoft Sizing Guidelines - VirtualMuleys
Angel Alberici
 
Introduction to MuleSoft
Alexandra N. Martinez
 
10 things to consider when planning your Mule 4 migration
Coforge (Erstwhile WHISHWORKS)
 
Introduction to MuleSoft
Salesforce Developers
 
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Akshata Sawant
 
Building APIs with Mule and Spring Boot
Guilherme Pereira Silva
 
Rtf v2 ingress muleSoft meetup self managed kubernetes
Sandeep Deshmukh
 
RESTful API - Best Practices
Tricode (part of Dept)
 
MuleSoft Sizing Guidelines - VirtualMuleys
Angel Alberici
 

What's hot (20)

PPTX
Introduction to Kubernetes
rajdeep
 
PDF
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
Angel Alberici
 
PPTX
Gathering Operational Intelligence in Complex Environments at Splunk
MuleSoft
 
PPTX
Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...
Alfonso Martino
 
PPTX
Product Vision and Roadmap for Anypoint Platform
MuleSoft
 
PDF
Introduction to MuleSoft Anytime Platform
Salesforce Developers
 
PPTX
Backstage at CNCF Madison.pptx
BrandenTimm1
 
PDF
CD using ArgoCD(KnolX).pdf
Knoldus Inc.
 
PDF
MuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys Meetups
Angel Alberici
 
PDF
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Edureka!
 
PDF
MuleSoft Surat Meetup#41 - Universal API Management, Anypoint Flex Gateway an...
Jitendra Bafna
 
PDF
Slide DevSecOps Microservices
Hendri Karisma
 
PPTX
Introduction to helm
Jeeva Chelladhurai
 
PPTX
Mulesoft Anypoint platform introduction
gijish
 
PPTX
DEVSECOPS.pptx
MohammadSaif904342
 
PPTX
CICD Pipeline Using Github Actions
Kumar Shìvam
 
PDF
Rest API
Phil Aylesworth
 
PDF
Operationalizing your C4E VirtualMuleys & Deployment Considerations: Cloudhub...
Angel Alberici
 
PPT
Distributed Locking in Mule
Sunil Kumar
 
PPTX
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft
 
Introduction to Kubernetes
rajdeep
 
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
Angel Alberici
 
Gathering Operational Intelligence in Complex Environments at Splunk
MuleSoft
 
Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...
Alfonso Martino
 
Product Vision and Roadmap for Anypoint Platform
MuleSoft
 
Introduction to MuleSoft Anytime Platform
Salesforce Developers
 
Backstage at CNCF Madison.pptx
BrandenTimm1
 
CD using ArgoCD(KnolX).pdf
Knoldus Inc.
 
MuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys Meetups
Angel Alberici
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Edureka!
 
MuleSoft Surat Meetup#41 - Universal API Management, Anypoint Flex Gateway an...
Jitendra Bafna
 
Slide DevSecOps Microservices
Hendri Karisma
 
Introduction to helm
Jeeva Chelladhurai
 
Mulesoft Anypoint platform introduction
gijish
 
DEVSECOPS.pptx
MohammadSaif904342
 
CICD Pipeline Using Github Actions
Kumar Shìvam
 
Rest API
Phil Aylesworth
 
Operationalizing your C4E VirtualMuleys & Deployment Considerations: Cloudhub...
Angel Alberici
 
Distributed Locking in Mule
Sunil Kumar
 
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft
 
Ad

Similar to Custom policies in mule 4 and a circuit breaker example (20)

PPTX
Security Policies MuleSoft API Manager Mule4
Adalberto Toledo
 
PPTX
Custom policies columbus ohio mulesoft meetup
MuleSoft Meetup
 
PPTX
Handling NFRs for the API through API policies (Custom Policies) -Part 2 | Mu...
MysoreMuleSoftMeetup
 
PPTX
#6 Calicut MuleSoft Meetup : Demystyfying Custom Policies in Mule
JohnMathewPhilip
 
PPTX
[Madrid-Meetup Octubre 22] Seguridad fuerte como el vinagre de Jerez. Políti...
jorgelebrato
 
PPT
Meetup slide api_design_custom_poicies_in_mule4
AnuragSharma900
 
PDF
MuleSoft Surat Virtual Meetup#3 - Anypoint Custom Policies, API Manager (Prox...
Jitendra Bafna
 
PPTX
Anypoint API Manager Custom Policies & Best Practices
MuleSoft Meetups
 
PPTX
Warsaw MuleSoft Meetup #7 - custom policy
Patryk Bandurski
 
PPTX
Mule soft riyadh virtual meetup_30_aug
satyasekhar123
 
PPTX
How to Secure Mule API's With a Demo
ManjuKumara GH
 
PDF
Engineering Student MuleSoft Meetup#3 - API Implementation using APIKIT route...
Jitendra Bafna
 
PPTX
Handling NFRs for the API through OoTB API policies Part-1 | MuleSoft Mysore ...
MysoreMuleSoftMeetup
 
PPTX
12th Manila MuleSoft Meetup May 2022
Ryan Anthony Andal
 
PPTX
Mule soft meetup_noida_jan_2022
Shiva Sahu
 
PPTX
Indianapolis mulesoft meetup_sep_11_2021
ikram_ahamed
 
PPTX
Bangalore mulesoft meetup#10
D.Rajesh Kumar
 
PPTX
Mule soft Meetup #3
Gaurav Sethi
 
PDF
MuleSoft Surat Virtual Meetup#31 - Async API, Process Error, Circuit Breaker ...
Jitendra Bafna
 
PPTX
How to create Custom Policy in Flex - Ghaziabad Meetup
Ashish Jain
 
Security Policies MuleSoft API Manager Mule4
Adalberto Toledo
 
Custom policies columbus ohio mulesoft meetup
MuleSoft Meetup
 
Handling NFRs for the API through API policies (Custom Policies) -Part 2 | Mu...
MysoreMuleSoftMeetup
 
#6 Calicut MuleSoft Meetup : Demystyfying Custom Policies in Mule
JohnMathewPhilip
 
[Madrid-Meetup Octubre 22] Seguridad fuerte como el vinagre de Jerez. Políti...
jorgelebrato
 
Meetup slide api_design_custom_poicies_in_mule4
AnuragSharma900
 
MuleSoft Surat Virtual Meetup#3 - Anypoint Custom Policies, API Manager (Prox...
Jitendra Bafna
 
Anypoint API Manager Custom Policies & Best Practices
MuleSoft Meetups
 
Warsaw MuleSoft Meetup #7 - custom policy
Patryk Bandurski
 
Mule soft riyadh virtual meetup_30_aug
satyasekhar123
 
How to Secure Mule API's With a Demo
ManjuKumara GH
 
Engineering Student MuleSoft Meetup#3 - API Implementation using APIKIT route...
Jitendra Bafna
 
Handling NFRs for the API through OoTB API policies Part-1 | MuleSoft Mysore ...
MysoreMuleSoftMeetup
 
12th Manila MuleSoft Meetup May 2022
Ryan Anthony Andal
 
Mule soft meetup_noida_jan_2022
Shiva Sahu
 
Indianapolis mulesoft meetup_sep_11_2021
ikram_ahamed
 
Bangalore mulesoft meetup#10
D.Rajesh Kumar
 
Mule soft Meetup #3
Gaurav Sethi
 
MuleSoft Surat Virtual Meetup#31 - Async API, Process Error, Circuit Breaker ...
Jitendra Bafna
 
How to create Custom Policy in Flex - Ghaziabad Meetup
Ashish Jain
 
Ad

More from Royston Lobo (16)

PDF
Singapore MuleSoft Meetup - 23 Nov 2022
Royston Lobo
 
PDF
Singapore MuleSoft Meetup - 24 Aug 2022
Royston Lobo
 
PDF
2022.06.23 - Sydney Meetup
Royston Lobo
 
PDF
MuleSoft Online Meetup - Salesforce Streaming APIs
Royston Lobo
 
PDF
Online Meetup - MuleSoft - June 2020
Royston Lobo
 
PDF
MuleSOft PKO Developer meetup - 25 March 2021
Royston Lobo
 
PDF
Sydney MuleSoft Meetup #16 - 19 November 2020
Royston Lobo
 
PDF
MuleSoft Online Meetup - MuleSoft integration with snowflake and kafka
Royston Lobo
 
PDF
MuleSoft Online Meetup a Guide to RTF application deployment - October 2020
Royston Lobo
 
PDF
Meetup 20200924 Sydney meetup
Royston Lobo
 
PDF
MuleSoft Online meetup - An expert's guide to Runtime fabric - August 2020
Royston Lobo
 
PDF
Sydney mule soft meetup 30 april 2020
Royston Lobo
 
PPTX
Creating an OData-Enabled API
Royston Lobo
 
PDF
Sydney MuleSoft Meetup #12 2020204
Royston Lobo
 
PDF
Sydney MuleSoft meetup #11 28 November 2019 - all slides
Royston Lobo
 
PDF
Sydney mule soft meetup #8 1 August 2019 - all slides
Royston Lobo
 
Singapore MuleSoft Meetup - 23 Nov 2022
Royston Lobo
 
Singapore MuleSoft Meetup - 24 Aug 2022
Royston Lobo
 
2022.06.23 - Sydney Meetup
Royston Lobo
 
MuleSoft Online Meetup - Salesforce Streaming APIs
Royston Lobo
 
Online Meetup - MuleSoft - June 2020
Royston Lobo
 
MuleSOft PKO Developer meetup - 25 March 2021
Royston Lobo
 
Sydney MuleSoft Meetup #16 - 19 November 2020
Royston Lobo
 
MuleSoft Online Meetup - MuleSoft integration with snowflake and kafka
Royston Lobo
 
MuleSoft Online Meetup a Guide to RTF application deployment - October 2020
Royston Lobo
 
Meetup 20200924 Sydney meetup
Royston Lobo
 
MuleSoft Online meetup - An expert's guide to Runtime fabric - August 2020
Royston Lobo
 
Sydney mule soft meetup 30 april 2020
Royston Lobo
 
Creating an OData-Enabled API
Royston Lobo
 
Sydney MuleSoft Meetup #12 2020204
Royston Lobo
 
Sydney MuleSoft meetup #11 28 November 2019 - all slides
Royston Lobo
 
Sydney mule soft meetup #8 1 August 2019 - all slides
Royston Lobo
 

Recently uploaded (20)

PDF
KodekX | Application Modernization Development
KodekX
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
Advanced IT Governance
University of Hertfordshire
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PPTX
breach-and-attack-simulation-cybersecurity-india-chennai-defenderrabbit-2025....
defencerabbit Team
 
KodekX | Application Modernization Development
KodekX
 
Cloud computing and distributed systems.
kkkkkhan
 
Approach and Philosophy of On baking technology
30anthuong17
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Advanced IT Governance
University of Hertfordshire
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Teaching material agriculture food technology
LiaRayya
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
breach-and-attack-simulation-cybersecurity-india-chennai-defenderrabbit-2025....
defencerabbit Team
 

Custom policies in mule 4 and a circuit breaker example

  • 1. Custom Policies in Mule 4 and a Circuit Breaker Example SUSMIT D EY MULESOFT ARCHITECT
  • 2. Agenda • Introduction • Policy Architecture • Autodiscovery Revisit • Resource LevelPolicies • CustomPolicies • Setup • Package & Deploy • Flow Execution • YAML Configurations • InboundandOutboundPolicies • CustomCircuit Breaker Policy - Demo • CustomSalesforceOAuth InjectorPolicy - Demo
  • 3. Introduction • Policies are extended functionalities which you can apply on your API instances using API Manager. • API instances are instances of Mule applications defined in API Manager which are paired with the deployed application in the runtime manager using Auto-Discovery. • Alternatively, an offline custom policy is applied directly to the runtime and not through API Manager. • API policies are layered on the top of the API implementation to provide governance, security or visibility. • Majority of use cases are covered by default OOTB policies provided by MuleSoft: • Client ID Enforcement • Basic Authentication– Simple Policy • Basic Authentication- LDAP • IP Blacklist • IP Whitelist • Spike Control • Rate Limiting • Rate Limitingwith SLAetc.
  • 4. Policy Architecture • MisconceptionthatAPI Manager interceptsrequeststo your API, it doesn’t. • API Instancesdefined in API Manager gets paired with the APIs deployed in the Mule Environmentvia Auto-Discovery. • A communicationagentwithin the Runtime manager checks any update in the API Managerand downloads and applies the policies on the top of the API instances. • Below applicationproperties allow pairing of API with the Mule application: anypoint.platform.analytics_base_uri=https://analytics-ingest.anypoint.mulesoft.com anypoint.platform.coreservice_base_uri=https://anypoint.mulesoft.com/accounts anypoint.platform.platform_base_uri=https://anypoint.mulesoft.com/apiplatform anypoint.platform.contracts_base_uri=https://anypoint.mulesoft.com/apigateway/ccs anypoint.platform.client_id=<environment_client_id> anypoint.platform.client_secret=<environment_client_secret>
  • 6. Autodiscovery Revisit • API Autodiscovery is used to pair an API in API Manager to its deployed Mule application. • Runtime manager agent enforcesthe policies on the API by communicatingwith the API Manager. • GateKeeperprevents this trafficby blocking the trackedresource until all policies have been retrieved and applied without errors.During this period, the API returnsa 503 HTTP statuscode. <api-gateway:autodiscovery apiId="${apiId}" flowRef="myFlow" /> • Configure the apiIdwith the API ID that API Manager assigned to your API. • Set the flowRefelement to point to the HTTP flow that youwant to pair to the API in API Manager.
  • 7. Resource Level Policies • In Mule 4, resource-level policies supportHTTP-based APIs in addition to RAML APIs.You can apply multiple conditions to filter your resources and HTTP methods using the URI template regex to any number of methods in your API.
  • 8. Custom Policies • Custom Policies are extended functionalitieswhich are developed as per specific requirements and are applied to the Mule applicationin the same way as default policies provided by MuleSoft. • In Mule 4 and later,policies are assets in Exchange. You have to go to Exchange,instead of API Manager, to create policies. In Mule 3, custompolicies were createdin API manager by uploading the policy artefacts. Online Policy • An online policy is applied to an API by the runtime manager by connectingto the API Manager. Offline Policy • An offline policy is applied directly to the runtime and not throughAPI Manager.
  • 9. Custom Policies Scenarios when custom policies can be useful: • Custom policies can be used for implementing any non-functionalrequirement that is related to API management and is not available as an OOTB policy in the API manager. • Implementing a custompolicy helps the policy logic to be applied on multiple APIs via API manager rather than implementing the logic in every API. • Inbound policies can be used to manage incoming requests or trafficto an API for example throttling, circuitbreaker, cachingor for implementing any customsecurity mechanism. • Outbound policies can be used to inject customheaders or perform any house-keeping tasks before and after any outboundHTTP request made in the Mule flow.
  • 10. Custom Policies • The current workflow to get a working policy for Mule 4 thatcan be applied in Anypoint Platform consistsof: • Developthe policy. • Package the policy. • Uploadthe resulting policy assets to Exchange. • Apply the policy to any API through API Manager. • A custompolicy consistof two main artefactspackagedintoa JAR: • A Mule configurationfile containingthe policy logic. • A YAML file describing the policy configurations to be done via API manager UI. • Create the custompolicy projectusing the Mule archetyperepository: • https://repository-master.mulesoft.org/nexus/content/repositories/public
  • 11. Custom Policies - Setup • Set up your maven settings- $M2_HOME/conf/settings.xmlto locate the archetype repository: <profile> <id>archetype-repository</id> <repositories> <repository> <id>archetype</id> <name>MuleRepository</name> <url>https://repository-master.mulesoft.org/nexus/content/repositories/public</url> <releases> <enabled>true</enabled> <checksumPolicy>fail</checksumPolicy> </releases> <snapshots> <enabled>true</enabled> <checksumPolicy>warn</checksumPolicy> </snapshots> </repository> </repositories> </profile>
  • 12. Custom Policies - Setup • Create a maven projectusing the archetyperepository: • Enter the policy descriptionand policy name: mvn -Parchetype-repository archetype:generate -DarchetypeGroupId=org.mule.tools -DarchetypeArtifactId=api-gateway-custom-policy-archetype -DarchetypeVersion=1.2.0 -DgroupId=f2c80369-122e-2ea2-8362-464d7f1aa055 -DartifactId=custom-circuit-breaker-policy -Dversion=1.0.0 -Dpackage=mule-policy • The groupId shouldbe the org id of the organisationwhere the policy will be uploaded. • Get the org id fromthe Access Management → Organization.
  • 13. Custom Policies - Setup • Custom policy project structure: • mule-artifact.json represents the descriptor for the custom policy application. Policies cannot export resources nor packages such as Java classes. • my-custom-policy.yaml renders the policy configuration UI. If this file is not provided, the policy won’t be able to be applied through API Platform’s UI. • template.xml where the actual logic of the policy and Mule configuration that defines the policy behaviour.
  • 14. Custom Policies - Setup • Import the maven projectin Anypoint Studio: • File → Import → Maven→ ExistingMavenProjects → Browsethe root folder of the mavenproject whichgot generated → Click Finish. • The POM file of the projectwill containthe below segment, • Mention the URL with the Org Id in the properties section in the POM file: <distributionManagement> <repository> <id>exchange-server</id> <name>Corporate Repository</name> <url>${exchange.url}</url> <layout>default</layout> </repository> </distributionManagement> <exchange.url>https://maven.anypoint.mulesoft.com/api/v1/organizations/f2c80369-122e-2ea2-8362- 464d7f1aa055/maven</exchange.url> • Add the Anypoint platformuserwhichhas rights to upload artefactsinto Exchange,inthe server configurationin Mavensettings. The <id> field shouldmatchthe name of the <id> in distribution management in the POM file. <server> <id>exchange-server</id> <username>myapuser</username> <password>myappassword123</password> </server>
  • 15. Custom Policies – Package & Deploy • Packagethe policy • mvn package • Deploy the policy into Exchange • mvn deploy
  • 16. Custom Policies – Inbound and Outbound • Policies can be applied to an HTTP flow as a source type or an operationtype. • Sourcetype also called Inbound type is applicable to the HTTP Listener in the source of the HTTP flow. • Operationtype also called Outbound type are applicable on each HTTP Requester in the HTTP Flow. • To disable anoutbound policy for a specific HTTP requester,addthe below annotationotherwise the policy is applicable to all the HTTP requesters in the flow,this feature is releasedfor Mule runtime version4.3.0 : • api-gateway:disablePolicies=“true” • A Sample Inbound policy
  • 17. Custom Policies – YAML id: circuit-breaker-policy name: circuit-breaker-policy description: A Circuit Breaker category: Custom type: custom resourceLevelSupported: true encryptionSupported: false standalone: true configuration: - propertyName: tripThreshold name: Trip Threshold description: Maximum number of errors allowed before the circuit is open. type: int minimumValue: 1 maximumValue: 2147483647 optional: false sensitive: false allowMultiple: false - propertyName: errorCodes name: Error Codes description: A comma separated list of error codes for which the circuit breaker criteria is evaluated. type: string optional: false sensitive: false allowMultiple: false • A YAML ConfigurationFile contains the policy parameters andmetadata.
  • 18. Custom Policies – YAML Property Types • The ConfigurationUI properties are accessible in the policy templateusing Handlebar variables. • Handlebar expressionssupport different constructslike if-else, each (for multiple values/keyvalue lists) etc. • https://handlebarsjs.com/guide/builtin-helpers.html • Depending of the type of the parameter,the UI will render a different type of input such as:: • String: Any string expected. • Expression: A DataWeaveexpression starting with #[ and finished with ] is expected. • Boolean: true or false. • Int: A number is expected. This type requires additional properties. • minimumValue: -1 • maximumValue: 2147483647 • Radio: One valueof a group of options. This type requires additional properties: • Keyvalues: Collection of Key-Valuepairs. You can loop through all the Key-Valuepairs using handlebar #each construct. • Ex - {{#each responseHeaders}} <http-transform:header headerName="{{{this.key}}}" headerValue="{{{this.value}}}"/> {{/each}}
  • 19. Custom Policies – Extensions • HTTP Policy TransformExtensionallows manipulation of HTTP request/responsemessages in the custompolicies. • Operationsallowed: • Add Headers Operations • Add Request Headers • Add Request Headers List (Since mule-http-policy-transform-extension3.1.0) • Add Response Headers • Add Response Headers List (Since mule-http-policy-transform-extension3.1.0) • Remove Headers • Set Response • Set Request Ref: https://docs.mulesoft.com/api-manager/2.x/http-policy-transform
  • 20. Custom Policies – Inbound and Outbound Source Operation HTTPFlow HTTPListener HTTPRequester Mule Flow Steps Mule Flow Steps Execute next Execute next Pre-ExecutionSteps Post-ExecutionSteps Pre-ExecutionSteps Post-ExecutionSteps 1 2 3 4 5 6
  • 21. Custom Policies – Inbound and Outbound Source Operation HTTPFlow HTTPListener HTTPRequester Mule Flow Steps Mule Flow Steps Execute next Execute next Pre-ExecutionSteps Post-ExecutionSteps Pre-ExecutionSteps Post-ExecutionSteps 1 2 3 4 5 6 • Default message propagation • Default message propagation To achieve message propagationin#1 and #5 use property propagateMessageTransforma tions=true in the Source and Operationelements respectively
  • 22. Custom Circuit Breaker - Demo • This simple circuitbreakeravoids making the protected call when the circuitis open, butwould needan externalinterventiontoresetit when thingsare well again.This is a reasonable approachwith electrical circuitbreakersin buildings,but for softwarecircuit breakerswe can have the breakeritself detectif the underlyingcalls are working again.We can implement this self-resettingbehaviourby trying the protectedcall again aftera suitableinterval,andresettingthe breaker shouldit succeed. • Ref: https://martinfowler.com/bliki/CircuitBreaker.html
  • 23. Custom Circuit Breaker - Demo • GitHub Code Repository: https://github.com/susmind/mule-circuit- breaker-policy ◦ Clone the project and import in your anypointstudio ◦ Modifypom.xml to inject your Org Id ◦ Configure your maven settings with the AnypointExchange server credentials ◦ Deploythe policyusing maven command: ◦ mvn deploy ◦ Open Anypoint Exchange to verifythat the custom policygot deployed. ◦ Go to API Manager API instance and apply the policyby selectingthe category – “Custom”
  • 24. Custom Salesforce OAuth Injector Policy - Demo • GitHub Code Repository: https://github.com/susmind/mule-circuit-breaker-policy ◦ This is an outbound policythat calls the Salesforce Login API, stores,refreshes and injects OAuth Tokens for the outbound Salesforce REST API calls in the HTTP flow on which the policy is applied. ◦ This is implemented to demo an outboundpolicyand not suggested to use this mechanism to interact with Salesforce REST API in general. ◦ Use the steps mentioned in the previous slides to import the policyproject in the Anypoint studio and use Maven to deploy in the Exchange. ◦ Repositoryfor the sample API used in the Demo can be found here: https://github.com/susmind/mule-meetup-sample- api.git