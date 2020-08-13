Successfully reported this slideshow.
Custom Policies in Mule 4 and a Circuit Breaker Example SUSMIT D EY MULESOFT ARCHITECT
Agenda • Introduction • Policy Architecture • Autodiscovery Revisit • Resource LevelPolicies • CustomPolicies • Setup • Pa...
Introduction • Policies are extended functionalities which you can apply on your API instances using API Manager. • API in...
Policy Architecture • MisconceptionthatAPI Manager interceptsrequeststo your API, it doesn’t. • API Instancesdefined in AP...
Policy Architecture
Autodiscovery Revisit • API Autodiscovery is used to pair an API in API Manager to its deployed Mule application. • Runtim...
Resource Level Policies • In Mule 4, resource-level policies supportHTTP-based APIs in addition to RAML APIs.You can apply...
Custom Policies • Custom Policies are extended functionalitieswhich are developed as per specific requirements and are app...
Custom Policies Scenarios when custom policies can be useful: • Custom policies can be used for implementing any non-funct...
Custom Policies • The current workflow to get a working policy for Mule 4 thatcan be applied in Anypoint Platform consists...
Custom Policies - Setup • Set up your maven settings- $M2_HOME/conf/settings.xmlto locate the archetype repository: <profi...
Custom Policies - Setup • Create a maven projectusing the archetyperepository: • Enter the policy descriptionand policy na...
Custom Policies - Setup • Custom policy project structure: • mule-artifact.json represents the descriptor for the custom p...
Custom Policies - Setup • Import the maven projectin Anypoint Studio: • File → Import → Maven→ ExistingMavenProjects → Bro...
Custom Policies – Package & Deploy • Packagethe policy • mvn package • Deploy the policy into Exchange • mvn deploy
Custom Policies – Inbound and Outbound • Policies can be applied to an HTTP flow as a source type or an operationtype. • S...
Custom Policies – YAML id: circuit-breaker-policy name: circuit-breaker-policy description: A Circuit Breaker category: Cu...
Custom Policies – YAML Property Types • The ConfigurationUI properties are accessible in the policy templateusing Handleba...
Custom Policies – Extensions • HTTP Policy TransformExtensionallows manipulation of HTTP request/responsemessages in the c...
Custom Policies – Inbound and Outbound Source Operation HTTPFlow HTTPListener HTTPRequester Mule Flow Steps Mule Flow Step...
Custom Policies – Inbound and Outbound Source Operation HTTPFlow HTTPListener HTTPRequester Mule Flow Steps Mule Flow Step...
Custom Circuit Breaker - Demo • This simple circuitbreakeravoids making the protected call when the circuitis open, butwou...
Custom Circuit Breaker - Demo • GitHub Code Repository: https://github.com/susmind/mule-circuit- breaker-policy ◦ Clone th...
Custom Salesforce OAuth Injector Policy - Demo • GitHub Code Repository: https://github.com/susmind/mule-circuit-breaker-p...
Thank You
Custom policies in mule 4 and a circuit breaker example

https://meetups.mulesoft.com/events/details/mulesoft-online-group-english-presents-custom-policies-in-mule-4-and-a-circuit-breaker-example/#/

Published in: Technology
Custom policies in mule 4 and a circuit breaker example

  1. 1. Custom Policies in Mule 4 and a Circuit Breaker Example SUSMIT D EY MULESOFT ARCHITECT
  2. 2. Agenda • Introduction • Policy Architecture • Autodiscovery Revisit • Resource LevelPolicies • CustomPolicies • Setup • Package & Deploy • Flow Execution • YAML Configurations • InboundandOutboundPolicies • CustomCircuit Breaker Policy - Demo • CustomSalesforceOAuth InjectorPolicy - Demo
  3. 3. Introduction • Policies are extended functionalities which you can apply on your API instances using API Manager. • API instances are instances of Mule applications defined in API Manager which are paired with the deployed application in the runtime manager using Auto-Discovery. • Alternatively, an offline custom policy is applied directly to the runtime and not through API Manager. • API policies are layered on the top of the API implementation to provide governance, security or visibility. • Majority of use cases are covered by default OOTB policies provided by MuleSoft: • Client ID Enforcement • Basic Authentication– Simple Policy • Basic Authentication- LDAP • IP Blacklist • IP Whitelist • Spike Control • Rate Limiting • Rate Limitingwith SLAetc.
  4. 4. Policy Architecture • MisconceptionthatAPI Manager interceptsrequeststo your API, it doesn’t. • API Instancesdefined in API Manager gets paired with the APIs deployed in the Mule Environmentvia Auto-Discovery. • A communicationagentwithin the Runtime manager checks any update in the API Managerand downloads and applies the policies on the top of the API instances. • Below applicationproperties allow pairing of API with the Mule application: anypoint.platform.analytics_base_uri=https://analytics-ingest.anypoint.mulesoft.com anypoint.platform.coreservice_base_uri=https://anypoint.mulesoft.com/accounts anypoint.platform.platform_base_uri=https://anypoint.mulesoft.com/apiplatform anypoint.platform.contracts_base_uri=https://anypoint.mulesoft.com/apigateway/ccs anypoint.platform.client_id=<environment_client_id> anypoint.platform.client_secret=<environment_client_secret>
  5. 5. Policy Architecture
  6. 6. Autodiscovery Revisit • API Autodiscovery is used to pair an API in API Manager to its deployed Mule application. • Runtime manager agent enforcesthe policies on the API by communicatingwith the API Manager. • GateKeeperprevents this trafficby blocking the trackedresource until all policies have been retrieved and applied without errors.During this period, the API returnsa 503 HTTP statuscode. <api-gateway:autodiscovery apiId="${apiId}" flowRef="myFlow" /> • Configure the apiIdwith the API ID that API Manager assigned to your API. • Set the flowRefelement to point to the HTTP flow that youwant to pair to the API in API Manager.
  7. 7. Resource Level Policies • In Mule 4, resource-level policies supportHTTP-based APIs in addition to RAML APIs.You can apply multiple conditions to filter your resources and HTTP methods using the URI template regex to any number of methods in your API.
  8. 8. Custom Policies • Custom Policies are extended functionalitieswhich are developed as per specific requirements and are applied to the Mule applicationin the same way as default policies provided by MuleSoft. • In Mule 4 and later,policies are assets in Exchange. You have to go to Exchange,instead of API Manager, to create policies. In Mule 3, custompolicies were createdin API manager by uploading the policy artefacts. Online Policy • An online policy is applied to an API by the runtime manager by connectingto the API Manager. Offline Policy • An offline policy is applied directly to the runtime and not throughAPI Manager.
  9. 9. Custom Policies Scenarios when custom policies can be useful: • Custom policies can be used for implementing any non-functionalrequirement that is related to API management and is not available as an OOTB policy in the API manager. • Implementing a custompolicy helps the policy logic to be applied on multiple APIs via API manager rather than implementing the logic in every API. • Inbound policies can be used to manage incoming requests or trafficto an API for example throttling, circuitbreaker, cachingor for implementing any customsecurity mechanism. • Outbound policies can be used to inject customheaders or perform any house-keeping tasks before and after any outboundHTTP request made in the Mule flow.
  10. 10. Custom Policies • The current workflow to get a working policy for Mule 4 thatcan be applied in Anypoint Platform consistsof: • Developthe policy. • Package the policy. • Uploadthe resulting policy assets to Exchange. • Apply the policy to any API through API Manager. • A custompolicy consistof two main artefactspackagedintoa JAR: • A Mule configurationfile containingthe policy logic. • A YAML file describing the policy configurations to be done via API manager UI. • Create the custompolicy projectusing the Mule archetyperepository: • https://repository-master.mulesoft.org/nexus/content/repositories/public
  11. 11. Custom Policies - Setup • Set up your maven settings- $M2_HOME/conf/settings.xmlto locate the archetype repository: <profile> <id>archetype-repository</id> <repositories> <repository> <id>archetype</id> <name>MuleRepository</name> <url>https://repository-master.mulesoft.org/nexus/content/repositories/public</url> <releases> <enabled>true</enabled> <checksumPolicy>fail</checksumPolicy> </releases> <snapshots> <enabled>true</enabled> <checksumPolicy>warn</checksumPolicy> </snapshots> </repository> </repositories> </profile>
  12. 12. Custom Policies - Setup • Create a maven projectusing the archetyperepository: • Enter the policy descriptionand policy name: mvn -Parchetype-repository archetype:generate -DarchetypeGroupId=org.mule.tools -DarchetypeArtifactId=api-gateway-custom-policy-archetype -DarchetypeVersion=1.2.0 -DgroupId=f2c80369-122e-2ea2-8362-464d7f1aa055 -DartifactId=custom-circuit-breaker-policy -Dversion=1.0.0 -Dpackage=mule-policy • The groupId shouldbe the org id of the organisationwhere the policy will be uploaded. • Get the org id fromthe Access Management → Organization.
  13. 13. Custom Policies - Setup • Custom policy project structure: • mule-artifact.json represents the descriptor for the custom policy application. Policies cannot export resources nor packages such as Java classes. • my-custom-policy.yaml renders the policy configuration UI. If this file is not provided, the policy won’t be able to be applied through API Platform’s UI. • template.xml where the actual logic of the policy and Mule configuration that defines the policy behaviour.
  14. 14. Custom Policies - Setup • Import the maven projectin Anypoint Studio: • File → Import → Maven→ ExistingMavenProjects → Browsethe root folder of the mavenproject whichgot generated → Click Finish. • The POM file of the projectwill containthe below segment, • Mention the URL with the Org Id in the properties section in the POM file: <distributionManagement> <repository> <id>exchange-server</id> <name>Corporate Repository</name> <url>${exchange.url}</url> <layout>default</layout> </repository> </distributionManagement> <exchange.url>https://maven.anypoint.mulesoft.com/api/v1/organizations/f2c80369-122e-2ea2-8362- 464d7f1aa055/maven</exchange.url> • Add the Anypoint platformuserwhichhas rights to upload artefactsinto Exchange,inthe server configurationin Mavensettings. The <id> field shouldmatchthe name of the <id> in distribution management in the POM file. <server> <id>exchange-server</id> <username>myapuser</username> <password>myappassword123</password> </server>
  15. 15. Custom Policies – Package & Deploy • Packagethe policy • mvn package • Deploy the policy into Exchange • mvn deploy
  16. 16. Custom Policies – Inbound and Outbound • Policies can be applied to an HTTP flow as a source type or an operationtype. • Sourcetype also called Inbound type is applicable to the HTTP Listener in the source of the HTTP flow. • Operationtype also called Outbound type are applicable on each HTTP Requester in the HTTP Flow. • To disable anoutbound policy for a specific HTTP requester,addthe below annotationotherwise the policy is applicable to all the HTTP requesters in the flow,this feature is releasedfor Mule runtime version4.3.0 : • api-gateway:disablePolicies=“true” • A Sample Inbound policy
  17. 17. Custom Policies – YAML id: circuit-breaker-policy name: circuit-breaker-policy description: A Circuit Breaker category: Custom type: custom resourceLevelSupported: true encryptionSupported: false standalone: true configuration: - propertyName: tripThreshold name: Trip Threshold description: Maximum number of errors allowed before the circuit is open. type: int minimumValue: 1 maximumValue: 2147483647 optional: false sensitive: false allowMultiple: false - propertyName: errorCodes name: Error Codes description: A comma separated list of error codes for which the circuit breaker criteria is evaluated. type: string optional: false sensitive: false allowMultiple: false • A YAML ConfigurationFile contains the policy parameters andmetadata.
  18. 18. Custom Policies – YAML Property Types • The ConfigurationUI properties are accessible in the policy templateusing Handlebar variables. • Handlebar expressionssupport different constructslike if-else, each (for multiple values/keyvalue lists) etc. • https://handlebarsjs.com/guide/builtin-helpers.html • Depending of the type of the parameter,the UI will render a different type of input such as:: • String: Any string expected. • Expression: A DataWeaveexpression starting with #[ and finished with ] is expected. • Boolean: true or false. • Int: A number is expected. This type requires additional properties. • minimumValue: -1 • maximumValue: 2147483647 • Radio: One valueof a group of options. This type requires additional properties: • Keyvalues: Collection of Key-Valuepairs. You can loop through all the Key-Valuepairs using handlebar #each construct. • Ex - {{#each responseHeaders}} <http-transform:header headerName="{{{this.key}}}" headerValue="{{{this.value}}}"/> {{/each}}
  19. 19. Custom Policies – Extensions • HTTP Policy TransformExtensionallows manipulation of HTTP request/responsemessages in the custompolicies. • Operationsallowed: • Add Headers Operations • Add Request Headers • Add Request Headers List (Since mule-http-policy-transform-extension3.1.0) • Add Response Headers • Add Response Headers List (Since mule-http-policy-transform-extension3.1.0) • Remove Headers • Set Response • Set Request Ref: https://docs.mulesoft.com/api-manager/2.x/http-policy-transform
  20. 20. Custom Policies – Inbound and Outbound Source Operation HTTPFlow HTTPListener HTTPRequester Mule Flow Steps Mule Flow Steps Execute next Execute next Pre-ExecutionSteps Post-ExecutionSteps Pre-ExecutionSteps Post-ExecutionSteps 1 2 3 4 5 6
  21. 21. Custom Policies – Inbound and Outbound Source Operation HTTPFlow HTTPListener HTTPRequester Mule Flow Steps Mule Flow Steps Execute next Execute next Pre-ExecutionSteps Post-ExecutionSteps Pre-ExecutionSteps Post-ExecutionSteps 1 2 3 4 5 6 • Default message propagation • Default message propagation To achieve message propagationin#1 and #5 use property propagateMessageTransforma tions=true in the Source and Operationelements respectively
  22. 22. Custom Circuit Breaker - Demo • This simple circuitbreakeravoids making the protected call when the circuitis open, butwould needan externalinterventiontoresetit when thingsare well again.This is a reasonable approachwith electrical circuitbreakersin buildings,but for softwarecircuit breakerswe can have the breakeritself detectif the underlyingcalls are working again.We can implement this self-resettingbehaviourby trying the protectedcall again aftera suitableinterval,andresettingthe breaker shouldit succeed. • Ref: https://martinfowler.com/bliki/CircuitBreaker.html
  23. 23. Custom Circuit Breaker - Demo • GitHub Code Repository: https://github.com/susmind/mule-circuit- breaker-policy ◦ Clone the project and import in your anypointstudio ◦ Modifypom.xml to inject your Org Id ◦ Configure your maven settings with the AnypointExchange server credentials ◦ Deploythe policyusing maven command: ◦ mvn deploy ◦ Open Anypoint Exchange to verifythat the custom policygot deployed. ◦ Go to API Manager API instance and apply the policyby selectingthe category – “Custom”
  24. 24. Custom Salesforce OAuth Injector Policy - Demo • GitHub Code Repository: https://github.com/susmind/mule-circuit-breaker-policy ◦ This is an outbound policythat calls the Salesforce Login API, stores,refreshes and injects OAuth Tokens for the outbound Salesforce REST API calls in the HTTP flow on which the policy is applied. ◦ This is implemented to demo an outboundpolicyand not suggested to use this mechanism to interact with Salesforce REST API in general. ◦ Use the steps mentioned in the previous slides to import the policyproject in the Anypoint studio and use Maven to deploy in the Exchange. ◦ Repositoryfor the sample API used in the Demo can be found here: https://github.com/susmind/mule-meetup-sample- api.git
  25. 25. Thank You

