diff --git a/runtime-manager/modules/ROOT/nav.adoc b/runtime-manager/modules/ROOT/nav.adoc index 96273d662..67f8caaf3 100644 --- a/runtime-manager/modules/ROOT/nav.adoc +++ b/runtime-manager/modules/ROOT/nav.adoc @@ -4,12 +4,10 @@ * xref:runtime-manager-switch-env.adoc[Use Different Environments in Runtime Manager] * xref:deployment-strategies.adoc[Deployment Options] ** xref:deploying-to-your-own-servers.adoc[Deploy to Your Servers] - *** xref:rtm-agent-allowlists.adoc[Ports, IP Addresses, and Hostnames to Allow] * xref:continuous-deployment.adoc[Continuous Deployment] * xref:managing-deployed-applications.adoc[Manage Deployed Applications] ** xref:managing-applications-on-your-own-servers.adoc[Manage Applications on Your Servers] *** xref:hybrid-schedule-mgmt.adoc[Manage Schedulers] - *** xref:runtime-dep-serv-limits.adoc[Deployment and Server Scaling] *** xref:flow-management.adoc[Flow Management] *** xref:hybrid-manage-props.adoc[Manage Properties] * xref:managing-servers.adoc[Servers, Server Groups, and Clusters] diff --git a/runtime-manager/modules/ROOT/pages/rtm-agent-allowlists.adoc b/runtime-manager/modules/ROOT/pages/rtm-agent-allowlists.adoc deleted file mode 100644 index 9ceccd929..000000000 --- a/runtime-manager/modules/ROOT/pages/rtm-agent-allowlists.adoc +++ /dev/null @@ -1,119 +0,0 @@ -= Ports, IP Addresses, and Hostnames to Allow -ifndef::env-site,env-github[] -include::_attributes.adoc[] -endif::[] -:keywords: agent, runtime manager, mule, esb, servers, monitor, notifications, external systems, third party, get status, metrics -:page-aliases: rtm-agent-whitelists.adoc -:page-deployment-options: pce, hybrid - - -In your network, you must add the hostnames and ports of various parts of Anypoint Platform to your allowlist to enable the Runtime Manager agent in a customer-hosted Mule runtime engine to communicate with the online Anypoint Platform APIs and services managed by MuleSoft. - -These tables show you the ports or IP addresses and hostnames to add to your allowlists to allow communication between the agent and the Runtime Manager console. - -Because the following endpoints use mutual TLS authentication, to establish the connection, you must configure SSL passthrough to allow the certificates: - -* runtime-manager.anypoint.mulesoft.com -* runtime-manager.eu1.anypoint.mulesoft.com -* runtime-manager.gov.anypoint.mulesoft.com -* data-authenticator.anypoint.mulesoft.com -* data-authenticator.gov.anypoint.mulesoft.com -* us1.ingest.mulesoft.com -* eu1.ingest.mulesoft.com - -In addition, the following endpoints use WebSockets: - -* runtime-manager.anypoint.mulesoft.com -* runtime-manager.eu1.anypoint.mulesoft.com -* runtime-manager.gov.anypoint.mulesoft.com - -[NOTE] -Ports, IP addresses, and hostnames are required for outbound connectivity. Inbound connectivity is not required to your network and servers. The connection between customer-hosted Mule runtime and Anypoint Platform is established via persistent Websocket connections. All connections are outbound. - -== Ports - -[%header,cols="10a,50a,10a"] -|=== -|Region |Name |Port -|*US*|anypoint.mulesoft.com | 443 -|*US*|runtime-manager.anypoint.mulesoft.com | 443 -|*US*|analytics-ingest.anypoint.mulesoft.com | 443 -|*US*|data-authenticator.anypoint.mulesoft.com | 443 -|*US*|exchange-files.anypoint.mulesoft.com | 443 -|*US*|exchange2-asset-manager-kprod.s3.amazonaws.com | 443 -|*US*|us1.ingest.mulesoft.com | 8443 -|*US-GOV*|runtime-manager.gov.anypoint.mulesoft.com | 443 -|*US-GOV*|data-authenticator.gov.anypoint.mulesoft.com | 443 -|*US-GOV*|gov.anypoint.mulesoft.com | 443 -|*US-GOV*|exchange-files.gov.anypoint.mulesoft.com | 443 -|*US-GOV*|exchange2-asset-manager-kgprod.s3.us-gov-west-1.amazonaws.com | 443 -|*EU*|eu1.anypoint.mulesoft.com | 443 -|*EU*|runtime-manager.eu1.anypoint.mulesoft.com | 443 -|*EU*|analytics-ingest.eu1.anypoint.mulesoft.com | 443 -|*EU*|data-authenticator.eu1.anypoint.mulesoft.com | 443 -|*EU*|exchange2-asset-manager-kprod-eu.s3.eu-central-1.amazonaws.com | 443 -|*EU*|eu1.ingest.mulesoft.com | 8443 -|=== - - -== Static IP Addresses - -[NOTE] -As part of our continuous infrastructure improvement, MuleSoft introduces a new set of static IP addresses in Runtime Manager to augment existing ones. To avoid service disruption, allow the IP addresses or domains, depending on your network policy, through your organization's firewall before February 1st, 2024, as listed below. For more information, visit https://help.mulesoft.com/s/article/New-IP-addresses-in-Runtime-Manager-2024-February[KB: New IP addresses in Runtime Manager 2024 February ^]. - -* Allowlist these static IPs in the `US` region to access the `runtime-manager` hosts: -+ -[%header,cols="10a,60a,30a"] -|=== -|Region |Name |IP Address -|*US*|runtime-manager.anypoint.mulesoft.com |18.214.68.14 -|*US*|runtime-manager.anypoint.mulesoft.com |35.174.151.175 -|*US*|runtime-manager.anypoint.mulesoft.com |18.213.137.40 (Starting Feb 2024) -|*US*|runtime-manager.anypoint.mulesoft.com |34.232.255.44 (Starting Feb 2024) -|*US*|runtime-manager.anypoint.mulesoft.com |44.209.29.79 (Starting Feb 2024) -|=== - -* Allowlist these static IPs in the `EU` region to access the `runtime-manager` hosts: -+ -[%header,cols="10a,60a,30a"] -|=== -|Region |Name |IP Address -|*EU*|runtime-manager.eu1.anypoint.mulesoft.com |18.185.141.77 -|*EU*|runtime-manager.eu1.anypoint.mulesoft.com |3.123.216.217 -|*EU*|runtime-manager.eu1.anypoint.mulesoft.com |3.127.253.183 (Starting Feb 2024) -|=== - -== Dynamic IP Addresses - -Some of the IP addresses used by Anypoint Platform services are assigned automatically by the underlying cloud infrastructure. Because these are dynamic, do not implement an allowlist based on the specific IP addresses assigned to Anypoint services. - -Many firewall devices allow you to define Layer 7 firewall rules so that you can filter by destination name or application type. - -Include the following fully qualified hostnames in your Layer 7 firewall rules: - -[%header,cols="10a,60a"] -|=== -|Region |Hostname -|*US*|anypoint.mulesoft.com -|*US*|analytics-ingest.anypoint.mulesoft.com -|*US*|data-authenticator.anypoint.mulesoft.com -|*US*| us1.ingest.mulesoft.com -|*US-GOV*|runtime-manager.gov.anypoint.mulesoft.com -|*US-GOV*|data-authenticator.gov.anypoint.mulesoft.com -|*US-GOV*|gov.anypoint.mulesoft.com -|*EU*|eu1.anypoint.mulesoft.com -|*EU*|analytics-ingest.eu1.anypoint.mulesoft.com -|*EU*|data-authenticator.eu1.anypoint.mulesoft.com -|*EU*|eu1.ingest.mulesoft.com -|=== - -=== Allowlist - -Allowlist the following URLs, the valid Agents are only 1.12.0+ (in Mule 3.x) and 2.2.0+ (in Mule 4.x): - -[%header,cols="30a,60a"] -|=== -|URL |Description -|runtime-manager.anypoint.mulesoft.com| Connection for ARM management capabilities (*public-cert agents*) -|data-authenticator.anypoint.mulesoft.com| Connection to the metrics ingestion service of arm-monitoring stack (*public-cert agents*) -|=== diff --git a/runtime-manager/modules/ROOT/pages/runtime-dep-serv-limits.adoc b/runtime-manager/modules/ROOT/pages/runtime-dep-serv-limits.adoc deleted file mode 100644 index 760bcc54d..000000000 --- a/runtime-manager/modules/ROOT/pages/runtime-dep-serv-limits.adoc +++ /dev/null @@ -1,42 +0,0 @@ -= Deployment and Server Scaling -ifndef::env-site,env-github[] -include::_attributes.adoc[] -endif::[] -:page-deployment-options: hybrid - -To ensure platform stability and performance, Anypoint Platform provides the following recommended and hard limits on the number of deployments, targets, and servers in a hybrid deployment scenario. These limits are specific to an environment in a business group. - -[NOTE] -A _target_ is any destination for a Mule app, such as a server group, cluster, or on-premises Mule instance. -For example, a server group comprised of 8 servers (Mule instances) constitutes a single target. - -To create additional deployments or servers beyond these limits, you can use different accounts, environments, or business groups. To exceed these limits within the same environment, contact your customer success representative. - -The tested and recommended limits on the number of deployments in a hybrid deployment scenario are: - -[%header%autowidth.spread] -|=== -| Component | Tested/Recommended Limit -| Maximum number of deployments per environment | 1000 -| Maximum number of deployments per hybrid target (not Runtime Fabric) | 200 -| Maximum number of properties per application | 300 -| Maximum deployment size for CloudHub and standalone | 200 MB -| Maximum deployment size for CloudHub 2.0 and Runtime Fabric | 350 MB -|=== - -The hard limits on the number of servers in a hybrid deployment scenario are: - -[%header%autowidth.spread] -|=== -| Component | Hard Limit -| Maximum number of servers (not Runtime Fabric) | 500 -| Maximum number of servers per server group | 20 -| Maximum number of servers per cluster | 8 -|=== - -You can have a maximum of 500 servers which you can combine in any desired number of clusters or server groups. The maximum number of server group-cluster combinations is also 500. - - -== See Also - -* xref:managing-servers.adoc[] \ No newline at end of file