CloudHub 2.0 - Explained Simply
CloudHub 2.0 is the newer version of MuleSoft’s managed platform for running APIs and integrations. It improves on CloudHub 1.0 by giving you more control, better security, and stronger scalability.
In CloudHub 1.0, applications ran on shared workers within a single AWS region. CloudHub 2.0 moves away from that model and provides isolated environments with dedicated infrastructure. This means better performance, more control over networking, and improved security.
This guide focuses on how networking works in CloudHub 2.0 and how it helps you build scalable and secure integrations.
Updated Terminology
Before diving into features, it helps to understand that some terms have changed in CloudHub 2.0. These updates reflect the new architecture and make it easier to work with advanced capabilities.
Key Features of CloudHub 2.0
CloudHub 2.0 introduces several improvements to make managing applications easier and more flexible.
1. Ingress Controller (Previously HTTP Load Balancer)
The ingress controller is the entry point for all external traffic coming into your application.
Smart traffic routing
Incoming requests are distributed across application instances using an NGINX-based controller. This helps balance load and avoids downtime during deployments.
Connection handling
Each request creates two connections - one from the client to the ingress and another from ingress to the Mule app. Idle connections are automatically closed after a set time (default is 300 seconds), which you can adjust.
Supported ports and protocols
Port 443 (HTTPS) is used for secure communication
Port 80 (HTTP) is allowed only inside private environments
TLS configuration
You can manage certificates, define trusted authorities, and even enable mutual TLS for stronger security.
Custom domains
You can map your own domain (like api.example.com) to your application using DNS and simple configuration.
2. DNS Management
CloudHub 2.0 automatically creates and manages DNS records for your applications.
Public endpoint
Used to access your app from outside:
...cloudhub.io
Internal endpoint
Used within private environments for secure communication between apps.
How it works
Public traffic is routed through ingress, while internal traffic stays within the private network.
TTL settings
DNS updates are quick (default 60 seconds), but you can customize this if needed.
### 3. Shared Spaces vs Private Spaces
CloudHub 2.0 provides two types of environments:
Shared Spaces
Applications share infrastructure
Incoming requests go through a shared ingress
Outbound traffic is open by default (no restrictions)
Private Spaces
Fully isolated environments
Dedicated ingress and stricter security controls
You can define firewall and traffic rules
Inbound Traffic
Shared Spaces
Requests go through a shared ingress and are routed to the app.
Private Spaces
Requests go through a dedicated ingress, and security rules (like IP restrictions) are applied before reaching the app.
Outbound Traffic
Shared Spaces
Apps can call external services freely.Private Spaces
Outbound traffic is controlled using rules such as:Allowed protocols (HTTP, HTTPS, TCP)
Destination IPs or domains
Ports
Traffic can also be routed through NAT, VPN, or other secure network setups.
For internal communication, using internal DNS is recommended to keep traffic private.
4. High Availability and Scaling
CloudHub 2.0 is designed to keep your applications running smoothly.
Multi-zone deployment
Applications run across multiple availability zones, so if one fails, another takes over.
Self-healing
If an application instance fails, it is automatically restarted.
Auto-scaling
Applications scale up or down based on usage (CPU, memory, etc.)
Infrastructure also scales automatically if more capacity is needed
5. Advanced Capabilities
For more complex setups, CloudHub 2.0 offers:
Service mesh (Istio)
Helps manage traffic between services and adds security with mTLS.
Network policies
Fine control over how applications communicate internally.
Egress control
Route all outgoing traffic through a central system for monitoring or compliance.
Why This Matters
CloudHub 2.0 gives you much better control over how your applications connect, communicate, and scale. By understanding how traffic flows (both in and out), DNS works, and how environments differ, you can design more secure and reliable integrations.
Final Thoughts
CloudHub 2.0 is not just an upgrade - it’s a move toward a more modern, cloud-native way of building integrations.
With stronger networking controls and better scalability, teams can build systems that are both flexible and secure.
If you’re planning to move from CloudHub 1.0 or starting fresh, pay close attention to your networking design. It plays a big role in how well your system performs and how secure it is.
Top comments (0)