Back to Case Studies
Reference Architecture

Hybrid MuleSoft Platform: RTF on OpenShift

Architected a 'best-of-both-worlds' hybrid platform balancing CloudHub 2.0 for elastic scale and Runtime Fabric (RTF) on OpenShift for internal datacenter locality and compliance.

Availability
99.9%
Runtimes
Multi-Plane
Latency
<50ms
Parity
100%

Context & Problem

The enterprise faced a dual challenge: the need for public cloud agility for consumer-facing apps, versus strict data residency and low-latency requirements for core mainframe systems.

The Solution

A unified hybrid platform that steers traffic across planes seamlessly, ensuring every workload sits exactly where it belongs—cloud or datacenter—without siloed management.

Platform Topology

Hybrid MuleSoft RTF Topology

Networking & Ingress

A centralized F5 Big-IP layer handles environment-wide ingress. By using L7 SNI-based routing, we ensure that external consumer traffic is steered to CloudHub 2.0 Experience APIs, while sensitive internal orchestration requests are sent directly to the RTF cluster on OpenShift.

TLS Posture

F5 terminates public TLS, re-encrypting to mTLS for all cross-plane communication between CH 2.0 and RTF.

DNS Strategy

Unified api.domain.com namespace with path-based steering to runtime planes.

OpenShift & RTF Ops

RTF on OpenShift provides a containerized runtime within the datacenter. This architecture defers infrastructure management to the OpenShift operator while giving MuleSoft precise control over CPU/Memory isolation for mission-critical core banking services.

  • Environment Parity Identical RTF clusters in DEV/TST/STG/PRD to ensure testing validity.
  • RPO/RTO Targets Architected for 1-hour RTO using automated F5 DNS cutovers.

Executive Retrospective

"The biggest challenge wasn't the hybrid runtime—it was the initial firewall friction. If I could redo the pilot, I'd insist on a pre-approved 'Platform Wide' CIDR allow-list for CH 2.0 to RTF traffic. We spent weeks debugging individual micro-segmentation rules that could have been handled as a single infrastructure trust zone."

What I Personally Owned

  • Hybrid Platform Blueprint
  • F5 Ingress Policy Design
  • RTF on OpenShift Integration
  • mTLS Cross-Plane Security
  • Automated DR Runbooks

Technologies

CloudHub 2.0RTFOpenShiftF5 Big-IPmTLSAnypoint MQTerraform

Technical Deep-Dive

Download the 40-page reference architecture PDF.