Pass the Salesforce MuleSoft MuleSoft-Integration-Architect-I Questions and answers with Dumpstech

Explanation

● Option A says "Perform EACH DB insert in a SEPARATE DB transaction". In this case if first DB insert is successful and second one fails then first insert won't be rolled back causing inconsistency. This option is ruled out.

● Option D says Perform BOTH DB inserts in ONE DB transaction.

Rule of thumb is when one or more DB connections are required we must use XA transaction as local transactions support only one resource. So this option is also ruled out.

● Option B acknowledges the before DB processing, so message is removed from the queue. In case of system failure at later point, message can't be retrieved.

● Option C is Valid: Though it says "do not ack JMS message", message will be auto acknowledged at the end of transaction. Here is how we can ensure all components are part of XA transaction: https://docs.mulesoft.com/jms-connector/1.7/jms-transactions

Additional Information about transactions:

● XA Transactions - You can use an XA transaction to group together a series of operations from multiple transactional resources, such as JMS, VM or JDBC resources, into a single, very reliable, global transaction.

● The XA (eXtended Architecture) standard is an X/Open group standard which specifies the interface between a global transaction manager and local transactional resource managers.

The XA protocol defines a 2-phase commit protocol which can be used to more reliably coordinate and sequence a series of "all or nothing" operations across multiple servers, even servers of different types

● Use JMS ack if

– Acknowledgment should occur eventually, perhaps asynchronously

– The performance of the message receipt is paramount

– The message processing is idempotent

– For the choreography portion of the SAGA pattern

● Use JMS transactions

– For all other times in the integration you want to perform an atomic unit of work

– When the unit of work comprises more than the receipt of a single message

– To simply and unify the programming model (begin/commit/rollback)

The Kubernetes controller is implementing horizontal scalability by adding another pod replica in response to increased application load. Horizontal scaling involves adding more instances of a service or application to handle the increased load, as opposed to vertical scaling, which would involve adding more resources (CPU, RAM) to a single instance. Horizontal scaling is a key feature of cloud-native applications and is supported by Kubernetes to ensure high availability and performance.

During the API implementation phase, the integration team should use the API specification to build the MuleSoft application. This involves leveraging the defined API contract to guide the development of the API’s actual implementation. By adhering to the specification, developers ensure that the API meets the agreed-upon requirements and behaviors. This phase includes coding, integrating with backend systems, and ensuring that the implementation aligns with the design and functional requirements outlined in the API specification.

Explanation

Correct answer is When a Mule runtime on a given customer-hosted server is experiencing high memory consumption during certain periods Using Anypoint Monitoring, you can configure two different types of alerts: Basic alerts for servers and Mule apps Limit per organization: Up to 50 basic alerts for users who do not have a Titanium subscription to Anypoint Platform You can set up basic alerts to trigger email notifications when a metric you are measuring passes a specified threshold. You can create basic alerts for the following metrics for servers or Mule apps: For on-premises servers and CloudHub apps: * CPU utilization * Memory utilization * Thread count Advanced alerts for graphs in custom dashboards in Anypoint Monitoring. You must have a Titanium subscription to use this feature. Limit per organization: Up to 20 advanced alerts

Explanation

* When you create an Anypoint VPC, the range of IP addresses for the network must be specified in the form of a Classless Inter-Domain Routing (CIDR) block, using CIDR notation.

* This address space is reserved for Mule workers, so it cannot overlap with any address space used in your data center if you want to peer it with your VPC.

* To calculate the proper sizing for your Anypoint VPC, you first need to understand that the number of dedicated IP addresses is not the same as the number of workers you have deployed.

* For each worker deployed to CloudHub, the following IP assignation takes place: For better fault tolerance, the VPC subnet may be divided into up to four Availability Zones.

* A few IP addresses are reserved for infrastructure. At least two IP addresses per worker to perform at zero-downtime.

* Hence in this scenario 2048 IP's are required to support the requirement.

To hide sensitive data exchanged between API consumers and API implementations while allowing the conversion of tokenized fields back to their original values for other API requests or responses, the best approach is to use tokenization. This involves:

Tokenization Format: Create a tokenization format that will be used to apply a tokenization policy in the API gateway. This format ensures that sensitive fields in message payloads are replaced with tokenized values that maintain a similar format, making them less recognizable as sensitive data.

Tokenization Policy: Apply a tokenization policy in the API gateway that replaces sensitive data with tokenized values.

Detokenization Policy: Apply a corresponding detokenization policy in the API gateway to convert tokenized values back to their original values when required by other APIs.

This method does not require recoding the API implementations and ensures that sensitive data is protected while still being accessible in its original form when necessary.

References

MuleSoft Documentation on Tokenization Policies

API Gateway Security Best Practices

Explanation

* "Relocation of the database systems to a DMZ in the on-premises network, with Mule applications deployed to the CloudHub Shared Worker Cloud connecting only to the DMZ" is not a feasible option

* "Static IP addresses for the Mule applications deployed to the CloudHub Shared Worker Cloud, plus matching firewall rules and IP whitelisting in the on-premises network" - It is risk for sensitive data. - Even if you whitelist the database IP on your app, your app wont be able to connect to the database so this is also not a feasible option

* "An Anypoint VPC with one Dedicated Load Balancer fronting each on-premises database system, plus matching IP whitelisting in the load balancer and firewall rules in the VPC and on-premises network" Adding one VPC with a DLB for each backend system also makes no sense, is way too much work. Why would you add a LB for one system.

* Correct answer: "An Anypoint VPC connected to the on-premises network using an IPsec tunnel or AWS DirectConnect, plus matching firewall rules in the VPC and on-premises network"

IPsec Tunnel You can use an IPsec tunnel with network-to-network configuration to connect your on-premises data centers to your Anypoint VPC. An IPsec VPN tunnel is generally the recommended solution for VPC to on-premises connectivity, as it provides a standardized, secure way to connect. This method also integrates well with existing IT infrastructure such as routers and appliances. Reference: https://docs.mulesoft.com/runtime-manager/vpc-connectivity-methods-concept

Diagram Description automatically generated

Timeout Attribute:

The timeout attribute in the JMS connector specifies the maximum time allowed for a transaction to be completed. If the transaction does not complete within this specified time, it will be considered a timeout.

Transaction Management:

In the context of an Extended Architecture (XA) transaction, this timeout ensures that if the transaction is not explicitly ended within the defined time, the transaction is rolled back to maintain data consistency.

Implications of Timeout:

If the timeout is exceeded, the JMS message processing is considered unsuccessful, and all operations within the transaction are undone, which helps in avoiding partial updates and maintaining a reliable state.

Explanation

Correct answer is: Add a Mulesoft hosted Anypoint VPC configured and with VPC Peering to the AWS VPC * Connecting to your Anypoint VPC extends your corporate network and allows CloudHub workers to access resources behind your corporate firewall.

* You can connect on-premises data centers through a secured VPN tunnel, or a private AWS VPC through VPC peering, or by using AWS Direct Connect.

MuleSoft Doc Reference : https://docs.mulesoft.com/runtime-manager/virtual-private-cloud

To ensure that non-functional requirements, such as rate limiting, are clearly communicated and enforced in the designed API definitions, the project team should use API fragments for the appropriate policy. Here's why option D is correct:

API Governance and Policies: Mulesoft's API governance framework allows the definition and enforcement of policies across APIs to ensure consistency and compliance with organizational standards. These policies can include security, rate limiting, logging, and more.

Policy Fragments: By updating API definitions with policy fragments, the team can encapsulate the non-functional requirements within the API specification itself. This approach ensures that these requirements are an integral part of the API design and are automatically applied whenever the API is deployed.

Publishing to Exchange: Publishing the updated API definitions with the policy fragments to Anypoint Exchange makes them available for reuse and ensures that all stakeholders have access to the latest, compliant API specifications.

Example of adding a rate limiting policy fragment to a RAML file:

#%RAML 1.0 title: Example API version: v1 baseUri: https://api.example.com/v1 ... /* Include the rate limiting policy fragment */ uses: rateLimitPolicy: !include rate-limit-policy.raml

The rate-limit-policy.raml fragment might define the specific rate limiting rules as per the service level agreements.

References

MuleSoft API Manager

Defining and Using API Fragments