Tyk API Gateway is available in 3 products
Tyk -opensource
Tyk Cloud
Tyk-pro
Tyk-components overview:
I have tested the Tyk-opensource by installing it in GKE in safi-sandbox-tykapigw GCP project. Here are the details.
Installed the tyk-opensource with kubernetes manifests files and expose the gatway to external Loadbalancer(i.e. GCP LB it’s external IP: 34.143.200.247).
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro tyk-oss-k8s-deployment % kubectl get all -l app=tyk-gtw NAME READY STATUS RESTARTS AGE pod/tyk-gtw-7bf9f98cf6-2md8s 1/1 Running 0 45h NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/tyk-svc LoadBalancer 172.104.0.164 34.143.200.247 8080:31685/TCP 45h NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/tyk-gtw 1/1 1 1 45h NAME DESIRED CURRENT READY AGE replicaset.apps/tyk-gtw-7bf9f98cf6 1 1 1 45h bahrathkumaraju@Bahrathkumarajus-MacBook-Pro tyk-oss-k8s-deployment % kubectl get all -l app=redis NAME READY STATUS RESTARTS AGE pod/redis-9d4d847b4-k9j8p 1/1 Running 0 45h NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/redis ClusterIP 172.104.0.16 <none> 6379/TCP 45h NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/redis 1/1 1 1 45h NAME DESIRED CURRENT READY AGE replicaset.apps/redis-9d4d847b4 1 1 1 45h bahrathkumaraju@Bahrathkumarajus-MacBook-Pro tyk-oss-k8s-deployment %
Once the tyk-gtw up and running as mentioned above we can create the API’s with below endpoints.
Test the tyk-apigw health:
Below is the GET request endpoint to check the status for tyk-apigw
GET --> http://34.143.200.247:8080/hello
Create the first API wth tyk-apigw:
Below is the POST request endpoint with body to create the api in tyk.
POST --> http://34.143.200.247:8080/tyk/apis
{
"name": "Test API",
"slug": "test-api",
"api_id": "Hello-World",
"org_id": "1",
"use_keyless": true,
"auth": {
"auth_header_name": "Authorization"
},
"definition": {
"location": "header",
"key": "x-api-version"
},
"version_data": {
"not_versioned": true,
"versions": {
"Default": {
"name": "Default",
"use_extended_paths": true
}
}
},
"proxy": {
"listen_path": "/hello-world/",
"target_url": "http://34.143.200.247:8080/",
"strip_listen_path": true
},
"active": true
}
Reload API wth tyk-apigw:
Below is the endpoint to reload the API’s
http://34.143.200.247:8080/tyk/reload
GET APIs wth tyk-apigw:
Get the hello-world API created in the previous step.
http://34.143.200.247:8080/tyk/apis/Hello-World/
I have requested a license key for tyk-pro so that we can test the full features of the product with dashboards and analytics
Tyk self-Managed (or) Tyk-pro installation in GKE with helm:
https://github.com/TykTechnologies/tyk-helm-chart/tree/master/tyk-pro This chart provides a full Tyk API Management platform including
Tyk Manager (Tyk dashboard)
Tyk Gateway (OSS)
Tyk pumpand MDCB (Multi Data-centre Bridge).
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % kubectl get nodes -o wide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME gke-apigwtyk-tykgw-pool-55d19b71-4qss Ready <none> 32m v1.22.8-gke.201 10.2.0.5 34.126.184.102 Container-Optimized OS from Google 5.10.90+ containerd://1.5.4 gke-apigwtyk-tykgw-pool-55d19b71-btfv Ready <none> 32m v1.22.8-gke.201 10.2.0.4 34.143.252.189 Container-Optimized OS from Google 5.10.90+ containerd://1.5.4 gke-apigwtyk-tykgw-pool-5bf8129e-fpz3 Ready <none> 32m v1.22.8-gke.201 10.2.0.3 34.124.165.53 Container-Optimized OS from Google 5.10.90+ containerd://1.5.4 gke-apigwtyk-tykgw-pool-5bf8129e-fzzj Ready <none> 32m v1.22.8-gke.201 10.2.0.2 34.142.179.71 Container-Optimized OS from Google 5.10.90+ containerd://1.5.4 bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % kubectl create namespace tyk-ingress namespace/tyk-ingress created bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git %
Add helm repos bitnami and tyk-helm to install bitnami/mongodb and bitnami/redis for the tyk-apigateway.
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % helm repo list | grep -i bitnami bitnami https://charts.bitnami.com/bitnami bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % helm repo list | grep -i tyk-helm tyk-helm https://helm.tyk.io/public/helm/charts/ bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git %
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % helm search repo bitnami/mongodb NAME CHART VERSION APP VERSION DESCRIPTION bitnami/mongodb 12.1.19 5.0.9 MongoDB(R) is a relational open source NoSQL da... bitnami/mongodb-sharded 5.0.11 5.0.9 MongoDB(R) is an open source NoSQL database tha... bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % helm search repo bitnami/redis NAME CHART VERSION APP VERSION DESCRIPTION bitnami/redis 16.12.0 6.2.7 Redis(R) is an open source, advanced key-value ... bitnami/redis-cluster 7.6.2 6.2.7 Redis(R) is an open source, scalable, distribut... bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git %
Install the mongodb and redis helm charts as it pre-requsite for the tyk-pro installation.
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % kubectl create namespace tyk
namespace/tyk created
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % helm install tyk-mongo bitnami/mongodb --version 11.2.0 --set "replicaSet.enabled=true" -n tyk
NAME: tyk-mongo
LAST DEPLOYED: Mon Jun 13 19:56:34 2022
NAMESPACE: tyk
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: mongodb
CHART VERSION: 11.2.0
APP VERSION: 4.4.13
** Please be patient while the chart is being deployed **
MongoDB® can be accessed on the following DNS name(s) and ports from within your cluster:
tyk-mongo-mongodb.tyk.svc.cluster.local
To get the root password run:
export MONGODB_ROOT_PASSWORD=$(kubectl get secret --namespace tyk tyk-mongo-mongodb -o jsonpath="{.data.mongodb-root-password}" | base64 --decode)
To connect to your database, create a MongoDB® client container:
kubectl run --namespace tyk tyk-mongo-mongodb-client --rm --tty -i --restart='Never' --env="MONGODB_ROOT_PASSWORD=$MONGODB_ROOT_PASSWORD" --image docker.io/bitnami/mongodb:4.4.13-debian-10-r52 --command -- bash
Then, run the following command:
mongosh admin --host "tyk-mongo-mongodb" --authenticationDatabase admin -u root -p $MONGODB_ROOT_PASSWORD
To connect to your database from outside the cluster execute the following commands:
kubectl port-forward --namespace tyk svc/tyk-mongo-mongodb 27017:27017 &
mongosh --host 127.0.0.1 --authenticationDatabase admin -p $MONGODB_ROOT_PASSWORD
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % export MONGODB_ROOT_PASSWORD=$(kubectl get secret --namespace tyk tyk-mongo-mongodb -o jsonpath="{.data.mongodb-root-password}" | base64 --decode)
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % echo $MONGODB_ROOT_PASSWORD
rYdLnowJ49
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % helm install tyk-redis bitnami/redis -n tyk
NAME: tyk-redis
LAST DEPLOYED: Mon Jun 13 19:57:22 2022
NAMESPACE: tyk
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: redis
CHART VERSION: 16.12.1
APP VERSION: 6.2.7
** Please be patient while the chart is being deployed **
Redis® can be accessed on the following DNS names from within your cluster:
tyk-redis-master.tyk.svc.cluster.local for read/write operations (port 6379)
tyk-redis-replicas.tyk.svc.cluster.local for read-only operations (port 6379)
To get your password run:
export REDIS_PASSWORD=$(kubectl get secret --namespace tyk tyk-redis -o jsonpath="{.data.redis-password}" | base64 -d)
To connect to your Redis® server:
1. Run a Redis® pod that you can use as a client:
kubectl run --namespace tyk redis-client --restart='Never' --env REDIS_PASSWORD=$REDIS_PASSWORD --image docker.io/bitnami/redis:6.2.7-debian-11-r3 --command -- sleep infinity
Use the following command to attach to the pod:
kubectl exec --tty -i redis-client \
--namespace tyk -- bash
2. Connect using the Redis® CLI:
REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h tyk-redis-master
REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h tyk-redis-replicas
To connect to your database from outside the cluster execute the following commands:
kubectl port-forward --namespace tyk svc/tyk-redis-master 6379:6379 &
REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h 127.0.0.1 -p 6379
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % export REDIS_PASSWORD=$(kubectl get secret --namespace tyk tyk-redis -o jsonpath="{.data.redis-password}" | base64 -d)
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % echo $REDIS_PASSWORD
YPHvVcVtgi
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git %
Install the tyk-pro with the below helm chart but getting the connection error with the tyk-dashboard
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % helm install tyk-pro -f ./values.yaml ./tyk-helm-chart/tyk-pro -n tyk --wait
NAME: tyk-pro
LAST DEPLOYED: Mon Jun 13 19:58:58 2022
NAMESPACE: tyk
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
- If you enabled the Dashboard bootstraping option (.Value.dash.bootstrap), you can find the login details by running the following commands inside your tyk namespace:
For the URL: (kubectl get nodes --selector=kubernetes.io/role!=master -o jsonpath='{.items[0].status.addresses[?(@.type=="ExternalIP")].address}'), if you're using Minikube then: (minikube ip) would be sufficient"
For the port: (kubectl get --namespace tyk -o jsonpath="{.spec.ports[0].nodePort}" services dashboard-svc-tyk-pro)"
For username: "bharath.dasaraju@advancegroup.com"
For password: (kubectl get secret --namespace tyk tyk-pro-login-details -o jsonpath="{.data.TYK_PASS}" | base64 --decode)
> Please note, if you're using an ingress for the dashboard to find out your URL and port please see the steps below:
> URL can be accessed here: "tyk-dashboard.local"
> For the port run: (kubectl get --namespace tyk -o jsonpath="{.spec.ports[0]}" services dashboard-svc-tyk-pro)
At this point, Tyk Pro is fully installed and should be accessible.
You might want to install Tyk Operator next to manage Ingress resources or manage your APIs.
[Tyk Operator](https://github.com/TykTechnologies/tyk-operator/)
Inside tyk namespace there is secret named: "tyk-operator-conf", which is used by our Tyk Operator.
This is created by default and can be tuned off by setting the .Values.bootstrap to false.
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git %
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % kubectl get all -n tyk NAME READY STATUS RESTARTS AGE pod/dashboard-tyk-pro-69f44fcdb7-xjgk8 1/1 Running 0 13m pod/gateway-tyk-pro-5nqw7 1/1 Running 0 14m pod/gateway-tyk-pro-bhxlh 1/1 Running 0 14m pod/gateway-tyk-pro-kfdf5 1/1 Running 0 14m pod/gateway-tyk-pro-lsv5m 1/1 Running 0 14m pod/pump-tyk-pro-687869bc95-w7n5n 1/1 Running 0 14m pod/tyk-mongo-mongodb-856cfd94cf-pjz6l 1/1 Running 0 16m pod/tyk-redis-master-0 1/1 Running 0 16m pod/tyk-redis-replicas-0 1/1 Running 0 16m pod/tyk-redis-replicas-1 1/1 Running 0 15m pod/tyk-redis-replicas-2 1/1 Running 0 14m NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/dashboard-svc-tyk-pro LoadBalancer 172.106.0.181 35.186.155.83 3000:31206/TCP 14m service/gateway-svc-tyk-pro LoadBalancer 172.106.3.195 34.126.175.61 8080:31834/TCP 14m service/tyk-mongo-mongodb ClusterIP 172.106.0.111 <none> 27017/TCP 16m service/tyk-redis-headless ClusterIP None <none> 6379/TCP 16m service/tyk-redis-master ClusterIP 172.106.1.31 <none> 6379/TCP 16m service/tyk-redis-replicas ClusterIP 172.106.3.24 <none> 6379/TCP 16m NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE daemonset.apps/gateway-tyk-pro 4 4 4 4 4 <none> 14m NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/dashboard-tyk-pro 1/1 1 1 14m deployment.apps/pump-tyk-pro 1/1 1 1 14m deployment.apps/tyk-mongo-mongodb 1/1 1 1 16m NAME DESIRED CURRENT READY AGE replicaset.apps/dashboard-tyk-pro-59d7dcc8c9 0 0 0 14m replicaset.apps/dashboard-tyk-pro-69f44fcdb7 1 1 1 13m replicaset.apps/pump-tyk-pro-687869bc95 1 1 1 14m replicaset.apps/tyk-mongo-mongodb-856cfd94cf 1 1 1 16m NAME READY AGE statefulset.apps/tyk-redis-master 1/1 16m statefulset.apps/tyk-redis-replicas 3/3 16m bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git %
Tyk-apigw and dashboard both works fine as well
apigw status endpoint : http://34.126.175.61:8080/hello
tyk dashboard endpoint: http://35.186.155.83:3000
Tyk-Dashboard: http://35.186.155.83:3000
Tyk-apigw endpoint: http://34.126.175.61:8080/hello
Attachments:
tyk_products.png (image/png)
tyk_components_overview.png (image/png)
image-20220613-020111.png (image/png)
image-20220613-020600.png (image/png)
image-20220613-020722.png (image/png)
image-20220613-020937.png (image/png)
image-20220613-064427.png (image/png)
image-20220613-121809.png (image/png)
image-20220613-121931.png (image/png)