Tyk API Gateway is available in 3 products
Tyk -opensource
Tyk Cloud
Tyk-pro
Tyk-components overview:
I have tested the Tyk-opensource by installing it in GKE in safi-sandbox-tykapigw
GCP project. Here are the details.
Installed the tyk-opensource with kubernetes manifests files and expose the gatway to external Loadbalancer(i.e. GCP LB it’s external IP: 34.143.200.247).
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro tyk-oss-k8s-deployment % kubectl get all -l app=tyk-gtw NAME READY STATUS RESTARTS AGE pod/tyk-gtw-7bf9f98cf6-2md8s 1/1 Running 0 45h NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/tyk-svc LoadBalancer 172.104.0.164 34.143.200.247 8080:31685/TCP 45h NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/tyk-gtw 1/1 1 1 45h NAME DESIRED CURRENT READY AGE replicaset.apps/tyk-gtw-7bf9f98cf6 1 1 1 45h bahrathkumaraju@Bahrathkumarajus-MacBook-Pro tyk-oss-k8s-deployment % kubectl get all -l app=redis NAME READY STATUS RESTARTS AGE pod/redis-9d4d847b4-k9j8p 1/1 Running 0 45h NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/redis ClusterIP 172.104.0.16 <none> 6379/TCP 45h NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/redis 1/1 1 1 45h NAME DESIRED CURRENT READY AGE replicaset.apps/redis-9d4d847b4 1 1 1 45h bahrathkumaraju@Bahrathkumarajus-MacBook-Pro tyk-oss-k8s-deployment %
Once the tyk-gtw up and running as mentioned above we can create the API’s with below endpoints.
Test the tyk-apigw health:
Below is the GET request endpoint to check the status for tyk-apigw
GET --> http://34.143.200.247:8080/hello
Create the first API wth tyk-apigw:
Below is the POST request endpoint with body to create the api in tyk.
POST --> http://34.143.200.247:8080/tyk/apis
{ "name": "Test API", "slug": "test-api", "api_id": "Hello-World", "org_id": "1", "use_keyless": true, "auth": { "auth_header_name": "Authorization" }, "definition": { "location": "header", "key": "x-api-version" }, "version_data": { "not_versioned": true, "versions": { "Default": { "name": "Default", "use_extended_paths": true } } }, "proxy": { "listen_path": "/hello-world/", "target_url": "http://34.143.200.247:8080/", "strip_listen_path": true }, "active": true }
Reload API wth tyk-apigw:
Below is the endpoint to reload the API’s
http://34.143.200.247:8080/tyk/reload
GET APIs wth tyk-apigw:
Get the hello-world API created in the previous step.
http://34.143.200.247:8080/tyk/apis/Hello-World/
I have requested a license key for tyk-pro so that we can test the full features of the product with dashboards and analytics
Tyk self-Managed (or) Tyk-pro installation in GKE with helm:
https://github.com/TykTechnologies/tyk-helm-chart/tree/master/tyk-pro This chart provides a full Tyk API Management platform including
Tyk Manager (Tyk dashboard)
Tyk Gateway (OSS)
Tyk pumpand MDCB (Multi Data-centre Bridge).
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % kubectl get nodes -o wide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME gke-apigwtyk-tykgw-pool-55d19b71-4qss Ready <none> 32m v1.22.8-gke.201 10.2.0.5 34.126.184.102 Container-Optimized OS from Google 5.10.90+ containerd://1.5.4 gke-apigwtyk-tykgw-pool-55d19b71-btfv Ready <none> 32m v1.22.8-gke.201 10.2.0.4 34.143.252.189 Container-Optimized OS from Google 5.10.90+ containerd://1.5.4 gke-apigwtyk-tykgw-pool-5bf8129e-fpz3 Ready <none> 32m v1.22.8-gke.201 10.2.0.3 34.124.165.53 Container-Optimized OS from Google 5.10.90+ containerd://1.5.4 gke-apigwtyk-tykgw-pool-5bf8129e-fzzj Ready <none> 32m v1.22.8-gke.201 10.2.0.2 34.142.179.71 Container-Optimized OS from Google 5.10.90+ containerd://1.5.4 bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % kubectl create namespace tyk-ingress namespace/tyk-ingress created bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git %
Add helm repos bitnami
and tyk-helm
to install bitnami/mongodb
and bitnami/redis
for the tyk-apigateway.
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % helm repo list | grep -i bitnami bitnami https://charts.bitnami.com/bitnami bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % helm repo list | grep -i tyk-helm tyk-helm https://helm.tyk.io/public/helm/charts/ bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git %
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % helm search repo bitnami/mongodb NAME CHART VERSION APP VERSION DESCRIPTION bitnami/mongodb 12.1.19 5.0.9 MongoDB(R) is a relational open source NoSQL da... bitnami/mongodb-sharded 5.0.11 5.0.9 MongoDB(R) is an open source NoSQL database tha... bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % helm search repo bitnami/redis NAME CHART VERSION APP VERSION DESCRIPTION bitnami/redis 16.12.0 6.2.7 Redis(R) is an open source, advanced key-value ... bitnami/redis-cluster 7.6.2 6.2.7 Redis(R) is an open source, scalable, distribut... bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git %
Install the mongodb and redis helm charts as it pre-requsite for the tyk-pro installation.
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % kubectl create namespace tyk namespace/tyk created bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % helm install tyk-mongo bitnami/mongodb --version 11.2.0 --set "replicaSet.enabled=true" -n tyk NAME: tyk-mongo LAST DEPLOYED: Mon Jun 13 19:56:34 2022 NAMESPACE: tyk STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: CHART NAME: mongodb CHART VERSION: 11.2.0 APP VERSION: 4.4.13 ** Please be patient while the chart is being deployed ** MongoDB® can be accessed on the following DNS name(s) and ports from within your cluster: tyk-mongo-mongodb.tyk.svc.cluster.local To get the root password run: export MONGODB_ROOT_PASSWORD=$(kubectl get secret --namespace tyk tyk-mongo-mongodb -o jsonpath="{.data.mongodb-root-password}" | base64 --decode) To connect to your database, create a MongoDB® client container: kubectl run --namespace tyk tyk-mongo-mongodb-client --rm --tty -i --restart='Never' --env="MONGODB_ROOT_PASSWORD=$MONGODB_ROOT_PASSWORD" --image docker.io/bitnami/mongodb:4.4.13-debian-10-r52 --command -- bash Then, run the following command: mongosh admin --host "tyk-mongo-mongodb" --authenticationDatabase admin -u root -p $MONGODB_ROOT_PASSWORD To connect to your database from outside the cluster execute the following commands: kubectl port-forward --namespace tyk svc/tyk-mongo-mongodb 27017:27017 & mongosh --host 127.0.0.1 --authenticationDatabase admin -p $MONGODB_ROOT_PASSWORD bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % export MONGODB_ROOT_PASSWORD=$(kubectl get secret --namespace tyk tyk-mongo-mongodb -o jsonpath="{.data.mongodb-root-password}" | base64 --decode) bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % echo $MONGODB_ROOT_PASSWORD rYdLnowJ49
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % helm install tyk-redis bitnami/redis -n tyk NAME: tyk-redis LAST DEPLOYED: Mon Jun 13 19:57:22 2022 NAMESPACE: tyk STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: CHART NAME: redis CHART VERSION: 16.12.1 APP VERSION: 6.2.7 ** Please be patient while the chart is being deployed ** Redis® can be accessed on the following DNS names from within your cluster: tyk-redis-master.tyk.svc.cluster.local for read/write operations (port 6379) tyk-redis-replicas.tyk.svc.cluster.local for read-only operations (port 6379) To get your password run: export REDIS_PASSWORD=$(kubectl get secret --namespace tyk tyk-redis -o jsonpath="{.data.redis-password}" | base64 -d) To connect to your Redis® server: 1. Run a Redis® pod that you can use as a client: kubectl run --namespace tyk redis-client --restart='Never' --env REDIS_PASSWORD=$REDIS_PASSWORD --image docker.io/bitnami/redis:6.2.7-debian-11-r3 --command -- sleep infinity Use the following command to attach to the pod: kubectl exec --tty -i redis-client \ --namespace tyk -- bash 2. Connect using the Redis® CLI: REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h tyk-redis-master REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h tyk-redis-replicas To connect to your database from outside the cluster execute the following commands: kubectl port-forward --namespace tyk svc/tyk-redis-master 6379:6379 & REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h 127.0.0.1 -p 6379 bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % export REDIS_PASSWORD=$(kubectl get secret --namespace tyk tyk-redis -o jsonpath="{.data.redis-password}" | base64 -d) bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % echo $REDIS_PASSWORD YPHvVcVtgi bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git %
Install the tyk-pro
with the below helm chart but getting the connection error with the tyk-dashboard
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % helm install tyk-pro -f ./values.yaml ./tyk-helm-chart/tyk-pro -n tyk --wait NAME: tyk-pro LAST DEPLOYED: Mon Jun 13 19:58:58 2022 NAMESPACE: tyk STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: - If you enabled the Dashboard bootstraping option (.Value.dash.bootstrap), you can find the login details by running the following commands inside your tyk namespace: For the URL: (kubectl get nodes --selector=kubernetes.io/role!=master -o jsonpath='{.items[0].status.addresses[?(@.type=="ExternalIP")].address}'), if you're using Minikube then: (minikube ip) would be sufficient" For the port: (kubectl get --namespace tyk -o jsonpath="{.spec.ports[0].nodePort}" services dashboard-svc-tyk-pro)" For username: "bharath.dasaraju@advancegroup.com" For password: (kubectl get secret --namespace tyk tyk-pro-login-details -o jsonpath="{.data.TYK_PASS}" | base64 --decode) > Please note, if you're using an ingress for the dashboard to find out your URL and port please see the steps below: > URL can be accessed here: "tyk-dashboard.local" > For the port run: (kubectl get --namespace tyk -o jsonpath="{.spec.ports[0]}" services dashboard-svc-tyk-pro) At this point, Tyk Pro is fully installed and should be accessible. You might want to install Tyk Operator next to manage Ingress resources or manage your APIs. [Tyk Operator](https://github.com/TykTechnologies/tyk-operator/) Inside tyk namespace there is secret named: "tyk-operator-conf", which is used by our Tyk Operator. This is created by default and can be tuned off by setting the .Values.bootstrap to false. bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git %
bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git % kubectl get all -n tyk NAME READY STATUS RESTARTS AGE pod/dashboard-tyk-pro-69f44fcdb7-xjgk8 1/1 Running 0 13m pod/gateway-tyk-pro-5nqw7 1/1 Running 0 14m pod/gateway-tyk-pro-bhxlh 1/1 Running 0 14m pod/gateway-tyk-pro-kfdf5 1/1 Running 0 14m pod/gateway-tyk-pro-lsv5m 1/1 Running 0 14m pod/pump-tyk-pro-687869bc95-w7n5n 1/1 Running 0 14m pod/tyk-mongo-mongodb-856cfd94cf-pjz6l 1/1 Running 0 16m pod/tyk-redis-master-0 1/1 Running 0 16m pod/tyk-redis-replicas-0 1/1 Running 0 16m pod/tyk-redis-replicas-1 1/1 Running 0 15m pod/tyk-redis-replicas-2 1/1 Running 0 14m NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/dashboard-svc-tyk-pro LoadBalancer 172.106.0.181 35.186.155.83 3000:31206/TCP 14m service/gateway-svc-tyk-pro LoadBalancer 172.106.3.195 34.126.175.61 8080:31834/TCP 14m service/tyk-mongo-mongodb ClusterIP 172.106.0.111 <none> 27017/TCP 16m service/tyk-redis-headless ClusterIP None <none> 6379/TCP 16m service/tyk-redis-master ClusterIP 172.106.1.31 <none> 6379/TCP 16m service/tyk-redis-replicas ClusterIP 172.106.3.24 <none> 6379/TCP 16m NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE daemonset.apps/gateway-tyk-pro 4 4 4 4 4 <none> 14m NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/dashboard-tyk-pro 1/1 1 1 14m deployment.apps/pump-tyk-pro 1/1 1 1 14m deployment.apps/tyk-mongo-mongodb 1/1 1 1 16m NAME DESIRED CURRENT READY AGE replicaset.apps/dashboard-tyk-pro-59d7dcc8c9 0 0 0 14m replicaset.apps/dashboard-tyk-pro-69f44fcdb7 1 1 1 13m replicaset.apps/pump-tyk-pro-687869bc95 1 1 1 14m replicaset.apps/tyk-mongo-mongodb-856cfd94cf 1 1 1 16m NAME READY AGE statefulset.apps/tyk-redis-master 1/1 16m statefulset.apps/tyk-redis-replicas 3/3 16m bahrathkumaraju@Bahrathkumarajus-MacBook-Pro git %
Tyk-apigw and dashboard both works fine as well
apigw status endpoint : http://34.126.175.61:8080/hello
tyk dashboard endpoint: http://35.186.155.83:3000
Tyk-Dashboard: http://35.186.155.83:3000
Tyk-apigw endpoint: http://34.126.175.61:8080/hello
Attachments:
tyk_components_overview.png (image/png)
image-20220613-020111.png (image/png)
image-20220613-020600.png (image/png)
image-20220613-020722.png (image/png)
image-20220613-020937.png (image/png)
image-20220613-064427.png (image/png)
image-20220613-121809.png (image/png)
image-20220613-121931.png (image/png)