US Fortune-500 financial services organisation

Ultra performant, secure and Kubernetes friendly integration on AWS

REGION  Americas
SECTOR  Financial Services
PRODUCT  Open Source

US Fortune-500 financial services organization and Tyk

The user, an American Fortune-500 organisation focusing on financial services, has deployed Tyk Open Source Software to AWS Cloud within self-managed Kubernetes clusters.

Who is the user?

  • A Fortune-500 financial services organisation
  • Specialising in insurance and investment
  • Based in the US
  • Works with clients across the Americas region

Why did the user need an API gateway and management solution?

The user needed an automatible, cloud native API gateway that could easily be deployed to AWS Cloud within Kubernetes clusters.

This led the user to look at API open source gateways. The company found Tyk to be a truly vendor agnostic solution as well as being the most robust to build on top. The fact that Tyk solution is built from the ground up in Golang, and not dependent on any 3rd party underlying technology was an important factor for the user in ultimately selecting Tyk.

The move to Tyk also meant that the Fortune-500 financial services organisation was able to address its previous vendor lock-in issue and, if desired, could easily lift & shift the existing Tyk deployment from AWS to an alternative cloud vendor.

Why Tyk?

Tyk isn’t the only solution on the market, so what was it that made the user decide to put their trust in Tyk to manage their internal APIs, empowering them to better serve their financial customers?

The user’s development organization has long been a proponent of OSS and heavily relies on OSS in the development and delivery of services.  Given Tyk’s OSS roots and continued stewardship of the open-source community,  it was a natural fit.

More than anything, it was the ease with which Tyk could be deployed into nearly any environment. It was the ‘batteries included’ nature of having a fully featured, enterprise-grade API Gateway out of the box. Along with an Enterprise support SLA which gives the user 24/7 access to the global Tyk support team.

How has the user deployed Tyk? (AWS Cloud)

Tyk has been deployed to the user’s AWS cloud to support and manage their APIs and API traffic.

The user has a deployment of Node.js, RESTful microservices running within self-managed Kubernetes clusters.  The Tyk gateways reside within these clusters for the purposes of fronting and managing the flow of API traffic to these microservices.  Tyk is load balanced by an Amazon Classic ELB, behind which, the user has deployed Tyk Gateways in a high availability configuration. With four Tyk gateways deployed across each of the AWS East Availability Zones, making twelve in total.

The Tyk gateways utilize Redis out of the box for API keys and in-memory data storage.  However, to not lock users into a specific database vendor, Tyk does not confine users to Redis as their only deployment option.  Given that freedom of choice, for both deployments, the user opted to use Amazon ElastiCache instead to better align with their current usage of AWS tooling. On Average, this environment handles 1 million API requests per hour.

The user has also developed and deployed their own orchestration layer, which performs a similar set of functions to Tyk’s Open Source Operator.  The user is also utilizing Tyk Pump to send analytics in real time to their existing New Relic platform. One of the many integrations that Tyk Pump offers out of the box.

The Tyk OS Gateway has been developed to be cloud agnostic and in this use case has been deployed alongside the user’s existing Postgres SQL databases which stores the custom API keys and persistent API metadata.

In total, the user has created 4 separate environments:  Dev, INT, QA and Prod.

Components installed: gateway, redis (elasticache), pump –  Load balancing: Amazon Classic ELB, in tcp forwarding mode (ELB not terminating TLS) –  WAFs: none –  Connectivity between components: Redis (elasticache) using TLS over 6379 –  Location of installation: us-east-1 (aws Virginia), multi-az –  Platform solution is installed on: AWS, self-managed kubernetes also on AWS –  Operating system used: Tyk gateway and pump built on alpine docker image, run on Flatcar (stable)

What difference has using Tyk made?

The user is benefitting from choosing Tyk in several ways. Ultra performant, secure and Kubernetes friendly integration.

The ability to write custom logic in a wide variety of programming languages is a further benefit to user, which has made it easy to build out a number of custom microservices. Ultimately, the Tyk solution is helping the user better manage resources and cutting costs on tooling significantly. It is keeping the organisation from having vendor lock-in with cloud providers or other tooling, while the Tyk Sync open source tool supports continuous integration & development.

Tyk has, quite simply, provided the best gateway on the market, with the ability to achieve everything the user needs, through an open source, powerful gateway at no charge. A major benefit is Tyk’s willingness to support the open source only product under an Enterprise Support SLA.

If you are interested in learning more about Tyk’s suite of OSS feel free to get in touch here.