Managing Hybrid Gateways
Introduction
Tyk Hybrid allows you to run a flexible and scalable SaaS solution. With Tyk Hybrid, the Management layer is hosted and managed by Tyk in AWS with the Gateway(s) deployed locally and managed by you with your own Data Centre, Public or Private Cloud or even on your own machine.
Tyk’s Hybrid option provides you with a Tyk-hosted Cloud deployment, with the ability to deploy local Gateway across multiple locations. The Tyk hosted portion will include the Dashboard and Developer Portal. It would also allow you to run Tyk Pump locally, to maintain analytics and metrics within your chosen DB.
The connection between Hybrid Gateways and Tyk Cloud is always initiated from the Hybrid Gateway, not Tyk Cloud. As an example, you, as a customer, don’t need to start punching holes in firewalls for inbound connections from Tyk Cloud.
Hybrid Gateways in a Kubernetes Cluster
This Helm Chart provides a method of adding Hybrid Gateways into your Kubernetes cluster. The Hybrid Gateways can be connected to Tyk Cloud or to a Tyk Self managed Control plane (a.k.a MDCB/Tyk Multi Data Centre Bridge (MDCB)).
Prerequisites
-
Redis: It is required for all Tyk installations and must be installed in the cluster or reachable from inside K8s.
-
Tyk Cloud Account: You need to set up a Tyk Cloud account Getting Started with Tyk Cloud (With CP deployment set-up)
Installation
This is Tyk’s official Helm Charts repository https://helm.tyk.io/public/helm/charts/.
Tyk Hybrid Helm Chart is under the name tyk-helm/tyk-hybrid
You can also find it in ArtifactHub.
If you are interested in contributing to our charts, suggesting changes, creating PRs or any other way, please use GitHub Tyk-helm-chart repo
Installation
- clone all the repo files:
helm repo add tyk-helm https://helm.tyk.io/public/helm/charts/
helm repo update
- Before we proceed with installation of the chart we need to set some custom values. To see what options are configurable on a chart and save that options to a custom values.yaml file run:
helm show values tyk-helm/tyk-hybrid > values.yaml
- For Tyk-hybrid chart we need to modify following values in your custom values.yaml file:
Launch the API Manager Dashboard. Within the API Manager Dashboard:
- Select or create your Hybrid user to be used as the login from your hybrid gateways.
Add your dashboard users organisation ID in gateway.rpc.rpcKey value Add your dashboard users API key in gateway.rpc.apiKey value Add your connection string to allow the Hybrid gateway to connect to your control plane in gateway.rpc.connString. On the Tyk Cloud Console find this value in the endpoints panel for your control plane deployment. Then we can install the chart using our custom values file:
helm install tyk-hybrid tyk-helm/tyk-hybrid -f values.yaml -n tyk
Check this (doc)[/tyk-multi-data-centre/setup-slave-data-centres/] for detailed explanation of the hybrid/worker Gateway settings.
Installing Tyk Open Source Gateway as a hybrid gateway
Now run the following command from the root of the repository:
helm install tyk-hybrid tyk-helm/tyk-hybrid -f values.yaml -n tyk
Hybrid Gateways using Docker
Note
Although these instructions are for our containerized Gateway, the required configuration changes are the same regardless of how you’re running your Gateways (Bare metal, VM, etc.), you should update the <tyk.conf> for your Gateway install instead of <tyk.hybrid.conf>
What do we mean by a Hybrid set-up?
Tyk Hybrid allows you to run a flexible and scalable SaaS solution. With Tyk Hybrid, the Management layer is hosted and managed by Tyk in AWS (for now) with the Gateway(s) deployed and managed by you, deployed locally – your own Data Centre, Public or Private Cloud or even on your own machine.
Tyk’s Hybrid option provides you with a Tyk-hosted Cloud deployment, with the ability to deploy local Gateway’s across multiple locations. The Tyk hosted portion will include the Dashboard & Developer Portal, and would also allow you to run Tyk Pump locally, to maintain analytics and metrics within your chosen DB. The connection between Hybrid Gateways and Tyk Cloud is always initiated from the Hybrid Gateway, not Tyk Cloud, i.e. you, the customer, don’t need to start punching holes in firewalls for inbound connections from Tyk Cloud.
Installation
Requirements
- Redis - This is required for all Tyk installations. You can find instructions for a simple Redis installation in the Docker repo mentioned below.
- Set up a Tyk Cloud account (With CP deployment set-up)
- Docker Repo
Steps for installation
- Firstly, clone all repo files.
- Follow the docs in the repo, there’s a tyk.hybrid.conf file that needs to be configured with the appropriate configuration items. To change these, head to your Tyk Cloud account. You need to change the following three values in <tyk.hybrid.conf>
"slave_options": {
"rpc_key": "<ORG_ID>",
"api_key": "<API-KEY>",
"connection_string": "<MDCB-INGRESS>:443",
- For the MDCB-INGRESS, choose the correct deployment and copy the MDCB URL.
-
Next, we need an ORG ID and API key from the Tyk Cloud account.
-
Launch the API Manager Dashboard.
Within the API Manager Dashboard select your Hybrid user. Under that user, copy the API key and add it. Then copy and paste the Org ID and save.
6 . Finally, edit the <docker-compose.yml> file to swap over the standalone config file to use the hybrid config file that was just configured.
From:
- ./tyk.standalone.conf:/opt/tyk-gateway/tyk.conf
To:
- ./tyk.hybrid.conf:/opt/tyk-gateway/tyk.conf
In this compose file, we’ve now got our gateway image, we’ve got Redis and we have some volume mappings.
- Run <docker compose up -d>
You should now have two running containers, a Gateway and a Redis.
Now it is time to publish a new API Task 5 - Deploy your Edge Gateway and add your first API