Home
Deployment and Operations
API Management
Product Stack
Developer Support
APIM Best Practice

Tyk Charts 1.5 Release Notes

Last updated: 8 minutes read.

Open Source (Mozilla Public License)

This page contains all release notes for version 1.5.X displayed in a reverse chronological order

Support Lifetime

Our minor releases are supported until our next minor comes out.

1.5.0 Release Notes

Release Date 4 July 2024

Breaking Changes

This release has no breaking changes.

3rd Party Dependencies & Tools

With PostgreSQL v11 has reach EOL on November 2023, we can no longer guarantee full compatibility with this version of the database. If you are using PostgreSQL we recommend that you upgrade to a version that we have tested with, as indicated below.

Third Party Dependency Tested Versions Compatible Versions Comments
Kubernetes 1.26.x, 1.27.x, 1.28.x, 1.29.x 1.19+
Helm 3.14.x 3.x
Redis 6.2.x, 7.x 6.2.x, 7.x Used by Tyk Gateway and Dashboard
MongoDB 5.0.x, 6.0.x, 7.0.x 5.0.x, 6.0.x, 7.0.x Used by Tyk Dashboard, Pump, and MDCB
PostgreSQL 12.x - 16.x 12.x - 16.x Used by Tyk Dashboard, Pump, and MDCB

Given the time difference between your upgrade and the release of this version, we recommend customers verify the ongoing support of third-party dependencies they install, as their status may have changed since the release.

Deprecations

MDCB: Deprecated healthcheck_port and replaced with http_port

Starting with MDCB v2.6.0, the configuration parameter http_port has been introduced to replace the original healthcheck_port. This new HTTP port is designed to expose various endpoints for monitoring and debugging MDCB. For consistency and future compatibility, it is recommended to use mdcb.httpPort.

Backward compatibility:

The mdcb.httpPort parameter is backward compatible, meaning it will function correctly with all existing MDCB versions, ensuring a smooth transition.

Recommendations for users:
  • Helm Chart Adjustments: Update your Helm chart configurations to use mdcb.httpPort instead of mdcb.probes.healthcheckPort to define the HTTP port.

Upgrade instructions

For users currently on v1.4.x, we strongly recommend promptly upgrading to the latest release.

You can use helm upgrade to upgrade your release

helm repo add tyk-helm https://helm.tyk.io/public/helm/charts/
helm repo update

helm upgrade [RELEASE_NAME] tyk-helm/[CHART_NAME]

Release Highlights

Updated default Tyk versions

Tyk Charts 1.5 will install the following Tyk component versions by default.

  • Tyk Gateway v5.4.0
  • Tyk Dashboard v5.4.0
  • Tyk Pump v1.10.0
  • Tyk MDCB v2.6.0
  • Tyk Developer Portal v1.9.0
  • Tyk Operator v0.18.0
Tyk Operator is covered under the same umbrella

Tyk Operator can now be installed as an optional component alongside any of the following Tyk umbrella charts:

  • tyk-oss
  • tyk-stack
  • tyk-control-plane

With bootstrapping, the tyk-operator-conf secret will be automatically configured during the bootstrapping process. This means that the Tyk Operator will be ready for use with just one command, simplifying the deployment and configuration process.

For a comprehensive list of changes, please refer to the detailed changelog below.

Downloads

Changelog

Added
  • Gateway: Add option to enable fixed window rate limiter

    New field gateway.enableFixedWindowRateLimiter added to tyk-gateway chart.

    This feature allows users to enable fixed window rate limiter in the Gateway. The fixed window rate limiter feature permits requests up to the configured rate limit within a specified time window, after which any additional requests are blocked until the next window. This method has minimal impact on Redis and is straightforward to implement. However, it should be noted that it does not protect against traffic spikes as it lacks spike arrest behavior. The default value for this setting is false.

  • Dashboard and Gateway: Add init containers resources parameters

    Optional parameters dashboard.initContainers.initAnalyticsConf.resources and gateway.initContainers.setupDirectories.resources added to set resources for init containers in Dashboard and Gateway charts respectively.

    This feature is introduced to allow the definition of resource parameters for init containers, which is particularly useful in environments with namespace quotas that require specific resource definitions. Users can now specify the resources for init containers to comply with namespace resource quotas, ensuring that the init containers operate within the defined resource limits. The resource parameters can be defined at below locations.

    Tyk Dashboard chart

    dashboard:
  initContainers:
    initAnalyticsConf:
      resources: {}
      # If you do want to specify resources, uncomment the following
      # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
      # limits:
      #   cpu: 100m
      #   memory: 128Mi
      # requests:
      #   cpu: 100m
      #   memory: 128Mi

    Tyk Gateway chart

    gateway:
  initContainers:
    setupDirectories:
	    resources: {}
      # If you do want to specify resources, uncomment the following
      # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
      # limits:
      #   cpu: 100m
      #   memory: 128Mi
      # requests:
      #   cpu: 100m
      #   memory: 128Mi
  • MDCB: Added SSL configurations for MDCB HTTP server

    Added mdcb.httpServerOptions for SSL configuration of the MDCB HTTP server.

    This feature allows users to enable SSL for the MDCB HTTP server by configuring SSL-specific options. Users can enhance the security of their MDCB HTTP server by enabling SSL. The configuration includes settings such as useSSL, certificateKeyFile, certificateCertFile, and minVersion. For other HTTP server options, users can utilize extraEnvs to configure additional parameters.

    mdcb:
  # defines the SSL/TLS settings for the http server where the healthcheck is exposed
  httpServerOptions:
    # if enabled then the endpoints will be served over https
    useSSL: true
    certificateKeyFile: /path-to-cert-keyfile
    certificateCertFile: /path-to-certfile
    
    # For TLS 1.0 use 769, for TLS 1.1 use 770, for TLS 1.2 use 771, for TLS 1.3 use 772
    minVersion: 771
  • MDCB: Deprecated Healthcheck Port and added HTTP Port

    mdcb.httpPort added to define the port used for accessing MDCB HTTP endpoints.

    This change deprecates the previous healthcheck port in favor of using a defined HTTP port for accessing MDCB HTTP endpoints. This update streamlines the configuration by consolidating the HTTP endpoints under a single port setting, making it simpler to manage and configure the MDCB health checks.

    mdcb:
  # This is the preferred port setting for MDCB >= v2.6.0.
  # Users should use httpPort instead of probes.healthCheckPort for newer versions.
  httpPort: 8181

  probes:
    # This port lets MDCB allow standard health checks.
    # It also defines the path for liveness and readiness probes.
    # It is used to set TYK_MDCB_HEALTHCHECKPORT and TYK_MDCB_HTTPPORT when mdcb >= v2.6.0
    # This field will be deprecated in upcoming release. Use `httpPort` instead.
    # healthCheckPort: 8181
  • Add tyk-operator dependency to umbrella charts

    global.components.operator added to determine whether the Tyk Operator component should be installed.

    This feature adds a dependency on the Tyk Operator to the umbrella charts, facilitating the installation of the Tyk Operator component. Users can now easily install the Tyk Operator component by setting the global.components.operator parameter. Note that the Tyk Operator requires cert-manager to be installed beforehand. It also expects secret tyk-operator-conf is present in the installation namespace. You can enable bootstrapping at global.components.bootstrap if you are working on a new installation to have this secret created for you. Refer to the Tyk Operator installation guide for detailed information on pre-requisites.

    global:
  components:
    # operator determines whether Tyk Operator component should be installed or not.
    # Tyk Operator needs cert-manager to be installed beforehand. Make sure that cert-manager is installed.
    # For further details, please refer to https://tyk.io/docs/tyk-stack/tyk-operator/installing-tyk-operator/
    operator: false
  • Add annotations to Tyk Stack and component Helm Charts

    Introduced annotations values to the Tyk stack and component Helm charts to define annotations for Deployments or StatefulSets.

    This enhancement allows users to define custom annotations for the Deployments or StatefulSets of Tyk components. Annotations are useful for supporting automated reloading of the Gateway or other components using tools like reloader. Previously, the Helm charts did not support any annotations at the deployment level.

    Users can now add custom annotations to facilitate automation and improve the management of Tyk components. The following annotations have been added:

    • Dashboard: dashboard.annotations for Tyk Dashboard Deployment/StatefulSet
    • Dev Portal: annotations for Tyk Developer Portal Deployment/StatefulSet
    • Gateway: gateway.annotations for Tyk Gateway Deployment/StatefulSet
    • MDCB: mdcb.annotations for MDCB Deployment/StatefulSet
    • Pump: pump.annotations for Tyk Pump Deployment
Fixed
  • Dashboard: Fix misconfiguration preventing detail log display with Mongo Pump

    This fix addresses a misconfiguration in the Dashboard chart that was causing the Log Browser not showing API activity logs for users utilizing Mongo Pump. The default configuration dashboard.useShardedAnalytics is now set to true, ensuring proper log visibility. Users who use Mongo Pump will now be able to view the API activity log as expected. Additionally, the correct Dashboard environment variable TYK_DB_USESHARDEDANLAYTICS is now set using dashboard.useShardedAnalytics. This enhancement ensures accurate log visibility and improves the overall user experience with the Dashboard by properly configuring sharded analytics.

  • Gateway: Fix issue with control port and `latest` container image tag

    Resolved an issue in the Gateway chart that prevented the use of a container image with the latest tag when gateway.control.enabled is set to true.

    This fix addresses a problem in the Gateway chart where enabling the control port (gateway.control.enabled) would cause an error if the container image tag was set to latest. The helm chart template previously assumed that all images would use semantic versioning.

    Users can now use the latest tag for container images even when the control port is enabled. This enhancement removes the restriction and assumption of semantic versioning, providing more flexibility in specifying container image tags.

  • Dev Portal: Fix issue that prevent bootstrap and developer portal to be enabled at the same time

    Resolved an issue in tyk-stack and tyk-control-plane chart that prevented bootstrap and devPortal components to be enabled at the same time.

    When user deploy Developer Portal using tyk-stack or tyk-control-plane Helm Chart, there was a problem before that bootstrapping and devPortal cannot be enabled at the same time. It was because dev portal was depending on secret tyk-dev-portal-conf to start up but the secret can only be created after all pods has been created successfully via the bootstrapping job. This problem arises when user use --wait flag in helm install or use ArgoCD for installation.

    We have fixed this issue by not passing required org ID and API key as command option during portal startup. The dev portal is configured after Pod creation via Dev Portal API.

Further Information

Upgrading Tyk

Please refer to the upgrading Tyk page for further guidance on the upgrade strategy.

FAQ

Please visit our Developer Support page for further information relating to reporting bugs, upgrading Tyk, technical support and how to contribute.

See also

Return to Top
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.
   Read More