Advanced cache hadling with redis and tyk


#1

Imported Google Group message. Original thread at: https://groups.google.com/forum/#!topic/tyk-community-support/te--i92EXTo Import Date: 2016-01-19 21:27:09 +0000.
Sender:Luis Valladares.
Date:Saturday, 10 October 2015 15:42:30 UTC+1.

Hello!

Im building a infraestructure using tyk as api gateway, and i wish to use the tyk integration with redis, but i want to handle this in some “advance” way, im looking for suggestions on how to do this. Here is what i want to do:

I want to cache some routes for a time of X seconds (i know how to do this with tyk)
Also i want to delete dynamically some redis keys, in example: If i’ve cached a request called X for 10 minutes, and 3 minutes after this requests is updated in my system, i dont want to wait for 7 minutes for the redis auto delete, instead i want to tell redis to delete this key and in the next access it caches the updated version.

I’ve been investigating and i’ve found the API of redis for python has some methods to delete keys selectively, but i’ve to know the key of that register in redis, because tyks generates this key automatically i dont know how to fetch it in order to delete it.

Any suggestions on this field?

Thanks for any help you can provide!


#2

Imported Google Group message.
Sender:Martin Buhr.
Date:Saturday, 10 October 2015 20:07:20 UTC+1.

Hi Luis,

Tyk currently doesn’t have a cache invalidation API, so you would need to remove the key manually in Redis - the key generation algo is here:

https://github.com/lonelycode/tyk/blob/master/middleware_redis_cache.go

In the CreateChecksum function.

Tyk uses a checksum of the request method and URL combined with a slash, added to the end of a key that contains the API ID and accessing token to store the wire format version of the response.

To bust the cache, you’d need to recreate this key, which should be possible. (Tip: enable debug log level to see the key that is generated (if you can spot it, it’s very verbose)).

We’re looking to add cache invalidation soon as an API, which should remove the requirement for this altogether.

We do offer more granular control over caching using the upstream control option, where you can dynamically control caching ttls when your app responds.

Cheers,
Martin


#3

Imported Google Group message.
Sender:Luis Valladares.
Date:Saturday, 10 October 2015 20:07:20 UTC+1.

Hi Luis,

Tyk currently doesn’t have a cache invalidation API, so you would need to remove the key manually in Redis - the key generation algo is here:

https://github.com/lonelycode/tyk/blob/master/middleware_redis_cache.go

In the CreateChecksum function.

Tyk uses a checksum of the request method and URL combined with a slash, added to the end of a key that contains the API ID and accessing token to store the wire format version of the response.

To bust the cache, you’d need to recreate this key, which should be possible. (Tip: enable debug log level to see the key that is generated (if you can spot it, it’s very verbose)).

We’re looking to add cache invalidation soon as an API, which should remove the requirement for this altogether.

We do offer more granular control over caching using the upstream control option, where you can dynamically control caching ttls when your app responds.

Cheers,
Martin


#4

Imported Google Group message.
Sender:Martin Buhr.
Date:Sunday, 11 October 2015 03:32:42 UTC+1.

Martin, one more question:

How can i get the API ID and the accessing token? i want to create a python script for this task, but after som reearch i cant found how to obtain this two parameters in order to recreate the key, maybe you can point me in the right direction?

Thanks for all your help!

  • show quoted text -

#5

Imported Google Group message.
Sender:Luis Valladares.
Date:Sunday, 11 October 2015 08:42:24 UTC+1.

Hi Luis,

The token will be sent along with the inbound request as a header or query string (you set this up as part of your API definition), you can then extract it in your app.

The API ID will need to be known beforehand, you can get this when you add the API to the dashboard - just go to the list view, the API ID is the second column.

Cheers,
Martin


#6

Imported Google Group message.
Sender:Luis Valladares.
Date:Saturday, 17 October 2015 17:53:43 UTC+1.

Hello Martin!

i’ve noticed that redis add an IP to te cache, in fact after some research i’ve noticed this is the exact pattern of keys:

cache-[apiId][apiId][IP**][url with md5 hashing]

and the url is formated before md5 is like like: PROTOCOL-/apiId/urlArgs.

Ok, so far so good, but i’ve some questions about this because i dont know if this behaviour is related with the docker network interface, but i’ve noticed in every cache request the ip value is the IP of the nginx machine, so, this is how it work? or it store the IP of the actual person who make the request?.

And, the request URL will always include the apiId as “domain”?

I make this questions only to be sure isnt related to docker network interface

i’ll leave here a key example in my case, i’ve surrounded every element with [].

cache-[e1e034b7ae2b467940c61a12032c32b1][e1e034b7ae2b467940c61a12032c32b1][172.17.0.91][02bf5829a68df302e818b33cb232021]

Thanks for all your help Martin!

  • show quoted text -

#7

Imported Google Group message.
Sender:Martin Buhr.
Date:Saturday, 17 October 2015 18:06:59 UTC+1.

Hi Luis,

Tyk only uses the IP in open APIs, it will use the auth token instead in a closed API that uses any of the actual auth methods. You’ll need to take that into account for anything you are building.

How the cache string is built is all available in the source, I’d use that as a guide :slight_smile:

The IP is that of the nginx instance because you will need to change the configuration of the nginx instance (do this in the host manager templates) to also proxy real IPs (or not use the host manager and expose Tyk directly).

We haven’t tested this, and we might actually need to update Tyk to use forwarded headers, you can try this, but no guarantees it will change the behaviour:

As for the URL, it will always be the API ID as that is how Tyk handles inbound requests.

Cheers,
Martin