API segmentation not working

diegobernardes · February 23, 2024, 10:32am

I’m following this documentation but the configuration is not working at all. At the API definition file I have:

{
  "tags": ["prod"]
}

And at tyk.conf:

{
  "db_app_conf_options": { 
    "node_is_segmented": true, 
    "tags": ["dev"] 
  } 
}

When I bring up Tyk I’m able to call the endpoint successfully. I’m running Tyk version v5.0.10.

Olu · February 26, 2024, 11:00am

Do you mean during startup? If not during startup, have you tried hot reload?

Can you share the logs in debug mode?

I tried to replicate this but could not. My logs are shown below.

time="Feb 26 09:40:39" level=debug msg="Calling: http://host.docker.internal:3000/system/apis"
time="Feb 26 09:40:39" level=debug msg="Using: NodeID: a23814a9-a49c-4164-6e6c-2fef3cab1fbb"
time="Feb 26 09:40:39" level=debug msg="Loading APIS Finished: Nonce Set: YTIzODE0YTktYTQ5Yy00MTY0LTZlNmMtMmZlZjNjYWIxZmJiY2JhNmI4YWQ2NDgyNDJiZDcxMjkxZWM2YzUxYzcyNDc="
time="Feb 26 09:40:39" level=debug msg="Downloading API Configurations from Dashboard Service" prefix=main
time="Feb 26 09:40:39" level=info msg="Detected 0 APIs" prefix=main
time="Feb 26 09:40:39" level=info msg="Loading API configurations." prefix=main
time="Feb 26 09:40:39" level=info msg="Initialising Tyk REST API Endpoints" prefix=main
time="Feb 26 09:40:39" level=debug msg="Loaded API Endpoints" prefix=main

diegobernardes · February 26, 2024, 2:24pm

Sure. This is the output from Tyk:

time="Feb 26 14:11:43" level=debug msg="No configuration file defined, will try to use default (tyk.conf)" prefix=main
time="Feb 26 14:11:43" level=info msg="Tyk API Gateway v5.3.0-dev" prefix=main
time="Feb 26 14:11:43" level=warning msg="Tyk has not detected any setting for session lifetime (`global_session_lifetime` defaults to 0 seconds). \n\tThis means that in case there's also no `session_lifetime` defined in the api, Tyk will not set expiration on keys\n\tcreated in Redis, i.e. tokens will not get deleted from Redis and it eventually become overgrown.\n\tPlease refer to the following link for further guidance:\n\thttps://tyk.io/docs/basic-config-and-security/security/authentication-authorization/physical-token-expiry/" prefix=checkup
time="Feb 26 14:11:43" level=warning msg="AnalyticsConfig.PoolSize unset. Defaulting to number of available CPUs" prefix=checkup runtime.NumCPU=10
time="Feb 26 14:11:43" level=warning msg="AnalyticsConfig.RecordsBufferSize < minimum - Overriding" minRecordsBufferSize=1000 prefix=checkup
time="Feb 26 14:11:43" level=warning msg="AnalyticsConfig.StorageExpirationTime is 0, defaulting to 60s" prefix=checkup storageExpirationTime=0
time="Feb 26 14:11:43" level=error msg="Could not set version in versionStore" error="storage: Redis is either down or was not configured" prefix=main
time="Feb 26 14:11:43" level=debug msg="Setting up analytics DB connection" prefix=main
time="Feb 26 14:11:43" level=debug msg="Analytics pool worker buffer size" workerBufferSize=100
time="Feb 26 14:11:43" level=debug msg="Using serializer msgpack for analytics \n"
time="Feb 26 14:11:43" level=debug msg="No Primary instance found, assuming control" prefix=host-check-mgr
time="Feb 26 14:11:43" level=error msg="cannot set key in pollerCacheKey" error="storage: Redis is either down or was not configured"
time="Feb 26 14:11:43" level=info msg="Starting Poller" prefix=host-check-mgr
time="Feb 26 14:11:43" level=debug msg="---> Initialising checker" prefix=host-check-mgr
time="Feb 26 14:11:43" level=debug msg="[HOST CHECKER] Config:TriggerLimit: 3"
time="Feb 26 14:11:43" level=debug msg="[HOST CHECKER] Config:Timeout: ~10"
time="Feb 26 14:11:43" level=debug msg="[HOST CHECKER] Config:WorkerPool: 10"
time="Feb 26 14:11:43" level=info msg="Rich plugins are disabled" prefix=coprocess
time="Feb 26 14:11:43" level=debug msg="Notifier will not work in hybrid mode" prefix=main
time="Feb 26 14:11:43" level=debug msg="[HOST CHECKER] Init complete"
time="Feb 26 14:11:43" level=debug msg="---> Starting checker" prefix=host-check-mgr
time="Feb 26 14:11:43" level=debug msg="[HOST CHECKER] Starting..."
time="Feb 26 14:11:43" level=debug msg="[HOST CHECKER] Check loop started..."
time="Feb 26 14:11:43" level=debug msg="[HOST CHECKER] Host reporter started..."
time="Feb 26 14:11:43" level=debug msg="---> Checker started." prefix=host-check-mgr
time="Feb 26 14:11:43" level=debug msg="Starting routine for flushing network analytics" prefix=main
time="Feb 26 14:11:43" level=info msg="PIDFile location set to: ./tyk-gateway.pid" prefix=main
time="Feb 26 14:11:43" level=debug msg="Initialising default org store" prefix=main
time="Feb 26 14:11:43" level=info msg="Initialising Tyk REST API Endpoints" prefix=main
time="Feb 26 14:11:43" level=debug msg="Creating new Redis connection pool"
time="Feb 26 14:11:43" level=info msg="--> [REDIS] Creating single-node client"
time="Feb 26 14:11:43" level=error msg="Connection to Redis failed, reconnect in 10s" error="storage: Redis is either down or was not configured" prefix=pub-sub
time="Feb 26 14:11:43" level=debug msg="Loaded API Endpoints" prefix=main
time="Feb 26 14:11:43" level=info msg="--> Standard listener (http)" port="0.0.0.0:9090" prefix=main
time="Feb 26 14:11:43" level=warning msg="Starting HTTP server on:[::]:9090" prefix=main
time="Feb 26 14:11:43" level=info msg="--> Standard listener (http)" port="0.0.0.0:8080" prefix=main
time="Feb 26 14:11:43" level=warning msg="Starting HTTP server on:[::]:8080" prefix=main
time="Feb 26 14:11:43" level=info msg="Initialising distributed rate limiter" prefix=main
time="Feb 26 14:11:43" level=debug msg="DRL: Setting node ID: solo-73deee9b-a1d5-43bd-8ba5-fffa7a3fdf67|772ca1f5f115"
time="Feb 26 14:11:43" level=info msg="Tyk Gateway started (v5.3.0-dev)" prefix=main
time="Feb 26 14:11:43" level=info msg="--> Listening on address: 0.0.0.0" prefix=main
time="Feb 26 14:11:43" level=info msg="--> Listening on port: 8080" prefix=main
time="Feb 26 14:11:43" level=info msg="--> PID: 32" prefix=main
time="Feb 26 14:11:43" level=info msg="Loading policies" prefix=main
time="Feb 26 14:11:43" level=debug msg="No policy record name defined, skipping..." prefix=main
time="Feb 26 14:11:43" level=info msg="Starting gateway rate limiter notifications..."
time="Feb 26 14:11:43" level=debug msg="Creating new Redis connection pool"
time="Feb 26 14:11:43" level=info msg="--> [REDIS] Creating single-node client"
time="Feb 26 14:11:43" level=debug msg="Creating new Redis connection pool"
time="Feb 26 14:11:43" level=info msg="--> [REDIS] Creating single-node client"
time="Feb 26 14:11:43" level=info msg="Loading API Specification from apps/sample.json"
time="Feb 26 14:11:43" level=debug msg="Checking for transform paths..."
time="Feb 26 14:11:43" level=debug msg="Checking for transform paths..."
time="Feb 26 14:11:43" level=warning msg="plugin file plugins/REDACTED-plugin_v5.3.0_linux_arm64.so doesn't exist"
time="Feb 26 14:11:43" level=warning msg="plugin file plugins/REDACTED-plugin_5.3.0_linux_arm64.so doesn't exist"
time="Feb 26 14:11:53" level=debug msg="Error trying to get value:redis: nil"
time="Feb 26 14:11:53" level=debug msg="No Primary instance found, assuming control" prefix=host-check-mgr

This is the API specification file:

{
  "name": "/sample",
  "tags": ["dev"],
  "use_go_plugin_auth": true,
  "version_data": {
    "not_versioned": true,
    "versions": {
      "default": {
        "use_extended_paths": true,
        "extended_paths": {
          "go_plugin": [
            {
              "plugin_path": "plugins/REDACTED-plugin.so",
              "path": "/",
              "method": "GET",
              "func_name": "HTTPHandlerHealth"
            }
          ]
        }
      }
    }
  },
  "custom_middleware": {
    "auth_check": {
      "name": "REDACTED",
      "path": "plugins/REDACTED-plugin.so"
    },
    "driver": "goplugin"
  },
  "proxy": {
    "listen_path": "/sample"
  }
}

And this is the output from Tyk when I call the endpoint:

time="Feb 26 14:22:07" level=debug msg=Started api_id= api_name=/sample mw=VersionCheck org_id= origin=192.168.65.1 path=/sample ts=1708957327289972547
time="Feb 26 14:22:07" level=debug msg=Finished api_id= api_name=/sample code=200 mw=VersionCheck ns=190959 org_id= origin=192.168.65.1 path=/sample
time="Feb 26 14:22:07" level=debug msg=Started api_id= api_name=/sample mw=RateCheckMW org_id= origin=192.168.65.1 path=/sample ts=1708957327290198797
time="Feb 26 14:22:07" level=debug msg=Finished api_id= api_name=/sample code=200 mw=RateCheckMW ns=327542 org_id= origin=192.168.65.1 path=/sample
time="Feb 26 14:22:07" level=debug msg=Started api_id= api_name=/sample mw="GoPluginMiddleware: plugins/REDACTED-plugin.so:REDACTED" org_id= origin=192.168.65.1 path=/sample ts=1708957327290616713
time="Feb 26 14:22:07" level=debug msg="Go-plugin request processing took" ms=0.694541 mwPath=plugins/REDACTED-plugin.so mwSymbolName=REDACTED
time="Feb 26 14:22:07" level=debug msg=Finished api_id= api_name=/sample code=200 mw="GoPluginMiddleware: plugins/REDACTED-plugin.so:REDACTED" ns=757958 org_id= origin=192.168.65.1 path=/sample
time="Feb 26 14:22:07" level=debug msg=Started api_id= api_name=/sample key="****st-1" mw=KeyExpired org_id= origin=192.168.65.1 path=/sample ts=1708957327291404755
time="Feb 26 14:22:07" level=debug msg=Finished api_id= api_name=/sample code=200 key="****st-1" mw=KeyExpired ns=14750 org_id= origin=192.168.65.1 path=/sample
time="Feb 26 14:22:07" level=debug msg=Started api_id= api_name=/sample key="****st-1" mw=AccessRightsCheck org_id= origin=192.168.65.1 path=/sample ts=1708957327291603547
time="Feb 26 14:22:07" level=debug msg=Finished api_id= api_name=/sample code=200 key="****st-1" mw=AccessRightsCheck ns=21625 org_id= origin=192.168.65.1 path=/sample
time="Feb 26 14:22:07" level=debug msg=Started api_id= api_name=/sample key="****st-1" mw=GranularAccessMiddleware org_id= origin=192.168.65.1 path=/sample ts=1708957327291656672
time="Feb 26 14:22:07" level=debug msg=Finished api_id= api_name=/sample code=200 key="****st-1" mw=GranularAccessMiddleware ns=14959 org_id= origin=192.168.65.1 path=/sample
time="Feb 26 14:22:07" level=debug msg=Started api_id= api_name=/sample key="****st-1" mw=RateLimitAndQuotaCheck org_id= origin=192.168.65.1 path=/sample ts=1708957327291826172
time="Feb 26 14:22:07" level=debug msg="[QUOTA] Quota limiter key is: quota-test-1"
time="Feb 26 14:22:07" level=debug msg="Renewing with TTL: 60"
time="Feb 26 14:22:07" level=debug msg="Incremented key: quota-test-1, val is: 1"
time="Feb 26 14:22:07" level=debug msg="--> Setting Expire"
time="Feb 26 14:22:07" level=debug msg=Finished api_id= api_name=/sample code=200 key="****st-1" mw=RateLimitAndQuotaCheck ns=1362709 org_id= origin=192.168.65.1 path=/sample
time="Feb 26 14:22:07" level=debug msg=Started api_id= api_name=/sample key="****st-1" mw="GoPluginMiddleware: :" org_id= origin=192.168.65.1 path=/sample ts=1708957327293260463
time="Feb 26 14:22:07" level=debug msg="Go-plugin request processing took" ms=0.030833 mwPath=plugins/REDACTED-plugin.so mwSymbolName=HTTPHandlerHealth
time="Feb 26 14:22:07" level=debug msg=Finished api_id= api_name=/sample code=666 key="****st-1" mw="GoPluginMiddleware: :" ns=175417 org_id= origin=192.168.65.1 path=/sample

The function HTTPHandlerHealth just returns a 200 and I’m using it to test.

I’m not using the k8s operator, the web UI, nor I’m doing hot config reload on Tyk. Everytime there is a chage at the API specification a new Docker image is generated and deployed. Another thing to note is, I’m not using 5.3.0-dev but 5.0.10.

Olu · February 28, 2024, 8:40am

API Segmentation only works with the dashboard db_app_conf_options i.e. meaning with self-managed deployments. It doesn’t work with the community edition deployments which is the gateway standalone.

time="Feb 26 09:40:39" level=debug msg="Calling: http://host.docker.internal:3000/system/apis"

Do you have a dashboard?

diegobernardes · February 28, 2024, 10:34am

No. I’m deploying just the Tyk Gateway. Ok, I’ll need to put a workaround in place to solve this issue. Thanks for the help.