Managing multiple OSS Tyk gateways on different namespaces using Tyk Operator

Hi,

Does Tyk Opeator (installed once per cluster) is able to manage multiple namespaces?

In the docs there is a configuration WATCH_NAMESPACE - will watch for resources across the entire cluster. But if use it i see that it only updates the gateway specified by TYK_URL(http://gateway-svc-ce-tyk-headless.tykce-control-plane.svc.cluster.local:8080)

How can the Tyk Operator handle multiple namespaces when the TYK_URL is associated with a single gateway?

Hi!

To work with multiple deployments an operator context must be used.

It is then possible to specify the operator context in the tyk CRDs so that operator will lookup the values from the operator context when creating/updating or reconciling those CRDs.

So if you had a namespace called tyk1 and created an OperatorContext called local-operator-context by applying the following yaml

apiVersion: tyk.tyk.io/v1alpha1
kind: OperatorContext
metadata:
  name: local-operator-context
spec:
  env:
    mode: ce
    auth: your gateway secret
    org: your orgid
    url: http://<your gateway URL>:<port>/
    insecureSkipVerify: true

Then when creating other tyk CRDs (APIs or policies etc) this can be added to their YAML to get operator to pick up the context and use it.

  contextRef:
    name: local-operator-context
    namespace: tyk1

Thanks for the quick response @Pete

If I have an ApiDefinition that I intend to apply to two Tyk gateways how can achive that?
I guess i cant specify more than one contextRef per ApiDefinition and i dont want to duplicate the ApiDefinition for each operator context.

Hi @igalso!

I’d like to understand your setup. When you run multiple gateways on different namespaces, do you want the two gateways to manage different set of APIs? Or are they just replicates?

Sure, Yes they are just duplicates. So i want to have a single Operator to manage all tyk gateways (running on different namespaces) and they all have the same definitions(Apis/Policies)

Maybe you could take a look at this guide Running multiple instances of Tyk Gateway

Instead of a Deployment, you would need to deploy the gateways to different namespaces separately. However, as long as they share the same API configs via the same PV, Operator can help to synchronise API config updates among the gateways.

Point Operator TYK_URL to any one of the gateway.

Thats actually might help us, thanks @carol we will try this out