Hi,
Does Tyk Opeator (installed once per cluster) is able to manage multiple namespaces?
In the docs there is a configuration WATCH_NAMESPACE - will watch for resources across the entire cluster. But if use it i see that it only updates the gateway specified by TYK_URL(http://gateway-svc-ce-tyk-headless.tykce-control-plane.svc.cluster.local:8080)
How can the Tyk Operator handle multiple namespaces when the TYK_URL is associated with a single gateway?
Hi!
To work with multiple deployments an operator context must be used.
It is then possible to specify the operator context in the tyk CRDs so that operator will lookup the values from the operator context when creating/updating or reconciling those CRDs.
So if you had a namespace called tyk1 and created an OperatorContext called local-operator-context by applying the following yaml
apiVersion: tyk.tyk.io/v1alpha1
kind: OperatorContext
metadata:
name: local-operator-context
spec:
env:
mode: ce
auth: your gateway secret
org: your orgid
url: http://<your gateway URL>:<port>/
insecureSkipVerify: true
Then when creating other tyk CRDs (APIs or policies etc) this can be added to their YAML to get operator to pick up the context and use it.
contextRef:
name: local-operator-context
namespace: tyk1
Thanks for the quick response @Pete
If I have an ApiDefinition that I intend to apply to two Tyk gateways how can achive that?
I guess i cant specify more than one contextRef per ApiDefinition and i dont want to duplicate the ApiDefinition for each operator context.
Hi @igalso!
I’d like to understand your setup. When you run multiple gateways on different namespaces, do you want the two gateways to manage different set of APIs? Or are they just replicates?
Sure, Yes they are just duplicates. So i want to have a single Operator to manage all tyk gateways (running on different namespaces) and they all have the same definitions(Apis/Policies)
Maybe you could take a look at this guide Running multiple instances of Tyk Gateway
Instead of a Deployment, you would need to deploy the gateways to different namespaces separately. However, as long as they share the same API configs via the same PV, Operator can help to synchronise API config updates among the gateways.
Point Operator TYK_URL to any one of the gateway.