Skip to content

Releases: TykTechnologies/tyk-charts

Tyk Charts v2.2.0

09 Dec 10:52
6a0e67b
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: v2.1.0...v2.2.0

v2.1.0

10 Oct 17:05
d1a599f
Compare
Choose a tag to compare

What's Changed

  • TT-12922: update helm chart component version by @olamilekan000 in #317
  • Update Tyk Operator CRD for version operator-release-v0.18.8-rc-test by @Tyk-ITS in #334
  • Update Tyk Operator CRD for version operator-release-v1.0.0 by @Tyk-ITS in #338
  • (release): version to v2.1.0 by @buraksekili in #339

New Contributors

Full Changelog: v2.0.0...v2.1.0

Tyk Charts v2.0.0

26 Sep 12:30
629bb66
Compare
Choose a tag to compare

What's Changed

  • [TT-12848] Add optional extraVolumes and extraVolumeMounts to bootstrap jobs by @nbentfeld in #316
  • [TT-13080], added support for path prefix/suffix matching env vars by @andrei-tyk in #319

New Contributors

v1.6.0

14 Aug 08:54
Compare
Choose a tag to compare

What's Changed

Full Changelog: v1.5.0...v1.6.0

v1.5.0

04 Jul 10:00
15141e2
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: v1.4.0...v1.5.0

Tyk Charts v1.4.0

06 May 12:57
7d741a6
Compare
Choose a tag to compare

Release Highlights

General availability release of tyk-control-plane chart and tyk-mdcb chart
We’re pleased to announce the official release of the Tyk Helm Charts for Tyk Control Plane and MDCB! Following a successful beta phase, these charts are now stable and ready for production use.

With this release, we aim to provide a straightforward solution for deploying and managing Tyk Control Plane and Multi-Data Center Bridge (MDCB) using Helm Charts. Whether you’re looking for our recommended setup configurations or need flexibility to adapt to your architectural requirements, our Helm Charts have you covered.

To leverage this stable release and simplify your Tyk deployments, we invite you to explore our example setup for MDCB Control Plane using Helm Chart. Simply follow our MDCB Control Plane setup guide to get started.

Updated default Tyk versions
Tyk Charts 1.4 will install the following Tyk component versions by default.

Tyk Gateway v5.3.1
Tyk Dashboard v5.3.1
Tyk Pump v1.9.0
Tyk MDCB v2.5.1
Tyk Developer Portal v1.8.5

Changelog

Added

  • OSS: Simplify Tyk Operator setup with Kubernetes Secret creation
  • MDCB: Enhanced analytics configuration options
  • Tyk Control Plane: Added option to enable Dashboard hybrid organisation
  • Enhanced security with customisable Pod or Container security context
  • Gateway: Allow Gateway to be updated if secret value is updated
  • Customizable Pod Labels Across All Components
  • Portal: Customizable Pod annotations in tyk-dev-portal

Changed

  • Gateway/Pump: Removed the command in Gateway and Pump pod templates
  • Dashboard: Allow arbitary image tags in tyk-dashboard
  • Dashboard: Classic portal bootstrapping disabled by default
  • Dashboard: Deprecation of hashKeys field

Fixed

  • Global: Redis TLS version specification

tyk-stack 1.0.0, tyk-oss 1.2.0, tyk-data-plane 1.1.0, tyk-gateway 1.2.0, tyk-pump 1.2.0, tyk-dashboard 1.0.0, tyk-dev-portal 1.0.0, tyk-bootstrap 1.0.0

08 Dec 16:34
fbff560
Compare
Choose a tag to compare

Open Source (Mozilla Public License)

Support Lifetime

Our minor releases are supported until our next minor comes out.

Release Date 7 Dec 2023

Breaking Changes

  • Updated the default service type of Gateway, Dashboard, Developer Portal, and Pump from NodePort to ClusterIP for better security. You can configure external access to a service with your desired method like changing service type to NodePort, LoadBalancer or configuring Ingress.
  • Removed global.components.dashboard flag as it was misleading. Adapted gateway to use a gateway-specific flag gateway.useDashboardAppConfig. Set gateway.useDashboardAppConfig to true if gateway should connect to Dashboard for app configurations.

Deprecations

There are no deprecations in this release.

Upgrade instructions

You can use helm upgrade to upgrade your release

helm upgrade [RELEASE_NAME] tyk-helm/tyk-oss

Release Highlights

This version upgrades Tyk Gateway and Tyk Dashboard to v5.2.3 and Tyk Portal to 1.8.0.

Stable release of Tyk Stack, Tyk Dashboard, Tyk Developer Portal and bootstrapping 🎉

tyk-stack provides the default deployment of Tyk Self Managed on a cluster. It will deploy all required Tyk components with the settings provided in the values.yaml file.

Components charts for Tyk Dashboard, Tyk Developer Portal are also available if you want to manage deployment of Dashboard and Developer portal independently.

Please visit Tyk Docs for installation instructions.

New Gateway parameters

This version enhances Gateway charts by introducing configurations for OpenTelemetry. Their usage can be found in values.yaml:

    # opentelemetry is used to configure opentelemetry for Tyk Gateway
    opentelemetry:
      # Used to enable/disable opentelemetry
      enabled: false
      # exporter is used to define the type of the exporter to sending data in OTLP protocol
      # Valid values are "grpc" or "http"
      exporter: grpc
      # endpoint defines OpenTelemetry collector endpoint to connect to.
      endpoint: localhost:4317
      # A map of headers that will be sent with HTTP requests to the collector.
      # It should be set to map of string to string
      headers: {}
      # Timeout for establishing a connection to the collector
      connectionTimeout: 1
      # Name of the resource that will be used to identify the resource.
      resourceName: tyk
      # Type of the span processor to use. Valid values are “simple” or “batch”.
      spanProcessorType: batch
      # Type of the context propagator to use. Valid values are "tracecontext" and "b3".
      contextPropagation: tracecontext
      # TLS configuration for the exporter.
      tls:
        # Flag that can be used to enable TLS
        enabled: false
        # Flag that can be used to skip TLS verification if TLS is enabled
        insecureSkipVerify: true
        # Maximum TLS version that is supported.
        maxVersion: 1.3
        # Minimum TLS version that is supported
        minVersion: 1.2
        # Path to the cert file
        certFileName: ""
        # Path to the key file
        keyFileName: ""
        # Path to CA file
        caFileName: ""
        # Existing secret that stores TLS and CA Certificate
        certificateSecretName: ""
        # Mount path on which certificate secret should be mounted
        secretMountPath: ""
      sampling:
        # Refers to the policy used by OpenTelemetry to determine whether a particular trace should be sampled or not.
        type: "AlwaysOn"
        # Parameter for the TraceIDRatioBased sampler type and represents the percentage of traces to be sampled.
        rate: 0.5
        # Rule that ensures that if we decide to record data for a particular operation, we’ll also record data for
        # all the subsequent work that operation causes
        parentBased: false

Compatibility Notes

This release is tested on Kubernetes 1.26.3, 1.25.2, 1.24.6, 1.23.12, 1.22.15, 1.21.14, 1.20.15, Tyk Gateway v5.2.3, Tyk Dashboard v5.2.3, Tyk Pump v1.8.3, and Tyk Portal v1.8.0.

tyk-bootstrap-1.0.0 |
tyk-dashboard-1.0.0 |
tyk-data-plane-1.1.0 |
tyk-dev-portal-1.0.0 |
tyk-gateway-1.2.0 |
tyk-oss-1.2.0 |
tyk-pump-1.2.0 |
tyk-stack-1.0.0


tyk-bootstrap-1.0.0

Changelog

Added
  • Added a field global.components.bootstrap to enable or disable bootstrapping.
  • Added extraEnvs to support setting environment variables for jobs.
Changed
  • Bootstrapping Job does not fail if there is existing ORG found in dashboard storage. If the database has been bootstrapped already, the job will proceed with creating secret with Operator and Developer Portal.
  • Renamed environment variable names to be consistent with envconfig naming convention. The list of supported environment variables are documented at tyk-k8s-bootstrap.
  • Remove .cluster.local from service URL to allow for named cluster support.
Removed
  • Removed annotation [sidecar.istio.io/inject:](http://sidecar.istio.io/inject:) “false” from postInstall and preDelete jobs. If Tyk is deployed inside Istio service mesh, you can configure the required annotation for all jobs using values.yaml file.
  • Removed unused fields from tyk-bootstrap chart values.yaml: global.servicePorts and global.components, global.tls.gateway.

tyk-dashboard-1.0.0

Changelog

Added
  • Added Ingress configuration for dashboard and classic portal.
  • In tyk-dashboard, a new field (dashboard.tykApiHost) allows configuring a custom service name for Tyk Gateway.
Fixed
  • Fixed gateway connection string at environment variable TYK_DB_TYKAPI_HOST and TYK_DB_TYKAPI_PORT.
  • Aligned the value of dashboard.overrideHostname with gwHostName yaml anchor.
  • Fixed setting TYK_DB_ENABLEAGGREGATELOOKUPS via dashboard.enableAggregateLookups.
  • Fixed the issue that Dashboard version <= 5.0.2 failed to start because of missing configuration file (tyk_analytics.conf). In order to fix that, if the dashboard version is <= v5.0.2, it runs init-container to create empty tyk_analytics.conf file.
Changed
  • Updated Dashboard default image tag to v5.2.3.
  • Updated default value for PostgreSQL sslmode (global.postgres.sslmode) from empty to disable.
  • Updated default service type of Dashboard service from NodePort to ClusterIP.
  • Removed .cluster.local from service URL to allow for named cluster support.
Removed
  • Removed annotation traffic.sidecar.istio.io/excludeInboundPorts and traffic.sidecar.istio.io/includeInboundPorts. If Tyk is deployed inside Istio service mesh, you can configure the required annotation using values.yaml file.
  • Removed support for dashboard.enableIstioIngress field in values.yaml.

tyk-data-plane-1.1.0

Breaking Changes

  • Updated the default service type of Gateway and Pump service from NodePort to ClusterIP for better security. You can configure external access to a service with your desired method like changing service type to NodePort, LoadBalancer, or configuring Ingress.

Changelog

Added
  • Added OpenTelemetry support under tyk-gateway.gateway.opentelemetry.
Updated
  • Updated Gateway default image tag to v5.2.3.
  • Updated the default service type of Gateway and Pump service from NodePort to ClusterIP. You can configure external access to a service with your desired method like changing service type to NodePort, LoadBalancer, or configuring Ingress.
  • Removed .cluster.local from service URL to allow for named cluster support.

tyk-dev-portal-1.0.0

Changelog

Updated
  • Updated Developer Portal default image tag to v1.8.0.
  • Updated the default service type of Gateway and Pump service from NodePort to ClusterIP for better security. You can configure external access to a service with your desired method like changing service type to NodePort, LoadBalancer, or configuring Ingress.
  • Updated default storage type in values.yaml from fs to db. The new default option does not require additional configuration to work.
  • Updated liveliness probe from / to /live and readiness probe from / to /ready.
  • Moved the database related variables in the values.yaml outside the section related to the storage of the assets inside enterprise portal. This reduces confusion, facilitating database configuration.
  • Updated setting Dashboard URL in Portal using service discovery.
  • User can provide developer portal configurations via secret useSecretName instead of global.secrets.useSecretName. This is to make it easier to manage portal and dashboard configuration separately.
Removed
  • Removed field global.bootstrap.devPortal. You can now set both global.components.bootstrap and tyk-bootstrap.bootstrap.devPortal to true to enable portal bootstrapping.

tyk-gateway-1.2.0

Breaking Changes

  • Updated the default service type of Gateway service from NodePort to ClusterIP. You can configure external access to service with your desired method like changing service type to NodePort, LoadBalancer, or configuring Ingress.

Changelog

Added
  • Added OpenTelemetry support under gateway.opentelemetry.
  • In tyk-gateway, new fields (`dashboardConnection...
Read more

Tyk Charts 1.1.0

01 Nov 09:00
05b8c48
Compare
Choose a tag to compare

Open Source (Mozilla Public License)

Support Lifetime

Our minor releases are supported until our next minor comes out.

Release Date 30 Oct 2023

Breaking Changes

  • tyk-mdcb-data-plane chart is renamed to tyk-data-plane. This change is part of the terminology alignment initiatives where Tyk is standardising how we refer to the components. If you have previously used tyk-mdcb-data-plane, please delete the release and reinstall using tyk-data-plane. Please refer to change log below for enhancements and fixes that are added to the new chart.
  • tyk-enterprise-portal chart is renamed to tyk-dev-portal. This change is part of the terminology alignment initiatives where Tyk is standardising how we refer to the components. If you have previously used tyk-enterprise-portal, please delete the release and reinstall using tyk-dev-portal. Please refer to change log below for enhancements and fixes that are added to the new chart.
  • tyk-single-dc chart is renamed to tyk-stack. This change is part of the terminology alignment initiatives where Tyk is standardising how we refer to the components. If you have previously used tyk-single-dc, please delete the release and reinstall using tyk-stack. Please refer to change log below for enhancements and fixes that are added to the new chart.
  • Renamed parameter backend to storageType in tyk-dashboard

Deprecations

  • tyk-mdcb-data-plane is now marked as deprecated.
  • tyk-enterprise-portal is now marked as deprecated.
  • tyk-single-dc is now marked as deprecated.

Upgrade instructions

For renamed charts, please delete the release and reinstall using the new chart.

helm delete [RELEASE_NAME] tyk-helm/tyk-mdcb-data-plane
helm install [RELEASE_NAME] tyk-helm/tyk-data-plane

For other charts, you can use helm upgrade to upgrade your release.

helm upgrade [RELEASE_NAME] tyk-helm/tyk-oss

Release Highlights

This version upgrades Tyk Gateway and Tyk Dashboard to v5.2.1, Tyk Pump to 1.8.3 and Tyk Portal to 1.7.0.

Security Enhancements

This version introduces a few security enhancements. It adds configuration options to configure SSL in dashboard and support of insecureSkipVerify option for all charts to bypass verification for self-signed certificates. For security best practices, we now support use of secret to pass sensitive fields including admin credentials, license keys, database connection string and remote control plane connection details via secrets.

New Gateway parameters

This version enhances Gateway charts by introducing more parameters, like containerPort, analyticsEnabled, analyticsConfigType, hashkeyFunction for Gateway. Their usage can be found in values.yaml:

  # The port which will be exposed on the container for tyk-gateway
  containerPort: 8080
  # analyticsEnabled property is used to enable/disable analytics.
  # If set to empty or nil, analytics will be enabled/disabled based on `global.components.pump`.
  analyticsEnabled: ""
  # used to decide whether to send the results back directly to Tyk without a hybrid pump
  # if you want to send analytics to control plane instead of pump, change analyticsConfigType to "rpc"
  analyticsConfigType: ""
  # hashKeyFunction property is used to specify the Key hashing algorithm.
  # Possible values: murmur64, murmur128, sha256.
  hashKeyFunction: murmur128
New Portal parameters

The latest tyk-dev-portal beta chart has full support of all storage type options: fs, db, and s3.

Compatibility Notes

This release is tested on Kubernetes 1.26.3, 1.25.2, 1.24.6, 1.23.12, 1.22.15, 1.21.14, 1.20.15, Tyk Gateway v5.2.1, Tyk Dashboard v5.2.1, Tyk Pump v1.8.3, and Tyk Portal v1.7.0.

tyk-pump-1.1.0 | tyk-gateway-1.1.0 | tyk-oss-1.1.0 | tyk-data-plane-1.0.0 | tyk-dashboard-1.0.0-beta6 | tyk-bootstrap-1.0.0-beta6 | tyk-dev-portal-1.0.0-beta1 | tyk-stack-1.0.0-beta1


tyk-pump-1.1.0

Changelog

Added
  • Added parameter .global.mongo.driver to configure which Mongo Driver to use.
  • Added new options to pump.backend parameter. Users can enable specific Mongo & Postgres Pumps: mongo-aggregate, mongo-selective, postgres-aggregate, postgres-pump.
  • Added global.remoteControlPlane.useSecretName parameter to allows user to pass control plane connection details via Kubernetes secrets.
  • Added support for containerSecurityContext configuration. This is required as K8s and OpenShift versions require the security context for container to be set.
  • Added support for imagePullSecret so user can pull an image from a private container image registry or repository.
Changed
  • Updated Pump default image tag to v1.8.3.
Fixed
  • Fixed typo in Pump deployment template to pick up the correct field pump.resources specified in values.yaml.

tyk-gateway-1.1.0

Changelog

Added
  • Added Horizontal Pod Autoscaler specs for Gateway deployments, allowing users to easily enable automatic scaling by CPU utilisation, memory utilisation or custom metrics.
  • Added insecureSkipVerify option for Gateway under gateway.tls section to bypass verification for self-signed certificates.
  • Added global.remoteControlPlane.useSecretName parameter to allows user to pass control plane connection details via Kubernetes secrets.
  • Added support for containerSecurityContext configuration. This is required as K8s and OpenShift versions require the security context for container to be set.
  • Added containerPort parameter for Gateway to allow for different values to be set for port and targetPort.
  • Added support for imagePullSecret so user can pull an image from a private container image registry or repository.
  • Added parameter analyticsEnabled to enable or disable analytics in Gateway. It is set to "" by default which means it will be enabled or disabled based on Pump installations.
  • Added hashKeyFunction parameter for Gateway. Default to murmur128.
Changed
  • Updated Gateway default image tag to v5.2.1.
  • Removed setting of obsolete environment variable TYK_GW_OPTIMISATIONSUSEASYNCSESSIONWRITE.

tyk-oss-1.1.0

Changelog

Added
  • Added new options to pump.backend parameter. Users can enable specific Mongo & Postgres Pumps: mongo-aggregate, mongo-selective, postgres-aggregate, postgres-pump.
  • Added Horizontal Pod Autoscaler specs for Gateway deployments, allowing users to easily enable automatic scaling by CPU utilisation, memory utilisation or custom metrics.
  • Added insecureSkipVerify option for Gateway under gateway.tls section to bypass verification for self-signed certificates.
  • Added support for containerSecurityContext configuration. This is required as K8s and OpenShift versions require the security context for container to be set.
  • Added containerPort parameter for Gateway to allow for different values to be set for port and targetPort.
  • Added support for imagePullSecret so user can pull an image from a private container image registry or repository.
  • Added parameter analyticsEnabled to enable or disable analytics in Gateway. It is set to "" by default which means it will be enabled or disabled based on Pump installations.
Changed
  • Updated Gateway default image tag to v5.2.1.
  • Updated Pump default image tag to v1.8.3.

tyk-data-plane-1.0.0

Breaking Changes

  • tyk-mdcb-data-plane chart is renamed to tyk-data-plane. This change is part of the terminology alignment initiatives where Tyk is standardising how we refer to the components. If you have previously used tyk-mdcb-data-plane, please delete the release and reinstall using tyk-data-plane. Please refer to change log below for enhancements and fixes that are added to the new chart.

Deprecations

  • tyk-mdcb-data-plane is now marked as deprecated.

Changelog

Added
  • Added new options to pump.backend parameter. Users can enable specific Mongo & Postgres Pumps: mongo-aggregate, mongo-selective, postgres-aggregate, postgres-pump.
  • Added Horizontal Pod Autoscaler specs for Gateway deployments, allowing users to easily enable automatic scaling by CPU utilisation, memory utilisation or custom metrics.
  • Added insecureSkipVerify option for Gateway under gateway.tls section to bypass verification for self-signed certificates.
  • Added global.remoteControlPlane.useSecretName parameter to allows user to pass control plane connection details via Kubernetes secrets. For detail uses of secrets, see README.
  • Added support for containerSecurityContext configuration. This is required as [K8s]...
Read more

Tyk Charts v1.0.0

04 Aug 13:18
be35951
Compare
Choose a tag to compare

New chart updates in this release:

  1. Tyk Gateway v1.0.0
  2. Tyk Pump v1.0.0
  3. Tyk OSS v1.0.0
  4. Tyk MDCB Data Plane v1.0.0
  5. Tyk Single Data Center v1.0.0-beta6

What's Changed

Full Changelog: v1.0.0-beta4...v1.0.0

Tyk Helm Charts v1.0.0-beta4

22 Jun 10:29
41ea1a9
Compare
Choose a tag to compare