1. Deploy the tyk-bootstrap helm chart on AWS EKS


    To deploy the tyk-bootstrap Helm chart on AWS EKS, we will need to follow these steps:

    1. Set up an Amazon EKS (Elastic Kubernetes Service) cluster. This will be the environment where the Tyk Gateway will run.
    2. Create an IAM role that the EKS cluster will assume to have necessary permissions.
    3. Set up an ECR (Elastic Container Registry) to store Docker images, if you need to store custom images for your gateway.
    4. Deploy the Helm chart onto the EKS cluster.

    Below is a Pulumi TypeScript program that:

    • Configures AWS as the provider.
    • Creates an EKS cluster.
    • Sets up an IAM role for the cluster.
    • Optionally, an ECR can be provisioned if you have custom Docker images.
    • Finally, it uses the Helm Chart resource to deploy the tyk-bootstrap chart.

    Before running this program, ensure that Pulumi and AWS CLI are configured properly on your system. AWS CLI should have the necessary access credentials configured, and your Pulumi CLI should be logged in.

    import * as aws from "@pulumi/aws"; import * as awsx from "@pulumi/awsx"; import * as eks from "@pulumi/eks"; import * as k8s from "@pulumi/kubernetes"; // Create an EKS cluster with default settings. const cluster = new eks.Cluster("tyk-k8s-cluster", { instanceType: "t2.medium", desiredCapacity: 2, minSize: 1, maxSize: 3, }); // Export the cluster's kubeconfig. export const kubeconfig = cluster.kubeconfig; // IAM role for the EKS cluster const iamRole = new aws.iam.Role("tyk-iam-role", { assumeRolePolicy: aws.iam.assumeRolePolicyForPrincipal({ Service: "eks.amazonaws.com" }), }); // Attach the AmazonEKSClusterPolicy to the created IAM role new aws.iam.RolePolicyAttachment("tyk-iam-role-policy-attach", { role: iamRole.id, policyArn: aws.iam.ManagedPolicy.AmazonEKSClusterPolicy, }); // Instantiate ECR if custom Docker images will be used const ecrRepository = new aws.ecr.Repository("tyk-gateway-image-repo"); // Deploy the tyk-bootstrap helm chart onto the EKS cluster. const tykHelmChart = new k8s.helm.v3.Chart("tyk-bootstrap", { chart: "tyk-pro", version: "x.y.z", // replace with the desired chart version fetchOpts: { repo: "https://helm.tyk.io/public/helm/charts/", // Tyk official Helm chart repository }, values: { // Define values to override, if any. }, }, { provider: cluster.provider }); // Export the repository URL to push Docker images if necessary. export const repositoryUrl = ecrRepository.repositoryUrl; // Ensure the EKS cluster is ready before deploying Helm charts if (tykHelmChart.getResource("v1/Service", "tyk-bootstrap/tyk-gateway") !== undefined) { console.log("Tyk gateway is deployed and ready!"); }

    This program outlines the steps you would take to get Tyk running on an EKS cluster. The chart version, and any values you wish to override in the Tyk Helm chart, should be specified according to your requirements. The ECR repository is optional and is included if you need to manage custom Docker images.

    After deploying this Pulumi program with pulumi up, you can connect to the EKS cluster using the exported kubeconfig. The Helm chart deployment will set up Tyk API Gateway on the EKS cluster, which you can then configure for your API management needs.