[TD-629] defect: expose more than one port on the Gateway

[asoorm]

The Gateway tyk.conf and environment variables provide a way to expose a list of ports.

https://github.com/TykTechnologies/tyk/blob/master/config/config.go#L592-L595

The Gateway tyk.conf and environment variables provide a way to disable port whitelisting

https://github.com/TykTechnologies/tyk/blob/master/config/config.go#L597-L598

It is not possible to create a service which opens up extra ports aside from the default service port and a separate control port.

https://github.com/TykTechnologies/tyk-helm-chart/blob/master/tyk-pro/values.yaml#L294-L304

  service:
    type: NodePort
    port: 8080
    externalTrafficPolicy: Local
    annotations: {}
  control:
    enabled: false
    containerPort: 9696
    port: 9696
    type: ClusterIP
    annotations: {}

---

In the event that the Gateway should listen to one or more ports, it is impossible using these helm charts to expose more than one port for the Tyk Gateway.

This makes it impossible to:

• Integrate with cert-manager, as we cannot handle the acme challenge (impact on ingress)
• Get the Gateway to listen on both http and https for different APIs and services
• get the gateway to listen on different protocols - e.g. TCP, TLS, HTTP, HTTPS as to do so means creating listeners for each protocol on different ports.

---

It would be great if we had an option such as extraPorts which gave me the ability to specify an array of ports to open up which resolves the issue at the K8s side. But we also need to surface the fact that we have these config options in the Gateway - so maybe we could put them in the Values.yaml, but comment it out?