Dashboard on Ubuntu
Requirements
Ansible is required to run the following commands. Instructions on how install Tyk Dashboard with shell is in the Shell tab.
Getting Started
- clone the tyk-ansible repositry
$ git clone https://github.com/TykTechnologies/tyk-ansible
cd
into the directory
$ cd tyk-ansible
- Run initialisation script to initialise environment
$ sh scripts/init.sh
-
Modify
hosts.yml
file to update ssh variables to your server(s). You can learn more about the hosts file here -
Run ansible-playbook to install
tyk-dashboard
$ ansible-playbook playbook.yaml -t tyk-dashboard
Supported Distributions
Distribution | Version | Supported |
---|---|---|
Debian | 10 | ✅ |
Debian | 9 | ✅ |
Ubuntu | 21 | ✅ |
Ubuntu | 20 | ✅ |
Ubuntu | 18 | ✅ |
Ubuntu | 16 | ✅ |
Variables
vars/tyk.yaml
Variable | Default | Comments |
---|---|---|
secrets.APISecret | 352d20ee67be67f6340b4c0605b044b7 |
API secret |
secrets.AdminSecret | 12345 |
Admin secret |
dash.license | Dashboard license | |
dash.service.host | Dashboard server host if different than the hosts url | |
dash.service.port | 3000 |
Dashboard server listening port |
dash.service.proto | http |
Dashboard server protocol |
dash.service.tls | false |
Set to true to enable SSL connections |
Install Tyk Dashboard on Ubuntu
Tyk has its own APT repositories hosted by the kind folks at packagecloud.io, which makes it easy, safe and secure to install a trusted distribution of the Tyk Gateway stack.
This tutorial has been tested on Ubuntu 16.04 & 18.04 with few if any modifications. We will install the Tyk Dashboard with all dependencies locally.
Prerequisites
- Have MongoDB/SQL and Redis installed - see here for details.
- Ensure port
3000
is available. This is used by the Tyk Dashboard to provide the GUI and the Developer Portal.
Step 1: Set up our APT Repositories
First, add our GPG key which signs our binaries:
curl -L https://packagecloud.io/tyk/tyk-dashboard/gpgkey | sudo apt-key add -
Run update:
sudo apt-get update
Since our repositories are installed via HTTPS, you will need to make sure APT supports this:
sudo apt-get install -y apt-transport-https
Now lets add the required repos and update again (notice the -a
flag in the second Tyk commands - this is important!):
echo "deb https://packagecloud.io/tyk/tyk-dashboard/ubuntu/ bionic main" | sudo tee /etc/apt/sources.list.d/tyk_tyk-dashboard.list
echo "deb-src https://packagecloud.io/tyk/tyk-dashboard/ubuntu/ bionic main" | sudo tee -a /etc/apt/sources.list.d/tyk_tyk-dashboard.list
sudo apt-get update
Note
bionic
is the code name for Ubuntu 18.04. Please substitute it with your particular ubuntu release, e.g. focal
.
What we’ve done here is:
- Added the Tyk Dashboard repository
- Updated our package list
Step 2: Install the Tyk Dashboard
We’re now ready to install the Tyk Dashboard. To install run:
sudo apt-get install -y tyk-dashboard
What we’ve done here is instructed apt-get
to install the Tyk Dashboard without prompting. Wait for the downloads to complete.
When the Tyk Dashboard has finished installing, it will have installed some init
scripts, but it will not be running yet. The next step will be to setup each application - thankfully this can be done with three very simple commands.
Verify the origin key (optional)
Debian packages are signed with the repository keys. These keys are verified at the time of fetching the package and is taken care of by the apt
infrastructure. These keys are controlled by PackageCloud, our repository provider. For an additional guarantee, it is possible to verify that the package was indeed created by Tyk by verifying the origin
certificate that is attached to the package.
First, you have to fetch Tyk’s signing key and import it.
wget https://keyserver.tyk.io/tyk.io.deb.signing.key
gpg --import tyk.io.deb.signing.key
Then, you have to either,
- sign the key with your ultimately trusted key
- trust this key ultimately
The downloaded package will be available in /var/cache/apt/archives
. Assuming you found the file tyk-gateway-2.9.4_amd64.deb
there, you can verify the origin signature.
gpg --verify d.deb
gpg: Signature made Wed 04 Mar 2020 03:05:00 IST
gpg: using RSA key F3781522A858A2C43D3BC997CA041CD1466FA2F8
gpg: Good signature from "Team Tyk (package signing) <[email protected]>" [ultimate]
Configure Tyk Dashboard
Prerequisites
You need to ensure the MongoDB and Redis services are running before proceeding.
Note
You need to replace <hostname>
for --redishost=<hostname>
, and <IP Address>
for --mongo=mongodb://<IP Address>/
with your own values to run this script.
You can set your Tyk Dashboard up with a helper setup command script. This will get the Dashboard set up for the local instance:
sudo /opt/tyk-dashboard/install/setup.sh --listenport=3000 --redishost=<hostname> --redisport=6379 --mongo=mongodb://<IP Address>/tyk_analytics --tyk_api_hostname=$HOSTNAME --tyk_node_hostname=http://localhost --tyk_node_port=8080 --portal_root=/portal --domain="XXX.XXX.XXX.XXX"
Note
Make sure to use the actual DNS hostname or the public IP of your instance as the last parameter.
What we have done here is:
--listenport=3000
: Told the Tyk Dashboard (and Portal) to listen on port 3000.--redishost=<hostname>
: The Tyk Dashboard should use the local Redis instance.--redisport=6379
: The Tyk Dashboard should use the default port.--domain="XXX.XXX.XXX.XXX"
: Bind the Tyk Dashboard to the IP or DNS hostname of this instance (required).--mongo=mongodb://<IP Address>/tyk_analytics
: Use the local MongoDB (should always be the same as the gateway).--tyk_api_hostname=$HOSTNAME
: The Tyk Dashboard has no idea what hostname has been given to Tyk, so we need to tell it, in this instance we are just using the local HOSTNAME env variable, but you could set this to the public-hostname/IP of the instance.--tyk_node_hostname=http://localhost
: The Tyk Dashboard needs to see a Tyk node in order to create new tokens, so we need to tell it where we can find one, in this case, use the one installed locally.--tyk_node_port=8080
: Tell the Tyk Dashboard that the Tyk node it should communicate with is on port 8080.--portal_root=/portal
: We want the portal to be shown on/portal
of whichever domain we set for the portal.
Prerequisites
You need to ensure the PostgreSQL and Redis services are running before proceeding.
Note
You need to replace <hostname>
for --redishost=<hostname>
, and <Postgres Host Name>
, <Port>
, <User>
, <Password>
, <DB>
for --connection_string="host=<Postgres Host Name> port=<Port> user=<User> password=<Password> dbname=<DB>"
with your own values to run this script.
You can set the Tyk Dashboard up with a helper setup command script. This will get the Dashboard set up for the local instance:
sudo /opt/tyk-dashboard/install/setup.sh --listenport=3000 --redishost=<hostname> --redisport=6379 --storage=postgres --connection_string="host=<Postgres Host Name> port=<Port> user=<User> password=<Password> dbname=<DB>" --tyk_api_hostname=$HOSTNAME --tyk_node_hostname=http://localhost --tyk_node_port=8080 --portal_root=/portal --domain="XXX.XXX.XXX.XXX"
Note
Make sure to use the actual DNS hostname or the public IP of your instance as the last parameter.
What we have done here is:
--listenport=3000
: Told the Tyk Dashboard (and Portal) to listen on port 3000.--redishost=<hostname>
: The Tyk Dashboard should use the local Redis instance.--redisport=6379
: The Tyk Dashboard should use the default port.--domain="XXX.XXX.XXX.XXX"
: Bind the dashboard to the IP or DNS hostname of this instance (required).--storage=postgres
: Use storage type postgres.--connection_string="host=<Postgres Host Name> port=<Port> user=<User> password=<Password> dbname=<DB>"
: Use the postgres instance provided in the connection string(should always be the same as the gateway).--tyk_api_hostname=$HOSTNAME
: The Tyk Dashboard has no idea what hostname has been given to Tyk, so we need to tell it, in this instance we are just using the local HOSTNAME env variable, but you could set this to the public-hostname/IP of the instance.--tyk_node_hostname=http://localhost
: The Tyk Dashboard needs to see a Tyk node in order to create new tokens, so we need to tell it where we can find one, in this case, use the one installed locally.--tyk_node_port=8080
: Tell the dashboard that the Tyk node it should communicate with is on port 8080.--portal_root=/portal
: We want the portal to be shown on/portal
of whichever domain we set for the portal.
Step 1: Enter your Tyk Dashboard License
Add your license in /opt/tyk-dashboard/tyk_analytics.conf
in the license
field.
Step 2: Start the Tyk Dashboard
Start the dashboard service, and ensure it will start automatically on system boot.
sudo systemctl start tyk-dashboard
sudo systemctl enable tyk-dashboard
Step 3: Install your Tyk Gateway
Follow the Gateway installation instructions to connect to your Dashboard instance before you continue on to step 4.
Step 4: Bootstrap the Tyk Dashboard with an initial User and Organisation
Go to:
127.0.0.1:3000
You should get to the Tyk Dashboard Setup screen:
Step 5 - Create your Organisation and Default User
You need to enter the following:
- Your Organisation Name
- Your Organisation Slug
- Your User Email Address
- Your User First and Last Name
- A Password for your User
- Re-enter your user Password
Note
For a password, we recommend a combination of alphanumeric characters, with both upper and lower case letters.
Click Bootstrap to save the details.
Step 6 - Login to the Tyk Dashboard
You can now log in to the Tyk Dashboard from 127.0.0.1:3000
, using the username and password created in the Dashboard Setup screen.
Configure your Developer Portal
To set up your Developer Portal follow our Self-Managed tutorial on publishing an API to the Portal Catalogue.