API Management Get Started API References
Login 24/7 Support Community tyk.io

Red Hat (RHEL / CentOS)


    Requirements

    Ansible is required to run the following commands. Instructions on how install Tyk with shell is in the Shell tab.

    Getting Started

    1. clone the tyk-ansible repositry
    $ git clone https://github.com/TykTechnologies/tyk-ansible
    1. cd into the directory
    $ cd tyk-ansible
    1. Run initialisation script to initialise environment
    $ sh scripts/init.sh

    1. Modify hosts.yml file to update ssh variables to your server(s). You can learn more about the hosts file here

    2. Run ansible-playbook to install the following:

    • Redis
    • MongoDB or PostgreSQL
    • Tyk Dashboard
    • Tyk Gateway
    • Tyk Pump
    $ ansible-playbook playbook.yaml -t tyk-pro -t redis -t `mongodb` or `pgsql`

    You can choose to not install Redis, MongoDB or PostgreSQL by removing the -t redis or -t mongodb or -t pgsql However Redis and MongoDB or PostgreSQL are a requirement and need to be installed for the Tyk Pro installation to run.

    Supported Distributions

    Distribution Version Supported
    Amazon Linux 2
    CentOS 8
    CentOS 7
    RHEL 8
    RHEL 7

    Variables

    • vars/tyk.yaml
    Variable Default Comments
    secrets.APISecret 352d20ee67be67f6340b4c0605b044b7 API secret
    secrets.AdminSecret 12345 Admin secret
    redis.host Redis server host if different than the hosts url
    redis.port 6379 Redis server listening port
    redis.pass Redis server password
    redis.enableCluster false Enable if redis is running in cluster mode
    redis.storage.database 0 Redis server database
    redis.tls false Enable if redis connection is secured with SSL
    mongo.host MongoDB server host if different than the hosts url
    mongo.port 27017 MongoDB server listening port
    mongo.tls false Enable if mongo connection is secured with SSL
    pgsql.host PGSQL server host if different than the hosts url
    pgsql.port 5432 PGSQL server listening port
    pgsql.tls false Enable if pgsql connection is secured with SSL
    dash.license Dashboard license
    dash.service.host Dashboard server host if different than the hosts url
    dash.service.port 3000 Dashboard server listening port
    dash.service.proto http Dashboard server protocol
    dash.service.tls false Set to true to enable SSL connections
    gateway.service.host Gateway server host if different than the hosts url
    gateway.service.port 8080 Gateway server listening port
    gateway.service.proto http Gateway server protocol
    gateway.service.tls false Set to true to enable SSL connections
    gateway.sharding.enabled false Set to true to enable filtering (sharding) of APIs
    gateway.sharding.tags The tags to use when filtering (sharding) Tyk Gateway nodes. Tags are processed as OR operations. If you include a non-filter tag (e.g. an identifier such as node-id-1, this will become available to your Dashboard analytics)
    gateway.rpc.connString Use this setting to add the URL for your MDCB or load balancer host
    gateway.rpc.useSSL true Set this option to true to use an SSL RPC connection
    gateway.rpc.sslInsecureSkipVerify true Set this option to true to allow the certificate validation (certificate chain and hostname) to be skipped. This can be useful if you use a self-signed certificate
    gateway.rpc.rpcKey Your organisation ID to connect to the MDCB installation
    gateway.rpc.apiKey This the API key of a user used to authenticate and authorise the Gateway’s access through MDCB. The user should be a standard Dashboard user with minimal privileges so as to reduce any risk if the user is compromised. The suggested security settings are read for Real-time notifications and the remaining options set to deny
    gateway.rpc.groupId This is the zone that this instance inhabits, e.g. the cluster/data-centre the Gateway lives in. The group ID must be the same across all the Gateways of a data-centre/cluster which are also sharing the same Redis instance. This ID should also be unique per cluster (otherwise another Gateway cluster can pick up your keyspace events and your cluster will get zero updates).
    • vars/redis.yaml
    Variable Default Comments
    redis_bind_interface 0.0.0.0 Binding address of Redis

    Read more about Redis configuration here.

    • vars/mongodb.yaml
    Variable Default Comments
    bind_ip 0.0.0.0 Binding address of MongoDB
    mongodb_version 4.4 MongoDB version

    Read more about MongoDB configuration here.

    • vars/pgsql.yaml
    Variable Default Comments
    postgresql_databases[] [] Array of DBs to be created
    postgresql_databases[].name tyk_analytics Database name
    postgresql_users[] [] Array of users to be created
    postgresql_users[0].name default User name
    postgresql_users[0].password topsecretpassword User password
    postgresql_global_config_options[] [] Postgres service config options
    postgresql_global_config_options[1].option listen_addresses Listen address binding for the service
    postgresql_global_config_options[1].value * Default value to listen to all addresses
    postgresql_hba_entries[] [] Host based authenticaiton list
    postgresql_hba_entries[4].type host Entry type
    postgresql_hba_entries[4].database tyk_analytics Which database this entry will give access to
    postgresql_hba_entries[4].user default What users this gain access from this entry
    postgresql_hba_entries[4].address 0.0.0.0/0 What addresses this gain access from this entry
    postgresql_hba_entries[4].auth_method md5 What authentication method to to use for the users

    Read more about PostgreSQL configuration here.


    Requirements

    Before installing the Tyk components in the order below, you need to first install Redis and MongoDB/SQL.

    Getting Started


      Create a /etc/yum.repos.d/mongodb-org-4.0.repo file so that you can install MongoDB directly, using yum.

      [mongodb-org-4.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc

      We’re ready to go, you can now install MongoDB:

      sudo yum install -y mongodb-org

      Optionally initialize the database and enable automatic start:

      # Optionally ensure that MongoDB will start following a system reboot
sudo systemctl enable mongod
# start MongoDB server
sudo systemctl start mongod


      For the purpose of this tutorial, we’ll use PostgreSQL version 13. See Database options for our supported SQL platforms.

      Install the repository RPM:

      sudo dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm

      Disable the built-in PostgreSQL module:

      sudo dnf -qy module disable postgresql

      Install PostgreSQL:

      sudo dnf install -y postgresql13-server

      Initialize the database and enable automatic start:

      # Initialize database
sudo /usr/pgsql-13/bin/postgresql-13-setup initdb
# Optionally ensure that PostgreSQL will start following a system reboot
sudo systemctl enable postgresql-13
# start PostgreSQL server
sudo systemctl start postgresql-13

      Create a user and a database

      Create a new role/user

      sudo -u postgres createuser --interactive

      The name of the role can be “tyk” and say yes to make it a superuser

      Create a matching DB with the same name. Postgres authentication system assumes by default that for any role used to log in, that role will have a database with the same name which it can access.

      sudo -u postgres createdb tyk

      Add another user to be used to log into your operating system

      sudo adduser tyk

      Log in to your Database

      sudo -u tyk psql

      Update the user “tyk” to have a password

      ALTER ROLE tyk with PASSWORD '123456';

      Create a DB (my example is tyk_analytics)

      sudo -u tyk createdb tyk_analytics

      (you may be asked to accept the GPG key for our repos and when the package installs, hit yes to continue)

      Install EPEL

      EPEL (Extra Packages for Enterprise Linux) is a free, community based repository project from Fedora which provides high quality add-on software packages for Linux distribution including RHEL, CentOS, and Scientific Linux. EPEL isn’t a part of RHEL/CentOS but it is designed for major Linux distributions. In our case we need it for Redis, run this command to get it. Full instructions available here http://fedoraproject.org/wiki/EPEL#How_can_I_use_these_extra_packages.3F:

      sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo yum install -y epel-release
sudo yum update

      Install Redis

      sudo yum install -y redis

      Install Tyk Self-Managed on Red Hat (RHEL) / CentOS

      Installing Tyk on RHEL is very straightforward using our YUM repositories, follow the guides and tutorials in this section to have Tyk up and running in no time.

      The suggested order would be to install Tyk Dashboard, then Tyk Pump and then Tyk Gateway for a full stack.

      Note

      For a production environment, we recommend that the Gateway, Dashboard and Pump are installed on separate machines. If installing multiple Gateways, you should install each on a separate machine. See Planning for Production For more details.

      Improve this page
      Return to Top
      This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.
         Read More