Red Hat (RHEL / CentOS)
Requirements
- Ansible - required for running the commands below. Use the Shell tab for instructions to install Tyk from a shell.
- Ensure port
8080
is open: this is used in this guide for Gateway traffic (the API traffic to be proxied).
Getting Started
- clone the tyk-ansible repository
$ git clone https://github.com/TykTechnologies/tyk-ansible
cd
into the directory
$ cd tyk-ansible
- Run the initalisation script to initialise your environment
$ sh scripts/init.sh
-
Modify the
hosts.yml
file to update ssh variables to your server(s). You can learn more about the hosts file here -
Run ansible-playbook to install
tyk-ce
$ ansible-playbook playbook.yaml -t tyk-ce -t redis
You can choose to not install Redis by using -t redis
. However Redis is a requirement and needs to be installed for the Tyk Gateway to run.
Supported Distributions
Distribution | Version | Supported |
---|---|---|
Amazon Linux | 2 | ✅ |
CentOS | 8 | ✅ |
CentOS | 7 | ✅ |
RHEL | 8 | ✅ |
RHEL | 7 | ✅ |
Variables
vars/tyk.yaml
Variable | Default | Comments |
---|---|---|
secrets.APISecret | 352d20ee67be67f6340b4c0605b044b7 |
API secret |
secrets.AdminSecret | 12345 |
Admin secret |
redis.host | Redis server host if different than the hosts url | |
redis.port | 6379 |
Redis server listening port |
redis.pass | Redis server password | |
redis.enableCluster | false |
Enable if redis is running in cluster mode |
redis.storage.database | 0 |
Redis server database |
redis.tls | false |
Enable if redis connection is secured with SSL |
gateway.service.host | Gateway server host if different than the hosts url | |
gateway.service.port | 8080 |
Gateway server listening port |
gateway.service.proto | http |
Gateway server protocol |
gateway.service.tls | false |
Set to true to enable SSL connections |
gateway.sharding.enabled | false |
Set to true to enable filtering (sharding) of APIs |
gateway.sharding.tags | The tags to use when filtering (sharding) Tyk Gateway nodes. Tags are processed as OR operations. If you include a non-filter tag (e.g. an identifier such as node-id-1 , this will become available to your Dashboard analytics) |
vars/redis.yaml
Variable | Default | Comments |
---|---|---|
redis_bind_interface | 0.0.0.0 |
Binding address of Redis |
Read more about Redis configuration here.
Requirements
- Ensure port
8080
is open: this is used in this guide for Gateway traffic (the API traffic to be proxied). - EPEL (Extra Packages for Enterprise Linux) is a free, community based repository project from Fedora which provides high quality add-on software packages for Linux distribution including RHEL, CentOS, and Scientific Linux. EPEL isn’t a part of RHEL/CentOS but it is designed for major Linux distributions. In our case we need it for Redis. Install EPEL using the instructions here.
Install Redis using EPEL
$ sudo yum install -y redis
Note
You may be asked to accept the GPG key for our repos and when the package installs, click yes to continue.
- Tyk requires Python 3.4. Install via the following command:
$ sudo yum install python34
Start Redis
In many cases Redis might not be running, so let’s start that:
$ sudo service redis start
Run Installation Scripts via our PackageCloud Repositories
From https://packagecloud.io/tyk/tyk-gateway you have the following options:
-
Via the correct package for your RHEL version. We have packages for the following:
-
RHEL 7
-
RHEL 6
-
Via Quick Installation Instructions. You can use:
Configuring The Gateway
You can set up the core settings for the Tyk Gateway with a single setup script, however for more involved deployments you will want to provide your own configuration file.
Note
You need to replace <hostname>
for --redishost=<hostname>
with your own value to run this script.
sudo /opt/tyk-gateway/install/setup.sh --listenport=8080 --redishost=<hostname> --redisport=6379 --domain=""
What you’ve done here is told the setup script that:
--listenport=8080
: Listen on port8080
for API traffic.--redishost=<hostname>
: The hostname for Redis.--redisport=6379
: Use port6379
for Redis.--domain=""
: Do not filter domains for the Gateway, see the note on domains below for more about this.
In this example, you don’t want Tyk to listen on a single domain. It is recommended to leave the Tyk Gateway domain unbounded for flexibility and ease of deployment.
Starting Tyk
The Tyk Gateway can be started now that it is configured. Use this command to start the Tyk Gateway:
sudo service tyk-gateway start
Next Steps Tutorials
Follow the Tutorials on the Community Edition tabs for the following: