Cloud Login Install

Red Hat (RHEL / CentOS)

Requirements

  • Ansible - required for running the commands below. Use the Shell tab for instructions to install Tyk from a shell.
  • Ensure port 8080 is open: this is used in this guide for Gateway traffic (the API traffic to be proxied).

Getting Started

  1. clone the tyk-ansible repository
$ git clone https://github.com/TykTechnologies/tyk-ansible
  1. cd into the directory
$ cd tyk-ansible
  1. Run the initalisation script to initialise your environment
$ sh scripts/init.sh
  1. Modify the hosts.yml file to update ssh variables to your server(s). You can learn more about the hosts file here

  2. Run ansible-playbook to install tyk-ce

$ ansible-playbook playbook.yaml -t tyk-ce -t redis

You can choose to not install Redis by using -t redis. However Redis is a requirement and needs to be installed for the Tyk Gateway to run.

Supported Distributions

Distribution Version Supported
Amazon Linux 2
CentOS 8
CentOS 7
RHEL 8
RHEL 7

Variables

  • vars/tyk.yaml
Variable Default Comments
secrets.APISecret 352d20ee67be67f6340b4c0605b044b7 API secret
secrets.AdminSecret 12345 Admin secret
redis.host Redis server host if different than the hosts url
redis.port 6379 Redis server listening port
redis.pass Redis server password
redis.enableCluster false Enable if redis is running in cluster mode
redis.storage.database 0 Redis server database
redis.tls false Enable if redis connection is secured with SSL
gateway.service.host Gateway server host if different than the hosts url
gateway.service.port 8080 Gateway server listening port
gateway.service.proto http Gateway server protocol
gateway.service.tls false Set to true to enable SSL connections
gateway.sharding.enabled false Set to true to enable filtering (sharding) of APIs
gateway.sharding.tags The tags to use when filtering (sharding) Tyk Gateway nodes. Tags are processed as OR operations. If you include a non-filter tag (e.g. an identifier such as node-id-1, this will become available to your Dashboard analytics)
  • vars/redis.yaml
Variable Default Comments
redis_bind_interface 0.0.0.0 Binding address of Redis

Read more about Redis configuration here.

Requirements

  • Ensure port 8080 is open: this is used in this guide for Gateway traffic (the API traffic to be proxied).
  • EPEL (Extra Packages for Enterprise Linux) is a free, community based repository project from Fedora which provides high quality add-on software packages for Linux distribution including RHEL, CentOS, and Scientific Linux. EPEL isn’t a part of RHEL/CentOS but it is designed for major Linux distributions. In our case we need it for Redis. Install EPEL using the instructions here.

Install Redis using EPEL

$ sudo yum install -y redis

Note

You may be asked to accept the GPG key for our repos and when the package installs, click yes to continue.

  • Tyk requires Python 3.4. Install via the following command:
$ sudo yum install python34

Start Redis

In many cases Redis might not be running, so let’s start that:

$ sudo service redis start

Run Installation Scripts via our PackageCloud Repositories

From https://packagecloud.io/tyk/tyk-gateway you have the following options:

Configuring The Gateway

You can set up the core settings for the Tyk Gateway with a single setup script, however for more involved deployments you will want to provide your own configuration file.

Note

You need to replace <hostname> for --redishost=<hostname> with your own value to run this script.

sudo /opt/tyk-gateway/install/setup.sh --listenport=8080 --redishost=<hostname> --redisport=6379 --domain=""

What you’ve done here is told the setup script that:

  • --listenport=8080: Listen on port 8080 for API traffic.
  • --redishost=<hostname>: The hostname for Redis.
  • --redisport=6379: Use port 6379 for Redis.
  • --domain="": Do not filter domains for the Gateway, see the note on domains below for more about this.

In this example, you don’t want Tyk to listen on a single domain. It is recommended to leave the Tyk Gateway domain unbounded for flexibility and ease of deployment.

Starting Tyk

The Tyk Gateway can be started now that it is configured. Use this command to start the Tyk Gateway:

sudo service tyk-gateway start

Next Steps Tutorials

Follow the Tutorials on the Community Edition tabs for the following:

  1. Add an API
  2. Create a Security Policy
  3. Create an API Key