Login 24/7 Support Community tyk.io

Debian / Ubuntu


Requirements

Ansible is required to run the following commands. Instructions on how install Tyk with shell is in the Shell tab.

Getting Started

  1. clone the tyk-ansible repositry
$ git clone https://github.com/TykTechnologies/tyk-ansible
  1. cd into the directory
$ cd tyk-ansible
  1. Run initalization script to initialize environment
$ sh scripts/init.sh
  1. Modify hosts.yml file to update ssh variables to your server(s). You can learn more about the hosts file here

  2. Run ansible-playbook to install the following:

  • Redis
  • MongoDB or PostgreSQL
  • Tyk Dashboard
  • Tyk Gateway
  • Tyk Pump
$ ansible-playbook playbook.yaml -t tyk-pro -t redis -t `mongodb` or `pgsql`

You can choose to not install Redis, MongoDB or PostgreSQL by removing the -t redis or -t mongodb or -t pgsql However Redis and MongoDB or PostgreSQL are a requirement and need to be installed for the Tyk Pro installation to run.

Supported Distributions

Distribution Version Supported
Debian 10
Debian 9
Ubuntu 21
Ubuntu 20
Ubuntu 18
Ubuntu 16

Variables

  • vars/tyk.yaml
Variable Default Comments
secrets.APISecret 352d20ee67be67f6340b4c0605b044b7 API secret
secrets.AdminSecret 12345 Admin secret
redis.host Redis server host if different than the hosts url
redis.port 6379 Redis server listening port
redis.pass Redis server password
redis.enableCluster false Enable if redis is running in cluster mode
redis.storage.database 0 Redis server database
redis.tls false Enable if redis connection is secured with SSL
mongo.host MongoDB server host if different than the hosts url
mongo.port 27017 MongoDB server listening port
mongo.tls false Enable if mongo connection is secured with SSL
pgsql.host PGSQL server host if different than the hosts url
pgsql.port 5432 PGSQL server listening port
pgsql.tls false Enable if pgsql connection is secured with SSL
dash.license Dashboard license
dash.service.host Dashboard server host if different than the hosts url
dash.service.port 3000 Dashboard server listening port
dash.service.proto http Dashboard server protocol
dash.service.tls false Set to true to enable SSL connections
gateway.service.host Gateway server host if different than the hosts url
gateway.service.port 8080 Gateway server listening port
gateway.service.proto http Gateway server protocol
gateway.service.tls false Set to true to enable SSL connections
gateway.sharding.enabled false Set to true to enable filtering (sharding) of APIs
gateway.sharding.tags The tags to use when filtering (sharding) Tyk Gateway nodes. Tags are processed as OR operations. If you include a non-filter tag (e.g. an identifier such as node-id-1, this will become available to your Dashboard analytics)
gateway.rpc.connString Use this setting to add the URL for your MDCB or load balancer host
gateway.rpc.useSSL true Set this option to true to use an SSL RPC connection
gateway.rpc.sslInsecureSkipVerify true Set this option to true to allow the certificate validation (certificate chain and hostname) to be skipped. This can be useful if you use a self-signed certificate
gateway.rpc.rpcKey Your organisation ID to connect to the MDCB installation
gateway.rpc.apiKey This the API key of a user used to authenticate and authorise the Gateway’s access through MDCB. The user should be a standard Dashboard user with minimal privileges so as to reduce any risk if the user is compromised. The suggested security settings are read for Real-time notifications and the remaining options set to deny
gateway.rpc.groupId This is the zone that this instance inhabits, e.g. the cluster/data-centre the Gateway lives in. The group ID must be the same across all the Gateways of a data-centre/cluster which are also sharing the same Redis instance. This ID should also be unique per cluster (otherwise another Gateway cluster can pick up your keyspace events and your cluster will get zero updates).
  • vars/redis.yaml
Variable Default Comments
redis_bind_interface 0.0.0.0 Binding address of Redis

Read more about Redis configuration here.

  • vars/mongodb.yaml
Variable Default Comments
bind_ip 0.0.0.0 Binding address of MongoDB
mongodb_version 4.4 MongoDB version

Read more about MongoDB configuration here.

  • vars/pgsql.yaml
Variable Default Comments
postgresql_databases[] [] Array of DBs to be created
postgresql_databases[].name tyk_analytics Database name
postgresql_users[] [] Array of users to be created
postgresql_users[0].name default User name
postgresql_users[0].password topsecretpassword User password
postgresql_global_config_options[] [] Postgres service config options
postgresql_global_config_options[1].option listen_addresses Listen address binding for the service
postgresql_global_config_options[1].value * Default value to listen to all addresses
postgresql_hba_entries[] [] Host based authenticaiton list
postgresql_hba_entries[4].type host Entry type
postgresql_hba_entries[4].database tyk_analytics Which database this entry will give access to
postgresql_hba_entries[4].user default What users this gain access from this entry
postgresql_hba_entries[4].address 0.0.0.0/0 What addresses this gain access from this entry
postgresql_hba_entries[4].auth_method md5 What authentication method to to use for the users

Read more about PostgreSQL configuration here.


Requirements

Before installing the Tyk components in the order below, you need to first install Redis and MongoDB/SQL.

Getting Started

Install MongoDB 4.0

You should follow the online tutorial for installing MongoDb. We will be using version 4.0. As part of the Mongo installation you need to perform the following:

  1. Import the public key
  2. Create a list file
  3. Reload the package database
  4. Install the MongoDB packages
  5. Start MongoDB
  6. Check the mongod service is running

Install SQL

See SQL configuration for details on installing SQL in a production environment.

Install Redis

sudo apt-get install -y redis-server

Install Tyk Pro on Ubuntu

Installing Tyk on Ubuntu is very straightforward using our APT repositories, follow the guides and tutorials in this section to have Tyk up and running in no time.

The suggested order would be to install Tyk Dashboard, then Tyk Pump and then Tyk Gateway for a full stack.

Note

For a production environment, we recommend that the Gateway, Dashboard and Pump are installed on separate machines. If installing multiple Gateways, you should install each on a separate machine. See Planning for Production For more details.