Cannot Connect To Portal

Support Installation and Deployment
3

Imported Google Group message.
Sender:John Williams.
Date:Friday, 15 May 2015 08:58:44 UTC+1.

Hi Martin;

Thanks so much for the quick response.

These are the instructions I used to install:

https://tyk.io/v1.6/setup/quickstart/

I ran:

$ ./tyk_quickstart.sh 127.0.0.1
To install the application. That went smoothly.

i can access the dash board on port 3000 with no problems via http://xxx.xxx.xxx.xxx:3000

I set up the portal by clicking “Settings” and doing the other functions too.

I then tried to access the portal but it gave the the “Authorisation Token Required”

If I run:

$ curl http://testorg.tyk.docker:8888/portal/

The response is the portal page HTML so I am fairly certain it is installed and running.

If I try and access to he portal through a browser, that is when it gives me the:

error: Authorzation required.

It seems as though the browser is routing though the api page not the portal

127.0.0.1 testorg.tyk.docker
127.0.0.1 test-api.testorg.tyk.docker

It looks like every is routing through the second entry.

Many thanks for your time. I am a noob so sorry if I have made a really obvious error!

Thanks

T

  • show quoted text -
4

Imported Google Group message.
Sender:Martin Buhr.
Date:Friday, 15 May 2015 09:04:03 UTC+1.

Hi,

How odd :-/

This is a silly thing to check, but you do need to make sure that you are adding that trailing slash:

http://testorg.tyk.docker:8888/portal/

If curl is picking it up, then yoru config is all set up and working, maybe try an incognito browser window?

Thanks,
Martin

  • show quoted text -
5

Imported Google Group message.
Sender:John Williams.
Date:Friday, 15 May 2015 09:12:47 UTC+1.

Hey;

http://xxx.xxx.xxx.xxx:8888/portal/

This gives the authorisation error

http://xxx.xxx.xxx.xxx:8080/portal/

this gives a 404 not found.

The tyk.conf file says tyk is listening on 8080

It is all very weird. Not sure what is going on.

  • show quoted text -
6

Imported Google Group message.
Sender:Martin Buhr.
Date:Friday, 15 May 2015 09:25:44 UTC+1.

Hi Eigo,

The tyk.conf file only control the gateway, not the portal. it looks like you are trying to access things via IP addresses, the portal requires a domain, which is why we make you set up the hosts file.

If you click this link: http://testorg.tyk.docker:8888/portal/ what hapens?

Just to clarify, there are three containers:
tyk_gateway (this is listening on 8080, but you need to access it with the docker container IP, this ONLY handles API’s, it has nothing to do with the portal, this is the core proxy
tyk_nginx (this is listening on 8888 and is the main way into the system), this is the host maanger, it handles routing, it will translate requests such as http://your-api.uyou-organisation.domain.com/resource to somethig the gateway can use, i.e. http://upstream_tyk_gatway_host:8080/api-id/resource, api-id’s are massive UUIDs so it’s unlikely you would want to use them, but you can for testing, see the tvagrant quickstart for an example
tyk_dashboard (this is the dashboard and listens on 3000), this also hosts the portal, the portal is _actually _ on http://tyk_dashboard_ip:3000/org-id/portal/ - here the org-id is another long UUID which you probably don’t wantt o expose, the host maanger templates out the url rewrites for you under the hood so you never need to deal with this.
For the portal, you have to go through the domains you’ve set up in your hosts file, since you are using the quickstart, so not an IP address but http://testorg.tyk.docker:8888/portal/, since the host manager is telling nginx to explicitly listen for that domain and redirects to the appropriate oints in the Tyk stack.

It’s a little complex, but that’s because the components can be deployed in so many different ways and aren’t dependent on one another, you can add the ones you need depending on your setup, the quickstart just bundles them in a very specific way to make it all work out of the box.

thanks,
Martin

  • show quoted text -
1 Like
7

Imported Google Group message.
Sender:John Williams.
Date:Friday, 15 May 2015 09:41:19 UTC+1.

Hello;

Roger that! I think I understand. I have installed on a remote EC2 instance which is why I cannot access:

http://testorg.tyk.docker:8888/portal/

If I understand correctly I need to configure a working domain (add to etc/hosts?) that points to the tyk stack and then let tyk handle everything from there?

https://tyk.io/v1.6/setup/installation-nginx/

Is that what I would need to do to get this running?

Do I need to install NGINX or would i configure ty_nginx.

Everything seems to be fine it is just the authorisation error that I am worried about. In the dashboard all requests for portal are coming from a Key (00000000000) and they are all failing. it seems like there may be an additional step I forgot to do.

Sorry for the bother. Really keen to get this up and running. It is exactly what we were looking for.

Thanks

T

  • show quoted text -
8

Imported Google Group message.
Sender:Martin Buhr.
Date:Friday, 15 May 2015 10:11:43 UTC+1.

Hi Eigo,

The quickstart really isn’t appropriate for an EC2 instance deployment, it configures things quite specifically for a local set up (hence the host file changes).

I would suggest you get docker installed on your local machine (if you are running OSX then get yourself Kitematic - just make sure you modify your hosts file appropriately)

To get set up on an EC2 instance you will need ot set up a domain, ideally a wildcard for subdomains and point it at your ec2 instance, you’d then need to change the templates in the tyk_nginx docker to use your new domain, and then it might work. I’d strongly suggest getting things up and running locally so you can get familiar with the system and how it’s structured before attempting a deployment.

The authorisation error is absolutely nothing to worry about because that is the tyk gateway responding to what it thinks is an upstream API request and is blocking it, because your routing is misconfigured it is:

  1. Sending requests to the gateway
  2. The gatewway can;t identify the API ID it is meant to route to and so errors
  3. It reports an empty key because the whole request is invalid

This is untested, and a longhot, but you could try this:

Get a domain and assign the wildcard subdomain to point at your ec2 instance.

In th quickstart.sh, modify this line:

echo “Setting up NginX and Host Manager”
docker run -d --name tyk_nginx -p 8888:80 --link tyk_gateway:tyk_gateway --link tyk_dashboard:tyk_dashboard --link tyk_mongo:tyk_mongo --link tyk_redis:tyk_redis -e DOMAINALIAS=tyk.docker tykio/tyk-host-manager

And replace DOMAINALIAS=tyk.docker with DOMAINALIAS=YOUR_DOMAIN_NAME

(You could also just kill the tyk_nginx container (docker stop tyk_nginx && docker rm tyk_nginx) and run the above command manually, what it will do is set the environment variable DOMAINALIAS to the doain of your EC2 instance, when the host manager container starts up, it fixes the nginx templates to use your new domain name.

Thanks,
Martin

  • show quoted text -
9

Imported Google Group message.
Sender:John Williams.
Date:Friday, 15 May 2015 10:23:11 UTC+1.

Yo Rock! Will follow this lead and make it work!

Thanks and if I can help with documentation etc. Let me know. You are perhaps the first person to ever get back to me with such detailed and friendly and helpful advice and I want to try and say thanks in a meaning full way.

Warmest;

Toby

  • show quoted text -
10

Imported Google Group message.
Sender:John Williams.
Date:Sunday, 17 May 2015 03:27:14 UTC+1.

Managed to get this working.

I had to uninstall the QuickStart stuff and start from a blank server again.

Installed:

app
dashboard
nginx
phalcon (optional I am using this framework)

There was a problem with the routing. There was an error generated that the organisation id could not be found so I created a new user and organisation. I copied the organisation id into the config file and hard coded this:

Portal redirect by OrgID

location /portal/ {

    rewrite /portal/(.*) /***YOUR_OWN_ORGID*****/portal/$1 break;

This got everything up and running well.

Still unable to create keys from the portal but for now I have everything that I need to be able to test fully.

I picked up some errors in the code that was posted to the TYK website. Missing quotes, etc that may cause others trouble.

Let me know if you would like me to post these somewhere for you.

Really happy with this. Good job guy!

T

  • show quoted text -
11

Imported Google Group message.
Sender:Martin Buhr.
Date:Tuesday, 19 May 2015 15:55:15 UTC+1.

Hi Eigo,

Great to hear you got things working :smiley:

If you send me (my direct email will be copiesd in this message) the errors you found in the guide we’ll make sure to fix them.

Cheers,
Martin

  • show quoted text -
12

Today I tried to set the portal through “Your Developer Portal” → “Set your portal domain” option through the Tyk Dashboard.

I used the same domain I gave for the Tyk dashboard to be the portal domain (dashboard.tyk-local.com and portal.tyk-local.com), and a different domain afterwards. Both (http://dashboard.tyk-local.com:3000/portal and http://portal.tyk-local.com:3000/portal) failed with the below error, when I click the “Open your portal option”.

“Not Found”

Do I still need to configure nginx, Tyk Host Manager, etc?
From https://tyk.io/docs/tyk-api-gateway-v1-9/host-manager/ Tyk Host Manager is deprecated.

I do not have them configured. I just have Tyk-dashboard and Tyk-gateway configured. I also have TIB. But I do not think it is related to this error in anyway.

13
  1. You can’t use the same domain for either (see the other thread)
  2. You will need to include the port in your portal domain name

So for your dash, move it to a different host, put it on port 80 and then you won’t need to specify a port for the domain name

14

I set my dashboard to run on lion.bmi.emory.edu:3000. All is going well.

Now back to setting up the developer portal as above. This time, I did not use the same domain as you explained in this and the other (Panic Crash on Ubuntu X86 - #6 by Martin) thread.

I used the below as the new domain.
portal.tyk-local.com:8080

Please note that 8080 is configured as the portal port, as following the default configuration elaborated in the documentation.

Now, the dashboard throws the below error message, when I click “Set”.
“There was a problem updating your CNAME, please contact support”

tail -f /var/log/tyk-dashboard.stderr indicates the below.
time=“Jul 7 12:42:54” level=error msg=“INvalid domain supplied, not saving: portal.tyk-local.com:8080

My tyk_analytics.conf is as below.

"host_config": {
    "enable_host_names": true,
    "disable_org_slug_prefix": true,
    "hostname": "lion.bmi.emory.edu",
    "override_hostname": "localhost",
    "portal_domains": {},
    "portal_root_path": "/portal",
    "generate_secure_paths": false
},
"http_server_options": {
    "use_ssl": false,
    "certificates": [
        {
            "domain_name": "",
            "cert_file": "",
            "key_file": ""
        }
    ],
    "min_version": 0
},

So it is not the same issue reported in Setting up developer portals - #4 by Martin

What could have gone wrong? Pls note, I am running Tyk on Centos 7.

15

The validator for domain names is crazy strict in the UI, so it fails the domain you are trying to use, try with something more standard and it will work.

The portal will be running on the same port as the dashboard, so not sure what you are talking about port 8080, that’s for the gateway.

1 Like
16

oh, yes. Thanks for catching that. Yes, it was portal.tyk-local.com:3000 which I messed up in copy-pasting.

Now coming back, I did not realize that portal.tyk-local.com:3000 was not a standard domain. You suggest dropping the ‘-’, and try a domain such as portal.tyk.com?

That seems a bit weird in the validation. But I will give a try this morning and get back to you. :slight_smile:

17

@Martin I tried with portal.tyk.com:3000 which I think is a standard domain. It is still failing with the same error:

ERROR INvalid domain supplied, not saving: portal.tyk.com:3000

Any hint on what is going on?

Thank you.
Regards,
Pradeeban.

18

I would suggest using the Dashboard Organisations REST API to set the CNAME property of your org. The drop-down option only really likes very standard domains, no port number.

19

I am not exactly sure how to use Dashboard Organisations REST API to set the CNAME property of the organization. Is there a documentation or tutorial that I missed?

Thank you.
Pradeeban.

20

This post a little old, just adding my findings here about the “set your domain portal”

Updating the cname through the dashboard admin API works in both cases above.

21

Hi Folks,

I was trying to install using quickstart GitHub - TykTechnologies/tyk-pro-docker-demo: Tyk Pro demo using docker and docker compose, supercedes tyk_quickstart in an EC2.

Wonder if anyone attempted it by fronting with a reverse proxy?

I am able to access to dashboard with the ec2 public dns, but no avail if i try accessing the developer portal.

Within the EC2 instance, i can get a response from http://www.tyk-portal-test.com:3000/portal/ and http://www.tyk-test.com:3000 after appending them into /etc/hosts.

My nginx config

server {
  listen 80;
  server_name ec2.public.dns;
  access_log    /var/log/nginx/access.log main;

  location / {
    proxy_set_header        Host $host:$server_port;
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        X-Forwarded-Proto $scheme;
    proxy_pass              http://www.tyk-test.com:3000;
  }

  location /portal {
    proxy_set_header        Host $host:$server_port;
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        X-Forwarded-Proto $scheme;
    proxy_pass              http://www.tyk-portal-test.com:3000/portal/;
  }
}

I tested in my local machine, so its all good. Just that if you want to tinker with the configurations, please remember to purge the docker volume.