Endpoint Designer routes can't by save and it doesn't work


#1

Hi

I am trying to create a demo and additionally I am using tyk in the docker-compose version for that purpose. For the demo I am using the dashboard because in de future our company is planning to use the dashboard for statistics. My problem is when I try to create a Endpoint Designer route the dash board does no save the route like the next example and the complete context for my problem. I don’t know if I did something else wrong please let me know.
API URL: http://www.tyk-portal-test.com/test-api/

Can you help me to understand what is wrong? why the routes can’t be save?

Thank you in advance.


#2

Mocks need to be also part of a list (e.g. white list), otherwise they don’t work. When Tyk is parsing the routes, it is probably losing that data because they are not part of a list object. This only affects mocks


#3

Hi Martin
Thanks for the quick response. You are right, it is working fine and now is saving. However when I am doing the api call to the http://localhost:3000/test-api/ using post, it said that the API rout that I just created in TYK is not working, why? if the route said that is active.


#4

Can you share your tyk gateway log? It’ll be in there. It could be that the API hasn’t loaded yet, there’s a 10s delay for reloads so that we can batch them.


#5

Hi Martin

Thank you again, course I can send you the logs. here is what the logs are showing:

time=“2016-01-28T18:53:01Z” level=info msg=“Reload signal received, reloading endpoints”
time=“2016-01-28T18:53:03Z” level=info msg=“Reload signal received, reloading endpoints”
time=“2016-01-28T18:53:04Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:53:11Z” level=info msg=“Detected 4 APIs”
time=“2016-01-28T18:53:11Z” level=info msg="–> Loading API: Portal Assets"
time=“2016-01-28T18:53:11Z” level=info msg="----> Tracking: www.tyk-portal-test.com"
time=“2016-01-28T18:53:11Z” level=info msg="----> Checking security policy: Open"
time=“2016-01-28T18:53:11Z” level=info msg="–> Loading API: Portal API"
time=“2016-01-28T18:53:11Z” level=info msg="----> Tracking: www.tyk-portal-test.com"
time=“2016-01-28T18:53:11Z” level=info msg="----> Checking security policy: Open"
time=“2016-01-28T18:53:11Z” level=info msg="–> Loading API: Portal"
time=“2016-01-28T18:53:11Z” level=info msg="----> Tracking: www.tyk-portal-test.com"
time=“2016-01-28T18:53:11Z” level=info msg="----> Checking security policy: Open"
time=“2016-01-28T18:53:11Z” level=info msg="–> Loading API: test-api"
time=“2016-01-28T18:53:11Z” level=info msg="----> Tracking: tyk-portal-test"
time=“2016-01-28T18:53:11Z” level=info msg="----> Checking security policy: Open"
time=“2016-01-28T18:53:11Z” level=info msg=“Loading uptime tests…”
time=“2016-01-28T18:53:11Z” level=info msg="—> Adding uptime test: http://0.0.0.0:5000/"
time=“2016-01-28T18:53:11Z” level=info msg=“Loaded 0 policies "
time=“2016-01-28T18:53:11Z” level=info msg=“API reload complete”
time=“2016-01-28T18:53:34Z” level=warning msg=”[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:54:01Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:54:28Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:54:55Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:55:27Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:55:54Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:56:06Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:56:38Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:57:00Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:57:12Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:57:22Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:57:33Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:58:01Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:58:11Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:58:39Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:58:48Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:59:14Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T18:59:39Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T19:00:07Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T19:00:36Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T19:01:08Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T19:01:38Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T19:02:11Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"
time=“2016-01-28T19:02:42Z” level=warning msg="[HOST CHECKER MANAGER] Host is DOWN: http://0.0.0.0:5000/"

and this is my test that http://0.0.0.0:5000/ is working fine:

I don’t know why is not connecting.


#6

have you set a domain for this API? It looks like it? You shouldn’t need to.

Have you tried following our quick start doc to set up your first API?


#7

Hi Martin

Thank you for the response. I used the documentation before but it didn’t work because as soon I add the endpoint and I try to get the information with curl -H “Authorization: null” http://localhost/test-api/get it says that :
{
“error”: “Requested endpoint is forbidden”
}
However, ever I believe that is because of the way that I am creating the curl call. To this point I believe that my call should be different to generate the request with body and everything but I don’t know, I haven’t read all the documentation.


#8

Hi,

Yeah, you need to create a token, and then add it to the curl request:

curl -H "Authorization: <your-token-here>" http://localhost/test-api/get

Otherwise Tyk will just block the request, sonce the token is invalid and can’t authenticate :slightly_smiling:


#9

Hi Martin

I just tried an stiil doesn’t works:
[email protected]:~/GIT/tyk/tyk_quickstart$ curl -H “Authorization: 56aa831c27712f00010000010267d921a3a44bd847ecd96613f2a36” http://localhost/test-api/get
{
“error”: “Requested endpoint is forbidden”
}

time=“2016-01-28T21:41:12Z” level=warning msg=“Tracked quota reset for key: 56aa831c27712f00010000010267d921a3a44bd847ecd966613f2a36”
time=“2016-01-28T21:41:12Z” level=info msg=“Setting key quota: quota-85de2fb4”
time=“2016-01-28T21:42:41Z” level=info msg=“Reload signal received, reloading endpoints”
time=“2016-01-28T21:42:51Z” level=info msg=“Detected 4 APIs”
time=“2016-01-28T21:42:51Z” level=info msg="–> Loading API: Portal Assets"
time=“2016-01-28T21:42:51Z” level=info msg="----> Tracking: www.tyk-portal-test.com"
time=“2016-01-28T21:42:51Z” level=info msg="----> Checking security policy: Open"
time=“2016-01-28T21:42:51Z” level=info msg="–> Loading API: Portal API"
time=“2016-01-28T21:42:51Z” level=info msg="----> Tracking: www.tyk-portal-test.com"
time=“2016-01-28T21:42:51Z” level=info msg="----> Checking security policy: Open"
time=“2016-01-28T21:42:51Z” level=info msg="–> Loading API: Portal"
time=“2016-01-28T21:42:51Z” level=info msg="----> Tracking: www.tyk-portal-test.com"
time=“2016-01-28T21:42:51Z” level=info msg="----> Checking security policy: Open"
time=“2016-01-28T21:42:51Z” level=info msg="–> Loading API: Test API"
time=“2016-01-28T21:42:51Z” level=info msg="----> Tracking: (no host)"
time=“2016-01-28T21:42:51Z” level=info msg="----> Checking security policy: Token"
time=“2016-01-28T21:42:51Z” level=info msg=“Loading uptime tests…”
time=“2016-01-28T21:42:51Z” level=info msg=“Loaded 0 policies "
time=“2016-01-28T21:42:51Z” level=info msg=“API reload complete”
time=“2016-01-28T21:43:03Z” level=info msg=“Reload signal received, reloading endpoints”
time=“2016-01-28T21:43:13Z” level=info msg=“Detected 4 APIs”
time=“2016-01-28T21:43:13Z” level=info msg=”–> Loading API: Portal Assets"
time=“2016-01-28T21:43:13Z” level=info msg="----> Tracking: www.tyk-portal-test.com"
time=“2016-01-28T21:43:13Z” level=info msg="----> Checking security policy: Open"
time=“2016-01-28T21:43:13Z” level=info msg="–> Loading API: Portal API"
time=“2016-01-28T21:43:13Z” level=info msg="----> Tracking: www.tyk-portal-test.com"
time=“2016-01-28T21:43:13Z” level=info msg="----> Checking security policy: Open"
time=“2016-01-28T21:43:13Z” level=info msg="–> Loading API: Portal"
time=“2016-01-28T21:43:13Z” level=info msg="----> Tracking: www.tyk-portal-test.com"
time=“2016-01-28T21:43:13Z” level=info msg="----> Checking security policy: Open"
time=“2016-01-28T21:43:13Z” level=info msg="–> Loading API: Test API"
time=“2016-01-28T21:43:13Z” level=info msg="----> Tracking: (no host)"
time=“2016-01-28T21:43:13Z” level=info msg="----> Checking security policy: Token"
time=“2016-01-28T21:43:13Z” level=info msg=“Loading uptime tests…”
time=“2016-01-28T21:43:13Z” level=info msg="Loaded 0 policies "
time=“2016-01-28T21:43:13Z” level=info msg=“API reload complete”

According with my dashboard, the endpoint was created.


#10

Ah, it’s because your path in your API definition is wrong, your API is on http://localhost/test-api/

Asking for /get will proxy to -> httpbin.org/get (If that is your target).

But you have added a route to a whitelist which is: http://0.0.0.0:5000/

Which, in proxy terms, would be: http://localhost/test-api/http://0.0.0.0:5000/, which is totally invalid. And since it’s a white-list, only that pattern will pass, so your request to /get is not on the white list, so it will fail.

The path you put in the designer is for routes that are on your target. So for example, httpbin.org has:

  • /get
  • /post
  • /put
  • etc…

So to white list those endpoints simply add get, post, and put as paths (with the methods GET, POST and PUT) and then those will be allowed through, but all others will fail.

Hope that clarifies things :slightly_smiling:


#11

Hi

Ooohh! I got my issue, thank you. However, how I can define my endpoint, so I can call my rest service that is in http://0.0.0.0:5000/?


#12

Just set it as the target in the main API editor view instead of whatever was there before (probably httpbin.org if you did the tutorial).

:slight_smile:


#13

Hi

I didt but then there is going to show a proxy error:

time=“2016-01-28T23:39:26Z” level=error msg=“http: proxy error: dial tcp [::1]:80: getsockopt: connection refused”
time=“2016-01-28T23:42:06Z” level=info msg=“Reload signal received, reloading endpoints”
time=“2016-01-28T23:42:16Z” level=info msg=“Detected 4 APIs”
time=“2016-01-28T23:42:16Z” level=info msg="–> Loading API: Portal Assets"
time=“2016-01-28T23:42:16Z” level=info msg="----> Tracking: www.tyk-portal-test.com"
time=“2016-01-28T23:42:16Z” level=info msg="----> Checking security policy: Open"
time=“2016-01-28T23:42:16Z” level=info msg="–> Loading API: Portal API"
time=“2016-01-28T23:42:16Z” level=info msg="----> Tracking: www.tyk-portal-test.com"
time=“2016-01-28T23:42:16Z” level=info msg="----> Checking security policy: Open"
time=“2016-01-28T23:42:16Z” level=info msg="–> Loading API: Portal"
time=“2016-01-28T23:42:16Z” level=info msg="----> Tracking: www.tyk-portal-test.com"
time=“2016-01-28T23:42:16Z” level=info msg="----> Checking security policy: Open"
time=“2016-01-28T23:42:16Z” level=info msg="–> Loading API: Test API"
time=“2016-01-28T23:42:16Z” level=info msg="----> Tracking: (no host)"
time=“2016-01-28T23:42:16Z” level=info msg="----> Checking security policy: Token"
time=“2016-01-28T23:42:16Z” level=info msg=“Loading uptime tests…”
time=“2016-01-28T23:42:16Z” level=info msg="Loaded 0 policies "
time=“2016-01-28T23:42:16Z” level=info msg=“API reload complete”


#14

That looks like your API isn’t actually running on 0.0.0.0 on port 5000, is it running on 127.0.0.1?


#15

Hi martin

I already tried in 127.0.0.1, 0.0.0.0 and localhost and the answer in the logs still the same look:

This is the report in where is my apis listening:

This is a test with 0.0.0.0:
time=“2016-01-29T00:41:07Z” level=error msg=“http: proxy error: dial tcp 0.0.0.0:5000: getsockopt: connection refused”

This is a test with 127.0.0.1:
time=“2016-01-29T00:40:25Z” level=error msg=“http: proxy error: dial tcp 127.0.0.1:5000: getsockopt: connection refused”

This is a test with localhost:
time=“2016-01-29T00:37:53Z” level=error msg=“http: proxy error: dial tcp [::1]:5000: getsockopt: connection refused”

This is a test from postman to show you that the APIs are up in http://0.0.0.0:5000:


#16

That might be fine on your host OS, but inside the docker container it doesn’t know what 0.0.0.0 is, so you need to target your application directly using a network address the container can see :slight_smile:


#17

Hi Martin

I don’t believe the networking is the issue. I tried to prove your point but now I am having an issue with the token because:
{
“error”: “Key has expired, please renew”
}
and I create a new key like I am showing here:

time=“2016-01-29T19:30:09Z” level=warning msg=“Tracked quota reset for key: 56aa831c27712f00010000015abc8332108942f4608c7db4ba7babe4”
time=“2016-01-29T19:30:09Z” level=info msg=“Setting key quota: quota-33d9c55b”

and the response is this one:
[email protected]:~/GIT/tyk/tyk_quickstart$ curl -H “Authorization: 56aa831c27712f00010000015abc8332108942f4608c7db4ba7babe4” http://192.168.161.113/test-api/get
{
“error”: “Key not authorised”
}


#18

That response means the key isn’t allowed to access the API you created.

It is unrelated to the network error you had earlier.

To test the proxying issue. Open a bash shell inside the docker container and try to call your API directly.

To test the authentication error (this one) then you should set your API to open so it doesn’t need a key, then when you make the request, you’ll see if your API is reachable by the proxy.


#19

Hi Martin
Thanks for your response. The networking is no an issue because I changes the tyk to point to 192.168.161.113 and the proxy error still there. Additionally, the the token is still not authorized even I create new tokens.


#20

I woul not use tokens until you solve the network issue. It conflates two problems.

So first off please confirm:

  1. That you can ping this IP from inside the docker container
  2. That this IP is reachable from outside your local host (you can curl it from inside the network)

Then set the API in Tyk to be open (keyless), so it requires no authentication.

Then when you make a request, and it errors, please share the logs of the Tyk gateway at the time of failure.