Sunday, May 29, 2016

The Road to Atlanta

Emory University School of Medicine, Psychology Building.
I made it a habit of writing about how I ended up living in different cities. However, due to relatively busier schedule, I could not write about my road to Atlanta, despite reaching here on the 10th of March, 2016, to work in Emory University School of Medicine. An internship is mandatory for my PhD, and I am happy that I joined Emory for this. The past 3 months were full of travels, due to various conferences. Since I am still mostly Europe/Portugal-based, this year, so far I have had 4 intercontinental travels. In fact, I am typing this blog post, while waiting for my flight to Lisboa, at the Atlanta airport. I will be in Lisboa and Costa da Caparica for one-week to attend EMJD-DC Summer Event.

I have lived in Portugal for almost 4 years, and it has become a second home to me. Despite not knowing the language well, still the familiarity and sense of home when I return there. It has been almost 3 months away. However, I should also mention that we are enjoying Atlanta even more - specially the current weather, my regular daily work-and-life schedule, and the food. :)

Friday, May 20, 2016

Tyk with Apache Directory Studio

So I was getting all sort of weird errors due to mismatch in the dn. Then we decided to switch to Apache Directory Studio from OpenLDAP, as it is more user-friendly. Finally, I got Tyk configured with LDAP, thanks to Apache Directory Studio.


First, I had to configure the profiles.json of Tyk.
[{
    "ActionType": "GenerateOrLoginUserProfile",
    "ID": "4",
    "OrgID": "573cb5c7a57xxxdeb1f78000001",
    "ProviderConfig": {
        "FailureRedirect": "http://dashboard.tyk-local.com:3000/?fail=true",
        "LDAPAttributes": [],
        "LDAPPort": "10389",
        "LDAPServer": "localhost",
        "LDAPUserDN": "cn=*USERNAME*,ou=people,dc=sharmalab,dc=bmi,dc=emory,dc=edu"
    },
    "ProviderName": "ADProvider",
    "ReturnURL": "http://dashboard.tyk-local.com:3000/tap",
    "Type": "passthrough"
}
]

and also tib.conf, reflecting the ports and all.
{
    "Secret": "934893845123491xxx238192381486djfhr87234827348",
    "HttpServerOptions": {
        "UseSSL": false,     
        "CertFile": "./certs/server.pem",
        "KeyFile": "./certs/server.key"
    },
    "BackEnd": {
        "Name": "in_memory",
        "ProfileBackendSettings": {},
        "IdentityBackendSettings": {
            "Hosts" : {
                "localhost": "6379"
            },
            "Password": "",
            "Database": 0,
            "EnableCluster": false,
            "MaxIdle": 1000,
            "MaxActive": 2000
        }
    },
    "TykAPISettings": {
        "GatewayConfig": {
            "Endpoint": "http://dashboard.tyk-local.com",
            "Port": "8080",
            "AdminSecret": "54321"
        },
        "DashboardConfig": {
            "Endpoint": "http://dashboard.tyk-local.com",
            "Port": "3000",
            "AdminSecret": "12345"
        }
    }
}

Finally, I was able to send a POST request to http://localhost:3010/auth/4/ldap?username=pradeeban&password=34%$%$4w33

INFO[0008] [AD AUTH] User bind successful: pradeeban   
INFO[0008] [TYK ID HANDLER] Creating identity for: {map[] ADProvider pradeeban@ADProvider    pradeeban    }

Wednesday, May 18, 2016

Configuring Tyk with the Identity Broker in Ubuntu 14.04 LTS

Tyk Dashboard
For the past couple of days, I have been evaluating Tyk with the Identity Broker in Ubuntu. Thanks Martin for helping me in a series of on-going discussion threads, I have managed to make most of it working. This post is a live document. ;)


Add to /etc/hosts file:
127.0.0.1 dashboard.tyk-local.com
127.0.0.1 portal.tyk-local.com

Configure Tyk Gateway
sudo /opt/tyk-gateway/install/setup.sh --dashboard=http://dashboard.tyk-local.com:3000 --listenport=8080 --redishost=localhost --redisport=6379 --domain=""


Configure Tyk Dashboard
sudo /opt/tyk-dashboard/install/setup.sh --listenport=3000 --redishost=localhost --redisport=6379 --mongo=mongodb://127.0.0.1/tyk_analytics --tyk_api_hostname=127.0.0.1 --tyk_node_hostname=http://127.0.0.1 --tyk_node_port=8080 --portal_root=/portal --domain="dashboard.tyk-local.com"


Configure Tyk Pump
sudo /opt/tyk-pump/install/setup.sh --redishost=localhost --redisport=6379 --mongo=mongodb://127.0.0.1/tyk_analytics


sudo service tyk-pump start
sudo service tyk-dashboard start

http://dashboard.tyk-local.com:3000/

Add the license in the prompt.

sudo service tyk-dashboard restart
sudo service tyk-gateway start

sudo /opt/tyk-dashboard/install/bootstrap.sh dashboard.tyk-local.com

Now you are good to start Tyk.

However, to enable TIB, you need to do some more steps.

In /opt/tyk-dashboard/tyk_analytics.conf

    "identity_broker": {
        "enabled": true,
        "host": {
            "connection_string": "http://localhost:3010",
            "secret": "934893845123491238192381486djfhr87234827348"
        }
    },

Make sure the shared secrets match in tyk-analytics.conf and tib.conf of tib.
https://tyk.io/docs/tyk-dashboard-v1-0/configuration/

Now restart everything.
sudo service tyk-pump stop
sudo service tyk-dashboard stop
sudo service tyk-gateway stop

sudo service tyk-pump start
sudo service tyk-dashboard start
sudo service tyk-gateway start

Start TIB
cd /home/pradeeban/programs/tib-v0.1
./tib


Find the logs.
sudo tail -f /var/log/upstart/tyk-dashboard.log
sudo tail -f /var/log/upstart/tyk-gateway.log
sudo tail -f /var/log/upstart/tyk-pump.log

Thursday, May 12, 2016

Configuring Kong with Cassandra

Install Kong

Install Cassandra

You may need to install Cassandra Driver

pip install --pre cassandra-driver

pip install --pre --upgrade cassandra-driver


Kong does not work with apache-cassandra-3.x as of now.

root@llovizna:/usr/bin# kong start
[INFO] kong 0.8.1
[INFO] Using configuration: /etc/kong/kong.yml
[INFO] Setting working directory to /usr/local/kong
[INFO] database...........cassandra contact_points=127.0.0.1:9042 data_centers= ssl=verify=false enabled=false port=9042 timeout=5000 replication_strategy=SimpleStrategy keyspace=kong replication_factor=1 consistency=ONE
[INFO] Leaving cluster..
[ERR] [Invalid] unconfigured table schema_keyspaces
[ERR] Could not start Kong


It does work well with
apache-cassandra-2.2.6

Install and start the kong-dashboard for an interactive GUI.
npm start

Installing Kong from Source on Ubuntu

root@llovizna:/home/pradeeban/programs/kong# make install
/bin/sh: 4: luarocks: not found
make: *** [install] Error 127

root@llovizna:/home/pradeeban/programs/kong# apt-get install luarocks


make install again.

Error: Failed installing dependency: http://luarocks.org/repositories/rocks/lrexlib-pcre-2.7.2-1.src.rock - Could not find expected file pcre.h for PCRE -- you may have to install PCRE in your system and/or pass PCRE_DIR or PCRE_INCDIR to the luarocks command. Example: luarocks install lrexlib-pcre PCRE_DIR=/usr/local
make: *** [install] Error 1

apt-get install libpcre3 libpcre3-dev

Missing dependencies for kong:
lua_uuid ~> 0.2.0-2
..
gcc -O2 -fPIC -I/usr/include/lua5.1 -c lua_uuid.c -o lua_uuid.o
lua_uuid.c:9:23: fatal error: uuid/uuid.h: No such file or directory
 #include
                       ^
compilation terminated.

Error: Failed installing dependency: http://luarocks.org/repositories/rocks/lua_uuid-0.2.0-2.rockspec - Build error: Failed compiling object lua_uuid.o
make: *** [install] Error 1


apt-get install uuid-dev

Now
make install
again, which is successful.

When running make dev.
/usr/bin/env: luajit: No such file or directory
make: *** [dev] Error 127

apt-get install luajit

Modify the
kong/kong.yml
accordingly to configure the Kong execution.