docker.recipes

Tyk API Gateway Complete Stack

advanced

Open source API gateway with dashboard, pump analytics, and Redis backend.

Overview

Tyk API Gateway is an open-source API management platform that provides enterprise-grade API gateway functionality with rate limiting, authentication, analytics, and developer portal capabilities. Originally developed to solve the complexity of managing APIs at scale, Tyk has become a popular choice for organizations needing robust API security, traffic management, and comprehensive monitoring without vendor lock-in. This complete stack deployment orchestrates seven specialized services: the core Tyk Gateway for API proxying and policy enforcement, Tyk Dashboard for management UI, Tyk Pump for analytics processing, Redis for session storage and rate limiting, MongoDB for persistent analytics data, plus Prometheus and Grafana for advanced monitoring and visualization. The architecture separates concerns effectively, with Redis handling high-speed operations like rate limiting counters while MongoDB stores detailed analytics and configuration data. This configuration is ideal for organizations implementing API-first architectures, companies migrating from commercial API management solutions, and development teams needing comprehensive API observability. The inclusion of Prometheus and Grafana transforms this from a basic API gateway into a complete API operations platform, providing deep insights into API performance, usage patterns, and system health across the entire stack.

Key Features

  • Multi-tenant API management with role-based access control through Tyk Dashboard
  • Real-time rate limiting and quota enforcement backed by Redis for sub-millisecond response times
  • Advanced analytics pipeline with Tyk Pump processing API metrics into MongoDB and Prometheus
  • OAuth 2.0, JWT, and API key authentication with pluggable authentication backends
  • API versioning and transformation capabilities with JavaScript middleware support
  • Comprehensive monitoring stack with Prometheus metrics collection and Grafana dashboards
  • Developer portal functionality for API documentation and key management
  • Hot-reload configuration changes without gateway downtime

Common Use Cases

  • 1Enterprise API gateway replacement for organizations moving away from commercial solutions like Apigee or Kong Enterprise
  • 2Microservices API management for companies implementing service mesh architectures with centralized policy enforcement
  • 3API monetization platforms requiring detailed usage analytics, billing integration, and developer self-service portals
  • 4Multi-environment API governance for organizations needing consistent rate limiting and security policies across development, staging, and production
  • 5SaaS platform API management with tenant isolation, usage tracking, and automated billing integration
  • 6Legacy system modernization projects exposing mainframe or monolithic applications through modern REST APIs
  • 7Regulatory compliance environments requiring detailed API audit trails and access logging

Prerequisites

  • Minimum 4GB RAM recommended (1GB for MongoDB, 512MB for Redis, 2GB for Tyk services, 512MB for monitoring)
  • Valid Tyk license key for dashboard functionality (community version available with limited features)
  • Docker Engine 20.10+ and Docker Compose V2 for proper health check and dependency management
  • Ports 3000, 3001, 8080, and 9090 available for dashboard, Grafana, gateway, and Prometheus respectively
  • Understanding of API management concepts including rate limiting, authentication flows, and analytics pipelines
  • Basic MongoDB and Redis administration knowledge for production troubleshooting and optimization

For development & testing. Review security settings, change default credentials, and test thoroughly before production use. See Terms

docker-compose.yml

docker-compose.yml
1services: 
2  tyk-redis: 
3    image: redis:7-alpine
4    volumes: 
5      - tyk_redis:/data
6    networks: 
7      - tyk_net
8
9  tyk-mongo: 
10    image: mongo:6
11    environment: 
12      MONGO_INITDB_ROOT_USERNAME: root
13      MONGO_INITDB_ROOT_PASSWORD: ${MONGO_PASSWORD}
14    volumes: 
15      - tyk_mongo:/data/db
16    networks: 
17      - tyk_net
18
19  tyk-gateway: 
20    image: tykio/tyk-gateway:latest
21    ports: 
22      - "8080:8080"
23    environment: 
24      - TYK_GW_SECRET=${TYK_SECRET}
25      - TYK_GW_STORAGE_HOST=tyk-redis
26      - TYK_GW_STORAGE_PORT=6379
27    volumes: 
28      - ./tyk.conf:/opt/tyk-gateway/tyk.conf
29    depends_on: 
30      - tyk-redis
31    networks: 
32      - tyk_net
33
34  tyk-dashboard: 
35    image: tykio/tyk-dashboard:latest
36    ports: 
37      - "3000:3000"
38    environment: 
39      - TYK_DB_LICENSEKEY=${TYK_LICENSE}
40      - TYK_DB_STORAGE_HOST=tyk-redis
41      - TYK_DB_STORAGE_PORT=6379
42      - TYK_DB_MONGOURL=mongodb://root:${MONGO_PASSWORD}@tyk-mongo:27017/tyk_analytics?authSource=admin
43    depends_on: 
44      - tyk-redis
45      - tyk-mongo
46      - tyk-gateway
47    networks: 
48      - tyk_net
49
50  tyk-pump: 
51    image: tykio/tyk-pump-docker-pub:latest
52    environment: 
53      - TYK_PMP_ANALYTICSSTORAGECONFIG_HOST=tyk-redis
54      - TYK_PMP_ANALYTICSSTORAGECONFIG_PORT=6379
55      - TYK_PMP_PUMPS_MONGO_META_MONGOURL=mongodb://root:${MONGO_PASSWORD}@tyk-mongo:27017/tyk_analytics?authSource=admin
56    depends_on: 
57      - tyk-redis
58      - tyk-mongo
59    networks: 
60      - tyk_net
61
62  prometheus: 
63    image: prom/prometheus:latest
64    ports: 
65      - "9090:9090"
66    volumes: 
67      - prometheus_data:/prometheus
68    networks: 
69      - tyk_net
70
71  grafana: 
72    image: grafana/grafana:latest
73    ports: 
74      - "3001:3000"
75    environment: 
76      - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
77    volumes: 
78      - grafana_data:/var/lib/grafana
79    networks: 
80      - tyk_net
81
82volumes: 
83  tyk_redis: 
84  tyk_mongo: 
85  prometheus_data: 
86  grafana_data: 
87
88networks: 
89  tyk_net:

.env Template

.env
1# Tyk API Gateway
2TYK_SECRET=secure_tyk_secret_key
3TYK_LICENSE=your_tyk_license_key
4MONGO_PASSWORD=secure_mongo_password
5GRAFANA_PASSWORD=secure_grafana_password
6
7# Gateway at http://localhost:8080
8# Dashboard at http://localhost:3000

Usage Notes

  1. 1Gateway at http://localhost:8080
  2. 2Dashboard at http://localhost:3000
  3. 3Analytics stored in MongoDB
  4. 4Rate limiting via Redis
  5. 5Requires Tyk license for dashboard

Individual Services(7 services)

Copy individual services to mix and match with your existing compose files.

tyk-redis
tyk-redis:
  image: redis:7-alpine
  volumes:
    - tyk_redis:/data
  networks:
    - tyk_net
tyk-mongo
tyk-mongo:
  image: mongo:6
  environment:
    MONGO_INITDB_ROOT_USERNAME: root
    MONGO_INITDB_ROOT_PASSWORD: ${MONGO_PASSWORD}
  volumes:
    - tyk_mongo:/data/db
  networks:
    - tyk_net
tyk-gateway
tyk-gateway:
  image: tykio/tyk-gateway:latest
  ports:
    - "8080:8080"
  environment:
    - TYK_GW_SECRET=${TYK_SECRET}
    - TYK_GW_STORAGE_HOST=tyk-redis
    - TYK_GW_STORAGE_PORT=6379
  volumes:
    - ./tyk.conf:/opt/tyk-gateway/tyk.conf
  depends_on:
    - tyk-redis
  networks:
    - tyk_net
tyk-dashboard
tyk-dashboard:
  image: tykio/tyk-dashboard:latest
  ports:
    - "3000:3000"
  environment:
    - TYK_DB_LICENSEKEY=${TYK_LICENSE}
    - TYK_DB_STORAGE_HOST=tyk-redis
    - TYK_DB_STORAGE_PORT=6379
    - TYK_DB_MONGOURL=mongodb://root:${MONGO_PASSWORD}@tyk-mongo:27017/tyk_analytics?authSource=admin
  depends_on:
    - tyk-redis
    - tyk-mongo
    - tyk-gateway
  networks:
    - tyk_net
tyk-pump
tyk-pump:
  image: tykio/tyk-pump-docker-pub:latest
  environment:
    - TYK_PMP_ANALYTICSSTORAGECONFIG_HOST=tyk-redis
    - TYK_PMP_ANALYTICSSTORAGECONFIG_PORT=6379
    - TYK_PMP_PUMPS_MONGO_META_MONGOURL=mongodb://root:${MONGO_PASSWORD}@tyk-mongo:27017/tyk_analytics?authSource=admin
  depends_on:
    - tyk-redis
    - tyk-mongo
  networks:
    - tyk_net
prometheus
prometheus:
  image: prom/prometheus:latest
  ports:
    - "9090:9090"
  volumes:
    - prometheus_data:/prometheus
  networks:
    - tyk_net
grafana
grafana:
  image: grafana/grafana:latest
  ports:
    - "3001:3000"
  environment:
    - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
  volumes:
    - grafana_data:/var/lib/grafana
  networks:
    - tyk_net

Quick Start

terminal
1# 1. Create the compose file
2cat > docker-compose.yml << 'EOF'
3services:
4  tyk-redis:
5    image: redis:7-alpine
6    volumes:
7      - tyk_redis:/data
8    networks:
9      - tyk_net
10
11  tyk-mongo:
12    image: mongo:6
13    environment:
14      MONGO_INITDB_ROOT_USERNAME: root
15      MONGO_INITDB_ROOT_PASSWORD: ${MONGO_PASSWORD}
16    volumes:
17      - tyk_mongo:/data/db
18    networks:
19      - tyk_net
20
21  tyk-gateway:
22    image: tykio/tyk-gateway:latest
23    ports:
24      - "8080:8080"
25    environment:
26      - TYK_GW_SECRET=${TYK_SECRET}
27      - TYK_GW_STORAGE_HOST=tyk-redis
28      - TYK_GW_STORAGE_PORT=6379
29    volumes:
30      - ./tyk.conf:/opt/tyk-gateway/tyk.conf
31    depends_on:
32      - tyk-redis
33    networks:
34      - tyk_net
35
36  tyk-dashboard:
37    image: tykio/tyk-dashboard:latest
38    ports:
39      - "3000:3000"
40    environment:
41      - TYK_DB_LICENSEKEY=${TYK_LICENSE}
42      - TYK_DB_STORAGE_HOST=tyk-redis
43      - TYK_DB_STORAGE_PORT=6379
44      - TYK_DB_MONGOURL=mongodb://root:${MONGO_PASSWORD}@tyk-mongo:27017/tyk_analytics?authSource=admin
45    depends_on:
46      - tyk-redis
47      - tyk-mongo
48      - tyk-gateway
49    networks:
50      - tyk_net
51
52  tyk-pump:
53    image: tykio/tyk-pump-docker-pub:latest
54    environment:
55      - TYK_PMP_ANALYTICSSTORAGECONFIG_HOST=tyk-redis
56      - TYK_PMP_ANALYTICSSTORAGECONFIG_PORT=6379
57      - TYK_PMP_PUMPS_MONGO_META_MONGOURL=mongodb://root:${MONGO_PASSWORD}@tyk-mongo:27017/tyk_analytics?authSource=admin
58    depends_on:
59      - tyk-redis
60      - tyk-mongo
61    networks:
62      - tyk_net
63
64  prometheus:
65    image: prom/prometheus:latest
66    ports:
67      - "9090:9090"
68    volumes:
69      - prometheus_data:/prometheus
70    networks:
71      - tyk_net
72
73  grafana:
74    image: grafana/grafana:latest
75    ports:
76      - "3001:3000"
77    environment:
78      - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
79    volumes:
80      - grafana_data:/var/lib/grafana
81    networks:
82      - tyk_net
83
84volumes:
85  tyk_redis:
86  tyk_mongo:
87  prometheus_data:
88  grafana_data:
89
90networks:
91  tyk_net:
92EOF
93
94# 2. Create the .env file
95cat > .env << 'EOF'
96# Tyk API Gateway
97TYK_SECRET=secure_tyk_secret_key
98TYK_LICENSE=your_tyk_license_key
99MONGO_PASSWORD=secure_mongo_password
100GRAFANA_PASSWORD=secure_grafana_password
101
102# Gateway at http://localhost:8080
103# Dashboard at http://localhost:3000
104EOF
105
106# 3. Start the services
107docker compose up -d
108
109# 4. View logs
110docker compose logs -f

One-Liner

Run this command to download and set up the recipe in one step:

terminal
1curl -fsSL https://docker.recipes/api/recipes/tyk-api-gateway/run | bash

Troubleshooting

  • tyk-dashboard fails to start with license errors: Verify TYK_LICENSE environment variable contains valid license key and check Tyk account status
  • tyk-gateway returns 503 errors: Check tyk-redis connectivity and ensure Redis is accepting connections on port 6379 within tyk_net network
  • MongoDB connection refused in tyk-pump logs: Verify MONGO_PASSWORD environment variable matches between tyk-mongo and dependent services, check MongoDB authentication
  • Grafana dashboard shows no data: Confirm Prometheus is scraping Tyk Gateway metrics endpoint and verify prometheus_data volume has proper write permissions
  • API policies not applying: Ensure tyk.conf configuration file is properly mounted and tyk-gateway has reloaded configuration after policy changes
  • High memory usage in tyk-pump: Tune analytics processing batch sizes and consider implementing data retention policies in MongoDB tyk_analytics collection

Community Notes

Loading...
Loading notes...

Download Recipe Kit

Get all files in a ready-to-deploy package

Includes docker-compose.yml, .env template, README, and license

Components

tyk-gatewaytyk-dashboardtyk-pumpredismongodb

Tags

#tyk#api-gateway#analytics#rate-limiting#oauth

Category

DevOps & CI/CD

Related Recipes

Ad Space