Installing and configuring Tengri

Operating Systems

Installation from DEB packages is supported for the following operating systems:

  • Debian 13 (Trixie)

  • Ubuntu 22.04 LTS (Jammy Jellyfish)

Open ports

Ports must be open for installation:

  • 5433 — client connections (ODBC/JDBC, PostgreSQL)

  • 3000 — web UI

  • 3001-3004 — WebSocket connections

  • 3005 — Iceberg REST API

  • 9002 — S3 API

  • 9591 — OpenTelemetry metrics

For cluster configuration only:

  • 2379 — cluster coordination

  • 57776 — RPC (inter-node communication)

Tengri installation

To install Tengri in single-machine configuration:

  1. Get the archive with the necessary files and unpack it:

    tar xf example_client.tar.gz
cd example_client
    example_client
├── client.crt
├── client.key
├── install.sh
└── license.txt

  2. Run the script to install the certificate, configuration file, and APT repository:

    sudo ./install.sh

  3. Install the packages:

    1. Only Tengri

      sudo apt install tengri

    2. Tengri with local S3 (MinIO)

      sudo apt install tengri tengri-minio

  • Once installed, Tengri will be ready to run on the 3000 port.
    The default login and password are admin / admin.

  • The tengri-minio package will install local MinIO with default settings. See MinIO documentation for further configuration details.

Tengri installation in cluster configuration

Tengri uses a distributed architecture with two main components:

  • Endpoints — SQL-server instances that clients connect to

  • Agents — compute wokers that execute queries

All nodes automatically discover each other via etcd — a distributed coordination service.

Preliminary requirements

  • Minimum 3 servers (on Debian 13 Trixie or Ubuntu 22.04 LTS Jammy Jellyfish)

  • Network connectivity between all servers

  • Open ports

Step 1: Install Tengri on each server

On each server in your cluster, run:

apt install tengri

This command will install all the required components.

Step 2: Configuring each node

Edit /etc/tengri/config.env:

export TNGRI_ADVERTISE_RPC_HOST="<THIS_SERVER_IP>"
export TNGRI_REMOTE_SESSIONS=true

Step 3: Launching Tengri services

On each server, start both services:

systemctl enable tengri-endpoint
systemctl enable tengri-agent
systemctl start tengri-endpoint
systemctl start tengri-agent

Once started, the nodes automatically:

  1. Register with etcd

  2. Discover other Endpoints and agents

  3. Establish RPC connections for distributed query execution

Step 4: Access the admin panel

Open a browser and navigate to the admin interface of any Endpoint:

http://<ANY_ENDPOINT_IP>:3000/admin

Cluster tab

For each server, create its description in the cluster:

  • Click "New Endpoint"

  • Enter the parameters: address and RPC port, if different

  • Click "Done"

After that, the indicators of all servers should turn green, which means that the cluster is up and running.

In the Cluster tab you can view:

  • All registered Endpoints with their RPC addresses

  • All registered agents with their RAM allocation

  • Status of connections between nodes

Step 5: Verify the cluster

From any Endpoint, run:

SHOW ENDPOINTS;
SHOW AGENTS;
SHOW WORKER POOLS;

You will see all your servers listed. Clients can connect to any Endpoint — requests are automatically distributed to all agents in the cluster.

Done! Your Tengri cluster is now running on multiple servers with automatic load balancing.

Troubleshooting

Nodes are not detecting each other:

  • Check that etcd is running: etcdctl endpoint health.

  • Check the firewall rules for ports 2379 and 57776

  • Check that advertise_rpc_host points to an available IP (not localhost)

View cluster status directly:

etcdctl get --prefix /tengri/

Configuration settings

  • Additional configuration settings for Tengri can be specified in the /etc/tengri/tengri/tengri.conf file (by default, there is no file).

    Full list of possible settings in the tengri.conf file 
    # TNGRi configuration parameters

# =========
# Licencing
# =========
#
TNGRI_LICENSE_FILE=/opt/tengri/license.txt

# ===========================
# S3 configuration parameters
# ===========================
#
#
# Access key id and secret key of user that will connect to S3
# rename SECRET_ACCESS_KEY to SECRET_KEY
TNGRI_S3_ACCESS_KEY_ID=minioadmin
TNGRI_S3_SECRET_ACCESS_KEY=minioadmin
#
# Region to send to S3 server. Generally you don't need to change that, just make
# sure that target S3 has this same region
TNGRI_S3_REGION=eu-central-1
TNGRI_S3_DEFAULT_REGION=eu-central-1
#
# API endpoint URL for target S3. Must be in FQDN form
#     TNGRI_S3_ENDPOINT_URL=http://example.com
TNGRI_S3_ENDPOINT_URL=http://127.0.0.1:9002
#
# Bucket name to use. Must exist before start, so make sure that it exists and
# has full access rights for this bucket. Must be in full form, i.e.
#     TNGRI_S3_BUCKET_NAME=s3://example:9000
TNGRI_S3_BUCKET_NAME=prostore

# =======================
# TNGRi server parameters
# =======================
#
#
# Iceberg catlog path in S3 bucket
TNGRI_WAREHOUSE_PATH=s3://prostore/iceberg/
#
# Name for the default schema in TNGRi.
TNGRI_DEFAULT_SCHEMA=public
#
# URI for catalog endpoint. Must be either PostgreSQL or SQLite connection string, i.e.
#     TNGRI_CATALOG_URI=postgresql://user:password@example.com/database
TNGRI_CATALOG_URI=postgresql://prostore:prostore@127.0.0.1:5432/prostore
#
# Path to writable directory where cached files will be placed.
#
# WARNING: Should be placed on SSD storage. Tngri uses aggressive caching strategies
# to reduce S3 load
#
TNGRI_CACHE_DIR=/var/lib/tengri/cache
#
# Path to writable directory where python kernels will be stored.
TNGRI_KERNEL_DIR=/var/lib/tengri/kernels
#
# If set to false then no agent is required to process queries.
# Must be true for production environments
TNGRI_REMOTE_SESSIONS=true
#
# Set to true for more log output
TNGRI_DEBUG=false
#
# Host to bind main server to
TNGRI_HOST=0.0.0.0
#
# Port to bind PostgreSQL protocol implementation to
TNGRI_PORT=5433
#
# Host to bind RPC server for communication between agent and server
TNGRI_RPC_HOST=0.0.0.0
#
# Port to bind RPC server for communication between agent and server
TNGRI_RPC_PORT=57776

# =============================
# Web application configuration
# =============================
#
#
# SSL configuration. If set then Web communication will be done over SSL, otherwise
# it will be plaintext.
#
# Path to SSL key.
# TNGRI_SSL_KEY=
#
# Path to SSL certificate file.
# TNGRI_SSL_CERT=
#
# Enables TNGRi web app.
TNGRI_ENABLE_WEBSOCKET=true
#
# Path to static files for web app.
TNGRI_WEBAPP_DIR=/usr/share/tengri-web
#
# Host to bind HTTP server to
TNGRI_WEBAPP_HOST=0.0.0.0
#
# Port to bind HTTP server to
TNGRI_WEBAPP_PORT=3000
#
# Host to bind Websocket server to. It is used extensively by webapp and python clients
TNGRI_WEBSOCKET_HOST=0.0.0.0
#
# Port to bind Websocket server to
TNGRI_WEBSOCKET_PORT=3001
#
# Host to bind PyLSP server to. It is used by webapp to provide code completion
TNGRI_PYLSP_HOST=0.0.0.0
#
# Port to bind PyLSP server to
TNGRI_PYLSP_PORT=3003
#
# Host to bind CRUD. Used by webapp to send messages in chats, manage scheduled
# notebooks and manage external catalogs
TNGRI_CRUD_HOST=0.0.0.0
#
# Port to bind CRUD to
TNGRI_CRUD_PORT=3004

# ============================
# TNGRi services configuration
# ============================
#
# Enable TNGRi's Iceberg REST catalog API provider
TNGRI_ENABLE_REST_CATALOG=true

# Host to bind REST catalog server to
TNGRI_REST_CATALOG_HOST=0.0.0.0

# Port to bind REST catalog to
TNGRI_REST_CATALOG_PORT=3005

# Enable compaction daemon
TNGRI_ENABLE_COMPACTION=true

# Enable notebook CRON daemon
TNGRI_ENABLE_CRON=true

# ============================
# TNGRi deployment information
# ============================
#
# Needed for external clients to connect to TNGRi services. For example, python clients
# connecting from user's local machines. Set these to the values that point to this
# installation, for example, if using reverse proxy for HTTP or Postgres protocol.
#
# Change the name of site deployment
# TNGRI_SITE_NAME=tngri
#
# Websocket address to connect to. Must be in FQDN form, i.e.
#     TNGRI_SITE_WS_ADDR=ws://example.com:3001
TNGRI_SITE_WS_ADDR=ws://0.0.0.0:3001
#
# Postgres protocol address to connect to, i.e.
#     TNGRI_SITE_PSQL_ADDR=example.com:5433
# TNGRI_SITE_PSQL_ADDR=
#
# S3 address to connect to. Must be in FQDN form, i.e.
#     TNGRI_SITE_S3_ADDR=http://example.com:9000
# TNGRI_SITE_S3_ADDR=
#
# S3 access key for public usage (Stage only)
# TNGRI_SITE_PUBLIC_LOADER_ACCESS_KEY=public_loader
#
# S3 secret key for public usage (Stage only)
# TNGRI_SITE_PUBLIC_LOADER_SECRET_KEY=public_loader
#

  • Additional MinIO configuration settings can be specified in the /etc/default/tengri-minio file according to MinIO documentation.

    After updating the MinIO configuration file, it is necessary to execute:

    sudo systemctl daemon-reload
sudo systemctl restart minio

Resetting the administrator password

In case you have lost access to the administrator password, you can reset it.

To do this, run the command on the server where the package was installed:

sudo -u tengri bash -c 'export $(egrep -v "^#|^$|.*#" /var/lib/tengri/tengri.defaults | xargs); prostore reset-admin-password'

After that the current administrator password will be reset and the new automatically generated password will be shown in the output log.