Comments (5)
Hi @sargun!
At this point, OPA does not replicate the built-in data store. It's something we're thinking about, but we haven't gotten around to yet.
That being said, we're actively working on support for custom/pluggable storage backends (#91). This would allow anyone to write their own storage backend, e.g., using an external/replicated service like etcd.
Could you provide any more details on your use case? It could help shape things going forward.
from opa.
My use case at least is to be able to run this as a docker
1.12 service
and have > 1 replicas for the service
.
Would it be safe enough to implement a DFS between instances and round robin requests to them?
from opa.
Maybe this should turn into a doc on http://www.openpolicyagent.org/documentation/what-is-policy-enablement/ that is titled something like "HA Server Setup" or something like this so people can just follow and setup.
from opa.
@hekaldama at this time, OPA does not support an HA-mode like you described. HA support is still being planned but it's hard to get right and we haven't had time yet.
That being said, if you want to run N replicas of OPA, you're free to distribute data and policies to them as needed. This approach puts more burden on you but also means that OPA can be colocated with the service(s) that it policy enables. Colocating OPA with the service(s) means you don't have to worry about partial failures or the network (to some extent).
Thanks for your interest!
from opa.
Closing this ticket for now. Built-in HA support will likely come from an etcd (or other replicated store) backend. Another promising alternative is to rely on persistence from features like ThirdPartyResources in Kubernetes.
from opa.
Related Issues (20)
- Make http.send accept any json variant as application/json HOT 6
- `deps` command has poor memory footprint
- OPA / blog HOT 1
- Make http headers available in the decision-log HOT 4
- I am making an api call in opa policy and when api throws an error or exception I need a way to track those errors in the console logs. Is there a way to customize decision logs and logs those errors with log level as error and also let's say I am middle of policy validation and one of the header is missing or some field is invalid I want to log such thing as error. So that when I look into container logs I should able to figure it out why opa allow decision is false HOT 1
- Extend `test` command to allow filtering package / file / test
- discovery: default decision not picked up HOT 1
- Add possibility to enrich decision logs from custom builtins
- rego.v1 import does not enable future keywords in query compiler
- Tests on the main branch fail HOT 3
- Bundle discovery issue when roots contains a space character
- Allow returning errors in HTTPTracingService HOT 5
- Flag to fail OPA runtime if some of the bundle was not found HOT 3
- Incorrect error message when keywords are used on the LHS of comprehensions
- object.subset method does not evaluate correctly for all subset permutations HOT 3
- A pre built binary for darwin/amd64 wasn't released at v0.64.0 HOT 3
- Support EKS Pod Identities for Signing S3 Bundle Requests HOT 1
- Arrays are not explained in the language description HOT 3
- [Documentation] No documentation for metric definitions HOT 1
- fmt: respect one-liner `if` expressions even when an `else` is present
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from opa.