OPAL is an administration layer for Open Policy Agent (OPA), detecting changes to both policy and policy data in realtime and pushing live updates to your agents.
Check out OPAL's main site at OPAL.ac.
This image is the OPAL Server.
We have 3 image variants of OPAL:
| Tag | Description |
permitio/opal-server:<version> | This image. Synchronizes the OPAL clients with up-to-date policy and data by pushing updates via a Pub/Sub channel over websockets. |
permitio/opal-client:<version> | Keeps the OPA agent cache up to date with realtime updates pushed from the OPAL server. Can selectively subscribe to specific topics of policy code (rego) and policy data. Comes prebuilt with an OPA agent inside the image. |
permitio/opal-client-standalone:<version> |
Same as OPAL Client, but this image does not come with OPA installed. Pick this image instead of opal-client if you prefer to deploy OPA separately in its own container.
|
OPAL server require several environment variables that determine its configuration.
Check out the step-by-step guide how to set these environment variables correctly.
docker run -it \
--env OPAL_BROADCAST_URI \
--env UVICORN_NUM_WORKERS \
--env OPAL_POLICY_REPO_URL \
--env OPAL_POLICY_REPO_WEBHOOK_SECRET \
--env OPAL_DATA_CONFIG_SOURCES \
--env OPAL_AUTH_PRIVATE_KEY \
--env OPAL_AUTH_PUBLIC_KEY \
--env OPAL_AUTH_MASTER_TOKEN \
-p 7002:7002 \
permitio/opal-server
Content type
Image
Digest
sha256:f46024f16…
Size
80.4 MB
Last updated
about 1 month ago
Requires Docker Desktop 4.37.1 or later.