Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for offline recovery by saving and reading bundles from disk #2097

Closed
tsandall opened this issue Feb 11, 2020 · 2 comments · Fixed by #2702
Closed

Add support for offline recovery by saving and reading bundles from disk #2097

tsandall opened this issue Feb 11, 2020 · 2 comments · Fixed by #2702

Comments

@tsandall
Copy link
Member

tsandall commented Feb 11, 2020
edited
Loading

OPA does not currently save downloaded bundles to disk. This means that if OPA restarts and is unable to connect to a bundle server it will be unable to serve policy decisions until the bundle server is reachable.

To better support offline recovery, OPA could be extended to save activated bundles to disk. If OPA restarts after saving a bundle to disk it can read the bundle from disk and use it until it's able to download the latest version from the bundle server.

Misc. thoughts:

  • The status API should report errors that occur while saving bundles to disk
  • The bundle persistence option should be optional and off-by-default initially
@WeiZhang555
Copy link

For server mode, I see that if I put new rego policy or data into OPA daemon via RESTful API, the policy and data won't be saved to disk, this also means the policy and data will be lost once I restart the OPA server.

Do you have plan to fix this too?

@tsandall
Copy link
Member Author

@WeiZhang555 we don't have any immediate plans to add support for persistence in OPA itself. If you build OPA from source, you can replace the in-memory store with your own implementation.

@ashutosh-narkar ashutosh-narkar mentioned this issue Sep 16, 2020
Merged
ashutosh-narkar added a commit to ashutosh-narkar/opa that referenced this issue Sep 30, 2020
@ashutosh-narkar
plugins/bundle: Support for saving and reading bundles from disk
a933011 
This commit adds support to persist and load bundles from disk.
A new field is introduced in OPA's bundle configuration that can
be optionally set to enable OPA to write and read bundles from disk.
This feature will allow OPA to serve policy decisions in scenarios
such as OPA being unable to communicate with the bundle server.

Fixes open-policy-agent#2097

Signed-off-by: Ashutosh Narkar <anarkar4387@gmail.com>
ashutosh-narkar added a commit that referenced this issue Sep 30, 2020
@ashutosh-narkar
plugins/bundle: Support for saving and reading bundles from disk
5a79a45 
This commit adds support to persist and load bundles from disk.
A new field is introduced in OPA's bundle configuration that can
be optionally set to enable OPA to write and read bundles from disk.
This feature will allow OPA to serve policy decisions in scenarios
such as OPA being unable to communicate with the bundle server.

Fixes #2097

Signed-off-by: Ashutosh Narkar <anarkar4387@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Open Policy Agent
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

plugins/bundle: Support for saving and reading bundles from disk ashutosh-narkar/opa
2 participants
@tsandall @WeiZhang555