Skip to main content

Overview

The following section provides an overview of the Styra Self-Hosted DAS Installation Guide, Styra DAS, Styra DAS architecture, and the microservices used with Styra DAS.

Document Overview and Audience

The Self-Hosted Styra DAS Installation Guide contains information on configuring and installing Styra DAS on a wide selection of cloud infrastructure providers. The contents of the Infrastructure Configuration and the Cloud Agnostic Infrastructure sections are not, however, meant to be a comprehensive guide to cloud infrastructure. The infrastructure sections of this document are intended to provide guidance specific to configuring and instantiating infrastructure for use with Styra DAS. Accordingly, this document assumes the customer is familiar with managing their own infrastructure and defers to provider-specific documentation wherever possible.

note

Styra DAS can also run on self-managed or non-cloud infrastructure. Such setups, however, tend to require customized support and compatibility patterns. If you cannot utilize any of the providers described in this document, we recommend working with Styra’s Sales and Solutions Architecture teams to determine the best method of deploying Styra DAS on your infrastructure.

Styra DAS Microservices​

The following table describes the Styra DAS microservices used in Self-Hosted Styra DAS.

Styra DAS MicroserviceStyra Description
activityProvides user activity log APIs.
agentbundleResponsible for /v1/bundles API and ad-hoc bundle compilation when bundle registry is disabled.
agentloaderLoads decision logs from OPA to Elasticsearch for indexing.
agentstatusAPIs for OPAs to send status updates and decision logs.
agentstatusstoreCaches OPA status updates for quick retrieval.
analysis-apiAPIs to search decision logs.
blueprintsRequired to enable mock-opa sandbox environments.
bundleregistryBuilds and serves bundles from the bundle registry.
coordinatorShards work across service replicas.
datasourcesExecutes Data Sources that require pulling data.
elasticsearchSearch engine for decision logs.
environment-configuratorManages storage resources for the environment.
fetchdbConfiguration management APIs.
gatewayAPI gateway. All API requests are routed through the gateway. It enforces authentication and authorization and records user activity.
gateway-secondaryOptional second API gateway.
inspectorOptional telemetry reporting service.
job-bundlesKubernetes Job service for building bundle registry bundles.
job-complianceKubernetes Job service for compliance violation checks.
logreplayAPIs to assess the impact of a policy change on previous decisions.
metrics-exporterEnables the monitoring integrations described in Monitoring Integrations.
mock-opaDecision mocking for sandbox environments.
policiesAPIs for policy management.
postgresPostgreSQL for all internal, persisted states.
stacksStack configuration and management APIs.
systemsSystem configuration and management APIs, OPA configuration bundle APIs used for discovery.
tenantsConfigures and manages the tenant's internal state.
timeseriesComputes metrics over decision log APIs
uiServes HTML and JavaScript for the Styra DAS UI.
webEnables distributed in-memory storage for horizontal communication between service instances, data sharing, and event notifications.

Important Microservice Information

  • The coordinator service cannot be vertically scaled. The work it performs cannot be split, and it must remain as one pod.
  • Every microservice registers itself with the coordinator pod. If a microservice comes up before coordinator it will error and restart until coordinator is up. The error message is similar to failed to start <link> not found: member <member_id> is unknown