Skip to main content

Deployment Environment

The Envoy deployment environment can be configured with the options defined in the following table before OPA installation. If the deployment environment is configured after the OPA installation, it is not configured.

Communicate with gRPC over HTTPUses gRPC over HTTP on port 9191 for Envoy and OPA communication.
OPA gRPC HTTP AddressThe address and port used when Envoy connects to OPA with gRPC over HTTP.
OPA gRPC Listen AddressThe address and port OPA listens on for gRPC communication over HTTP.
Set Envoy to Dry Run modeConfigures the Envoy server to unconditionally return an OK status.
Enable gRPC server reflectionEnables gRPC server reflection on the Envoy External Authorization gRPC server.
Protocol Buffers Descriptors PathSets the path to a protocol buffer to enables the capability to decode the raw body to the parsed body.
Envoy Max Receive Message SizeSets the maximum message size in bytes the gRPC server can receive.
Envoy Max Send Message SizeSet the maximum message size in bytes the gRPC server can send.
Decision labelsUsed to configure decision labels.
OPA persistent bundlesConfigures bundles to persist in OPA.
OPA bundle polling frequencySpecifies how often the OPA bundle is polled.
Print decisions in OPA consoleSpecifies if decisions are printed in the OPA console.
Limited based on fair use policyBased on licensing policy
Minimum memory for OPASpecifies the minimum memory allocation for OPA.
Minimum CPU for OPASpecifies the minimum CPU allocation for OPA.
Maximum memory for OPASpecifies the maximum memory for OPA.
Maximum CPU for OPASpecifies the maximum number of CPUs allocated for OPA.
Trusted certificate authorityConfigures a trusted CA certificates in PEM format.