Deployment Environment
The Envoy deployment environment can be configured with the options defined in the following table before OPA installation. If the deployment environment is configured after the OPA installation, it is not configured.
| Option | Description |
|---|---|
| Communicate with gRPC over HTTP | Uses gRPC over HTTP on port 9191 for Envoy and OPA communication. |
| OPA gRPC HTTP Address | The address and port used when Envoy connects to OPA with gRPC over HTTP. |
| OPA gRPC Listen Address | The address and port OPA listens on for gRPC communication over HTTP. |
| Set Envoy to Dry Run mode | Configures the Envoy server to unconditionally return an OK status. |
| Enable gRPC server reflection | Enables gRPC server reflection on the Envoy External Authorization gRPC server. |
| Protocol Buffers Descriptors Path | Sets the path to a protocol buffer to enables the capability to decode the raw body to the parsed body. |
| Envoy Max Receive Message Size | Sets the maximum message size in bytes the gRPC server can receive. |
| Envoy Max Send Message Size | Set the maximum message size in bytes the gRPC server can send. |
| Decision labels | Used to configure decision labels. |
| OPA persistent bundles | Configures bundles to persist in OPA. |
| OPA bundle polling frequency | Specifies how often the OPA bundle is polled. |
| Print decisions in OPA console | Specifies if decisions are printed in the OPA console. |
| Limited based on fair use policy | Based on licensing policy |
| Minimum memory for OPA | Specifies the minimum memory allocation for OPA. |
| Minimum CPU for OPA | Specifies the minimum CPU allocation for OPA. |
| Maximum memory for OPA | Specifies the maximum memory for OPA. |
| Maximum CPU for OPA | Specifies the maximum number of CPUs allocated for OPA. |
| Trusted certificate authority | Configures a trusted CA certificates in PEM format. |