Run in docker compose
Running Topaz in docker compose is a great way to get started quickly. It can be a useful as development environment for testing policies locally.
Clone the repo
A sample docker-compose.yaml is included in the topaz repo. Clone the repo to try it out.
git clone https://github.com/aserto-dev/topaz.git topaz
Start docker compose
Install Docker Desktop from https://www.docker.com/, then start up topaz containers with:
cd topaz/docs/deployments/docker-compose
docker compose up
Within a minute or so you should see the topaz services and the web console start up:
topaz | 5:20PM INF runtime is ready component=runtime instance-id=-
topaz | 5:20PM INF Starting 0.0.0.0:9292 GRPC server component=service-manager
topaz | 5:20PM INF Starting 0.0.0.0:8081 GRPC server component=service-manager
topaz | 5:20PM INF Starting 0.0.0.0:9393 Gateway server component=service-manager
topaz | 5:20PM INF Starting 0.0.0.0:8080 Gateway server component=service-manager
topaz | 5:20PM INF 0.0.0.0:8282 waiting for 0.0.0.0:9292 component=service-manager
topaz | 5:20PM INF Starting 0.0.0.0:8282 GRPC server component=service-manager
topaz | 5:20PM INF Starting 0.0.0.0:8383 Gateway server component=service-manager
Browse to the console
In a web browser, visit https://localhost:8080/ui/directory/model to access the web console.
Load sample directory data
To load sample data, copy files from the topaz repo into the mounted /data directory so that the topaz container will have access to them.
cd topaz/docs/deployments/docker-compose
mkdir data
cp ../../../assets/citadel/citadel_objects.json data/
cp ../../../assets/citadel/citadel_relations.json data/
cp ../../../assets/todo/manifest.yaml data/
cp ../../../assets/todo/todo_objects.json data/
cp ../../../assets/todo/todo_relations.json data/
While topaz is running, from another terminal invoke the topaz CLI inside the running container to import the sample manifest and data into the topaz edge directory.
cd topaz/docs/deployments/docker-compose
docker compose exec topaz ./topaz directory set manifest --no-check -i /data/manifest.yaml
docker compose exec topaz ./topaz directory import --no-check -i -H localhost:9292 -d /data
A successful directory import should produce this output:
>>> set manifest from /data/manifest.yaml
>>> importing data from /data
object types skipped
permissions skipped
relation types skipped
objects 20
relations 23
You can browse to the directory console to visualize the sample objects: https://localhost:8080/ui/directory/model