Skip to main content

Run in docker compose

Running Topaz in docker compose is a great way to get started quickly. It can be a useful as development environment for testing policies locally.

Clone the repo

A sample docker-compose.yaml is included in the topaz repo. Clone the repo to try it out.

git clone https://github.com/aserto-dev/topaz.git topaz

Start docker compose

Install Docker Desktop from https://www.docker.com/, then start up topaz containers with:

cd topaz/docs/deployments/docker-compose
docker compose up

Within a minute or so you should see the topaz services and the web console start up:

topaz  | 5:20PM INF runtime is ready component=runtime instance-id=-
topaz  | 5:20PM INF Starting 0.0.0.0:9292 GRPC server component=service-manager
topaz  | 5:20PM INF Starting 0.0.0.0:8081 GRPC server component=service-manager
topaz  | 5:20PM INF Starting 0.0.0.0:9393 Gateway server component=service-manager
topaz  | 5:20PM INF Starting 0.0.0.0:8080 Gateway server component=service-manager
topaz  | 5:20PM INF 0.0.0.0:8282 waiting for 0.0.0.0:9292 component=service-manager
topaz  | 5:20PM INF Starting 0.0.0.0:8282 GRPC server component=service-manager
topaz  | 5:20PM INF Starting 0.0.0.0:8383 Gateway server component=service-manager

Browse to the console

In a web browser, visit https://localhost:8080/ui/directory/model to access the web console.

Load sample directory data

To load sample data, copy files from the topaz repo into the mounted /data directory so that the topaz container will have access to them.

cd topaz/docs/deployments/docker-compose
mkdir data
cp ../../../assets/citadel/citadel_objects.json data/
cp ../../../assets/citadel/citadel_relations.json data/
cp ../../../assets/todo/manifest.yaml data/
cp ../../../assets/todo/todo_objects.json data/
cp ../../../assets/todo/todo_relations.json data/

While topaz is running, from another terminal invoke the topaz CLI inside the running container to import the sample manifest and data into the topaz edge directory.

cd topaz/docs/deployments/docker-compose
docker compose exec topaz ./topaz manifest set --no-check -i /data/manifest.yaml
docker compose exec topaz ./topaz import --no-check -i -H localhost:9292 -d /data

A successful directory import should produce this output:

>>> set manifest from /data/manifest.yaml

>>> importing data from /data
   object types skipped
    permissions skipped
 relation types skipped
        objects 20
      relations 23

You can browse to the directory console to visualize the sample objects: https://localhost:8080/ui/directory/model