Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Discussion: Evaluate geoserver-cloud integration #171

Open
mwallschlaeger opened this issue Mar 31, 2024 · 13 comments
Open

Discussion: Evaluate geoserver-cloud integration #171

mwallschlaeger opened this issue Mar 31, 2024 · 13 comments
Labels
Discussion documentation Improvements or additions to documentation

Comments

@mwallschlaeger
Copy link
Contributor

Task Description

As geoserver is basically the only service not scalable in geonode-k8s, there are currently two approaches to make this happen.
One mentioned by Geosolutions, loadbalancing incomming traffic to multiple geoserver instances. The other one would be to use the geoserver-cloud deployment from camptocamp. As far as I understand this can not be integrated directly as it is missing at least the geoserver geonode plugin, which uses geonode to authorize geoserver login attempts. It might be possible to bypass this plugin by configuring geoserver to use oauth2 to authorize users with geonode. Does anybody has experiences or did further evaluation on including ether loadbalancing geoserver or geoserver cloud into geonode or geonode-k8s? @AlexGacon @ridoo

Additional Information

Any additional information or context that may be helpful in completing the task.

@AlexGacon
Copy link
Collaborator

I work on daily basis with geoserver cloud so I would be happy to have it in geonode-k8s but there are several obstacles to do so:

  • as you mentionned, the geonode plugins are not integrated/ported to geoserver-cloud. Not sure that your idea for bypassing the geonode oauth2 will work either.
  • Geoserver Cloud does not support GeoFence. We have developed GeoServer ACL as a replacement but the REST API is not exactly the same as GeoFence so it cannot be drop like this in replacement.

Some of our customers ask for quotation on developing this but no progress so far.

Regarding the use of a cluster of GeoServer, it is possible but you have to put a mechanism to synchronize the configuration between the different GeoServer instances, since you cannot share a configuration folder between them on K8s. One option could be to store the GeoServer configuration into database (there are several community extensions for that); in this case you only have to find how to tell all the instances to update their configuration cache after a change in GeoNode (generally it means deploying somethings like JMX or RabbitMQ).

@mwallschlaeger
Copy link
Contributor Author

@giohappy does geosolution has an idea on how to scale geoserver on kubernetes. By overcomming geonode plugins or by loadbalancing geoserver?

@mwallschlaeger mwallschlaeger pinned this issue Apr 3, 2024
@mwallschlaeger mwallschlaeger added documentation Improvements or additions to documentation Discussion labels Apr 3, 2024
@giohappy
Copy link

giohappy commented Apr 3, 2024

@mwallschlaeger we're working on it. For the moment the solution will be based on the JMS plugin, which is not perfect but it seems ok. We have planned to develop a different clustering solution in the future but we don't have a timeline yet.
We will contribute back the JMS based solution once it's ready. There are a few things we had to fix in the JMS plugin and we're testing them.

@AlexGacon AlexGacon unpinned this issue Apr 4, 2024
@AlexGacon AlexGacon pinned this issue Apr 4, 2024
@ridoo
Copy link
Contributor

ridoo commented Apr 5, 2024

@mwallschlaeger no deeper experience in clustering/loadbalancing geoserver so far.

ATM, the "geonode plugin" for GeoServer is quite opaque to me, but I may have missed the right entry point to dive into. I do know https://github.com/GeoNode/geoserver-geonode-ext/, though, it just provides some binary jar files and an empty data directory.

I have not looked into ACL and geofence, yet, so I cannot forsee, if oauth2 and ACL offer an alternative to standard geofence which might enables geoserver-cloud as an alternative to standard geoserver ... However, it would be very interesting to test out what would be possible with ACL and oauth2.

Edit: I tried to find out which plugins are actually needed by GeoNode:

The geonode/geoserver image downloads a pre-build geoserver version which is built by some custom script. I found this one in the geonode-docker repo (which also prepares the data dir). This version seems to be for future builds as it pushes to S3 -- AFAIK, so far the builds where always done by a Jenkins pipeline. However, the Maven build command includes the following extensions (enabled via Maven profile flag -P):

mvn ... -PsldService,printing,monitor,control-flow,wps,kmlppio,wps-download,excel,querylayer,gdal,authkey,css,ysld,importer,wmts-multi-dimensional,backup-restore,oauth2-geonode,oauth2-openid-connect,geofence-server,geofence-wps

Each would have to be re-implemented to be able to run in geoserver-cloud. I guess, this would require far more efforts than trying to evaluate how GeoNode could work with ACL and OAuth2.

@ridoo
Copy link
Contributor

ridoo commented May 22, 2024

For the record: geoserver/geoserver-cloud#475

@AlexGacon
Copy link
Collaborator

@ridoo some of the extensions are already available in GS Cloud (wps, css)

@ridoo
Copy link
Contributor

ridoo commented May 22, 2024

@AlexGacon are we able to create a "supported" matrix?

plugin supported by gs-cloud comment
authkey (docs)
backup-restore
control-flow (docs)
css ✔️ as indicated
excel (docs)
gdal
geofence-server (docs) resolved by geoserver-acl?
geofence-wps (docs)
kmlppio
importer (docs)
monitor (docs)
oauth2-geonode resolved by geoserver/geoserver-cloud#475?
oauth2-openid-connect resolved by geoserver/geoserver-cloud#475?
printing (docs)
querylayer (docs)
sldService (docs)
wmts-multi-dimensional (docs)
wps ✔️ as indicated
wps-download (docs)
ysld

@AlexGacon
Copy link
Collaborator

To me monitor and control-flow are not mandatory but a nice to have.

For monitoring, GS Cloud have metrics endpoint you can use with Prometheus or so (metrics per end-point, not as precise as the monitoring extension).

For control-flow, you can easily add new pods if required. We will also work soon on autoscaling.

@AlexGacon
Copy link
Collaborator

@mwallschlaeger @ridoo we are looking for fundings to work on a GS Cloud integration. Is it something which can be arranged on your side?

@groldan
Copy link

groldan commented May 23, 2024

Hi, here's a working demo docker compose for geoserver cloud integration https://github.com/groldan/geonode-geoserver-cloud-compose
Note this is to check the Oauth2 functionality only.

Re the required extensions:

  • authkey: integrated and enabled by default
  • backup-restore: pending. When tried to integrate it had some bugs I don't recall. May try to resurrect it.
  • control-flow: it probably makes more sense to do something in the gateway.
  • css: integrated.
  • excel: pending. Difficulty: easy
  • gdal: pending. Difficulty: medium/complex.
  • geofence/wps: replaced by ACL in gs-cloud. The ACL REST API is different than Geofence's. The python client can be generated with the openapi tools.
  • kmlppio: pending. Difficulty: easy
  • importer: integrated in the web-ui service, but pending on the rest-service. In web-ui it needs to be enabled with the webui.importer.enabled config property (i.e. ConfigMap, System prop, env variable)
  • monitor: As mentioned by Alex, we'd rather work on spring-boot friendlier integrations (probably opentelemetry). There's the prometheus export and several other spring boot actuator endpoints for metrics and other stuff.
  • oauth2-geonode
  • printing: not integrated. May deserve its own microservice?
  • querylayer: pending. Difficulty: easy
  • sldService: pending. Difficulty: easy
  • wmts-multi-dimentional: pending. Difficulty: dunno
  • wps: wps-service
  • wps-download: : pending. Difficulty: easy/medium. May just be a matter of having a prescribed pv/mount-point for shared tmp dirs?
  • ysld: pending. Difficulty: easy

@mwallschlaeger
Copy link
Contributor Author

@AlexGacon hi sorry for my late reply, I was on holiday. As the geonode-k8s maintainer i would really like to see the integration of geoserver cloud into this project. But as a devops engineer at my current position, I cannot see further benefits for our team to run geoserver-cloud within our geonode installation, therefore i do not see any possibilities to arrange any kind of funding for this purpose.

@ridoo
Copy link
Contributor

ridoo commented May 28, 2024

Hi, here's a working demo docker compose for geoserver cloud integration https://github.com/groldan/geonode-geoserver-cloud-compose

@groldan thanks for the hint. Will try it out.

we are looking for fundings to work on a GS Cloud integration. Is it something which can be arranged on your side?

@AlexGacon I fear, we cannot arrange funding from our side ATM.

@AlexGacon AlexGacon unpinned this issue Jun 14, 2024
@anthieni
Copy link

anthieni commented Jul 1, 2024

Good morning all, we are working on an evaluation and development, already advanced, of the integration of GeoNode with GS-Cloud ACL where we will be releasing the first version, today we have it functional but we are doing the last tests. @dgquail
We are doing this with our own funding but also looking at potential customers for this version and for our version of GeoExpress Cloud.

@groldan is more than useful and it is working perfectly for us. 💯

We have already separated the Mapstore Client for better scaling and looking at adding the html that is still in the Django/ jinja templates. We are also considering updating the tool versions.

I hope that next weeks we will have news to share with you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Discussion documentation Improvements or additions to documentation
Projects
None yet
Development

No branches or pull requests

6 participants