etj
commented
4 months ago @eleagula When GeoFence seems not to be running, pls check if the GeoFence module is enabled, if the GeoFence Data Rules entry shows up in the left panel menu, and if the rules are in there. If the module and panel are not there, you are missing some jars in the GeoServer lib dir; if the panel is there but there are no rules, you may be missing part of the filesystem where the h2 database is located and where GeoFence stores the authorization rules. Anyway, please use the github issues only for internal GeoFence related issues. Your problem is something GeoServer related, so pls refer to the GeoServer mailing lists.
I am using a Geoserver 2.24.2 container (docker.osgeo.org/geoserver:2.24.2) with the 'geofence-server' plugin installed and it's being run on Microk8s. I've noticed when I stop my single Microk8s cluster and start it again, I see all previously private layers completely exposed publicly — as if Geofence wasn't installed. When I do a 'kubectl rollout restart...' of the Geoserver container without stopping the Microk8s cluster, the container restarts and Geofence works as intended—all of my private layers are protected by Geofence and they are not publicly accessible.
In summary, stopping and restarting my Microk8s cluster prevents Geofence from working when the container starts up initially after the cluster is rerun, but not when I restart the pod/container itself. Any ideas what might be the issue and how can I fix this so I don't expose private layers whenever I need to restart my Microk8s cluster ?