zalf-rdm / geonode-k8s

A Kubernetes helm chart for the geospacial webapplication Geonode
https://geonode-k8s.readthedocs.io/en/latest/
GNU General Public License v2.0
13 stars 9 forks source link

Discussion: Evaluate geoserver-cloud integration #171

Open mwallschlaeger opened 7 months ago

mwallschlaeger commented 7 months ago

Task Description

As geoserver is basically the only service not scalable in geonode-k8s, there are currently two approaches to make this happen. One mentioned by Geosolutions, loadbalancing incomming traffic to multiple geoserver instances. The other one would be to use the geoserver-cloud deployment from camptocamp. As far as I understand this can not be integrated directly as it is missing at least the geoserver geonode plugin, which uses geonode to authorize geoserver login attempts. It might be possible to bypass this plugin by configuring geoserver to use oauth2 to authorize users with geonode. Does anybody has experiences or did further evaluation on including ether loadbalancing geoserver or geoserver cloud into geonode or geonode-k8s? @AlexGacon @ridoo

Additional Information

Any additional information or context that may be helpful in completing the task.

AlexGacon commented 7 months ago

I work on daily basis with geoserver cloud so I would be happy to have it in geonode-k8s but there are several obstacles to do so:

Some of our customers ask for quotation on developing this but no progress so far.

Regarding the use of a cluster of GeoServer, it is possible but you have to put a mechanism to synchronize the configuration between the different GeoServer instances, since you cannot share a configuration folder between them on K8s. One option could be to store the GeoServer configuration into database (there are several community extensions for that); in this case you only have to find how to tell all the instances to update their configuration cache after a change in GeoNode (generally it means deploying somethings like JMX or RabbitMQ).

mwallschlaeger commented 7 months ago

@giohappy does geosolution has an idea on how to scale geoserver on kubernetes. By overcomming geonode plugins or by loadbalancing geoserver?

giohappy commented 7 months ago

@mwallschlaeger we're working on it. For the moment the solution will be based on the JMS plugin, which is not perfect but it seems ok. We have planned to develop a different clustering solution in the future but we don't have a timeline yet. We will contribute back the JMS based solution once it's ready. There are a few things we had to fix in the JMS plugin and we're testing them.

ridoo commented 7 months ago

@mwallschlaeger no deeper experience in clustering/loadbalancing geoserver so far.

ATM, the "geonode plugin" for GeoServer is quite opaque to me, but I may have missed the right entry point to dive into. I do know https://github.com/GeoNode/geoserver-geonode-ext/, though, it just provides some binary jar files and an empty data directory.

I have not looked into ACL and geofence, yet, so I cannot forsee, if oauth2 and ACL offer an alternative to standard geofence which might enables geoserver-cloud as an alternative to standard geoserver ... However, it would be very interesting to test out what would be possible with ACL and oauth2.

Edit: I tried to find out which plugins are actually needed by GeoNode:

The geonode/geoserver image downloads a pre-build geoserver version which is built by some custom script. I found this one in the geonode-docker repo (which also prepares the data dir). This version seems to be for future builds as it pushes to S3 -- AFAIK, so far the builds where always done by a Jenkins pipeline. However, the Maven build command includes the following extensions (enabled via Maven profile flag -P):

mvn ... -PsldService,printing,monitor,control-flow,wps,kmlppio,wps-download,excel,querylayer,gdal,authkey,css,ysld,importer,wmts-multi-dimensional,backup-restore,oauth2-geonode,oauth2-openid-connect,geofence-server,geofence-wps

Each would have to be re-implemented to be able to run in geoserver-cloud. I guess, this would require far more efforts than trying to evaluate how GeoNode could work with ACL and OAuth2.

ridoo commented 5 months ago

For the record: https://github.com/geoserver/geoserver-cloud/pull/475

AlexGacon commented 5 months ago

@ridoo some of the extensions are already available in GS Cloud (wps, css)

ridoo commented 5 months ago

@AlexGacon are we able to create a "supported" matrix?

plugin supported by gs-cloud comment
authkey (docs) :question:
backup-restore :question:
control-flow (docs) :question:
css :heavy_check_mark: as indicated
excel (docs) :question:
gdal :question:
geofence-server (docs) :question: resolved by geoserver-acl?
geofence-wps (docs) :question:
kmlppio :question:
importer (docs) :question:
monitor (docs) :question:
oauth2-geonode :question: resolved by https://github.com/geoserver/geoserver-cloud/pull/475?
oauth2-openid-connect :question: resolved by https://github.com/geoserver/geoserver-cloud/pull/475?
printing (docs) :question:
querylayer (docs) :question:
sldService (docs) :question:
wmts-multi-dimensional (docs) :question:
wps :heavy_check_mark: as indicated
wps-download (docs) :question:
ysld :question:
AlexGacon commented 5 months ago

To me monitor and control-flow are not mandatory but a nice to have.

For monitoring, GS Cloud have metrics endpoint you can use with Prometheus or so (metrics per end-point, not as precise as the monitoring extension).

For control-flow, you can easily add new pods if required. We will also work soon on autoscaling.

AlexGacon commented 5 months ago

@mwallschlaeger @ridoo we are looking for fundings to work on a GS Cloud integration. Is it something which can be arranged on your side?

groldan commented 5 months ago

Hi, here's a working demo docker compose for geoserver cloud integration https://github.com/groldan/geonode-geoserver-cloud-compose Note this is to check the Oauth2 functionality only.

Re the required extensions:

mwallschlaeger commented 5 months ago

@AlexGacon hi sorry for my late reply, I was on holiday. As the geonode-k8s maintainer i would really like to see the integration of geoserver cloud into this project. But as a devops engineer at my current position, I cannot see further benefits for our team to run geoserver-cloud within our geonode installation, therefore i do not see any possibilities to arrange any kind of funding for this purpose.

ridoo commented 5 months ago

Hi, here's a working demo docker compose for geoserver cloud integration https://github.com/groldan/geonode-geoserver-cloud-compose

@groldan thanks for the hint. Will try it out.

we are looking for fundings to work on a GS Cloud integration. Is it something which can be arranged on your side?

@AlexGacon I fear, we cannot arrange funding from our side ATM.

anthieni commented 4 months ago

Good morning all, we are working on an evaluation and development, already advanced, of the integration of GeoNode with GS-Cloud ACL where we will be releasing the first version, today we have it functional but we are doing the last tests. @dgquail We are doing this with our own funding but also looking at potential customers for this version and for our version of GeoExpress Cloud.

@groldan is more than useful and it is working perfectly for us. 💯

We have already separated the Mapstore Client for better scaling and looking at adding the html that is still in the Django/ jinja templates. We are also considering updating the tool versions.

I hope that next weeks we will have news to share with you.