Skip to content

Commit

Permalink
Merge pull request #24 from lucernae/geonode
Browse files Browse the repository at this point in the history
[geonode][geoserver][postgis] Add more options
  • Loading branch information
lucernae authored Dec 16, 2020
2 parents f2f257b + 475aace commit 33d3714
Show file tree
Hide file tree
Showing 34 changed files with 2,937 additions and 0 deletions.
42 changes: 42 additions & 0 deletions charts/geonode/v0.4.0/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
apiVersion: v2
name: geonode
version: 0.4.0
appVersion: 3.1.0
description: Chart for GeoNode
keywords:
- GeoNode
- GIS
- GeoServer
home: http://geonode.org
sources:
- https://github.com/GeoNode/geonode
maintainers:
- name: lucernae
email: [email protected]
- name: lucernae
email: [email protected]
icon: https://raw.githubusercontent.com/kartoza/charts/master/assets/logo/geonode-logo_for_readme.gif
engine: gotpl
dependencies:
- name: postgis
version: 0.2.1
repository: "file://../../postgis/v0.2.1"
condition: postgis.enabled
tags:
- database-backend
- postgis
- name: geoserver
version: 0.3.1
repository: "file://../../geoserver/v0.3.1"
condition: geoserver.enabled
tags:
- map-backend
- geoserver
- name: rabbitmq
version: 7.6.6
repository: "https://charts.bitnami.com/bitnami"
condition: rabbitmq.enabled
tags:
- broker
- rabbitmq
- amqp
153 changes: 153 additions & 0 deletions charts/geonode/v0.4.0/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,153 @@
# GeoNode

This is Kartoza's GeoNode Rancher charts

GeoNode is a web-based application and platform for developing geospatial information systems (GIS) and for deploying spatial data infrastructures (SDI).


# How to Use

For helm:

```bash
helm install release-name kartoza/geonode
```

# Intro

This chart bootstrap a GeoNode installation.
GeoNode is a web application/platform with PostgreSQL/PostGIS database backend and GeoServer mapping backend.

Most GeoNode installation are shipped with all of these three components.
This helm charts also allows you to reroute the components.
For example, if you have existing PostGIS or GeoServer, you can use external service and only install GeoNode web app.

# What it can do

The default install uses SPCGeoNode image, which is a geonode docker image specifically used for docker-compose.yml.

It is tested to work with SPCGeoNode images. However you can supply your own image, and configure it with Kubernetes.
The charts act as a support for vanilla installations and can be extended.

It is designed to be as decoupled as possible. You can use external GeoServer or PostGIS, which means it doesn't generated by this charts.
However that means you must supply the necessary details, like the service address or credentials.

# Parameters

| Parameter | Description |
|---|---|
| image.registry | Docker image registry |
| image.repository | Docker image repository |
| image.tag | Docker image tag |
| image.pullPolicy | Docker image pull policy |
| global.existingSecret | [tpl string] Provide these secret name if you already make a secret config beforehand |
| global.sharedSecretName | This is used to store credentials of GeoNode and also credentials used to access GeoServer and PostGIS |
| global.geonodeSiteName | The Site Name used by GeoNode in it's Django configuration. For example geonode.test |
| global.geonodeSiteURL | The Site URL used by GeoNode to refer to itself publicly. Needs to be the same with your ingress or cluster policy |
| global.debug | The debug flag for GeoNode. Set it to true, to enable Django DEBUG mode |
| global.adminUser | Admin Username |
| global.adminPassword.value | Fill this in to give Admin password. Otherwise, it will generate random secret everytime the helm release are updated. |
| global.adminPassword.valueFrom.secretKeyRef.name | The secret name to retrieve GeoNode admin password |
| global.adminPassword.valueFrom.secretKeyRef.key | The key in the secret to retrieve GeoNode admin password |
| global.adminEmail | Admin email to use |
| global.djangoSecretKey.value | Django secret key, usually just a random string. Leave it be to autogenerate. |
| global.djangoSecretKey.valueFrom.secretKeyRef.name | The secret name to retrieve Django secret |
| global.djangoSecretKey.valueFrom.secretKeyRef.key | The key in the secret to retrieve Django secret |
| global.databaseUsername | The Database Username to for PostgreSQL connection by Django Models |
| global.databasePassword.value | Database password. You must provide it if you use external database. |
| global.databasePassword.valueFrom.secretKeyRef.name | The secret name to retrieve Database password |
| global.databasePassword.valueFrom.secretKeyRef.key | The key in the secret to retrieve Database password |
| global.databaseName | The database name as datastore for Django/GeoNode models |
| global.databaseHost | The database host location to connect as Django/GeoNode models datastore |
| global.databasePort | The database port to connect as Django/GeoNode models datastore |
| global.djangoSettingsModule | The Django settings module to use. You can provide different settings module via configmap and set it here so GeoNode can use this. |
| global.staticRoot | The location in the pods to store Django staticfiles |
| global.mediaRoot | The location in the pods to store Django media |
| global.geoserverURL | The location of GeoServer. Must end with slash. Must be filled if using external GeoServer. |
| global.geoserverAdminUser | The GeoServer Admin User |
| global.geoserverAdminPassword.value | Fill this in to give GeoServer Admin password. Otherwise, it will generate random secret everytime the helm release are updated. |
| global.geoserverAdminPassword.valueFrom.secretKeyRef.name | The secret name to retrieve GeoServer admin password |
| global.geoserverAdminPassword.valueFrom.secretKeyRef.key | The key in the secret to retrieve GeoServer admin password |
| global.geodatabaseUsername | The Database Username to connect as GeoServer Spatial Datastore |
| global.geodatabaseName | The database name as spatial datastore for GeoServer |
| global.geodatabaseHost | The database host location to connect as GeoServer spatial datastore |
| global.geodatabasePort | The database port to connect as GeoServer spatial datastore |
| global.celeryAsync.enabled | Toggle this to true to enable GeoNode async processing using Celery |
| global.celeryAsync.brokerUser | Broker user credential for the message queue backend to be used by celeryAsync. It needs to be set if celeryAsync is enabled |
| global.celeryAsync.brokerPassword | Broker password credentials for the message queue backend to be used by celery Async. It needs to be set if celeryAsync is enabled |
| global.celeryAsync.externalBroker.enabled | If this toggled to true, then you need to supple the external broker URI. For example, the Rabbitmq broker connection URI |
| global.celeryAsync.externalBroker.brokerURL | The Broker URL/URI connection to the external message queue backend |
| extraPodEnv | [tpl string] Provide extra environment that will be passed into pods. Useful for non default image. |
| extraSecret | [tpl string] Provide extra secret that will be included in the pods. Useful for non default image. |
| extraConfigMap: | [tpl string] Provide extra config map that will be included in the pods. Useful for non default image. |
| extraVolumeMounts | [tpl string] Provide extra volume mounts declaration that will be included in the pods. Useful if you want to mount extra things. |
| extraVolume | [tpl string] Configuration pair with extraVolumeMounts. Declare which volume to mount in the pods. |
| persistence.mediaDir.enabled | For mediaDir volume. Default to true. If set, it will make a volume claim. |
| persistence.mediaDir.existingClaim | For mediaDir volume. Default to false. If set, it will use an existing claim name provided. |
| persistence.mediaDir.mountPath | For mediaDir volume. The path where the volume will be in the pods. Make sure that it corresponds to your mediaRoot key |
| persistence.mediaDir.subPath | For mediaDir volume. The path inside the the volume to mount to. Useful if you want to reuse the same volume but mount the subpath for different services. |
| persistence.mediaDir.size | For mediaDir volume. Size of the volume |
| persistence.mediaDir.accessModes | For mediaDir volume. K8s Access mode of the volume. |
| persistence.staticDir.enabled | For staticDir volume. Default to true. If set, it will make a volume claim. |
| persistence.staticDir.existingClaim | For staticDir volume. Default to false. If set, it will use an existing claim name provided. |
| persistence.staticDir.mountPath | For staticDir volume. The path where the volume will be in the pods. Make sure that it corresponds to your staticRoot key |
| persistence.staticDir.subPath | For staticDir volume. The path inside the the volume to mount to. Useful if you want to reuse the same volume but mount the subpath for different services. |
| persistence.staticDir.size | For staticDir volume. Size of the volume |
| persistence.staticDir.accessModes | For staticDir volume. K8s Access mode of the volume. |
| service.type | The type of kubernetes service to be created. Leave it be for Headless service |
| service.loadBalancerIP | Only used if you use LoadBalancer service.type |
| service.externalIPs | External IPs to use for the service |
| service.port | External port to use/expose |
| ingress.enabled | Switch to true to enable ingress resource |
| ingress.host | The host name/site name the ingress will serve |
| ingress.tls.enabled | Set it to true to enable HTTPS |
| ingress.tls.secretName | Providing this will activate HTTPS ingress based on the provided certificate |

In addition to the GeoNode parameters above, you can configure parameter of GeoServer and PostGIS if it is created using subcharts.

Simply use `postgis.<parameter name>` of the PostGIS chart and `geoserver.<parameter name>` of the GeoServer chart.
To disable the subchart, define `postgis.enabled: false` and `geoserver.enabled: false` respectively.

If you use external service, then you must fill this parameter:

For PostGIS

| Parameter | Description |
|---|---|
| postgis.external.host | The hostname |
| postgis.external.port | The port |
| postgis.external.user | The user to connect |
| postgis.external.password.valueFrom.secretKeyRef.name | The secret name to retrieve the password to connect |
| postgis.external.password.valueFrom.secretKeyRef.key | The key of the secret to retrieve the password to connect |

For GeoServer

| Parameter | Description |
|---|---|
| geoserver.external.url | The URL of GeoServer, must end with slash. |
| geoserver.external.admin_user | The user to connect |
| geoserver.external.admin_password.valueFrom.secretKeyRef.name | The secret name to retrieve the password to connect |
| geoserver.external.admin_password.valueFrom.secretKeyRef.key | The key of the secret to retrieve the password to connect |

For RabbitMQ

This only applicable if you use `global.celeryAsync.enabled=true` but choose `global.celeryAsync.externalBroker.enabled=true`

| Parameter | Description |
|---|---|
| global.celeryAsync.externalBroker.brokerURL | The Broker URL/URI connection to the external message queue backend |

In the case if you want to use internal broker of this chart, set `global.celeryAsync.externalBroker.enabled=false`.

This chart currently uses rabbitmq chart from Bitnami for the broker. Refer to https://github.com/bitnami/charts/tree/master/bitnami/rabbitmq for more configuration options.

In the most minimum configration, these needs to be defined:

| Parameter | Description |
|---|---|
| rabbitmq.enabled | Set to true if you want to generate this chart |
| rabbitmq.auth.username | Rabbitmq default user |
| rabbitmq.auth.password | Rabbitmq default password |
| rabbitmq.auth.erlangCookie | Rabbitmq default erlang cookie. You must generate random alphanumeric string because this is supposed to be a secure private key |
| global.celeryAsync.brokerUser | By default it will use rabbitmq credentials unless you define a different one |
| global.celeryAsync.brokerPassword | By default it will use rabbitmq credentials unless you define a different one |
6 changes: 6 additions & 0 deletions charts/geonode/v0.4.0/app-readme.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
# GeoNode

This is Kartoza's GeoNode Rancher charts

GeoNode is a web-based application and platform for developing geospatial information systems (GIS) and for deploying spatial data infrastructures (SDI).

Binary file added charts/geonode/v0.4.0/charts/geoserver-0.3.1.tgz
Binary file not shown.
Binary file added charts/geonode/v0.4.0/charts/postgis-0.2.1.tgz
Binary file not shown.
Binary file added charts/geonode/v0.4.0/charts/rabbitmq-7.6.6.tgz
Binary file not shown.
26 changes: 26 additions & 0 deletions charts/geonode/v0.4.0/ci/dominode-values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
---

global:
geonodeSiteName: dominode.dm
geoserverURL: https://dominode.dm/geoserver/
adminUser: admin
adminPassword:
value: duI50BQH9VmH
databaseHost: dodo.nunez.co
databaseUsername: dominode
databaseName: dominode_app
databasePassword:
value: 5Bgb7936mam65v
geodatabaseHost: dodo.nunez.co
geodatabaseUsername: dominode
geodatabaseName: dominode
geodatabasePassword:
value: 5Bgb7936mam65v
geoserverAdminPassword:
value: f2h0Z0Jpny7a

geoserver:
enabled: true

postgis:
enabled: false
73 changes: 73 additions & 0 deletions charts/geonode/v0.4.0/ci/values.dev.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
---
global:
geonodeSiteName: geonode.test
adminUser: admin
adminPassword:
value: admin
databasePassword:
value: mygeonode
geodatabasePassword:
value: mygeodatabase
# geoserverURL: https://geonode.test/geoserver/
geoserverAdminPassword:
value: mygeoserver
storageClass: longhorn

ingress:
enabled: true
host: geonode.test
annotations:
cert-manager.io/cluster-issuer: ca-issuer
tls:
enabled: true
secretName: geonode-self-tls

extraVolume: |
- name: geonode-code
hostPath:
path: /home/lucernae/WorkingDir/geonode/geonode/scripts
extraVolumeMounts: |
- mountPath: /spcgeonode/scripts
name: geonode-code
# If you want to disable probe: for example, for legacy k8s that doesn't support probe
probe: |
# disable probe
geoserver:
ingress:
enabled: true
host: geonode.test
#annotations:
#cert-manager.io/cluster-issuer: ca-issuer
tls:
enabled: true
secretName: geonode-self-tls


extraVolume: |
- name: config-volume
configMap:
name: {{ template "geoserver.fullname" . }}
defaultMode: 0755
- name: geonode-code
hostPath:
path: /home/lucernae/WorkingDir/geonode/geonode
{{- if .Values.ingress.tls.enabled }}
- name: tls-volume
secret:
secretName: {{ .Values.ingress.tls.secretName | quote }}
{{- end }}
extraVolumeMounts: |
- mountPath: /docker-entrypoint.sh
subPath: docker-entrypoint.sh
name: config-volume
- mountPath: /opt/geonode
name: geonode-code
{{- if .Values.ingress.tls.enabled }}
- mountPath: /tmp/tls-secrets/tls.crt
subPath: tls.crt
name: tls-volume
{{- end }}
32 changes: 32 additions & 0 deletions charts/geonode/v0.4.0/ci/values.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
---
global:
geonodeSiteName: geonode.test
adminUser: admin
adminPassword:
value: admin
databasePassword:
value: mygeonode
geodatabasePassword:
value: mygeodatabase
geoserverURL: https://geonode.test/geoserver/
geoserverAdminPassword:
value: mygeoserver

ingress:
enabled: true
host: geonode.test
annotations:
cert-manager.io/cluster-issuer: ca-issuer
tls:
enabled: true
secretName: geonode-self-tls

geoserver:
ingress:
enabled: true
host: geonode.test
#annotations:
#cert-manager.io/cluster-issuer: ca-issuer
tls:
enabled: true
secretName: geonode-self-tls
26 changes: 26 additions & 0 deletions charts/geonode/v0.4.0/templates/NOTES.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
To access GeoNode:

1. Get user and password:

```bash
export GEONODE_ADMIN_USER=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "geonode.sharedSecretName" . }} -o jsonpath='{.data.admin-user}' | base64 --decode)
export GEONODE_ADMIN_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "geonode.sharedSecretName" . }} -o jsonpath='{.data.admin-password}' | base64 --decode)
```

{{- if not .Values.ingress.enabled }}
2. You didn't enable ingress, so GeoNode is exposed as Cluster Service by default.

You can arrange access by exposing it to NodePort or external address manually using kubernetes.

Otherwise, you can access it via Kubernetes API-Server proxy:

http://[cluster master address]/api/v1/namespaces/{{ .Release.Namespace }}/services/{{ template "geonode.fullname" . }}:80/proxy/

{{- end }}

{{- if .Values.ingress.enabled }}
2. You have enabled ingress, service will be available here:

http://{{ .Values.ingress.host }}/

{{- end }}
Loading

0 comments on commit 33d3714

Please sign in to comment.