-
Notifications
You must be signed in to change notification settings - Fork 27
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #24 from lucernae/geonode
[geonode][geoserver][postgis] Add more options
- Loading branch information
Showing
34 changed files
with
2,937 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
apiVersion: v2 | ||
name: geonode | ||
version: 0.4.0 | ||
appVersion: 3.1.0 | ||
description: Chart for GeoNode | ||
keywords: | ||
- GeoNode | ||
- GIS | ||
- GeoServer | ||
home: http://geonode.org | ||
sources: | ||
- https://github.com/GeoNode/geonode | ||
maintainers: | ||
- name: lucernae | ||
email: [email protected] | ||
- name: lucernae | ||
email: [email protected] | ||
icon: https://raw.githubusercontent.com/kartoza/charts/master/assets/logo/geonode-logo_for_readme.gif | ||
engine: gotpl | ||
dependencies: | ||
- name: postgis | ||
version: 0.2.1 | ||
repository: "file://../../postgis/v0.2.1" | ||
condition: postgis.enabled | ||
tags: | ||
- database-backend | ||
- postgis | ||
- name: geoserver | ||
version: 0.3.1 | ||
repository: "file://../../geoserver/v0.3.1" | ||
condition: geoserver.enabled | ||
tags: | ||
- map-backend | ||
- geoserver | ||
- name: rabbitmq | ||
version: 7.6.6 | ||
repository: "https://charts.bitnami.com/bitnami" | ||
condition: rabbitmq.enabled | ||
tags: | ||
- broker | ||
- rabbitmq | ||
- amqp |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,153 @@ | ||
# GeoNode | ||
|
||
This is Kartoza's GeoNode Rancher charts | ||
|
||
GeoNode is a web-based application and platform for developing geospatial information systems (GIS) and for deploying spatial data infrastructures (SDI). | ||
|
||
|
||
# How to Use | ||
|
||
For helm: | ||
|
||
```bash | ||
helm install release-name kartoza/geonode | ||
``` | ||
|
||
# Intro | ||
|
||
This chart bootstrap a GeoNode installation. | ||
GeoNode is a web application/platform with PostgreSQL/PostGIS database backend and GeoServer mapping backend. | ||
|
||
Most GeoNode installation are shipped with all of these three components. | ||
This helm charts also allows you to reroute the components. | ||
For example, if you have existing PostGIS or GeoServer, you can use external service and only install GeoNode web app. | ||
|
||
# What it can do | ||
|
||
The default install uses SPCGeoNode image, which is a geonode docker image specifically used for docker-compose.yml. | ||
|
||
It is tested to work with SPCGeoNode images. However you can supply your own image, and configure it with Kubernetes. | ||
The charts act as a support for vanilla installations and can be extended. | ||
|
||
It is designed to be as decoupled as possible. You can use external GeoServer or PostGIS, which means it doesn't generated by this charts. | ||
However that means you must supply the necessary details, like the service address or credentials. | ||
|
||
# Parameters | ||
|
||
| Parameter | Description | | ||
|---|---| | ||
| image.registry | Docker image registry | | ||
| image.repository | Docker image repository | | ||
| image.tag | Docker image tag | | ||
| image.pullPolicy | Docker image pull policy | | ||
| global.existingSecret | [tpl string] Provide these secret name if you already make a secret config beforehand | | ||
| global.sharedSecretName | This is used to store credentials of GeoNode and also credentials used to access GeoServer and PostGIS | | ||
| global.geonodeSiteName | The Site Name used by GeoNode in it's Django configuration. For example geonode.test | | ||
| global.geonodeSiteURL | The Site URL used by GeoNode to refer to itself publicly. Needs to be the same with your ingress or cluster policy | | ||
| global.debug | The debug flag for GeoNode. Set it to true, to enable Django DEBUG mode | | ||
| global.adminUser | Admin Username | | ||
| global.adminPassword.value | Fill this in to give Admin password. Otherwise, it will generate random secret everytime the helm release are updated. | | ||
| global.adminPassword.valueFrom.secretKeyRef.name | The secret name to retrieve GeoNode admin password | | ||
| global.adminPassword.valueFrom.secretKeyRef.key | The key in the secret to retrieve GeoNode admin password | | ||
| global.adminEmail | Admin email to use | | ||
| global.djangoSecretKey.value | Django secret key, usually just a random string. Leave it be to autogenerate. | | ||
| global.djangoSecretKey.valueFrom.secretKeyRef.name | The secret name to retrieve Django secret | | ||
| global.djangoSecretKey.valueFrom.secretKeyRef.key | The key in the secret to retrieve Django secret | | ||
| global.databaseUsername | The Database Username to for PostgreSQL connection by Django Models | | ||
| global.databasePassword.value | Database password. You must provide it if you use external database. | | ||
| global.databasePassword.valueFrom.secretKeyRef.name | The secret name to retrieve Database password | | ||
| global.databasePassword.valueFrom.secretKeyRef.key | The key in the secret to retrieve Database password | | ||
| global.databaseName | The database name as datastore for Django/GeoNode models | | ||
| global.databaseHost | The database host location to connect as Django/GeoNode models datastore | | ||
| global.databasePort | The database port to connect as Django/GeoNode models datastore | | ||
| global.djangoSettingsModule | The Django settings module to use. You can provide different settings module via configmap and set it here so GeoNode can use this. | | ||
| global.staticRoot | The location in the pods to store Django staticfiles | | ||
| global.mediaRoot | The location in the pods to store Django media | | ||
| global.geoserverURL | The location of GeoServer. Must end with slash. Must be filled if using external GeoServer. | | ||
| global.geoserverAdminUser | The GeoServer Admin User | | ||
| global.geoserverAdminPassword.value | Fill this in to give GeoServer Admin password. Otherwise, it will generate random secret everytime the helm release are updated. | | ||
| global.geoserverAdminPassword.valueFrom.secretKeyRef.name | The secret name to retrieve GeoServer admin password | | ||
| global.geoserverAdminPassword.valueFrom.secretKeyRef.key | The key in the secret to retrieve GeoServer admin password | | ||
| global.geodatabaseUsername | The Database Username to connect as GeoServer Spatial Datastore | | ||
| global.geodatabaseName | The database name as spatial datastore for GeoServer | | ||
| global.geodatabaseHost | The database host location to connect as GeoServer spatial datastore | | ||
| global.geodatabasePort | The database port to connect as GeoServer spatial datastore | | ||
| global.celeryAsync.enabled | Toggle this to true to enable GeoNode async processing using Celery | | ||
| global.celeryAsync.brokerUser | Broker user credential for the message queue backend to be used by celeryAsync. It needs to be set if celeryAsync is enabled | | ||
| global.celeryAsync.brokerPassword | Broker password credentials for the message queue backend to be used by celery Async. It needs to be set if celeryAsync is enabled | | ||
| global.celeryAsync.externalBroker.enabled | If this toggled to true, then you need to supple the external broker URI. For example, the Rabbitmq broker connection URI | | ||
| global.celeryAsync.externalBroker.brokerURL | The Broker URL/URI connection to the external message queue backend | | ||
| extraPodEnv | [tpl string] Provide extra environment that will be passed into pods. Useful for non default image. | | ||
| extraSecret | [tpl string] Provide extra secret that will be included in the pods. Useful for non default image. | | ||
| extraConfigMap: | [tpl string] Provide extra config map that will be included in the pods. Useful for non default image. | | ||
| extraVolumeMounts | [tpl string] Provide extra volume mounts declaration that will be included in the pods. Useful if you want to mount extra things. | | ||
| extraVolume | [tpl string] Configuration pair with extraVolumeMounts. Declare which volume to mount in the pods. | | ||
| persistence.mediaDir.enabled | For mediaDir volume. Default to true. If set, it will make a volume claim. | | ||
| persistence.mediaDir.existingClaim | For mediaDir volume. Default to false. If set, it will use an existing claim name provided. | | ||
| persistence.mediaDir.mountPath | For mediaDir volume. The path where the volume will be in the pods. Make sure that it corresponds to your mediaRoot key | | ||
| persistence.mediaDir.subPath | For mediaDir volume. The path inside the the volume to mount to. Useful if you want to reuse the same volume but mount the subpath for different services. | | ||
| persistence.mediaDir.size | For mediaDir volume. Size of the volume | | ||
| persistence.mediaDir.accessModes | For mediaDir volume. K8s Access mode of the volume. | | ||
| persistence.staticDir.enabled | For staticDir volume. Default to true. If set, it will make a volume claim. | | ||
| persistence.staticDir.existingClaim | For staticDir volume. Default to false. If set, it will use an existing claim name provided. | | ||
| persistence.staticDir.mountPath | For staticDir volume. The path where the volume will be in the pods. Make sure that it corresponds to your staticRoot key | | ||
| persistence.staticDir.subPath | For staticDir volume. The path inside the the volume to mount to. Useful if you want to reuse the same volume but mount the subpath for different services. | | ||
| persistence.staticDir.size | For staticDir volume. Size of the volume | | ||
| persistence.staticDir.accessModes | For staticDir volume. K8s Access mode of the volume. | | ||
| service.type | The type of kubernetes service to be created. Leave it be for Headless service | | ||
| service.loadBalancerIP | Only used if you use LoadBalancer service.type | | ||
| service.externalIPs | External IPs to use for the service | | ||
| service.port | External port to use/expose | | ||
| ingress.enabled | Switch to true to enable ingress resource | | ||
| ingress.host | The host name/site name the ingress will serve | | ||
| ingress.tls.enabled | Set it to true to enable HTTPS | | ||
| ingress.tls.secretName | Providing this will activate HTTPS ingress based on the provided certificate | | ||
|
||
In addition to the GeoNode parameters above, you can configure parameter of GeoServer and PostGIS if it is created using subcharts. | ||
|
||
Simply use `postgis.<parameter name>` of the PostGIS chart and `geoserver.<parameter name>` of the GeoServer chart. | ||
To disable the subchart, define `postgis.enabled: false` and `geoserver.enabled: false` respectively. | ||
|
||
If you use external service, then you must fill this parameter: | ||
|
||
For PostGIS | ||
|
||
| Parameter | Description | | ||
|---|---| | ||
| postgis.external.host | The hostname | | ||
| postgis.external.port | The port | | ||
| postgis.external.user | The user to connect | | ||
| postgis.external.password.valueFrom.secretKeyRef.name | The secret name to retrieve the password to connect | | ||
| postgis.external.password.valueFrom.secretKeyRef.key | The key of the secret to retrieve the password to connect | | ||
|
||
For GeoServer | ||
|
||
| Parameter | Description | | ||
|---|---| | ||
| geoserver.external.url | The URL of GeoServer, must end with slash. | | ||
| geoserver.external.admin_user | The user to connect | | ||
| geoserver.external.admin_password.valueFrom.secretKeyRef.name | The secret name to retrieve the password to connect | | ||
| geoserver.external.admin_password.valueFrom.secretKeyRef.key | The key of the secret to retrieve the password to connect | | ||
|
||
For RabbitMQ | ||
|
||
This only applicable if you use `global.celeryAsync.enabled=true` but choose `global.celeryAsync.externalBroker.enabled=true` | ||
|
||
| Parameter | Description | | ||
|---|---| | ||
| global.celeryAsync.externalBroker.brokerURL | The Broker URL/URI connection to the external message queue backend | | ||
|
||
In the case if you want to use internal broker of this chart, set `global.celeryAsync.externalBroker.enabled=false`. | ||
|
||
This chart currently uses rabbitmq chart from Bitnami for the broker. Refer to https://github.com/bitnami/charts/tree/master/bitnami/rabbitmq for more configuration options. | ||
|
||
In the most minimum configration, these needs to be defined: | ||
|
||
| Parameter | Description | | ||
|---|---| | ||
| rabbitmq.enabled | Set to true if you want to generate this chart | | ||
| rabbitmq.auth.username | Rabbitmq default user | | ||
| rabbitmq.auth.password | Rabbitmq default password | | ||
| rabbitmq.auth.erlangCookie | Rabbitmq default erlang cookie. You must generate random alphanumeric string because this is supposed to be a secure private key | | ||
| global.celeryAsync.brokerUser | By default it will use rabbitmq credentials unless you define a different one | | ||
| global.celeryAsync.brokerPassword | By default it will use rabbitmq credentials unless you define a different one | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
# GeoNode | ||
|
||
This is Kartoza's GeoNode Rancher charts | ||
|
||
GeoNode is a web-based application and platform for developing geospatial information systems (GIS) and for deploying spatial data infrastructures (SDI). | ||
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
--- | ||
|
||
global: | ||
geonodeSiteName: dominode.dm | ||
geoserverURL: https://dominode.dm/geoserver/ | ||
adminUser: admin | ||
adminPassword: | ||
value: duI50BQH9VmH | ||
databaseHost: dodo.nunez.co | ||
databaseUsername: dominode | ||
databaseName: dominode_app | ||
databasePassword: | ||
value: 5Bgb7936mam65v | ||
geodatabaseHost: dodo.nunez.co | ||
geodatabaseUsername: dominode | ||
geodatabaseName: dominode | ||
geodatabasePassword: | ||
value: 5Bgb7936mam65v | ||
geoserverAdminPassword: | ||
value: f2h0Z0Jpny7a | ||
|
||
geoserver: | ||
enabled: true | ||
|
||
postgis: | ||
enabled: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,73 @@ | ||
--- | ||
global: | ||
geonodeSiteName: geonode.test | ||
adminUser: admin | ||
adminPassword: | ||
value: admin | ||
databasePassword: | ||
value: mygeonode | ||
geodatabasePassword: | ||
value: mygeodatabase | ||
# geoserverURL: https://geonode.test/geoserver/ | ||
geoserverAdminPassword: | ||
value: mygeoserver | ||
storageClass: longhorn | ||
|
||
ingress: | ||
enabled: true | ||
host: geonode.test | ||
annotations: | ||
cert-manager.io/cluster-issuer: ca-issuer | ||
tls: | ||
enabled: true | ||
secretName: geonode-self-tls | ||
|
||
extraVolume: | | ||
- name: geonode-code | ||
hostPath: | ||
path: /home/lucernae/WorkingDir/geonode/geonode/scripts | ||
extraVolumeMounts: | | ||
- mountPath: /spcgeonode/scripts | ||
name: geonode-code | ||
# If you want to disable probe: for example, for legacy k8s that doesn't support probe | ||
probe: | | ||
# disable probe | ||
geoserver: | ||
ingress: | ||
enabled: true | ||
host: geonode.test | ||
#annotations: | ||
#cert-manager.io/cluster-issuer: ca-issuer | ||
tls: | ||
enabled: true | ||
secretName: geonode-self-tls | ||
|
||
|
||
extraVolume: | | ||
- name: config-volume | ||
configMap: | ||
name: {{ template "geoserver.fullname" . }} | ||
defaultMode: 0755 | ||
- name: geonode-code | ||
hostPath: | ||
path: /home/lucernae/WorkingDir/geonode/geonode | ||
{{- if .Values.ingress.tls.enabled }} | ||
- name: tls-volume | ||
secret: | ||
secretName: {{ .Values.ingress.tls.secretName | quote }} | ||
{{- end }} | ||
extraVolumeMounts: | | ||
- mountPath: /docker-entrypoint.sh | ||
subPath: docker-entrypoint.sh | ||
name: config-volume | ||
- mountPath: /opt/geonode | ||
name: geonode-code | ||
{{- if .Values.ingress.tls.enabled }} | ||
- mountPath: /tmp/tls-secrets/tls.crt | ||
subPath: tls.crt | ||
name: tls-volume | ||
{{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
--- | ||
global: | ||
geonodeSiteName: geonode.test | ||
adminUser: admin | ||
adminPassword: | ||
value: admin | ||
databasePassword: | ||
value: mygeonode | ||
geodatabasePassword: | ||
value: mygeodatabase | ||
geoserverURL: https://geonode.test/geoserver/ | ||
geoserverAdminPassword: | ||
value: mygeoserver | ||
|
||
ingress: | ||
enabled: true | ||
host: geonode.test | ||
annotations: | ||
cert-manager.io/cluster-issuer: ca-issuer | ||
tls: | ||
enabled: true | ||
secretName: geonode-self-tls | ||
|
||
geoserver: | ||
ingress: | ||
enabled: true | ||
host: geonode.test | ||
#annotations: | ||
#cert-manager.io/cluster-issuer: ca-issuer | ||
tls: | ||
enabled: true | ||
secretName: geonode-self-tls |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
To access GeoNode: | ||
|
||
1. Get user and password: | ||
|
||
```bash | ||
export GEONODE_ADMIN_USER=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "geonode.sharedSecretName" . }} -o jsonpath='{.data.admin-user}' | base64 --decode) | ||
export GEONODE_ADMIN_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "geonode.sharedSecretName" . }} -o jsonpath='{.data.admin-password}' | base64 --decode) | ||
``` | ||
|
||
{{- if not .Values.ingress.enabled }} | ||
2. You didn't enable ingress, so GeoNode is exposed as Cluster Service by default. | ||
|
||
You can arrange access by exposing it to NodePort or external address manually using kubernetes. | ||
|
||
Otherwise, you can access it via Kubernetes API-Server proxy: | ||
|
||
http://[cluster master address]/api/v1/namespaces/{{ .Release.Namespace }}/services/{{ template "geonode.fullname" . }}:80/proxy/ | ||
|
||
{{- end }} | ||
|
||
{{- if .Values.ingress.enabled }} | ||
2. You have enabled ingress, service will be available here: | ||
|
||
http://{{ .Values.ingress.host }}/ | ||
|
||
{{- end }} |
Oops, something went wrong.