Opened 8 weeks ago
Closed 8 days ago
#3322 closed task (fixed)
Request for VM to certify GeoServer
Reported by: | peterafrigis | Owned by: | |
---|---|---|---|
Priority: | normal | Milestone: | Sysadmin Contract 2025-I (robe) |
Component: | SysAdmin | Keywords: | |
Cc: |
Description
Hi there
As per https://wiki.osgeo.org/wiki/OGC_Certification_Services, and on behalf of the GeoServer PSC, can I please request a VM to host a couple of GeoServer containers for the purposes of reviving CITE testing & certification?
Thank you
Peter
Change History (12)
comment:1 by , 8 weeks ago
comment:2 by , 8 weeks ago
Hi Rob/robe
- Yes, of course, I can continue with my personal VPS for now. Do you have a target date in Jan?
- Ubuntu is perfect, something small: 2-4 cores, 2-4 GB RAM, 50 GB HDD
- Cool. Docker, PostGIS
- I think you would need to tell me what the domain name would be, but the host can be something like geoserver-cite, and you can expose any range of 5 consecutive ports, e.g. 8081 - 8085 that will be mapped to the containers.
My email address is gs at smythe/co/za for any credentials.
Thank you
Peter
comment:3 by , 7 weeks ago
Milestone: | Unplanned → Sysadmin Contract 2025-I (robe) |
---|
I'm shooting for probably mid January. Might be able to get to it before then but can't promise.
For domain how about cite.geoserver.org?
comment:4 by , 7 weeks ago
Perfect, thank you Rob. Our next PSC meeting is 14 Jan, it would be lovely to show the progress then.
Peter
follow-up: 6 comment:5 by , 4 weeks ago
Hi Regina (sorry!), just checking in. I assume there's nothing further to report to the PSC this evening?
comment:6 by , 4 weeks ago
Replying to peterafrigis:
Hi Regina (sorry!), just checking in. I assume there's nothing further to report to the PSC this evening?
I'm working on #3340 which is to build the new base image for OSGeo future OS containers. After that building the VM for you should be quick. I'm shooting for sometime this week early next.
comment:7 by , 3 weeks ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
I have this up now.
I gave @peterafrigis and @jive both sudo and docker rights.
I have http://geoserver-cite:8081 mapped to https://cite.geoserver.org
Our external nginx is taking care of the https, so port 8081 should just be running with http: protocol.
To access the server follow the directions here: https://wiki.osgeo.org/wiki/SAC_Service_Status#sshing_into_osgeo3_containers
You both should have access to the server.
The server is called geoserver-cite.
So for example to connect, I do this:
ssh robe@osgeo3-geoserver-cite
It is currently set to allow anyone in the shell group (which both of you are members of, to connect with password). If you want to close it off, you can add your ssh pub keys directly to the server, and change the /etc/ssh/sshd_config.d/60-cloudimg-settings.conf (set PasswordAuthentication no)
Specs of it are as follows:
Ubuntu 24.04.1 with Docker 4 vCPU 4GB ram 100GB disk
I didn't bother installing PostgreSQL/PostGIS since I figured you might want to run that using a PostGIS docker container of your choosing here - https://hub.docker.com/r/postgis/postgis
I'm going to close this out, but feel free to reopen if you run into issues.
comment:9 by , 12 days ago
If possible, could you make peterafrigis
a home directory on hop
to facilitate jumping to geoserver-cite
?
comment:10 by , 12 days ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
I have http://geoserver-cite:8081 mapped to https://cite.geoserver.org
Also, we need to host and expose a number of different GeoServer containers, so could you please map, say http://geoserver-cite:8081 to https://cite.geoserver.org:8081 all the way up to say 8089, for now? And https://cite.geoserver.org:443 can be closed off, if desired.
Thank you
Peter
comment:11 by , 11 days ago
Can we do subdomains instead, would be preferred over having to open up extra firewall ports.
So I'm thinking g1.cite.geoserver.org, g2.cite.geoserver.org, gn.cite.geoserver.org or even 8089.cite.geoserver.org
Could alternatively do subpaths like https://cite.geoserver.org/g1 etc, though I guess that might mess with your setup if it's expected to be sitting on root.
Also I had a misconfiguration so that might have caused the site not showing before. now I see a 404 page which I assume is expected.
comment:12 by , 8 days ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
@peterafrigis,
Note hearing back from you I went ahead with the following mappings. I haven't bothered doing an ssl for these additional ones since I wasn't sure if you wanted to stick with these names, let me know if you need that.
So mappings are as follows:
- geoserver-cite:8081 -> cite.geoserver.org (both http and https)
- geoserver-cite:8082 -> g2.cite.geoserver.org (only http)
- geoserver-cite:8083 -> g3.cite.geoserver.org (only http)
- geoserver-cite:8084 -> g4.cite.geoserver.org (only http)
- geoserver-cite:8085 -> g5.cite.geoserver.org (only http)
I'm going to close this out. Feel free to reopen if you need further assistance.
Peter,
1) Can this wait till January? I haven't yet built new images yet for latest debian and Ubuntu and don't plan to before January
and I don't want to create a new OS Container or VM using an image that would need immediate upgrading next year.
If you can't wait perhaps we can find an existing VM to put it on that another project won't mind sharing.
2) What are the specs you need for this:
OS: We generally standardize on debian or ubuntu, installing another OS would take a bit longer
3) Anything else you need you can install yourself once we give you admin rights to the VM.
4) Our web apps all go thru an nginx proxy, so will need to know what domain addresses you need exposed for this along with ports the nginx proxy should listen for.