[GeoNode-devel] Geonode for production using Docker

Alessio Fabiani alessio.fabiani at geo-solutions.it
Tue Mar 6 00:41:09 PST 2018

Very cool Oliver, thanks very much.

I'll give it a look asap.



Alessio Fabiani

GeoServer Professional Services from the experts! Visit http://goo.gl/it488V
for more information.

Ing. Alessio Fabiani

Founder/Technical Lead

GeoSolutions S.A.S.
Via di Montramito 3/A
55054  Massarosa (LU)
phone: +39 0584 962313
fax:     +39 0584 1660272
mob:   +39 331 6233686




Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility  for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.

2018-03-06 0:05 GMT+01:00 Olivier Dalang <olivier.dalang at gmail.com>:

> Dear List,
> I'm currently working on setting up a Geonode deployment method using
> Docker for our needs and thought it may of some interest to others, so I'd
> like to share it here. Note that I'm relatively new to Geonode AND Docker,
> so there are definitely some aspects that could (and will) be improved.
> The main goal is to make a setup that is easy and *production-ready* but
> still completely customizable.
> At this point, here are the key features :
> 1. easy and clean to customize (it's a regular Django-Geonode project)
> 2. setup can be used both for development and for production
> 3. out of the box https encryption (using free Let's Encrypt certificates)
> 4. out of the box backups (Amazon S3 and/or Syncthings)
> 5. Geoserver uses Geonode user/groups from database for authentication
> (meaning geonode users === geoserver users, including groups)
> 6. Geoserver's data directory properly initialized (no risk of breach if
> user forgets to change admin/root passwords)
> 7. Rancher catalog entry (makes it possible to install through GUI only
> e.g. on amazon instances, especially nice if you deploy a lot of instances)
> For those not familiar with Docker, this basically means that you can have
> Geonode installed with all related services under Linux, Windows or Mac OS
> with this command (well, you need Docker and Docker-compose installed, but
> that's not a big challenge) :
> docker-compose up
> I'm aware there is already the geonode-project repository that also has a
> Docker-compose setup, and that is very similar. I don't want to duplicate
> anything (but just needed to start from scratch to really understand , and
> if there's some interest, I'm willing to contribute back to geonode-project.
> Here are the main differences (plus features 3-7 above) between
> geonode-project and my setup:
> - All dockerfiles customized for geonode (django, geoserver, nginx and
> some others) are in the same github/dockerhub repo, rather than spread
> across several github/dockerhub repositories. This makes it much easier to
> know what's happening and make releases (push one tag push in one repo,
> then dockerhub autobuilds do the rest).
> - Where possible, the images are based on linux alpine instead of Ubuntu,
> making the images much lighter
> - All other service images use version tags (rather than just pulling
> latest) so that two builds will always deploy exactly the same stack)
> - Sensitive information (admin password...) are defined using Docker
> secrets instead of environment variables. Those are much less subject to be
> leaked (in a forgotten debug statement for instance).
> - Celery worker activity is reported in the django admin
> - Almost all django settings are inherited from Geonode.
> I think with the inputs of more experienced Geonode devs, I could push
> this forward, and maybe at some point we could support it as an official
> way to deploy Geonode.
> While not perfect and probably not adapted to all cases, I think it would
> be a big improvement over the current deployment method through apt-get
> which is definitely not production-ready, even if used that way by a lot of
> users.
> Also it's true that some aspects are a bit out of Geonode's scope
> (backups, ssl), but as they are common to any real life deployement, I
> think it's not a bad idea to integrate those into official deployement
> methods (we'd progressively stop seeing all those unsecured Geonode install)
> Here's the main branch :
> https://github.com/olivierdalang/SPCgeonode
> Here's a how customized geonode project would look like (work in progress):
> https://github.com/olivierdalang/SPCgeonode/tree/example_project
> Here's the Rancher catalog (look for "spcgeonode"):
> https://github.com/PacificCommunity/rancher-catalogue
> Let me know what you think !
> Kind regards,
> Olivier
> _______________________________________________
> geonode-devel mailing list
> geonode-devel at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/geonode-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20180306/c32f9af6/attachment-0001.html>

More information about the geonode-devel mailing list