A K8S based solution to build and operate Geospatial Platforms
Caution
The Dowker swarm version is no more supported. The latest available version supporting Docker Swarm is the v0.18.0.
The chart management scripts (release-dev-chart.sh and release-chart.sh) both require :
- a valid
rcloneconfiguration, ie. containing a remote/alias namedkalisio_chartspointing on the object storage bucket path where we backup our charts. - an
helmcommand able to push on our OCI-based registry, ie. you need to usehelm registry login harbor.portal.kalisio.com/kalisioand enter the required credentials.
Use the ./scripts/release-dev-chart.sh. It takes a single parameter, the chart to release. If no parameter is given, it'll release all charts.
The script will package the requested chart(s) then push on our OCI registry and on a backup s3 storage.
- Prepare the new chart version, update chart version in $CHART/Chart.yaml
- Push your changes to the central repository
- Use
./scripts/release-chart.sh $CHARTwhere $CHART is the name of the chart to release (mapserver, kano, ...)
The script will package the chart, push on our oci registry and on a backup s3 storage. If everything is ok, it'll make a git tag named $CHART-$VERSION
- kargo specific container images (tileservergl & friends ...)
- use a commit message including
[build app-name tag]
- use a commit message including
- Prefer
-slimimages as base and use multi stage builds to reduce image sizes - Make your docker image run as unpriviliged user
- If it's node based, and using a node image as base, there's a 'node' user (uid 1000) already available
- Copy app's files using COPY --chown node
- Make your command run as 'node' user
- If there's no preinstalled user, create one and use it
- If it's node based, and using a node image as base, there's a 'node' user (uid 1000) already available
- Since it'll run as unpriviliged user, if you need to open ports, make sure they're >= 1024
- Snippet to install packages with apt and clean afterwards:
RUN \
DEBIAN_FRONTEND=noninteractive && \
apt-get update && \
apt-get --no-install-recommends --yes install \
openjdk-11-jre-headless \
ca-certificates \
gdal-bin && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
- Snippet to install dependencies with yarn and clean afterwards
RUN \
yarn global add @weacast/grib2json@${GRIB2JSON_TAG} && \
chmod a+x /usr/local/share/.config/yarn/global/node_modules/@weacast/grib2json/bin/grib2json && \
yarn cache clean
- Define appVersion to the docker image tag it's supposed to pull (no latest in defined charts, latest can be specified using values.yaml in infra definition)
- Include configurable resource requests & limits
- Include configurable security context and put sensible defaults in chart's values.yaml
- If it's being deployed on some preprod infra, then chart version should be at least 1.0.0
This project is licensed under the MIT License - see the license file for details
This project is sponsored by
