Guides
Install GIS Cloud Suite - Kubernetes
TThis guide is used for quickly deploying GIS Cloud Suite on Kubernetes. There are two ways when you installing GIS Cloud Suite, they are using Linux command and Helm command, choose either one is good.
All the packages introduced below can be downloaded from the link:
- https://pan.baidu.com/s/1lWLyyT1jAbADGuxEG3m4gA Password: ge4d
Requirement
-
The Kubernetes environment v1.9 and higher. If you have multiple Kubernetes node machines, please make sure the time of node machines are the same as master machine(The time difference should be less than 30 seconds)
If you do not have Kubernetes environment, please refer to Deployment Guide > Install Kubernetes > CentOS or Ubuntu to install the environment.
- The supermap-giscloudsuite-11.0.0-linux-x64.tar.gz package.
-
System Requirements:
- Number of processors: 4 cores+
- Memory: 16 GB+
- Disk: 200 GB+(200 GB is the minimum reserved size, not including industry data)
- The built-in environments need extra resources
- GIS Cloud Suite package can be used for both single machine and multiple machines deploy. You need to configure NFS Server if you deploy on multiple machines.
-
The NFS Server installation package(Download the version of the NFS Server package according to your system. If you already have NFS Server, skip this step)
nfs-server-offline-centos-7.5.zip
nfs-server-offline-ubuntu-18.04.zip
-
Images registry(If you use Alibaba Cloud registry, skip this step. For specific methods, please refer to the “Combined Image Instructions” in the “Combined Image Packages” directory of the link)
supermap-giscloudsuite-registry-11.0.0-linux-x64.tar.gz
supermap-imanager-for-kubernetes-images-bigdata-11.0.0-linux-x64.tar.gz
supermap-imanager-for-kubernetes-images-machinelearning-11.0.0-linux-x64.tar.gz
- If you choose Helm command to install GIS Cloud Suite, you need to install helm package
Install NFS Server
The example below is installing on CentOS, it is almost the same as installing on Ubuntu. If you have NFS Server or deploy on the single machine, skip this step.
- Unzip
nfs-server-offline-centos-7.5.zip
package on the local machine -
Copy
supermap-nfs-server
folder to any of the Kubernetes machineEnter
supermap-nfs-server
folder:cd supermap-nfs-server
Execute:
sudo chmod +x install.sh && ./install.sh
The path of the NFS storage directory is: /opt/nfs_data
The root user can execute the following commands to verify if the NFS has been installed successfully:
mkdir test
mount -t nfs IP:/opt/nfs_data test
Notes:
IP
is the machine IP where you installed the NFS on.
Non-root user can execute the following command:
service nfs status
The successful results are shown as below:
Install GIS Cloud Suite Image Registry
If you install iManager on the extranet, skip this step and set Alibaba cloud registry.
Before installing the image registry, execute the command docker version to make sure you have installed Docker.
-
Put the image package in any directory and unzip(If the name of your package is not the same as below, replace the package name in the command to your package name):
tar -zxf supermap-imanager-for-kubernetes-registry-all-11.0.0-linux-x64.tar.gz
-
Enter the directory that you unzipped:
cd supermap-imanager-for-kubernetes-registry-all-11.0.0-linux-x64
-
Install image registry:
chmod +x startup.sh && ./startup.sh
-
Verify. Execute the following command, if no error prompts, you have successful installed image registry. Replace the {ip} below by the actual IP of your machine.
docker pull IP:5000/supermap/scratch:latest-amd64
If you install registry on ARM, change the image tag ‘latest-amd64’ to ‘latest-arm64’.
Install GIS Cloud Suite
You need to open the port of “deploy_keycloak_port”(the port is 32221 by default), “deploy_gateway_port”(the port is 32222 by default), “deploy_bslicense_ui_port”(the port is 32223 by default) in the values.yaml file, and open the port 6443, 8443, 2049(open when using NFS for data storage), 8080, and 9100. If you use Alibaba Cloud ECS Server, add the ports to safety group rules. What is more, please make sure the port 3307, and 9183 is available.
Execute all the following commands by root permission:
-
Unzip(If the name of your package is not the same as below, replace the package name in the command to your package name):
tar -zxf supermap-giscloudsuite-11.0.0-linux-x64.tar.gz
-
Enter the supermap-giscloudsuite-for-kubernetes-11.0.0-linux-x64 directory, and execute:
vi values.yaml
Modify the values.yaml file:
Notes:
- The following configurations could only be set before starting, if you need any change, please execute ./startup.sh after modifying.
- The configurations have default values, do not delete any configuration when modifying.
- The “Required” variables need to be modified by your actual environment. The “Optional” variables can keep in default, please do not delete the default values.
# Required. The GIS Cloud Suite image registry address, used for pulling images. The address is Alibaba cloud registry by default: registry.cn-beijing.aliyuncs.com. If you install GIS Cloud Suite on the extranet, keep in default. # If you install GIS Cloud Suite on the intranet, please refer to Install GIS Cloud Suite Image Registry above to install the registry, and fill the blank by the format <IP>:5000. Replace <IP> by the machine IP which you were installed registry on, for example, 192.168.17.110:5000. deploy_registry: registry.cn-beijing.aliyuncs.com # Required. The external IP of Kubernetes, used for visiting Kubernetes UI. The IP could be any one of the Kubernetes node machines' IP. For example, 192.168.17.110. deploy_kubernetes_public_ip: # Required. The administrator account name, used for logging GIS Cloud Suite, the account name is admin by default. It is recommended to modify the account name before executing "./startup.sh". deploy_ispeco_user_name: user_admin # Optional(Required if you install iManager on multiple machines without configuring 'deploy_storage_class_name'). Your NFS Server address, NFS Server is used for storing the data of GIS Cloud Suite, recommended to set, the address could be IP or domain name. For example: 192.168.17.150. Please refer to Install NFS Server above to install NFS Server. # If you are going to use NFS Server for data storage, it is necessary to install NFS Client on the node machines of Kubernetes. deploy_nfs_server: # Optional. The path of NFS server, the default path is /. If you install NFS by the NFS package provided by SuperMap, the path below should be: /opt/nfs_data. If you do not configure NFS Server, the default data volume is hostPath, located on /opt/giscloudsuite directory. deploy_nfs_path: / # Optional. The URL of Kubernetes master node, the value is https://kubernetes.default.svc by default, keep in default if your environment is private cloud. # It is required to configure if your environment is public cloud, execute the command 'kubectl cluster-info' to get the URL, for example, https://192.168.17.110:6443. deploy_kubernetes_master_url: https://kubernetes.default.svc # Optional. The name of your StorageClass, used for storing the data of GIS Cloud Suite. StorageClass and NFS Server(deploy_nfs_server) are used for storing GIS Cloud Suite data, if you configured both of them, the data will be stored in NFS Server. deploy_storage_class_name: # Optional. The Kubernetes namespace, the value is giscloudsuite by default, you can define a name by your requirement. # It is required to create a namespace by the command when using Helm Command to install GIS Cloud Suite. deploy_namespace: giscloudsuite # Optional. The service protocol of GIS Cloud Suite,fills in [http|https], the value is http by default. deploy_service_protocol: http # Optional. The image pull policy, choose one of these:[Always|Never|IfNotPresent], the value is IfNotPresent by default. # Always: Pull the latest images from registry. # Never: Use local images and nerver pull the images from registry. # IfNotPresent: Use local images first. If local images are unavailable, pull the images from registry. deploy_image_pull_policy: IfNotPresent # Optional. The image pull secret, used for identity authentication when pulling private images. You need to create a resource with the same name as the Secret in the namespace of Kubernetes. Please refer GIS Cloud Suite > Appendix > FAQ Question 12 to see how to create the resource. deploy_image_pull_secret: # Optional. The name of namespace which stores images in registry, the default name is 'supermap', you can define the name by the requirement. deploy_image_namespace: supermap # Optional. The service type of Keycloak, fills in [NodePort|LoadBalancer], generally keep in default. # If your environment is public cloud, the value here is: LoadBalancer. deploy_keycloak_service_type: NodePort # Optional. The number of CPUs of a service in GIS Cloud Suite, the number is 1 by default. deploy_cpu_limit: 1 # Optional. The memory of a service in GIS Cloud Suite, the memory should be larger than or equal to 4Gi, the memory is 4Gi by default. deploy_memory_limit: 4Gi # Optional. The image tag of iserver_gisapplication in GIS Cloud Suite. deploy_gis_app_tag: 11.0.0-amd64 # Optional. The port of Keycloak UI, select the range between 30000-32767, except 31234, the default is 32221. If you define a port, make sure the port is different to others port setting. deploy_keycloak_port: 32221 # Optional. The port of GIS Cloud Suite UI, select the range between 30000-32767, except 31234, the default is 32222. If you define a port, make sure the port is different to others port setting. deploy_gateway_port: 32222 # Optional. The port of license center, select the range between 30000-32767, except 31234, the default is 32223. If you define a port, make sure the port is different to others port setting. deploy_bslicense_ui_port: 32223 # Optional. Whether to disable iPortal, fills in [true|false], the value is false by default. # true: Disable iPortal. # false: Do not disable iPortal deploy_disable_iportal: false # Optional. Whether the license center is going to disable local storage, fills in [true|false], the value is false by default. When the value is true, you must configure either deploy_nfs_server or default_storage_class_name. # true: License center do not use local storage. # false: License center use local storage. deploy_disable_bslicense_local_volume: false # Optional. HBase capability optimization, fills in [true|false]. If you would not use HBase environment, keep in default. If you want to optimize built-in HBase, set the value to true, and see Question 15 in GIS Cloud Suite > Appendix > FAQ to create PV. deploy_disable_hbase_nfs_volume: false # Optional. The Kubernetes node IP which is mapped by GIS Cloud Suite domain name(the IP that configured in DNS Server), required to configure if your GIS Cloud Suite has a domain name. The value is using the first Kubernetes node IP by default. deploy_domain_ip: # Optional. The domain name of GIS Cloud Suite, for example, imanager.iservergateway.com. Visit GIS Cloud Suite by ip:port if you do not configure domain name. deploy_gateway_domain: # Optional. The directory which to store the certificate of GIS Cloud Suite domain name. Take effect only if configured GIS Cloud Suite domain name(deploy_gateway_domain). The directory of certificate should be the same as values.yaml file. Fill in the relative path. such as: gateway/tls.crt. deploy_gateway_certificate_path: # Optional. The directory which to store the private key of GIS Cloud Suite domain name. Take effect only if configured GIS Cloud Suite domain name(deploy_gateway_domain). The directory of private key should be the same as values.yaml file. Fill in the relative path, such as: gateway/tls.key. deploy_gateway_private_key_path: # Optional. The domain name of Keycloak, such as: imanager.keycloak.com. Visit Keycloak by IP:PORT if you do not configure a domain name. deploy_keycloak_domain: # Optional. The directory which to store the certificate of Keycloak domain name. Take effect only if configured GIS Cloud Suite domain name(deploy_gateway_domain). The directory of the certificate should be the same as values.yaml file. Fill in the relative path, such as: keycloak/tls.crt. deploy_keycloak_certificate_path: # Optional. The directory which to store the private key of Keycloak domain name. Take effect only if configured GIS Cloud Suite domain name(deploy_gateway_domain). The directory of the private key should be the same as values.yaml file. Fill in the relative path, such as: keycloak/tls.key. deploy_keycloak_private_key_path: # Optional. The time zone of the system. Fill in the relative path in the directory /usr/share/zoneinfo/, such as Asia/Shanghai and America/New_York. deploy_timezone: Asia/Shanghai # Optional. Disable metrics server or not, metrics server is used for monitoring the resources of Kubernetes, fills in [true|false]. The value is false by default. # true: Disable the metrics server. # false: Do not disable metrics server. deploy_disable_metrics_server: false # Optional. Enable asynchronous function in Serverless environment or not, fills in [true|false], the value is blank by default. Enable to take effect only if the system is with a Dapr environment. # true: Enable asynchronous function. # false: Disable asynchronous function. # If you do not fill the value, the system will fill the value automatically. deploy_async_function_enabled: # Optional. Enable synchronous function in Serverless environment or not, fills in [true|false], the value is blank by default. Enable to take effect only if the system is with a Knative environment. # true: Enable synchronous function. # false: Disable synchronous function. # If you do not fill the value, the system will fill the value automatically. deploy_sync_function_enabled:
Notes:
- The password used by default is
Supermap123
, please modify it in time. - Using the same password for long is the main reason for password cracking. In an environment with extremely high security requirements, the default administrator password should be modified and updated regularly.
- If the password is too simple, it may be decrypted and brute-forced by malicious users who will steal important information and resources, posing security risks. Please try to update your password as complex as possible.
Save and quit the file.
-
Install:
There are two ways to install GIS Cloud Suite, they are using Linux command and Helm command, choose either of them.
Using Linux Command(When logs including “Kubernetes cluster unreachable”, see the iManager for K8s online help documentation GIS Cloud Suite > Appendix > FAQ > Question 22)
chmod +x startup.sh && ./startup.sh
Using Helm Command
- Create a namespace which is named ‘giscloudsuite’(you can define the name of namespace, do not forget to change ‘giscloudsuite’ in the next two steps to your defined name)
kubectl create ns giscloudsuite
- Install GIS Cloud Suite
chmod +x ./helm ./helm install giscloudsuite . -n giscloudsuite
- Check if GIS Cloud Suite is installed successfully
./helm list -n giscloudsuite
After installing, visit GIS Cloud Suite UI by
http://{ip}:32222
, visit the SuperMap License Center UI byhttp://{ip}:32223
.{ip}
: the IP of kubernetes Master machine. If the value ofdeploy_service_protocol
ishttps
, the access address should behttps://{ip}:32222
andhttps://{ip}:32223
.{ip}
: the IP of kubernetes Master machine.Refer to the settings of values.yaml file to see the username and password.
-
Activate License
Visit the SuperMap License Center UI, click on Update on the License Center page, and follow the Operation Steps to activate the license (If you do not have the license, please apply the trial license on SuperMap official website).
Check the License Status after activating the license.
Appendix
-
If you want to delete GIS Cloud Suite environment, execute:
chmod +x shutdown.sh && ./shutdown.sh
If you want to completely deleteGIS Cloud Suite environment, execute:
chmod +x shutdown.sh && ./shutdown.sh -v
Using Helm command to delete GIS Cloud Suite:
./helm uninstall giscloudsuite -n giscloudsuite
-
The access addresses of the basic services({ip}: is the IP of Kubernetes Master machine):
Service Address GIS Cloud Suite http://{ip}:32222 or https://{ip}:32222 SuperMap License Center http://{ip}:32223 or https://{ip}:32223