Skip to main content

Deployment on Kubernetes

Yaniv Navon
  • Updated

In this article:

SkylineGlobe Server can be deployed on Kubernetes using several configurations depending on your database and security requirements. All deployments use containerized infrastructure and can be managed through standard Kubernetes tools.

Kubernetes provides a robust platform for production environments, offering built-in automation for deploying, scaling, and managing containerized applications. Its features—such as self-healing, service discovery, load balancing, and secure secret management—make it well-suited for maintaining high availability and reliability at scale.

Deploying Kubernetes

To deploy using Kubernetes:

  1. Install kubectl, the command-line tool for interacting with Kubernetes clusters. Download from: https://kubernetes.io/docs/tasks/tools/install-kubectl/
  2. Install a running Kubernetes cluster – For local development, you can use either of the following:

  3. Download the YAML files. The deployment.yaml defines various settings including the catalog database type (SQLite or PostgreSQL) and the public URL. More about: SGS Deployment Settings >

    Basic SQLite (HTTP) SQLite + Ingress (HTTPS) PostgreSQL + Ingress (HTTPS)

    deployment.yaml

    service.yaml

    deployment.yaml

    service.yaml

    ingress.yaml

    openssl.cfg

    postgres-deployment.yaml

    postgres-service.yaml

    deployment.yaml

    service.yaml

    ingress.yaml
  4. Create a new project folder (e.g., SGS_Project_Folder) and place the downloaded files in it.
  5. Add two subfolders inside the project folder:
    • config (for the SLSkylineGlobeServer.lic file)
    • data (for storing application data)
  6. In the deployment.yaml file, update the hostPath volume path to match the specific location of your project folder. When running Kubernetes on Windows, the path should begin with /run/desktop/mnt/host/.      volumes:
            - name: config-volume
              hostPath:
                path: "/run/desktop/mnt/host/c/sgs/config"
            - name: data-volume
              hostPath:
                path: "/run/desktop/mnt/host/c/sgs/data"
  7. Mount the data-volume and config-volume subfolders in the volumeMounts: section of your deployment.yaml file:
          containers:
              volumeMounts:
                - name: config-volume
                  mountPath: /app/config
                - name: data-volume
                  mountPath: /app/data
  8. If you want to apply TerraExplorer Fusion customizations, create the local folders or files that will be mounted inside the container for this purpose (Optional). You can do either of the following:
    • Create a subfolder for multiple customization files:
      md C:\sgs\more-data
    • Or prepare a single customization file (e.g., my-config.json).
      Next, add these to the volumeMounts: section of your deployment.yaml to specify where the custom files or folders will appear inside the container, and define the full path to your local customization folder or file in the corresponding hostPath entry under volumes: to specify their source on the host system.   volumes:
              # Option 1: Host folder to mount as a subfolder inside the container
              - name: more-data-volume
                hostPath:
                  path: "/run/desktop/mnt/host/c/sgs/more-data"
              # Option 2: Host file to mount as read-only
              - name: custom-file-volume
                hostPath:
                  path: "/run/desktop/mnt/host/c/sgs/custom/myconfig.json"
            containers:
                volumeMounts:
                  # Option 1: Mount a subfolder (keeps the original /app/tef/custom contents)         
                  - name: more-data-volume
                    mountPath: /app/tef/custom/more-data
                  # Option 2: Mount a single file (adds/replaces one file).
                  - name: custom-file-volume
                    mountPath: /app/tef/custom/my-config.json
  9. Place the downloaded SLSkylineGlobeServer.lic license file in the config subfolder created above. If you don’t already have the file, download it from your Skyline Store account.
  10. Enable TLS (commonly referred to as SSL) to secure SGS and ensure TerraExplorer Fusion functionality, which operates exclusively over HTTPS. See “Secure Deployment Options (HTTPS via Reverse Proxy or Kestrel)" and "Enabling HTTPS with Ingress" in this chapter for information on creating a Kubernetes TLS secret containing your certificate and key. This secret is referenced in the ingress.yaml file for secure SGS deployment with SQLite or PostgreSQL.
  11. Set the configuration parameters in the env: section of your deployment.yaml file. More about: SGS Deployment Settings > Use the following format:
    env:
     - name: SGS__ServerConfig__<ParameterName>
    Common parameters include:
    • CatalogDBType: The type of database to use. Options: SQLite (default) or PostgreSQL.
    • PublicUrl: The public-facing service URL used in WMS/WFS/WMTS responses.
    • LicenseServerURL: The URL of the floating license server. This parameter is required only when using a floating license. The license file must be placed in the config subdirectory within the server directory, and this parameter should be set to that location. 
  12. Apply the YAML files by running the following for each file:
    kubectl apply -f <file-name>.yaml
  13. Unless you configured SGS__ServerConfig__PublicUrl differently in your deployment.yaml file, access the server at:
    • Basic SQLite - http://localhost:30080 
    • SQLite+Ingress (HTTPS) - https://sgs.localhost 
    • PostgreSQL+Ingress (HTTPS) - https://sgs.localhost
      All files and support folders (e.g., config/, data/, tls/) should be placed in the same project directory for consistent volume mounting. To deploy SkylineGlobe Server using Kubernetes, your project directory should follow the structure below:
      project-root/
      ├── config/      # contains SLSkylineGlobeServer.lic
      ├── data/       # SGS data directory
      ├── postgres_data/  # PostgreSQL volume (if using PostgreSQL)
      └── tls/       # (Optional) contains tls.crt and tls.key for HTTPS Ingress

Enabling HTTPS with Ingress

To expose SkylineGlobe Server over HTTPS in a Kubernetes environment, follow these steps:

  1. Install an OpenSSL tool to create a self-signed certificate:
    • If you're deploying Kubernetes on Windows: Download and install from https://slproweb.com/products/Win32OpenSSL.html  (choose the version that matches your system).
    • Alternatively: Use a terminal environment that includes OpenSSL, such as Git Bash or Windows Subsystem for Linux (WSL).
  2. Download the openssl.cfg file that specifies certificate properties, such as the Common Name (CN) sgs.localhost:
    # openssl.cfg
    [ req ]
    default_bits       = 2048
    prompt             = no
    default_md         = sha256
    distinguished_name = dn
    [ dn ]
    CN = sgs.localhost
    O  = Local Dev
  3. Run the following Open SSL command to generate the certificate and key and store both files in a convenient local folder (e.g., tls/).
    openssl req -x509 -nodes -days 365 -newkey rsa:2048   -keyout nginx/certs/tls.key -out nginx/certs/tls.crt   -config openssl.cfg
  4. Use the generated certificate and key to create a Kubernetes TLS secret named sgs-tls-secret. This secret will be referenced in your Ingress configuration (ingress.yaml) to enable HTTPS:
    kubectl create secret tls sgs-tls-secret --cert=tls.crt --key=tls.key
  5. Install the Ingress Controller. This sets up the necessary Ingress infrastructure to route external traffic to your services securely over HTTPS. Make sure port 443 is not occupied by another process.
    kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.8.1/deploy/static/provider/cloud/deploy.yaml
  6. In your ingress.yaml, file, the TLS secret (sgs-tls-secret) should be referenced under the tls: section, along with the host that matches the Common Name (CN) used in your certificate (e.g., sgs.localhost):
    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
     name: sgs-ingress
     annotations:
       nginx.ingress.kubernetes.io/ssl-redirect: "true"
    spec:
     ingressClassName: nginx
     tls:
       - hosts:
           - sgs.localhost
         secretName: sgs-tls-secret
     rules:
      - host: sgs.localhost
       http:
        paths:
         - path: /
          pathType: Prefix
          backend:
           service:
            name: sgs-app-service
            port:
             number: 80

Basic Kubernetes Operations

# Restart pods and pull the latest image (if imagePullPolicy: Always is set)
kubectl rollout restart deployment/<deployment_name>

# Update the deployment to use a specific image version
kubectl set image deployment/<deployment_name> <container_name>=<repository>/<image>:<version>

# Scale the deployment manually (set a fixed number of replicas)
kubectl scale deployment/<deployment_name> --replicas=<number_of_replicas>

# Enable horizontal pod autoscaling based on CPU usage
# (Requires Metrics Server; if not yet installed, apply it using the next command)
kubectl autoscale deployment/<deployment_name> --cpu-percent=<target_cpu_percent> --min=<min_replicas> --max=<max_replicas>

# Install the metrics server (required for autoscaling)
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml

# Cleanup resources created from a manifest
kubectl delete -f <path/to/manifest.yaml>

 

Related articles