In this free webinar, our Lead GeoServer developer Andrea Aime will walk us through the latest GeoServer release covering what has been done as well as what to expect next.
solutions leveraging best-of-breed Open Source products. This presentation is brought to you by GeoSolutions 2 Enterprise Support Services Deployment Subscription Professional Training Customized Solutions
2024 “supported” is 2.25.x and 2.25.0 ◦ In April 2025 “supported” will mean 2.26.x and 2.27.x • Please upgrade your GeoServer installations! • Always two, there are. No more. No less. ◦ Balance between stability and encouraging development ◦ Easier to get answers - user forum and stack exchange typically cover only supported versions Are you using a older version? Upgrade! Photo by SpaceX on Unsplash 5
Works fully with Javascript, no server side helper • Can show response in-line, with headers • Can show response in separate page • WPS and WCS request builders switched as well 2.25.2+ Dave Blasby GeoCat GeoCat Live
page under their general category • Old and new services for the same purpose, side by side OGC APIs at home Dave Blasby GeoCat GeoCat Live 2.26.x 10 COM MUN NITY
values with various classifications and colors - Generate SLDs out of them and associate with layers - Mimics QGIS RasterAttributeTable plugin - The RAT in the screenshot has 30k entries! - Graduated to extension! 2.25.x Andrea Aime GeoSolutions NOAA 12
projection - Only actual customizable parameter is latitude of origin 2.25.x Andrea Aime GeoSolutions Eumetsat 13 AUTO:97004,9001,0,0 AUTO:97004,9001,90,0
Resources Canada • Maps for HTML initiative • Have a <mapml-viewer> tag just like we have a <video> tag • Lots of novelties ◦ MapML CRS authority ◦ Better WMS integration, WFS viewer ◦ MapML vector tiles with CSS client side styling ◦ Better multi-layer handling ◦ Custom WMS dimensions ◦ Output templating with Freemarker
Add a graticule to your WMS map • Specify sizes for zoom levels • Automatically calculate label points for the grid • Automatically redraws on each zoom or pan. 16 2.25.x Ian Turton Eumetsat COM MUN NITY
polygon size - Compare with centroid or envelope center 17 2.26 Andrea Aime GeoSolutions ♥ Tolerance 0.1 (too small for some polygons) Previously: “maximum inscribed circle”: - Rectangle → infinite max circles! - Tolerance → has to be “just” right or this happens (see below)
GDAL API in a more efficient way • Used to compute statistics on the fly, even if missing (now only if they are pre-computed) • Used to open the source 2 times per render • More work planned (will we see a generic GDAL raster store for example?) 2.25.x Andrea Aime GeoSolutions MOSS 20
with similar structure • Database used only to index them • Much cheaper than storing everything in a database (on cloud) • Not suitable if on the fly aggregations are needed • Great if the end user application mostly pulls a few files (one?) at a time • Ongoing performance optimizations (best on 2.25.x and newer) 2.25 Joseph Miller, Andrea Aime GeoSolutions TROO/Eumetsat 22 COM MUN NITY
Significant speed up by external contributor! - Changes across the board - Faster PNG encoding for tiles in a MetaTile (ImageIO-EXT) - Less locking contention (GWC) - Better parallelization (Geoserver, merged yesterday on dev branch) Before After
cache for extra request parameters that cause tile contents to change - TIME, CQL_FILTER - STYLES, ENV, VIEWPARAMS, … - Values are not necessarily file system friendly - SHA-1 of params identify them - Mapping between all SHA-1 and its values stored in a single file - Used to cause contention and lockups on the (network) file system - Fixed 2.26.x Andrea Aime GeoSolutions Eumetsat 25 With the previously mentioned fix for #880, in PR #1230, we now get substantial performance improvements with FileBlobStore. This is anywhere between 2x to 12x the performance, in terms of throughput (there are so many variables to our setup that I can't put a precise figure on it - but this, with other config tweaks to allow us to scale, brings us close to the 12x mark) https://github.com/GeoWebCache/geowebca che/issues/1276
- Better cloud integration, lower costs - Some mass tile removal operations paginate over tiles to delete them - Sudden change in behavior meant the pagination would never end… infinite requests. Infinite is … expensive! * termination token switched from null to empty string - Ongoing work to improve Azure blob store (Gabriel Roldan, Camptocamp) - Online tests against Azurite emulator and against actual cloud - Upgrade Azure SDK from 11 to 12 (completely different API, it means a rewrite) Critical fix on Azure blob store 2.24 + Andrea Aime GeoSolutions Strabag 26 COM MUN NITY
/ JSON ◦ Building on from W3C collaboration and STAC / WFS3 progress • Trying to collect funding to graduate Features to extension There is a full presentation on this topic right after this one! Stay if interested! OGC API community module Andrea Aime GeoSolutions GeoSolutions OGC GeoNovum API Common Maps API Coverages API Implementing (as part of TB14/TB15) Looking for volunteers/sponsors Process API Records API Features API Tiles API Styles API STAC API CITE compliant! 27 COM MUN NITY 2.24 +
COM MUN NITY • 71 community modules, each one with its specific dependencies • Some dependencies just won’t match (e.g. S3 and Azure blob store ones are not compatible) • Before: try to force everyone on the same set of dependencies (ideal, but impractical for community modules) • Now: each one controls what gets packaged in their zip • Also, COG modules are now split per cloud geoserver-2.24-SNAPSHOT-cog-plugin.zip geoserver-2.25-SNAPSHOT-cog-http-plugin.zip geoserver-2.25-SNAPSHOT-cog-azure-plugin.zip geoserver-2.25-SNAPSHOT-cog-google-plugin.zip geoserver-2.25-SNAPSHOT-cog-s3-plugin.zip
Disclosure” to “Coordinated Vulnerability Disclosure” • Policy unchanged: ◦ Communicate first ◦ Stable and maintenance branches patched ◦ Patches are released for downloads ◦ Share vulnerability with community • Communication changed: ◦ GeoServer nows provides CVE Numbers ◦ Automated scans flag dependencies with known vulnerabilities, only if a vulnerability is confirmed will we provide a CVE number 32 2.24 Jody GeoCat GeoCat Map
◦ Exploit using GetMap/GetFeature requests • June 18th: Patched GeoServer versions were released with an indication to upgrade immediately ◦ 2.25.2, 2.24.4, 2.23.6 • June 30th: CVE and nature of issue announced • July 1st: Security systems autoscan • July 2nd: Active exploits in the wild ◦ 10k systems vulnerable • July 15th: CISA’s Known Exploited Vulnerabilities • August 5th: CISA compliance deadline ◦ required for civilian federal government agencies • September 6th: thehackernews.com update ◦ used in multiple campaigns 2.23+ Steve Ikeoka 🔥🔥🔥 33 • This is what “urgent” looks like: • GeoSolutions is also sharing with the community patched jars built for customers that could not upgrade • Available here • Covered versions: ◦ 2.25.1 ◦ 2.24.3 ◦ 2.24.2 ◦ 2.22.2 ◦ 2.20.7 ◦ 2.19.2 ◦ 2.18.0
credentials you have and ask (or answer) a question ◦ Forum approach allows repetitive questions to stay answered ◦ Previously email list has seen a similar level of involvement as gis stackexchange (which is a surprising result) ◦ Ability to drop-in and engage without long term commitment ◦ GSIP-225 Reducing friction on communication channels 35 2.26 Jody ♥
community uptake on RC testing for a while • It’s a “once every six months” activity • Response has been tepid/missing ◦ But massive thanks to the few that did provide feedback, we love you! • Time to accept reality: RCs, under this conditions, are just busywork • GeoServer 2.26.0 will be released directly, without a RC • Going forward: Help test nightly builds! (docker nightly builds included!) 36 Release Candidate
missing funds to enact it • Core developers are mostly employed in companies providing commercial services for GeoServer, or using it in a product, or hosting solution → customer driven (no other significant source of funding) • Other developers pop up occasionally to provide improvements, fixes and new features they need • Larger changes require planning and funding! Roadmap - whatever you want to push for Community 38 Everyone ♥
Spring 5 is no longer supported, but Spring 6 requires switching from JavaEE to Jakarta EE (API break) and Java 17 as the minimum GeoServer 3 crowdfunding campaign 40 Spring 5 → 6 JavaEE → Jakarta EE Wicket 7 → 10 Tomcat 9 → 10 Spring security 5 → 6 OAuth/OpenID connect modules rewrite Java 11 → Java 17 Jetty 9 → 12 JAI → ImageN
along with Spring 6 • However, preparations can be done: ◦ Upgrading to the latest Spring Security 5.8 (done) ◦ The Auth/OpenID community modules are currently based on outdated libraries ◦ An upgrade is not feasible, the API is too different ◦ They are being rewritten from scratch (work in progress): GeoServer 3: Spring Security and OAuth 41
that everything depending on it also has to set that minimum version → GeoServer and GeoWebCache • However, GeoTools is also developed in tandem with the other two → switch to Java 17 as well • Java Advanced Imaging is performing some operations that are no longer allowed in newer versions of Java. • Thankfully, Eclipse got the sources of JAI as open source, and called the result ImageN GeoServer 3: Java 17 as the minimum 42
• Also, it can be made more modern ◦ Reduce code synchronization, increasing scalability ◦ Removing “finalizers”, which will be removed soon • There is a catch… it does not have a single test! • However, JAI-EXT provides replacement JAI operations (bug fixes, NODATA, performance) and has tests → merge it into ImageN and get an initial test coverage • More tests will need to be written • Then switch GeoTools, GeoWebCache and GeoServer to use ImageN GeoServer 3: ImageN 43
the Jakarta foundation for future development • It contains all the basics for web development (Servlet, Filters, …) • Jakarta EE provides the same concepts, with newer API, and a different Java Package • An application can be either Java EE or Jakarta EE, mix is not allowed • Spring 6 requires Jakarta EE! • Jakarta EE applications require a different servlet container too GeoServer 3: Jakarta EE 44 • Java EE ◦ Up to Tomcat 9 ◦ Up to Jetty 9 • Jakarta EE ◦ Tomcat 10+ ◦ Jetty 10+ Switch all GeoWebCache and GeoServer code to Jakarta EE
• Jakarta EE? Whoops, supported only since Wicket 10 • GeoServer is using Wicket 7! • Wicket upgrades are usually a lot of work • Multi-step process ◦ Prepration: Wicket 7 → 8 ◦ Preparation: Wicket 8 → 9 ◦ Wicket 9 enforces Content Security Policy ▪ Browser restricting inline style/inline javascript usage ▪ Helps fendig off Cross Site Scripting attacks ▪ GeoServer UI has lots of both ◦ Wicket 9 →10 can only be done along with all other changes GeoServer 3: Wicket 10 45
a massive amount of work • We never attempted something of this size before • Some of the work is being done with “in-kind” donations (AKA developers attacking a single problem and donating the result) • Much of the work will have to be performed in a large code sprint ◦ Several developers ◦ For a long time • We need your support! Crowdfunding page [email protected] Online pledge form