Skip to content

Administrator Guide

This guide provides information for system administrators managing an openEO by TiTiler deployment. The implementation details can be found in the codebase, particularly in titiler/openeo/settings.py for configuration options.

System Requirements

Environment Variables

openEO by TiTiler is configured through environment variables. Key configuration areas include:

API Settings (ApiSettings)

TITILER_OPENEO_API_NAME="openEO by TiTiler"
TITILER_OPENEO_API_CORS_ORIGINS="*"
TITILER_OPENEO_API_CORS_ALLOW_METHODS="GET,POST,PUT,PATCH,DELETE,OPTIONS"
TITILER_OPENEO_API_ROOT_PATH=""
TITILER_OPENEO_API_DEBUG=false

Backend Settings (BackendSettings)

TITILER_OPENEO_STAC_API_URL="https://your-stac-api"
TITILER_OPENEO_SERVICE_STORE_URL="path-to-services-config"
TITILER_OPENEO_TILE_STORE_URL="optional-tile-store-url"

Processing Settings (ProcessingSettings)

TITILER_OPENEO_PROCESSING_MAX_PIXELS=100000000
TITILER_OPENEO_PROCESSING_MAX_ITEMS=20

Cache Settings (CacheSettings)

TITILER_OPENEO_CACHE_TTL=300
TITILER_OPENEO_CACHE_MAXSIZE=512
TITILER_OPENEO_CACHE_DISABLE=false

Authentication

openEO by TiTiler supports two authentication methods:

  1. Basic Authentication (default)
  2. Configured through AuthSettings
  3. Set TITILER_OPENEO_AUTH_METHOD=basic

  4. Configure users in environment: 

    TITILER_OPENEO_AUTH_USERS='{"user1": {"password": "pass1", "roles": ["user"]}}'

  5. OpenID Connect

  6. See OpenID Connect Configuration for details

Performance Tuning

Cache Configuration

The caching system can be tuned through the following settings: - TITILER_OPENEO_CACHE_TTL: Time-to-live for cached items (seconds) - TITILER_OPENEO_CACHE_MAXSIZE: Maximum number of items in cache - TITILER_OPENEO_CACHE_DISABLE: Disable caching entirely

Processing Limits

To prevent resource exhaustion: - TITILER_OPENEO_PROCESSING_MAX_PIXELS: Maximum allowed pixels for image processing - TITILER_OPENEO_PROCESSING_MAX_ITEMS: Maximum number of items (STAC items from a API search) in a request

Monitoring

API Endpoints

The application provides several endpoints for monitoring:

  • /health: Health check endpoint
  • /docs: OpenAPI documentation
  • /redoc: Alternative API documentation

Logging

Logging configuration is managed through log_config.yaml. The default configuration includes: - Console output - JSON formatting - Different log levels for different components

Security

CORS Configuration

Configure CORS settings through: 

TITILER_OPENEO_API_CORS_ORIGINS="domain1.com,domain2.com"
TITILER_OPENEO_API_CORS_ALLOW_METHODS="GET,POST,PUT,PATCH,DELETE,OPTIONS"

Cache Control

Configure cache control headers: 

TITILER_OPENEO_API_CACHE_STATIC="public, max-age=3600"
TITILER_OPENEO_API_CACHE_DYNAMIC="no-cache"
TITILER_OPENEO_API_CACHE_DEFAULT="no-store"

Troubleshooting

Common Issues

  1. Authentication Failures
  2. Check authentication method configuration
  3. Verify user credentials or OIDC settings

  4. Check token format and expiration

  5. Performance Issues

  6. Review cache settings
  7. Check processing limits

  8. Monitor system resources

  9. CORS Issues

  10. Verify CORS origins configuration
  11. Check allowed methods
  12. Review client requests

Debug Mode

Enable debug mode for detailed logging: 

TITILER_OPENEO_API_DEBUG=true

Maintenance

Backup Considerations

  1. Configuration
  2. Environment variables
  3. Service configurations

  4. Authentication settings

  5. Data

  6. Tile store data if used
  7. Cache contents if persistent

Updates

When updating openEO by TiTiler: 1. Review the changelog 2. Backup configuration 3. Test in a staging environment 4. Plan for downtime if needed 5. Update the application 6. Verify functionality

For implementation details, refer to the source code.