values.yaml 4.13 KB
Newer Older
Daniel Scholl's avatar
Daniel Scholl committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
appinsightstatsd:
  aadpodidbinding: "osdu-identity"  
airflowLogin:
  name: admin
airflow:
  airflow:
    image:
      repository: apache/airflow
      tag: 1.10.12-python3.6
      pullPolicy: IfNotPresent
      pullSecret: ""
    config:
      AIRFLOW__SCHEDULER__STATSD_ON: "True"
      AIRFLOW__SCHEDULER__STATSD_HOST: "appinsights-statsd"
      AIRFLOW__SCHEDULER__STATSD_PORT: 8125
      AIRFLOW__SCHEDULER__STATSD_PREFIX: "osdu_airflow"
      AIRFLOW__CORE__DAGS_ARE_PAUSED_AT_CREATION: "False"
      ## Enable for Debug purpose
      AIRFLOW__WEBSERVER__EXPOSE_CONFIG: "False"
      AIRFLOW__WEBSERVER__AUTHENTICATE: "True"
      AIRFLOW__WEBSERVER__AUTH_BACKEND: "airflow.contrib.auth.backends.password_auth"
      AIRFLOW__API__AUTH_BACKEND: "airflow.contrib.auth.backends.password_auth"
      AIRFLOW__CORE__REMOTE_LOGGING: "True"
      AIRFLOW__CORE__REMOTE_LOG_CONN_ID: "az_log"
      AIRFLOW__CORE__REMOTE_BASE_LOG_FOLDER: "wasb-airflowlog"
      AIRFLOW__CORE__LOGGING_CONFIG_CLASS: "log_config.DEFAULT_LOGGING_CONFIG"
      AIRFLOW__CORE__LOG_FILENAME_TEMPLATE: "{{ run_id }}/{{ ti.dag_id }}/{{ ti.task_id }}/{{ ts }}/{{ try_number }}.log"
      AIRFLOW__CELERY__SSL_ACTIVE: "True"
      AIRFLOW__WEBSERVER__ENABLE_PROXY_FIX: "True"
    extraEnv:
    - name: AIRFLOW__CORE__FERNET_KEY
      valueFrom:
        secretKeyRef:
          name: airflow
35
          key: fernet-key
Daniel Scholl's avatar
Daniel Scholl committed
36
37
38
39
    - name: AIRFLOW_CONN_AZ_LOG
      valueFrom:
        secretKeyRef:
          name: airflow
40
          key: remote-log-connection
Daniel Scholl's avatar
Daniel Scholl committed
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
    extraConfigmapMounts:
        - name: remote-log-config
          mountPath: /opt/airflow/config
          configMap: airflow-remote-log-config
          readOnly: true
    extraPipPackages: [
        "flask-bcrypt",
        "apache-airflow[statsd]",
        "apache-airflow[kubernetes]",
        "apache-airflow-backport-providers-microsoft-azure"
    ]
    extraVolumeMounts:
        ## mount the kube config from volume into default kube config file for Airflow Kubernetes Operator 
        # - name: airflow-kubernetes-config
        #   mountPath: "/home/airflow/.kube"
        #   readOnly: true
        - name: azure-keyvault
          mountPath: "/mnt/azure-keyvault"
          readOnly: true
    extraVolumes:
        ## mount Kube config from secret 
        # - name: airflow-kubernetes-config
        #   secret:
        #     secretName: airflow-kubernetes-config
        #     items:
        #     - key: airflow-kubernetes-config
        #       path: config
        - name: azure-keyvault
          csi:
            driver: secrets-store.csi.k8s.io
            readOnly: true
            volumeAttributes:
              secretProviderClass: azure-keyvault       
  dags:
    installRequirements: true
    persistence:
      enabled: true
      existingClaim: airflowdagpvc
  scheduler:
    podLabels:
      aadpodidbinding: "osdu-identity"
    variables: |
      {}
  web:
    podLabels:
      aadpodidbinding: "osdu-identity"
    baseUrl: "http://localhost/airflow"
  ingress:
    enabled: true
    web:
      annotations:
        kubernetes.io/ingress.class: azure/application-gateway
        cert-manager.io/cluster-issuer: letsencrypt
        cert-manager.io/acme-challenge-type: http01
      path: "/airflow"
      ## DNS name mapping to Application Gateway Public IP
      host: appgatewayhostfqdn
      livenessPath: "/airflow/health"
      tls:
        enabled: true
        secretName: osdu-certificate
      precedingPaths:
        - path: "/airflow/*"
          serviceName: airflow-web
          servicePort: 8080
  workers:
    podLabels:
      aadpodidbinding: "osdu-identity"             
  flower:
    enabled: false
  postgresql:
    enabled: false
  externalDatabase:
    type: postgres
    ## Azure PostgreSQL Database username, formatted as {username}@{hostname}
    user: dbadmin@dbhost
    passwordSecret: "postgres"
    passwordSecretKey: "postgres-password"
    ## Azure PostgreSQL Database host
    host: dbhostfqdn
    port: 5432
    properties: "?sslmode=require"
    database: airflow
  redis:
    enabled: false
  externalRedis:
    ## Azure Redis Cache host
    host: redishost
    port: 6380
    passwordSecret: "redis"
    passwordSecretKey: "redis-password"