Newer
Older
![Daniel Scholl (MS]'s avatar](https://secure.gravatar.com/avatar/4b98f2e25f83d067f827cf9d9e878f0c54687e00c7e0647530d5c916467c0ec4?s=144&d=identicon "Daniel Scholl (MS]")
################################################################################
# Specify the azure environment specific values
#
aadpodidbinding: "osdu-identity"
################################################################################
# Specify any optional override values
#
image:
repository: #{container-registry}#.azurecr.io
branch: #{ENVIRONMENT_NAME}#
tag: #{Build.SourceVersion}#
![Mayank Saggar [Microsoft]'s avatar](/uploads/-/system/user/avatar/703/avatar.png?width=72 "Mayank Saggar [Microsoft]"){kind=avatar}
Mayank Saggar [Microsoft]
committed
################################################################################
# Specify any custom configs/environment values
#
customConfig:
rbac:
createUser: "True"
################################################################################
# Specify pgbouncer configuration
#
pgbouncer:
enabled: true
port: 6543
max_client_connections: 3000
airflowdb:
name: airflow
host: #{base-name-sr}#-pg.postgres.database.azure.com
port: 5432
pool_size: 100
user: osdu_admin@#{base-name-sr}#-pg
passwordSecret: "postgres"
passwordSecretKey: "postgres-password"
################################################################################
# Specify the airflow configuration
#
###################################
# Kubernetes - Ingress Configs
###################################
ingress:
web:
annotations:
kubernetes.io/ingress.class: azure/application-gateway
appgw.ingress.kubernetes.io/request-timeout: "300"
appgw.ingress.kubernetes.io/connection-draining: "true"
appgw.ingress.kubernetes.io/connection-draining-timeout: "30"
cert-manager.io/cluster-issuer: letsencrypt
cert-manager.io/acme-challenge-type: http01
path: "/airflow"
host: #{DNS_HOST}#
livenessPath: "/airflow/health"
tls:
enabled: true
secretName: osdu-certificate
precedingPaths:
- path: "/airflow/*"
serviceName: airflow-web
servicePort: 8080
###################################
# Database - External Database
###################################
postgresql:
enabled: false
externalDatabase:
type: postgres
![Vineeth Guna [Microsoft]'s avatar](https://secure.gravatar.com/avatar/12421510609fc7de276ffa8ac361726fbbc887dc74bd1992a99bc3e4c9b49c5a?s=144&d=identicon "Vineeth Guna [Microsoft]")
Vineeth Guna [Microsoft]
committed
host: airflow-pgbouncer.osdu.svc.cluster.local #<-- Azure PostgreSQL Database host or pgbouncer host (if pgbouncer is enabled)
user: osdu_admin@#{base-name-sr}#-pg #<-- Azure PostgreSQL Database username, formatted as {username}@{hostname}
passwordSecret: "postgres"
passwordSecretKey: "postgres-password"
port: 6543
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
database: airflow
###################################
# Database - External Redis
###################################
redis:
enabled: false
externalRedis:
host: #{base-name-sr}#-cache.redis.cache.windows.net #<-- Azure Redis Cache host
port: 6380
passwordSecret: "redis"
passwordSecretKey: "redis-password"
###################################
# Airflow - DAGs Configs
###################################
dags:
installRequirements: true
persistence:
enabled: true
existingClaim: airflowdagpvc
subPath: "dags"
###################################
# Airflow - WebUI Configs
###################################
web:
podLabels:
aadpodidbinding: "osdu-identity"
baseUrl: "http://localhost/airflow"
###################################
# Airflow - Worker Configs
###################################
workers:
podLabels:
aadpodidbinding: "osdu-identity"
autoscaling:
enabled: true
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
## minReplicas is picked from Values.workers.replicas and default value is 1
maxReplicas: 3
metrics:
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 60
resources:
requests:
memory: "512Mi"
###################################
# Airflow - Flower Configs
###################################
flower:
enabled: false
###################################
# Airflow - Scheduler Configs
###################################
scheduler:
podLabels:
aadpodidbinding: "osdu-identity"
variables: |
{}
###################################
# Airflow - Common Configs
###################################
airflow:
image:
repository: apache/airflow
tag: 1.10.12-python3.6
pullPolicy: IfNotPresent
pullSecret: ""
config:
AIRFLOW__SCHEDULER__STATSD_ON: "True"
AIRFLOW__SCHEDULER__STATSD_HOST: "appinsights-statsd"
AIRFLOW__SCHEDULER__STATSD_PORT: 8125
AIRFLOW__SCHEDULER__STATSD_PREFIX: "osdu_airflow"
AIRFLOW__CORE__DAGS_ARE_PAUSED_AT_CREATION: "False"
## Enable for Debug purpose
AIRFLOW__WEBSERVER__EXPOSE_CONFIG: "False"
AIRFLOW__WEBSERVER__AUTHENTICATE: "True"
AIRFLOW__WEBSERVER__AUTH_BACKEND: "airflow.contrib.auth.backends.password_auth"
Mayank Saggar [Microsoft]
committed
AIRFLOW__WEBSERVER__RBAC: "True"
AIRFLOW__API__AUTH_BACKEND: "airflow.contrib.auth.backends.password_auth"
AIRFLOW__CORE__REMOTE_LOGGING: "True"
AIRFLOW__CORE__REMOTE_LOG_CONN_ID: "az_log"
AIRFLOW__CORE__REMOTE_BASE_LOG_FOLDER: "wasb-airflowlog"
AIRFLOW__CORE__LOGGING_CONFIG_CLASS: "log_config.DEFAULT_LOGGING_CONFIG"
AIRFLOW__CORE__LOG_FILENAME_TEMPLATE: "{{ run_id }}/{{ ti.dag_id }}/{{ ti.task_id }}/{{ ts }}/{% if 'correlation_id' in dag_run.conf %}{{ dag_run.conf['correlation_id'] }}{% else %}None{% endif %}/{{ try_number }}.log"
AIRFLOW__CELERY__SSL_ACTIVE: "True"
AIRFLOW__WEBSERVER__ENABLE_PROXY_FIX: "True"
AIRFLOW__CORE__PLUGINS_FOLDER: "/opt/airflow/plugins"
AIRFLOW__SCHEDULER__DAG_DIR_LIST_INTERVAL: 60
AIRFLOW__CORE__LOGGING_LEVEL: DEBUG
AIRFLOW_VAR_CORE__CONFIG__DATALOAD_CONFIG_PATH: "/opt/airflow/dags/configs/dataload.ini"
AIRFLOW_VAR_CORE__SERVICE__SCHEMA__URL: "http://schema-service.osdu.svc.cluster.local/api/schema-service/v1/schema"
AIRFLOW_VAR_CORE__SERVICE__SEARCH__URL: "http://search-service.osdu.svc.cluster.local/api/search/v2/query"
AIRFLOW_VAR_CORE__SERVICE__STORAGE__URL: "http://storage.osdu.svc.cluster.local/api/storage/v2/records"
AIRFLOW_VAR_CORE__SERVICE__FILE__HOST: "http://file.osdu.svc.cluster.local/api/file/v2"
AIRFLOW_VAR_CORE__SERVICE__WORKFLOW__HOST: "http://ingestion-workflow.osdu.svc.cluster.local/api/workflow"
- name: CLOUD_PROVIDER
value: "azure"
- name: AIRFLOW_VAR_KEYVAULT_URI
valueFrom:
configMapKeyRef:
name: osdu-svc-properties
key: ENV_KEYVAULT
- name: AIRFLOW__CORE__FERNET_KEY
valueFrom:
secretKeyRef:
name: airflow
- name: AIRFLOW_CONN_AZ_LOG
valueFrom:
secretKeyRef:
name: airflow
- name: AIRFLOW_VAR_AZURE_TENANT_ID
valueFrom:
secretKeyRef:
name: active-directory
key: tenantid
- name: AIRFLOW_VAR_AZURE_CLIENT_ID
valueFrom:
secretKeyRef:
name: active-directory
key: principal-clientid
- name: AIRFLOW_VAR_AZURE_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: active-directory
key: principal-clientpassword
- name: AIRFLOW_VAR_AAD_CLIENT_ID
valueFrom:
secretKeyRef:
name: active-directory
key: application-appid
- name: AIRFLOW_VAR_APPINSIGHTS_KEY
valueFrom:
name: central-logging
extraConfigmapMounts:
- name: remote-log-config
mountPath: /opt/airflow/config
configMap: airflow-remote-log-config
readOnly: true
extraPipPackages: [
"apache-airflow[statsd]",
"apache-airflow[kubernetes]",
"apache-airflow-backport-providers-microsoft-azure==2021.2.5",
"dataclasses==0.8",
"python-keycloak==0.24.0",
"msal==1.9.0",
"azure-identity==1.5.0",
"azure-keyvault-secrets==4.2.0",
"azure-storage-blob",
"azure-servicebus==7.0.1",
"toposort==1.6",
"https://azglobalosdutestlake.blob.core.windows.net/pythonsdk/osdu_api-0.0.4.tar.gz"
]
extraVolumeMounts:
- name: azure-keyvault
mountPath: "/mnt/azure-keyvault"
readOnly: true
- name: dags-data
mountPath: /opt/airflow/plugins
subPath: plugins
extraVolumes:
- name: azure-keyvault
csi:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: azure-keyvault