################################################################################ # Specify the azure environment specific values # azure: tenant: #{data-partition-tenant-id}# subscription: #{data-partition-subscription-id}# resourcegroup: #{base-name-dp}#-rg identity: #{base-name-dp}#-osdu-identity identity_id: #{management-identity-id}# keyvault: #{base-name-dp}#-kv ################################################################################ # App insights configuration # appinsightstatsd: aadpodidbinding: "osdu-identity" key: #{appinsights-key}# ################################################################################# # Specify log analytics configuration # logAnalytics: workspaceId: secretName: "dp-logging" secretKey: "workspace-id" workspaceKey: secretName: "dp-logging" secretKey: "workspace-key" ################################################################################ # Specify any optional override values # image: repository: #{container-registry}#.azurecr.io branch: #{ENVIRONMENT_NAME}# tag: #{Build.SourceVersion}# airflowLogin: name: admin airflowAuthentication: username: admin keyvaultMountPath: /mnt/azure-keyvault/ passwordKey: airflow-admin-password ################################################################################ # Specify any custom configs/environment values # customConfig: rbac: createUser: "True" ################################################################################ # Specify pgbouncer configuration # pgbouncer: enabled: true port: 6543 max_client_connections: 3000 airflowdb: name: airflow host: #{base-name-dp}#-pg.postgres.database.azure.com port: 5432 pool_size: 100 user: osdu_admin@#{base-name-dp}#-pg passwordSecret: "postgres" passwordSecretKey: "postgres-password" ################################################################################ # Specify KEDA configuration # keda: version_2_enabled: true ################################################################################ # Specify the airflow configuration # airflow: isDataPartitionDeployment: true ################################## # Kubernetes Pod Operator config ################################## kubernetesPodOperator: namespace: airflow serviceAccount: name: airflow ################################### # Kubernetes - Ingress Configs ################################### ingress: enabled: false web: path: "/airflow" host: #{AIRFLOW_DNS_HOST}# livenessPath: "/airflow/health" tls: BYOCEnabled: #{DP_ENABLE_KEYVAULT_CERT}# secretName: airflow-prod-certificate certificateAdmin: admin@email.com sslServer: https://acme-v02.api.letsencrypt.org/directory ################################### # Database - External Database ################################### postgresql: enabled: false externalDatabase: type: postgres host: airflow-pgbouncer #<-- Azure PostgreSQL Database host or pgbouncer host (if pgbouncer is enabled) user: osdu_admin@#{base-name-dp}#-pg #<-- Azure PostgreSQL Database username, formatted as {username}@{hostname} passwordSecret: "postgres" passwordSecretKey: "postgres-password" port: 6543 database: airflow ################################### # Database - External Redis ################################### redis: enabled: false externalRedis: host: #{base-name-dp}#-queue.redis.cache.windows.net #<-- Azure Redis Cache host port: 6380 passwordSecret: "redis" passwordSecretKey: "redis-queue-password" databaseNumber: 1 #<-- Adding redis database number according to the Redis config map https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/blob/master/charts/osdu-common/templates/redis-map.yaml#L7 ################################### # Airflow - DAGs Configs ################################### dags: installRequirements: true persistence: enabled: true existingClaim: airflowdagpvc subPath: "dags" ################################### # Airflow - WebUI Configs ################################### web: replicas: 1 livenessProbe: timeoutSeconds: 60 resources: requests: cpu: "1000m" memory: "4Gi" limits: cpu: "1000m" memory: "4Gi" podLabels: aadpodidbinding: "osdu-identity" autoscale: enabled: false minReplicas: 2 maxReplicas: 20 scaleDown: coolDownPeriod: 60 labels: # DO NOT DELETE THIS LABEL. SET IT TO "false" WHEN AUTOSCALING IS DISABLED, SET IT TO "true" WHEN AUTOSCALING IS ENABLED autoscalingEnabled: "false" podAnnotations: sidecar.istio.io/userVolumeMount: '[{"name": "azure-keyvault", "mountPath": "/mnt/azure-keyvault", "readonly": true}]' baseUrl: "http://localhost/airflow" ################################### # Airflow - Worker Configs ################################### workers: resources: requests: cpu: "1200m" memory: "5Gi" limits: cpu: "1200m" memory: "5Gi" podLabels: aadpodidbinding: "osdu-identity" podAnnotations: sidecar.istio.io/inject: "false" autoscale: enabled: false minReplicas: 2 maxReplicas: 20 scaleDown: coolDownPeriod: 300 celery: gracefullTermination: true gracefullTerminationPeriod: 600 labels: # DO NOT DELETE THIS LABEL. SET IT TO "false" WHEN AUTOSCALING IS DISABLED, SET IT TO "true" WHEN AUTOSCALING IS ENABLED autoscalingEnabled: "false" ################################### # Airflow - Flower Configs ################################### flower: enabled: false ################################### # Airflow - Scheduler Configs ################################### scheduler: resources: requests: cpu: "3000m" memory: "1Gi" limits: cpu: "3000m" memory: "1Gi" podLabels: aadpodidbinding: "osdu-identity" podAnnotations: sidecar.istio.io/inject: "false" variables: | {} ################################### # Airflow - Common Configs ################################### airflow: image: repository: community.opengroup.org:5555/osdu/platform/deployment-and-operations/base-containers-azure/airflow-docker-image/initial-checkin tag: latest pullPolicy: IfNotPresent pullSecret: "" config: AIRFLOW__SCHEDULER__STATSD_ON: "True" AIRFLOW__SCHEDULER__STATSD_HOST: "appinsights-statsd" AIRFLOW__SCHEDULER__STATSD_PORT: 8125 AIRFLOW__SCHEDULER__STATSD_PREFIX: "osdu_airflow.#{data-partition-name}#" AIRFLOW__CORE__DAGS_ARE_PAUSED_AT_CREATION: "False" ## Enable for Debug purpose AIRFLOW__WEBSERVER__EXPOSE_CONFIG: "False" AIRFLOW__WEBSERVER__AUTHENTICATE: "True" AIRFLOW__WEBSERVER__AUTH_BACKEND: "airflow.contrib.auth.backends.password_auth" AIRFLOW__WEBSERVER__RBAC: "True" AIRFLOW__API__AUTH_BACKEND: "airflow.api.auth.backend.default" AIRFLOW__CORE__REMOTE_LOGGING: "True" AIRFLOW__CORE__REMOTE_LOG_CONN_ID: "az_log" AIRFLOW__CORE__REMOTE_BASE_LOG_FOLDER: "wasb-airflowlog" AIRFLOW__CORE__LOGGING_CONFIG_CLASS: "log_config.DEFAULT_LOGGING_CONFIG" AIRFLOW__CORE__LOG_FILENAME_TEMPLATE: "{{ run_id }}/{{ ti.dag_id }}/{{ ti.task_id }}/{{ ts }}/{% if dag_run.conf is not none and 'correlation_id' in dag_run.conf %}{{ dag_run.conf['correlation_id'] }}{% else %}None{% endif %}/{{ try_number }}.log" AIRFLOW__CELERY__SSL_ACTIVE: "True" AIRFLOW__WEBSERVER__ENABLE_PROXY_FIX: "True" AIRFLOW__CORE__PLUGINS_FOLDER: "/opt/airflow/plugins" AIRFLOW__SCHEDULER__DAG_DIR_LIST_INTERVAL: 60 AIRFLOW__CORE__LOGGING_LEVEL: DEBUG AIRFLOW_VAR_CORE__CONFIG__DATALOAD_CONFIG_PATH: "/opt/airflow/dags/configs/dataload.ini" AIRFLOW_VAR_CORE__SERVICE__SCHEMA__URL: "https://#{OSDU_SVC_ENDPOINT}#/api/schema-service/v1/schema" AIRFLOW_VAR_CORE__SERVICE__SEARCH__URL: "https://#{OSDU_SVC_ENDPOINT}#/api/search/v2/query" AIRFLOW_VAR_CORE__SERVICE__STORAGE__URL: "https://#{OSDU_SVC_ENDPOINT}#/api/storage/v2/records" AIRFLOW_VAR_CORE__SERVICE__FILE__HOST: "https://#{OSDU_SVC_ENDPOINT}#/api/file/v2" AIRFLOW_VAR_CORE__SERVICE__WORKFLOW__HOST: "https://#{OSDU_SVC_ENDPOINT}#/api/workflow" AIRFLOW_VAR_CORE__SERVICE__SEARCH_WITH_CURSOR__URL: "https://#{OSDU_SVC_ENDPOINT}#/api/search/v2/query_with_cursor" AIRFLOW__WEBSERVER__WORKERS: 8 AIRFLOW__WEBSERVER__WORKER_REFRESH_BATCH_SIZE: 0 AIRFLOW__CORE__STORE_SERIALIZED_DAGS: True #This flag decides whether to serialise DAGs and persist them in DB AIRFLOW__CORE__STORE_DAG_CODE: True #This flag decides whether to persist DAG files code in DB AIRFLOW__WEBSERVER__WORKER_CLASS: gevent AIRFLOW__CELERY__WORKER_CONCURRENCY: 16 # Do not remove this config as it is used for autoscaling as well extraEnv: - name: CLOUD_PROVIDER value: "azure" - name: AIRFLOW_VAR_KEYVAULT_URI value: "https://#{base-name-dp}#-kv.vault.azure.net/" - name: AIRFLOW__CORE__FERNET_KEY valueFrom: secretKeyRef: name: airflow key: fernet-key - name: AIRFLOW_CONN_AZ_LOG valueFrom: secretKeyRef: name: airflow key: remote-log-connection - name: AIRFLOW_VAR_AZURE_TENANT_ID value: "#{AZURE_TENANT_ID}#" - name: AIRFLOW_VAR_AZURE_CLIENT_ID value: "#{AZURE_CLIENT_ID}#" - name: AIRFLOW_VAR_AZURE_CLIENT_SECRET value: "#{AZURE_CLIENT_SECRET}#" - name: AIRFLOW_VAR_AAD_CLIENT_ID value: "#{AAD_CLIENT_ID}#" - name: AIRFLOW_VAR_APPINSIGHTS_KEY value: "#{appinsights-key}#" - name: AIRFLOW_VAR_AZURE_DNS_HOST value: #{DNS_HOST}# - name: AIRFLOW_VAR_AZURE_ENABLE_MSI value: "false" - name: AIRFLOW_VAR_AZURE_CONTAINER_REGISTRY value: #{container-registry}#.azurecr.io - name: PYTHONPATH value: "/opt/celery" # Needed for installing python osdu python sdk. In future this will be changed - name: CI_COMMIT_TAG value: "v0.12.0" - name: BUILD_TAG value: "v0.12.0" extraConfigmapMounts: - name: remote-log-config mountPath: /opt/airflow/config configMap: airflow-remote-log-config readOnly: true - name: celery-config mountPath: /opt/celery configMap: celery-config readOnly: true extraPipPackages: [ "flask-bcrypt==0.7.1", "apache-airflow[statsd]", "apache-airflow[kubernetes]", "apache-airflow-backport-providers-microsoft-azure==2021.2.5", "dataclasses==0.8", "google-cloud-storage", "python-keycloak==0.24.0", "msal==1.9.0", "azure-identity==1.5.0", "azure-keyvault-secrets==4.2.0", "azure-storage-blob", "azure-servicebus==7.0.1", "toposort==1.6", "strict-rfc3339==0.7", "jsonschema==3.2.0", "pyyaml==5.4.1", "requests==2.25.1", "tenacity==8.0.1", "https://azglobalosdutestlake.blob.core.windows.net/pythonsdk/osdu_api-0.10.1.dev151+503e364a.tar.gz", "https://azglobalosdutestlake.blob.core.windows.net/pythonsdk/osdu_airflow-0.0.1.dev32+ea39f8bd.tar.gz" ] extraVolumeMounts: - name: azure-keyvault mountPath: "/mnt/azure-keyvault" readOnly: true - name: dags-data mountPath: /opt/airflow/plugins subPath: plugins extraVolumes: - name: azure-keyvault csi: driver: secrets-store.csi.k8s.io readOnly: true volumeAttributes: secretProviderClass: azure-keyvault