You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by ka...@apache.org on 2020/08/15 17:42:01 UTC
[airflow] branch master updated: Add ingress to the helm chart
(#10064)
This is an automated email from the ASF dual-hosted git repository.
kaxilnaik pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/airflow.git
The following commit(s) were added to refs/heads/master by this push:
new 4fc2536 Add ingress to the helm chart (#10064)
4fc2536 is described below
commit 4fc25367a2ed3991dc9cabf83667706c2ea5bf8a
Author: Can Güney Aksakalli <cg...@gmail.com>
AuthorDate: Sat Aug 15 19:41:21 2020 +0200
Add ingress to the helm chart (#10064)
Co-authored-by: Alikhan <al...@tomtom.com>
Co-authored-by: alikhtag <43...@users.noreply.github.com>
---
chart/README.md | 3 ++
chart/templates/NOTES.txt | 10 +++-
chart/templates/flower/flower-ingress.yaml | 51 +++++++++++++++++++
chart/templates/webserver/webserver-ingress.yaml | 63 ++++++++++++++++++++++++
chart/values.yaml | 53 ++++++++++++++++++++
5 files changed, 179 insertions(+), 1 deletion(-)
diff --git a/chart/README.md b/chart/README.md
index 92ddbd9..0443c63 100644
--- a/chart/README.md
+++ b/chart/README.md
@@ -126,6 +126,9 @@ The following tables lists the configurable parameters of the Airflow chart and
| `labels` | Common labels to add to all objects defined in this chart | `{}` |
| `privateRegistry.enabled` | Enable usage of a private registry for Airflow base image | `false` |
| `privateRegistry.repository` | Repository where base image lives (eg: quay.io) | `~` |
+| `ingress.enabled` | Enable Kubernetes Ingress support | `false` |
+| `ingress.web.*` | Configs for the Ingress of the web Service | Please refer to `values.yaml` |
+| `ingress.flower.*` | Configs for the Ingress of the flower Service | Please refer to `values.yaml` |
| `networkPolicies.enabled` | Enable Network Policies to restrict traffic | `true` |
| `airflowHome` | Location of airflow home directory | `/opt/airflow` |
| `rbacEnabled` | Deploy pods with Kubernets RBAC enabled | `true` |
diff --git a/chart/templates/NOTES.txt b/chart/templates/NOTES.txt
index 7eb9d84..9681c06 100644
--- a/chart/templates/NOTES.txt
+++ b/chart/templates/NOTES.txt
@@ -20,10 +20,18 @@ under the License.
Your release is named {{ .Release.Name }}.
+{{- if .Values.ingress.enabled }}
+You can now access your dashboard(s) by following defined Ingress urls:
+
+Airflow dashboard: http{{ if .Values.ingress.web.tls.enabled }}s{{ end }}://{{ .Values.ingress.web.host }}{{ .Values.ingress.web.path }}/
+{{- if eq .Values.executor "CeleryExecutor" }}
+Flower dashboard: http{{ if .Values.ingress.flower.tls.enabled }}s{{ end }}://{{ .Values.ingress.flower.host }}{{ .Values.ingress.flower.path }}/
+{{- end }}
+{{- else }}
You can now access your dashboard(s) by executing the following command(s) and visiting the corresponding port at localhost in your browser:
Airflow dashboard: kubectl port-forward svc/{{ .Release.Name }}-webserver {{ .Values.ports.airflowUI }}:{{ .Values.ports.airflowUI }} --namespace {{ .Release.Namespace }}
{{- if eq .Values.executor "CeleryExecutor"}}
Flower dashboard: kubectl port-forward svc/{{ .Release.Name }}-flower {{ .Values.ports.flowerUI }}:{{ .Values.ports.flowerUI }} --namespace {{ .Release.Namespace }}
-
+{{- end }}
{{- end }}
diff --git a/chart/templates/flower/flower-ingress.yaml b/chart/templates/flower/flower-ingress.yaml
new file mode 100644
index 0000000..536ca8b
--- /dev/null
+++ b/chart/templates/flower/flower-ingress.yaml
@@ -0,0 +1,51 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+################################
+## Airflow Flower Ingress
+#################################
+{{- if and .Values.ingress.enabled (eq .Values.executor "CeleryExecutor") }}
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+ name: {{ .Release.Name }}-flower-ingress
+ labels:
+ tier: airflow
+ component: flower-ingress
+ release: {{ .Release.Name }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ heritage: {{ .Release.Service }}
+ annotations:
+ {{- range $key, $value := .Values.ingress.flower.annotations }}
+ {{ $key }}: {{ $value | quote }}
+ {{- end }}
+spec:
+ {{- if .Values.ingress.flower.tls.enabled }}
+ tls:
+ - hosts:
+ - {{ .Values.ingress.flower.host }}
+ secretName: {{ .Values.ingress.flower.tls.secretName }}
+ {{- end }}
+ rules:
+ - http:
+ paths:
+ - path: {{ .Values.ingress.flower.path }}
+ backend:
+ serviceName: {{ .Release.Name }}-flower
+ servicePort: flower-ui
+ host: {{ .Values.ingress.flower.host }}
+{{- end }}
diff --git a/chart/templates/webserver/webserver-ingress.yaml b/chart/templates/webserver/webserver-ingress.yaml
new file mode 100644
index 0000000..919ecc3
--- /dev/null
+++ b/chart/templates/webserver/webserver-ingress.yaml
@@ -0,0 +1,63 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+################################
+## Airflow Webserver Ingress
+#################################
+{{- if .Values.ingress.enabled }}
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+ name: {{ .Release.Name }}-airflow-ingress
+ labels:
+ tier: airflow
+ component: airflow-ingress
+ release: {{ .Release.Name }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ heritage: {{ .Release.Service }}
+ annotations:
+ {{ range $key, $value := .Values.ingress.web.annotations }}
+ {{ $key }}: {{ $value | quote }}
+ {{- end }}
+spec:
+ {{- if .Values.ingress.web.tls.enabled }}
+ tls:
+ - hosts:
+ - {{ .Values.ingress.web.host }}
+ secretName: {{ .Values.ingress.web.tls.secretName }}
+ {{- end }}
+ rules:
+ - http:
+ paths:
+ {{- range .Values.ingress.web.precedingPaths }}
+ - path: {{ .path }}
+ backend:
+ serviceName: {{ .serviceName }}
+ servicePort: {{ .servicePort }}
+ {{- end }}
+ - path: {{ .Values.ingress.web.path }}
+ backend:
+ serviceName: {{ .Release.Name }}-webserver
+ servicePort: airflow-ui
+ {{- range .Values.ingress.web.succeedingPaths }}
+ - path: {{ .path }}
+ backend:
+ serviceName: {{ .serviceName }}
+ servicePort: {{ .servicePort }}
+ {{- end }}
+ host: {{ .Values.ingress.web.host }}
+{{- end }}
diff --git a/chart/values.yaml b/chart/values.yaml
index de30839..92fa4b9 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -42,6 +42,59 @@ tolerations: []
# Add common labels to all objects and pods defined in this chart.
labels: {}
+# Ingress configuration
+ingress:
+ # Enable ingress resource
+ enabled: false
+
+ # Configs for the Ingress of the web Service
+ web:
+ # Annotations for the web Ingress
+ annotations: {}
+
+ # The path for the web Ingress
+ path: ""
+
+ # The hostname for the web Ingress
+ host: ""
+
+ # configs for web Ingress TLS
+ tls:
+ # Enable TLS termination for the web Ingress
+ enabled: false
+ # the name of a pre-created Secret containing a TLS private key and certificate
+ secretName: ""
+
+ # HTTP paths to add to the web Ingress before the default path
+ precedingPaths: []
+
+ # Http paths to add to the web Ingress after the default path
+ succeedingPaths: []
+
+ # Configs for the Ingress of the flower Service
+ flower:
+ # Annotations for the flower Ingress
+ annotations: {}
+
+ # The path for the flower Ingress
+ path: ""
+
+ # The hostname for the flower Ingress
+ host: ""
+
+ # configs for web Ingress TLS
+ tls:
+ # Enable TLS termination for the flower Ingress
+ enabled: false
+ # the name of a pre-created Secret containing a TLS private key and certificate
+ secretName: ""
+
+ # HTTP paths to add to the flower Ingress before the default path
+ precedingPaths: []
+
+ # Http paths to add to the flower Ingress after the default path
+ succeedingPaths: []
+
# Network policy configuration
networkPolicies:
# Enabled network policies