diff --git a/chart/README.md b/chart/README.md index c4a920558e0c5..ee84f6d8344b7 100644 --- a/chart/README.md +++ b/chart/README.md @@ -126,6 +126,10 @@ The following tables lists the configurable parameters of the Airflow chart and | `labels` | Common labels to add to all objects defined in this chart | `{}` | | `privateRegistry.enabled` | Enable usage of a private registry for Airflow base image | `false` | | `privateRegistry.repository` | Repository where base image lives (eg: quay.io) | `~` | +| `ingress.web.enabled` | Enable Kubernetes for Airflow dashboard support | `false` | +| `ingress.web.*` | Configs for the Ingress of the web Service | Please refer to `values.yaml` | +| `ingress.flower.enabled` | Enable Kubernetes for Flower dashboard support (When `executor: 'CeleryExecutor'`) | `false` +| `ingress.flower.*` | Configs for the Ingress of the flower Service | Please refer to `values.yaml` | | `networkPolicies.enabled` | Enable Network Policies to restrict traffic | `true` | | `airflowHome` | Location of airflow home directory | `/opt/airflow` | | `rbacEnabled` | Deploy pods with Kubernets RBAC enabled | `true` | diff --git a/chart/templates/NOTES.txt b/chart/templates/NOTES.txt index c4e65cf10b2c3..d289791f6b642 100644 --- a/chart/templates/NOTES.txt +++ b/chart/templates/NOTES.txt @@ -20,6 +20,18 @@ under the License. Your release is named {{ .Release.Name }}. +{{- if and .Values.ingress.web .Values.ingress.web.enabled .Values.ingress.web.host}} + +You can access your dashboard(s) in your browser here: + +Airflow dashboard: https://{{ .Values.ingress.web.host }}/ + +{{- if and .Values.ingress.flower .Values.ingress.flower.enabled .Values.ingress.flower.host (eq .Values.executor "CeleryExecutor") }} +Flower dashboard: https://{{ .Values.ingress.flower.host }}/ +{{- end }} + +{{- else }} + You can now access your dashboard(s) by executing the following command(s) and visiting the corresponding port at localhost in your browser: Airflow dashboard: kubectl port-forward svc/{{ .Release.Name }}-webserver {{ .Values.ports.airflowUI }}:{{ .Values.ports.airflowUI }} --namespace airflow @@ -27,3 +39,5 @@ Airflow dashboard: kubectl port-forward svc/{{ .Release.Name }}-webserver Flower dashboard: kubectl port-forward svc/{{ .Release.Name }}-flower {{ .Values.ports.flowerUI }}:{{ .Values.ports.flowerUI }} --namespace airflow {{- end }} + +{{- end }} diff --git a/chart/templates/flower/flower-ingress.yaml b/chart/templates/flower/flower-ingress.yaml new file mode 100644 index 0000000000000..d02f3beb8b238 --- /dev/null +++ b/chart/templates/flower/flower-ingress.yaml @@ -0,0 +1,51 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +################################ +## Airflow Flower Ingress +################################# +{{- if and .Values.ingress.flower .Values.ingress.flower.enabled (eq .Values.executor "CeleryExecutor") }} +apiVersion: networking.k8s.io/v1beta1 +kind: Ingress +metadata: + name: {{ .Release.Name }}-flower-ingress + labels: + tier: airflow + component: flower-ingress + release: {{ .Release.Name }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + heritage: {{ .Release.Service }} + annotations: + {{- range $key, $value := .Values.ingress.flower.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +spec: + {{- if .Values.ingress.flower.tls.enabled }} + tls: + - hosts: + - {{ .Values.ingress.flower.host }} + secretName: {{ .Values.ingress.flower.tls.secretName }} + {{- end }} + rules: + - http: + paths: + - path: {{ .Values.ingress.flower.path }} + backend: + serviceName: {{ .Release.Name }}-flower + servicePort: flower-ui + host: {{ .Values.ingress.flower.host }} +{{- end }} diff --git a/chart/templates/webserver/webserver-ingress.yaml b/chart/templates/webserver/webserver-ingress.yaml new file mode 100644 index 0000000000000..a00ee088d642f --- /dev/null +++ b/chart/templates/webserver/webserver-ingress.yaml @@ -0,0 +1,63 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +################################ +## Airflow Webserver Ingress +################################# +{{- if .Values.ingress.web.enabled }} +apiVersion: networking.k8s.io/v1beta1 +kind: Ingress +metadata: + name: {{ .Release.Name }}-airflow-ingress + labels: + tier: airflow + component: airflow-ingress + release: {{ .Release.Name }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + heritage: {{ .Release.Service }} + annotations: + {{ range $key, $value := .Values.ingress.web.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +spec: + {{- if .Values.ingress.web.tls.enabled }} + tls: + - hosts: + - {{ .Values.ingress.web.host }} + secretName: {{ .Values.ingress.web.tls.secretName }} + {{- end }} + rules: + - http: + paths: + {{- range .Values.ingress.web.precedingPaths }} + - path: {{ .path }} + backend: + serviceName: {{ .serviceName }} + servicePort: {{ .servicePort }} + {{- end }} + - path: {{ .Values.ingress.web.path }} + backend: + serviceName: {{ .Release.Name }}-webserver + servicePort: airflow-ui + {{- range .Values.ingress.web.succeedingPaths }} + - path: {{ .path }} + backend: + serviceName: {{ .serviceName }} + servicePort: {{ .servicePort }} + {{- end }} + host: {{ .Values.ingress.web.host }} +{{- end }} diff --git a/chart/values.yaml b/chart/values.yaml index 082418bb9c8ec..4f619ffcc12be 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -42,6 +42,60 @@ tolerations: [] # Add common labels to all objects and pods defined in this chart. labels: {} +# Ingress configuration +ingress: + # Configs for the Ingress of the web Service + web: + # Enable airflow web-service ingress + enabled: false + # Annotations for the web Ingress + annotations: {} + + # The path for the web Ingress + path: "" + + # The hostname for the web Ingress + host: "" + + # configs for web Ingress TLS + tls: + # Enable TLS termination for the web Ingress + enabled: false + # the name of a pre-created Secret containing a TLS private key and certificate + secretName: "" + + # HTTP paths to add to the web Ingress before the default path + precedingPaths: [] + + # Http paths to add to the web Ingress after the default path + succeedingPaths: [] + + # Configs for the Ingress of the flower Service + flower: + # Enable Flower ingress (Only when executor: "CeleryExecutor" ) + enabled: false + # Annotations for the flower Ingress + annotations: {} + + # The path for the flower Ingress + path: "" + + # The hostname for the flower Ingress + host: "" + + # configs for web Ingress TLS + tls: + # Enable TLS termination for the flower Ingress + enabled: false + # the name of a pre-created Secret containing a TLS private key and certificate + secretName: "" + + # HTTP paths to add to the flower Ingress before the default path + precedingPaths: [] + + # Http paths to add to the flower Ingress after the default path + succeedingPaths: [] + # Network policy configuration networkPolicies: # Enabled network policies