Parameters reference

The following tables lists the configurable parameters of the Airflow chart and their default values.

Common

Parameter

Description

Default

airflowLocalSettings

airflow_local_settings file as a string (can be templated).

~

airflowVersion

Airflow version (Used to make some decisions based on Airflow Version being deployed).

2.1.2

config

Settings to go into the mounted airflow.cfg

See values.yaml

defaultAirflowRepository

Default airflow repository. Overrides all the specific images below.

apache/airflow

defaultAirflowTag

Default airflow tag to deploy.

2.1.2

executor

Airflow executor.

CeleryExecutor

fernetKey

The Fernet key used to encrypt passwords (can only be set during install, not upgrade).

~

pgbouncer.enabled

Enable PgBouncer.

False

webserver.defaultUser.enabled

Enable default user creation.

True

webserver.webserverConfig

This string (can be templated) will be mounted into the Airflow webserver as a custom webserver_config.py. You can bake a webserver_config.py in to your image instead.

~

Examples:

webserverConfig: |-
  from airflow import configuration as conf

  # The SQLAlchemy connection string.
  SQLALCHEMY_DATABASE_URI = conf.get('core', 'SQL_ALCHEMY_CONN')

  # Flask-WTF flag for CSRF
  CSRF_ENABLED = True

webserverSecretKey

The Flask secret key for Airflow Webserver to encrypt browser session.

~

Airflow

Parameter

Description

Default

airflowHome

Airflow home directory. Used for mount paths.

/opt/airflow

allowPodLaunching

Whether various Airflow components launch pods.

True

dags.gitSync.branch

Git branch

v2-1-stable

dags.gitSync.containerName

Git sync container name.

git-sync

dags.gitSync.credentialsSecret

Name of a Secret containing the repo GIT_SYNC_USERNAME and GIT_SYNC_PASSWORD.

~

dags.gitSync.depth

Repository depth.

1

dags.gitSync.enabled

Enable Git sync.

False

dags.gitSync.env

Environment variables for git sync container.

[]

Examples:

env:
- name: GIT_SYNC_TIMEOUT
  value: '60'

dags.gitSync.extraVolumeMounts

Mount additional volumes into git sync container.

[]

dags.gitSync.knownHosts

When using a ssh private key, the contents of your known_hosts file.

~

Examples:

knownHosts: |-
  <host1>,<ip1> <key1>
  <host2>,<ip2> <key2>
knownHosts: <host1>,<ip1> <key1>

dags.gitSync.maxFailures

The number of consecutive failures allowed before aborting.

0

dags.gitSync.repo

Git repository.

https://github.com/apache/airflow.git

dags.gitSync.resources

Resources on workers git-sync sidecar

{}

Examples:

resources:
  limits:
    cpu: 100m
    memory: 128Mi
  requests:
    cpu: 100m
    memory: 128Mi

dags.gitSync.rev

Git revision.

HEAD

dags.gitSync.sshKeySecret

Name of a Secret containing the repo sshKeySecret.

~

dags.gitSync.subPath

Subpath within the repo where dags are located.

tests/dags

dags.gitSync.uid

Git sync container run as user parameter.

65533

dags.gitSync.wait

Interval between git sync attempts in seconds.

60

dags.persistence.accessMode

Access mode of the persistent volume.

ReadWriteOnce

dags.persistence.enabled

Enable persistent volume for storing dags.

False

dags.persistence.existingClaim

The name of an existing PVC to use.

~

dags.persistence.size

Volume size for dags.

1Gi

dags.persistence.storageClassName

If using a custom StorageClass, pass name here.

~

elasticsearch.connection

Elasticsearch connection configuration.

{}

Examples:

connection:
  email: '...'
  host: '...'
  pass: '...'
  user: '...'

elasticsearch.enabled

Enable Elasticsearch task logging.

False

elasticsearch.secretName

A secret containing the connection string.

~

env

Environment variables for all Airflow containers.

[]

Examples:

env:
- name: MYENVVAR
  value: something_fun

extraEnv

Extra env ‘items’ that will be added to the definition of Airflow containers; a string is expected (can be templated).

~

Examples:

extraEnv: |-
  - name: AIRFLOW__CORE__LOAD_EXAMPLES
     value: True

extraEnvFrom

Extra envFrom ‘items’ that will be added to the definition of Airflow containers; a string is expected (can be templated).

~

Examples:

extraEnvFrom: |-
  - secretRef:
    name: '{{ .Release.Name }}-airflow-connections'
extraEnvFrom: |-
  - configMapRef:
    name: '{{ .Release.Name }}-airflow-variables'

fernetKeySecretName

The Fernet key secret name.

~

gid

Group of airflow user.

0

logs.persistence.enabled

Enable persistent volume for storing logs.

False

logs.persistence.existingClaim

The name of an existing PVC to use.

~

logs.persistence.size

Volume size for logs.

100Gi

logs.persistence.storageClassName

If using a custom StorageClass, pass name here.

~

multiNamespaceMode

Whether the KubernetesExecutor can launch workers and pods in multiple namespaces. If true, it creates ClusterRole/ClusterRolebinding (with access to entire cluster)

False

podTemplate

The contents of pod_template_file.yaml used for KubernetesExecutor workers. The default (see files/pod-template-file.kubernetes-helm-yaml) already takes into account normal workers configuration parameters (e.g. workers.resources), so you normally won’t need to override this directly.

~

Examples:

podTemplate: |-
  apiVersion: v1
  kind: Pod
  metadata:
    name: dummy-name
    labels:
      tier: airflow
      component: worker
      release: my-release
  spec:
    priorityClassName: high-priority
    containers:
      - name: base
      ...

secret

Secrets for all Airflow containers.

[]

Examples:

secret:
- envName: SecretEnvVar
  secretKey: somekey
  secretName: somesecret

uid

User of airflow user.

50000

webserverSecretKeySecretName

The Secret name containing Flask secret_key for the Webserver.

~

Images

Parameter

Description

Default

images.airflow.pullPolicy

The airflow image pull policy.

IfNotPresent

images.airflow.repository

The airflow image repository.

~

images.airflow.tag

The airflow image tag.

~

images.flower.pullPolicy

The flower image pull policy.

IfNotPresent

images.flower.repository

The flower image repository.

~

images.flower.tag

The flower image tag.

~

images.gitSync.pullPolicy

The gitSync image pull policy.

IfNotPresent

images.gitSync.repository

The gitSync image repository.

k8s.gcr.io/git-sync/git-sync

images.gitSync.tag

The gitSync image tag.

v3.3.0

images.pgbouncer.pullPolicy

The PgBouncer image pull policy.

IfNotPresent

images.pgbouncer.repository

The PgBouncer image repository.

apache/airflow

images.pgbouncer.tag

The PgBouncer image tag.

airflow-pgbouncer-2021.04.28-1.14.0

images.pgbouncerExporter.pullPolicy

The PgBouncer exporter image pull policy.

IfNotPresent

images.pgbouncerExporter.repository

The PgBouncer exporter image repository.

apache/airflow

images.pgbouncerExporter.tag

The PgBouncer exporter image tag.

airflow-pgbouncer-exporter-2021.04.28-0.5.0

images.pod_template.pullPolicy

The pod_template image pull policy.

IfNotPresent

images.pod_template.repository

The pod_template image repository.

~

images.pod_template.tag

The pod_template image tag.

~

images.redis.pullPolicy

The redis image pull policy.

IfNotPresent

images.redis.repository

The redis image repository.

redis

images.redis.tag

The redis image tag.

6-buster

images.statsd.pullPolicy

The statsd image pull policy.

IfNotPresent

images.statsd.repository

The statsd image repository.

apache/airflow

images.statsd.tag

The statsd image tag.

airflow-statsd-exporter-2021.04.28-v0.17.0

Ports

Parameter

Description

Default

ports.airflowUI

Airflow UI port.

8080

ports.flowerUI

Flower UI port.

5555

ports.pgbouncer

PgBouncer port.

6543

ports.pgbouncerScrape

PgBouncer scrape port.

9127

ports.redisDB

Redis port.

6379

ports.statsdIngest

StatsD ingest port.

9125

ports.statsdScrape

StatsD scrape port.

9102

ports.workerLogs

Worker logs port.

8793

Database

Parameter

Description

Default

data.metadataConnection.db

The name of the database.

postgres

data.metadataConnection.host

The database host.

~

data.metadataConnection.pass

The user’s password.

postgres

data.metadataConnection.port

The database port.

5432

data.metadataConnection.protocol

The database protocol.

postgresql

data.metadataConnection.sslmode

The database SSL parameter.

disable

data.metadataConnection.user

The database user.

postgres

data.metadataSecretName

Metadata connection string secret.

~

data.resultBackendConnection

Result backend connection configuration.

~

data.resultBackendConnection.db

The name of the database.

~

data.resultBackendConnection.host

The database host.

~

data.resultBackendConnection.pass

The database password.

~

data.resultBackendConnection.port

The database port.

~

data.resultBackendConnection.protocol

The database protocol.

~

data.resultBackendConnection.sslmode

The database SSL parameter.

~

data.resultBackendConnection.user

The database user.

~

data.resultBackendSecretName

Result backend connection string secret.

~

postgresql.enabled

Enable PostgreSQL subchart.

True

postgresql.postgresqlPassword

PostgreSQL password.

postgres

postgresql.postgresqlUsername

PostgreSQL username.

postgres

PgBouncer

Parameter

Description

Default

pgbouncer.affinity

Specify scheduling constraints for PgBouncer pods.

{}

pgbouncer.ciphers

The allowed ciphers, might be ‘fast’, ‘normal’ or list ciphers separated with ‘:’.

normal

pgbouncer.configSecretName

The PgBouncer config Secret name.

~

pgbouncer.extraIni

Add extra general PgBouncer ini configuration: https://www.pgbouncer.org/config.html

~

pgbouncer.extraIniMetadata

Add extra metadata database specific PgBouncer ini configuration: https://www.pgbouncer.org/config.html#section-databases

~

pgbouncer.extraIniResultBackend

Add extra result backend database specific PgBouncer ini configuration: https://www.pgbouncer.org/config.html#section-databases

~

pgbouncer.extraNetworkPolicies

Additional NetworkPolicies as needed.

[]

pgbouncer.logConnections

Log successful logins.

0

pgbouncer.logDisconnections

Log disconnections with reasons.

0

pgbouncer.maxClientConn

Maximum clients that can connect to PgBouncer (higher = more file descriptors).

100

pgbouncer.metadataPoolSize

Metadata pool size.

10

pgbouncer.metricsExporterSidecar.resources

Resources for the PgBouncer metric exporter.

{}

Examples:

resources:
  limits:
    cpu: 100m
    memory: 128Mi
  requests:
    cpu: 100m
    memory: 128Mi

pgbouncer.nodeSelector

Select certain nodes for PgBouncer pods.

{}

pgbouncer.podDisruptionBudget.config.maxUnavailable

Max unavailable pods for PgBouncer.

1

pgbouncer.podDisruptionBudget.enabled

Enabled PodDistributionBudget.

False

pgbouncer.resources

Resources for the PgBouncer pods.

{}

Examples:

resources:
  limits:
    cpu: 100m
    memory: 128Mi
  requests:
    cpu: 100m
    memory: 128Mi

pgbouncer.resultBackendPoolSize

Result backend pool size.

5

pgbouncer.service.extraAnnotations

Extra annotations for the PgBouncer Service.

{}

pgbouncer.serviceAccount.annotations

Annotations to add to the worker Kubernetes ServiceAccount.

{}

pgbouncer.serviceAccount.create

Specifies whether a ServiceAccount should be created.

True

pgbouncer.serviceAccount.name

The name of the ServiceAccount to use. If not set and create is true, a name is generated using the release name.

~

pgbouncer.ssl.ca

Certificate Authority for server side

~

pgbouncer.ssl.cert

Server Certificate for server side

~

pgbouncer.ssl.key

Private key used to authenticate with the server

~

pgbouncer.sslmode

SSL mode for PgBouncer.

prefer

pgbouncer.tolerations

Specify Tolerations for PgBouncer pods.

[]

pgbouncer.uid

PgBouncer run as user parameter.

65534

pgbouncer.verbose

Increase PgBouncer verbosity.

0

Scheduler

Parameter

Description

Default

scheduler.affinity

Specify scheduling constraints for scheduler pods.

See values.yaml

scheduler.args

Args to use when running the Airflow scheduler (templated).

['bash', '-c', 'exec airflow scheduler']

scheduler.command

Command to use when running the Airflow scheduler (templated).

~

scheduler.extraContainers

Launch additional containers into scheduler.

[]

scheduler.extraInitContainers

Add additional init containers into scheduler.

[]

scheduler.extraVolumeMounts

Mount additional volumes into scheduler.

[]

scheduler.extraVolumes

Mount additional volumes into scheduler.

[]

scheduler.livenessProbe.failureThreshold

Scheduler Liveness probe failure threshold.

10

scheduler.livenessProbe.initialDelaySeconds

Scheduler Liveness probe initial delay.

10

scheduler.livenessProbe.periodSeconds

Scheduler Liveness probe period seconds.

30

scheduler.livenessProbe.timeoutSeconds

Scheduler Liveness probe timeout seconds.

5

scheduler.logGroomerSidecar.args

Args to use when running the Airflow scheduler log groomer sidecar (templated).

['bash', '/clean-logs']

scheduler.logGroomerSidecar.command

Command to use when running the Airflow scheduler log groomer sidecar (templated).

~

scheduler.logGroomerSidecar.enabled

Whether to deploy the Airflow scheduler log groomer sidecar.

True

scheduler.logGroomerSidecar.resources

Resources for log groomer sidecar.

{}

Examples:

resources:
  limits:
    cpu: 100m
    memory: 128Mi
  requests:
    cpu: 100m
    memory: 128Mi

scheduler.nodeSelector

Select certain nodes for scheduler pods.

{}

scheduler.podDisruptionBudget.config.maxUnavailable

Max unavailable pods for scheduler.

1

scheduler.podDisruptionBudget.enabled

Enable pod disruption budget.

False

scheduler.replicas

Airflow 2.0 allows users to run multiple schedulers. This feature is only recommended for MySQL 8+ and PostgreSQL

1

scheduler.resources

Resources for scheduler pods.

{}

Examples:

resources:
  limits:
    cpu: 100m
    memory: 128Mi
  requests:
    cpu: 100m
    memory: 128Mi

scheduler.safeToEvict

This setting tells Kubernetes that its ok to evict when it wants to scale a node down.

True

scheduler.serviceAccount.annotations

Annotations to add to the scheduler Kubernetes ServiceAccount.

{}

scheduler.serviceAccount.create

Specifies whether a ServiceAccount should be created.

True

scheduler.serviceAccount.name

The name of the ServiceAccount to use. If not set and create is true, a name is generated using the release name.

~

scheduler.strategy

Specifies the strategy used to replace old Pods by new ones when deployed as a Deployment (when not using LocalExecutor and workers.persistence).

~

scheduler.tolerations

Specify Tolerations for scheduler pods.

[]

scheduler.updateStrategy

Specifies the strategy used to replace old Pods by new ones when deployed as a StatefulSet (when using LocalExecutor and workers.persistence).

~

Webserver

Parameter

Description

Default

webserver.affinity

Specify scheduling constraints for webserver pods.

See values.yaml

webserver.allowPodLogReading

Allow webserver to read k8s pod logs. Useful when you don’t have an external log store.

True

webserver.args

Args to use when running the Airflow webserver (templated).

['bash', '-c', 'exec airflow webserver']

webserver.command

Command to use when running the Airflow webserver (templated).

~

webserver.defaultUser.email

Default user email address.

admin@example.com

webserver.defaultUser.firstName

Default user firstname.

admin

webserver.defaultUser.lastName

Default user lastname.

user

webserver.defaultUser.password

Default user password.

admin

webserver.defaultUser.role

Default user role.

Admin

webserver.defaultUser.username

Default user username.

admin

webserver.extraContainers

Launch additional containers into webserver.

[]

webserver.extraInitContainers

Add additional init containers into webserver.

[]

webserver.extraNetworkPolicies

Additional NetworkPolicies as needed (Deprecated - renamed to webserver.networkPolicy.ingress.from).

[]

webserver.extraVolumeMounts

Mount additional volumes into webserver.

[]

webserver.extraVolumes

Mount additional volumes into webserver.

[]

webserver.livenessProbe.failureThreshold

Webserver Liveness probe failure threshold.

20

webserver.livenessProbe.initialDelaySeconds

Webserver Liveness probe initial delay.

15

webserver.livenessProbe.periodSeconds

Webserver Liveness probe period seconds.

5

webserver.livenessProbe.timeoutSeconds

Webserver Liveness probe timeout seconds.

30

webserver.networkPolicy.ingress.from

Peers for webserver NetworkPolicy ingress.

[]

webserver.networkPolicy.ingress.ports

Ports for webserver NetworkPolicy ingress (if from is set).

[{'port': 'airflow-ui'}]

Examples:

ports:
- port: sidecar

webserver.nodeSelector

Select certain nodes for webserver pods.

{}

webserver.readinessProbe.failureThreshold

Webserver Readiness probe failure threshold.

20

webserver.readinessProbe.initialDelaySeconds

Webserver Readiness probe initial delay.

15

webserver.readinessProbe.periodSeconds

Webserver Readiness probe period seconds.

5

webserver.readinessProbe.timeoutSeconds

Webserver Readiness probe timeout seconds.

30

webserver.replicas

How many Airflow webserver replicas should run.

1

webserver.resources

Resources for webserver pods.

{}

Examples:

resources:
  limits:
    cpu: 100m
    memory: 128Mi
  requests:
    cpu: 100m
    memory: 128Mi

webserver.service.annotations

Annotations for the webserver Service.

{}

webserver.service.loadBalancerIP

Webserver Service loadBalancerIP.

~

webserver.service.ports

Ports for the webserver Service.

[{'name': 'airflow-ui', 'port': '{{ .Values.ports.airflowUI }}'}]

Examples:

ports:
- name: airflow-ui
  port: 80
  targetPort: airflow-ui
ports:
- name: only_sidecar
  port: 80
  targetPort: 8888

webserver.service.type

Webserver Service type.

ClusterIP

webserver.serviceAccount.annotations

Annotations to add to the webserver Kubernetes ServiceAccount.

{}

webserver.serviceAccount.create

Specifies whether a ServiceAccount should be created.

True

webserver.serviceAccount.name

The name of the ServiceAccount to use. If not set and create is true, a name is generated using the release name.

~

webserver.strategy

Specifies the strategy used to replace old Pods by new ones.

~

webserver.tolerations

Specify Tolerations for webserver pods.

[]

Workers

Parameter

Description

Default

workers.affinity

Specify scheduling constraints for worker pods.

See values.yaml

workers.args

Args to use when running Airflow workers (templated).

['bash', '-c', 'exec \\\nairflow {{ semverCompare ">=2.0.0" .Values.airflowVersion | ternary "celery worker" "worker" }}']

workers.command

Command to use when running Airflow workers (templated).

~

workers.extraContainers

Launch additional containers into workers.

[]

workers.extraInitContainers

Add additional init containers into workers.

[]

workers.extraVolumeMounts

Mount additional volumes into workers.

[]

workers.extraVolumes

Mount additional volumes into workers.

[]

workers.hostAliases

Specify HostAliases for workers.

[]

Examples:

hostAliases:
- hostnames:
  - test.hostname.one
  ip: 127.0.0.2
hostAliases:
- hostnames:
  - test.hostname.two
  ip: 127.0.0.3

workers.keda.cooldownPeriod

How many seconds KEDA will wait before scaling to zero.

30

workers.keda.enabled

Allow KEDA autoscaling. Persistence.enabled must be set to false to use KEDA.

False

workers.keda.maxReplicaCount

Maximum number of workers created by KEDA.

10

workers.keda.minReplicaCount

Minimum number of workers created by KEDA.

0

workers.keda.namespaceLabels

Labels used in matchLabels for namespace in the PgBouncer NetworkPolicy.

{}

workers.keda.pollingInterval

How often KEDA polls the airflow DB to report new scale requests to the HPA.

5

workers.kerberosSidecar.enabled

Enable Kerberos sidecar for the worker.

False

workers.kerberosSidecar.resources

Resources on workers kerberos sidecar

{}

Examples:

resources:
  limits:
    cpu: 100m
    memory: 128Mi
  requests:
    cpu: 100m
    memory: 128Mi

workers.logGroomerSidecar.args

Args to use when running the Airflow workers log groomer sidecar (templated).

['bash', '/clean-logs']

workers.logGroomerSidecar.command

Command to use when running the Airflow workers log groomer sidecar (templated).

~

workers.logGroomerSidecar.resources

Resources for Airflow workers log groomer sidecar.

{}

Examples:

resources:
  limits:
    cpu: 100m
    memory: 128Mi
  requests:
    cpu: 100m
    memory: 128Mi

workers.nodeSelector

Select certain nodes for worker pods.

{}

workers.persistence.enabled

Enable persistent volumes.

True

workers.persistence.fixPermissions

Execute init container to chown log directory. This is currently only needed in kind, due to usage of local-path provisioner.

False

workers.persistence.size

Volume size for worker StatefulSet.

100Gi

workers.persistence.storageClassName

If using a custom StorageClass, pass name ref to all StatefulSets here.

~

workers.replicas

Number of Airflow Celery workers in StatefulSet.

1

workers.resources

Resources on workers

{}

Examples:

resources:
  limits:
    cpu: 100m
    memory: 128Mi
  requests:
    cpu: 100m
    memory: 128Mi

workers.safeToEvict

This setting tells Kubernetes that it’s ok to evict when it wants to scale a node down.

True

workers.serviceAccount.annotations

Annotations to add to the worker Kubernetes ServiceAccount.

{}

workers.serviceAccount.create

Specifies whether a ServiceAccount should be created.

True

workers.serviceAccount.name

The name of the ServiceAccount to use. If not set and create is true, a name is generated using the release name.

~

workers.strategy

Specifies the strategy used to replace old Pods by new ones when deployed as a Deployment.

{'rollingUpdate': {'maxSurge': '100%', 'maxUnavailable': '50%'}}

workers.terminationGracePeriodSeconds

Grace period for tasks to finish after SIGTERM is sent from Kubernetes.

600

workers.tolerations

Specify Tolerations for worker pods.

[]

workers.updateStrategy

Specifies the strategy used to replace old Pods by new ones when deployed as a StatefulSet.

~

Flower

Parameter

Description

Default

flower.affinity

Specify scheduling constraints for Flower pods.

{}

flower.args

Args to use when running flower (templated).

['bash', '-c', 'exec \\\nairflow {{ semverCompare ">=2.0.0" .Values.airflowVersion | ternary "celery flower" "flower" }}']

flower.command

Command to use when running flower (templated).

~

flower.enabled

Enable Flower.

True

flower.extraContainers

Launch additional containers into the flower pods.

[]

flower.extraNetworkPolicies

Additional NetworkPolicies as needed (Deprecated - renamed to flower.networkPolicy.ingress.from).

[]

flower.extraVolumes

Mount additional volumes into the flower pods.

[]

flower.networkPolicy.ingress.from

Peers for flower NetworkPolicy ingress.

[]

flower.networkPolicy.ingress.ports

Ports for flower NetworkPolicy ingress (if from is set).

[{'port': 'flower-ui'}]

Examples:

ports:
- port: sidecar

flower.nodeSelector

Select certain nodes for Flower pods.

{}

flower.password

Password use to access Flower.

~

flower.resources

Resources for Flower pods.

{}

Examples:

resources:
  limits:
    cpu: 100m
    memory: 128Mi
  requests:
    cpu: 100m
    memory: 128Mi

flower.secretName

A secret containing the user and password pair.

~

flower.service.annotations

Annotations for the flower Service.

{}

flower.service.loadBalancerIP

Flower Service loadBalancerIP.

~

flower.service.ports

Ports for the flower Service.

[{'name': 'flower-ui', 'port': '{{ .Values.ports.flowerUI }}'}]

Examples:

ports:
- name: flower-ui
  port: 8080
  targetPort: flower-ui

flower.service.type

Flower Service type.

ClusterIP

flower.serviceAccount.annotations

Annotations to add to the worker Kubernetes ServiceAccount.

{}

flower.serviceAccount.create

Specifies whether a ServiceAccount should be created.

True

flower.serviceAccount.name

The name of the ServiceAccount to use. If not set and create is true, a name is generated using the release name.

~

flower.tolerations

Specify Tolerations for Flower pods.

[]

flower.username

Username use to access Flower.

~

Redis

Parameter

Description

Default

data.brokerUrl

Direct url to the redis broker (when using an external redis instance) (can only be set during install, not upgrade).

~

data.brokerUrlSecretName

Redis broker URL secret.

~

redis.affinity

Specify scheduling constraints for Redis pods.

{}

redis.enabled

Enable the Redis provisioned by the chart (you can also use an external Redis instance with data.brokerUrl or data.brokerUrlSecretName).

True

redis.nodeSelector

Select certain nodes for Redis pods.

{}

redis.password

If password is set, create secret with it, else generate a new one on install (can only be set during install, not upgrade).

~

redis.passwordSecretName

Redis password secret.

~

redis.persistence.enabled

Enable persistent volumes.

True

redis.persistence.size

Volume size for Redis StatefulSet.

1Gi

redis.persistence.storageClassName

If using a custom StorageClass, pass name ref to all StatefulSets here.

~

redis.resources

Resources for the Redis pods

{}

Examples:

resources:
  limits:
    cpu: 100m
    memory: 128Mi
  requests:
    cpu: 100m
    memory: 128Mi

redis.safeToEvict

This setting tells Kubernetes that its ok to evict when it wants to scale a node down.

True

redis.serviceAccount.annotations

Annotations to add to the worker Kubernetes ServiceAccount.

{}

redis.serviceAccount.create

Specifies whether a ServiceAccount should be created.

True

redis.serviceAccount.name

The name of the ServiceAccount to use. If not set and create is true, a name is generated using the release name.

~

redis.terminationGracePeriodSeconds

Grace period for Redis to exit after SIGTERM is sent from Kubernetes.

600

redis.tolerations

Specify Tolerations for Redis pods.

[]

Statsd

Parameter

Description

Default

statsd.affinity

Specify scheduling constraints for StatsD pods.

{}

statsd.enabled

Enable StatsD.

True

statsd.extraMappings

Additional mappings for StatsD exporter.

[]

statsd.extraNetworkPolicies

Additional NetworkPolicies as needed.

[]

statsd.nodeSelector

Select certain nodes for StatsD pods.

{}

statsd.resources

Resources for StatsD pods.

{}

Examples:

resources:
  limits:
    cpu: 100m
    memory: 128Mi
  requests:
    cpu: 100m
    memory: 128Mi

statsd.service.extraAnnotations

Extra annotations for the StatsD Service.

{}

statsd.serviceAccount.annotations

Annotations to add to the StatsD Kubernetes ServiceAccount.

{}

statsd.serviceAccount.create

Specifies whether a ServiceAccount should be created.

True

statsd.serviceAccount.name

The name of the ServiceAccount to use. If not set and create is true, a name is generated using the release name.

~

statsd.tolerations

Specify Tolerations for StatsD pods.

[]

statsd.uid

StatsD run as user parameter.

65534

Jobs

Parameter

Description

Default

cleanup.affinity

Specify scheduling constraints for cleanup pods.

{}

cleanup.enabled

Enable cleanup.

False

cleanup.nodeSelector

Select certain nodes for cleanup pods.

{}

cleanup.schedule

Cleanup schedule.

*/15 * * * *

cleanup.serviceAccount.annotations

Annotations to add to the cleanup CronJob Kubernetes ServiceAccount.

{}

cleanup.serviceAccount.create

Specifies whether a ServiceAccount should be created.

True

cleanup.serviceAccount.name

The name of the ServiceAccount to use. If not set and create is true, a name is generated using the release name.

~

cleanup.tolerations

Specify Tolerations for cleanup pods.

[]

createUserJob.affinity

Specify scheduling constraints for the create user job pod.

{}

createUserJob.annotations

Annotations to add to the create user job pod.

{}

createUserJob.jobAnnotations

Annotations to add to the create user job job.

{}

createUserJob.nodeSelector

Select certain nodes for the create user job pod.

{}

createUserJob.serviceAccount.annotations

Annotations to add to the create user job Kubernetes ServiceAccount.

{}

createUserJob.serviceAccount.create

Specifies whether a ServiceAccount should be created.

True

createUserJob.serviceAccount.name

The name of the ServiceAccount to use. If not set and create is true, a name is generated using the release name.

~

createUserJob.tolerations

Specify Tolerations for the create user job pod.

[]

migrateDatabaseJob.affinity

Specify scheduling constraints for the migrate database job pod.

{}

migrateDatabaseJob.annotations

Annotations to add to the migrate database job pod.

{}

migrateDatabaseJob.jobAnnotations

Annotations to add to the migrate database job.

{}

migrateDatabaseJob.nodeSelector

Select certain nodes for the migrate database job pod.

{}

migrateDatabaseJob.serviceAccount.annotations

Annotations to add to the migrate database job Kubernetes ServiceAccount.

{}

migrateDatabaseJob.serviceAccount.create

Specifies whether a ServiceAccount should be created.

True

migrateDatabaseJob.serviceAccount.name

The name of the ServiceAccount to use. If not set and create is true, a name is generated using the release name.

~

migrateDatabaseJob.tolerations

Specify Tolerations for the migrate database job pod.

[]

Kubernetes

Parameter

Description

Default

affinity

Specify scheduling constraints for all pods.

{}

airflowConfigAnnotations

Extra annotations to apply to the main Airflow configmap.

{}

airflowPodAnnotations

Extra annotations to apply to all Airflow pods.

{}

extraConfigMaps

Extra ConfigMaps that will be managed by the chart.

{}

Examples:

extraConfigMaps:
  '{{ .Release.Name }}-airflow-variables':
    data: |-
      AIRFLOW_VAR_HELLO_MESSAGE: 'Hi!'
      AIRFLOW_VAR_KUBERNETES_NAMESPACE: '{{ .Release.Namespace }}'

extraSecrets

Extra secrets that will be managed by the chart.

{}

Examples:

extraSecrets:
  '{{ .Release.Name }}-airflow-connections':
    data: |-
      AIRFLOW_CONN_GCP: 'base64_encoded_gcp_conn_string'
      AIRFLOW_CONN_AWS: 'base64_encoded_aws_conn_string'
    stringData: 'AIRFLOW_CONN_OTHER: ''other_conn'''

labels

Add common labels to all objects and pods defined in this chart.

{}

limits

Define default/max/min values for pods and containers in namespace.

[]

networkPolicies.enabled

Enabled network policies.

False

nodeSelector

Select certain nodes for all pods.

{}

quotas

Define any ResourceQuotas for namespace.

{}

rbac.create

Specifies whether RBAC resources should be created.

True

registry.connection

Registry connection configuration.

{}

Examples:

connection:
  email: '...'
  host: '...'
  pass: '...'
  user: '...'

registry.secretName

Registry connection string secret.

~

tolerations

Specify Tolerations for all pods.

[]

Ingress

Parameter

Description

Default

ingress.enabled

Enable ingress resource.

False

ingress.flower.annotations

Annotations for the flower Ingress.

{}

ingress.flower.host

The hostname for the flower Ingress.

""

ingress.flower.path

The path for the flower Ingress.

""

ingress.flower.precedingPaths

HTTP paths to add to the flower Ingress before the default path.

[]

ingress.flower.succeedingPaths

HTTP paths to add to the flower Ingress after the default path.

[]

ingress.flower.tls.enabled

Enable TLS termination for the flower Ingress.

False

ingress.flower.tls.secretName

The name of a pre-created Secret containing a TLS private key and certificate.

""

ingress.web.annotations

Annotations for the web Ingress.

{}

ingress.web.host

The hostname for the web Ingress.

""

ingress.web.path

The path for the web Ingress.

""

ingress.web.precedingPaths

HTTP paths to add to the web Ingress before the default path.

[]

ingress.web.succeedingPaths

HTTP paths to add to the web Ingress after the default path.

[]

ingress.web.tls.enabled

Enable TLS termination for the web Ingress.

False

ingress.web.tls.secretName

The name of a pre-created Secret containing a TLS private key and certificate.

""

Kerberos

Parameter

Description

Default

kerberos.ccacheFileName

Name for kerberos credentials cache file.

cache

kerberos.ccacheMountPath

Path to mount shared volume for kerberos credentials cache.

/var/kerberos-ccache

kerberos.config

Contents of krb5.conf.

See values.yaml

kerberos.configPath

Path to mount krb5.conf kerberos configuration file.

/etc/krb5.conf

kerberos.enabled

Enable kerberos.

False

kerberos.keytabPath

Path to mount the keytab for refreshing credentials in the kerberos sidecar.

/etc/airflow.keytab

kerberos.principal

Principal to use when refreshing kerberos credentials.

airflow@FOO.COM

kerberos.reinitFrequency

How often (in seconds) airflow kerberos will reinitialize the credentials cache.

3600

Specify each parameter using the --set key=value[,key=value] argument to helm install. For example,

helm install my-release apache-airflow/airflow \
  --set executor=CeleryExecutor \
  --set enablePodLaunching=false .

Was this entry helpful?