k8s-airflow/infra/airflow/values.yml

fullnameOverride: "airflow"

useStandardNaming: true

images:
  airflow:
    repository: 10.10.0.85:50000/airflow-custom
    tag: "1.0"
    pullPolicy: Always

executor: "CeleryExecutor"

postgresql:
  enabled: false
redis:
  enabled: false

data:
  metadataConnection:
    user: "airflow"
    pass: "airflow"
    protocol: postgresql
    host: "10.10.0.83"
    port: 5000
    db: "airflow_db"
    sslmode: disable
  brokerUrl: "amqp://airflow:airflow@airflow-rabbitmq-cluster:5672/"
  resultBackendConnection:
    protocol: postgresql
    host: "10.10.0.83"
    port: 5000
    db: "airflow_db"
    user: "airflow"
    pass: "airflow"
    sslmode: disable

migrateDatabaseJob:
  nodeSelector:
    role: worker

webserverSecretKey: "this-must-be-a-long-random-string-fixed-for-ha"
fernetKey: "rv638BORYwOheHEXB6JoROvDgR3r9vdrOHnYcQfl0gs="

dags:
  persistence:
    enabled: true
    existingClaim: airflow-dags-pvc
logs:
  persistence:
    enabled: true
    existingClaim: airflow-logs-pvc

# ✅ 保留 apiServer 配置（你的環境需要它）
apiServer:
  replicas: 3
  service:
    type: NodePort
    ports:
      - name: airflow-ui
        port: 8080
        nodePort: 30080
  nodeSelector:
    node-role.kubernetes.io/control-plane: ""
  tolerations:
    - key: "node-role.kubernetes.io/control-plane"
      operator: "Exists"
      effect: "NoSchedule"

scheduler:
  replicas: 1
  nodeSelector:
    node-role.kubernetes.io/control-plane: ""
  tolerations:
    - key: "node-role.kubernetes.io/control-plane"
      operator: "Exists"
      effect: "NoSchedule"
  securityContexts:
    pod:
      runAsUser: 0
      runAsNonRoot: false
    containers:
      runAsUser: 0
      runAsNonRoot: false
      allowPrivilegeEscalation: true
      capabilities:
        add:
          - NET_RAW

workers:
  podManagementPolicy: Parallel
  replicas: 4
  nodeSelector:
    role: worker
  resources:
    requests:
      cpu: 1
      memory: 1Gi
    limits:
      cpu: 2
      memory: 2Gi
  persistence:
    enabled: true
    size: 5Gi
    storageClassName: "nfs-airflow"
  env:
    - name: TZ
      value: "Asia/Taipei"
  securityContexts:
    pod:
      runAsUser: 0
      runAsNonRoot: false
    containers:
      runAsUser: 0
      runAsNonRoot: false
      allowPrivilegeEscalation: true
      capabilities:
        add:
          - NET_RAW

flower:
  enabled: true
  nodeSelector:
    node-role.kubernetes.io/control-plane: ""
  tolerations:
    - key: "node-role.kubernetes.io/control-plane"
      operator: "Exists"
      effect: "NoSchedule"
  service:
    type: NodePort

dagProcessor:
  nodeSelector:
    role: worker

triggerer:
  nodeSelector:
    role: worker
  persistence:
    enabled: false

config:
  core:
    max_map_length: 100000
  webserver:
    base_url: "http://10.10.0.83:8080"
    enable_proxy_fix: "True"
    cookie_secure: 'False'
    cookie_samesite: 'Lax'
    session_backend: 'database'

  celery:
    worker_concurrency: 4
    task_acks_late: "True"
    worker_prefetch_multiplier: 1