This is an automated email from the ASF dual-hosted git repository.

eladkal pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/airflow.git


The following commit(s) were added to refs/heads/main by this push:
     new f9db9c9952 Add safe-to-evict annotation to pod-template-file (#37352)
f9db9c9952 is described below

commit f9db9c995294ec6ebcc27ba5bc07efc2043e0d1a
Author: Carlos Sánchez Páez <[email protected]>
AuthorDate: Wed Apr 24 10:29:50 2024 +0200

    Add safe-to-evict annotation to pod-template-file (#37352)
---
 chart/files/pod-template-file.kubernetes-helm-yaml | 11 +++--------
 docs/helm-chart/production-guide.rst               | 16 ++++++++++++++++
 helm_tests/airflow_aux/test_pod_template_file.py   | 12 ++++++++++++
 3 files changed, 31 insertions(+), 8 deletions(-)

diff --git a/chart/files/pod-template-file.kubernetes-helm-yaml 
b/chart/files/pod-template-file.kubernetes-helm-yaml
index 177b6ec28b..bdfd9d2b18 100644
--- a/chart/files/pod-template-file.kubernetes-helm-yaml
+++ b/chart/files/pod-template-file.kubernetes-helm-yaml
@@ -26,6 +26,8 @@
 {{- $containerLifecycleHooksKerberosSidecar := or 
.Values.workers.kerberosSidecar.containerLifecycleHooks 
.Values.containerLifecycleHooks }}
 {{- $containerSecurityContext := include "containerSecurityContext" (list . 
.Values.workers) }}
 {{- $containerLifecycleHooks := or .Values.workers.containerLifecycleHooks 
.Values.containerLifecycleHooks }}
+{{- $safeToEvict := dict "cluster-autoscaler.kubernetes.io/safe-to-evict" 
(.Values.workers.safeToEvict | toString) }}
+{{- $podAnnotations := mergeOverwrite .Values.airflowPodAnnotations 
$safeToEvict .Values.workers.podAnnotations }}
 apiVersion: v1
 kind: Pod
 metadata:
@@ -37,18 +39,11 @@ metadata:
     {{- if or (.Values.labels) (.Values.workers.labels) }}
       {{- mustMerge .Values.workers.labels .Values.labels | toYaml | nindent 4 
}}
     {{- end }}
-  {{- if or .Values.airflowPodAnnotations .Values.workers.podAnnotations }}
   annotations:
-    {{- if .Values.airflowPodAnnotations }}
-      {{- toYaml .Values.airflowPodAnnotations | nindent 4 }}
-    {{- end }}
+    {{- toYaml $podAnnotations | nindent 4 }}
     {{- if .Values.workers.kerberosInitContainer.enabled }}
     checksum/kerberos-keytab: {{ include (print $.Template.BasePath 
"/secrets/kerberos-keytab-secret.yaml") . | sha256sum }}
     {{- end }}
-    {{- if .Values.workers.podAnnotations }}
-      {{- toYaml .Values.workers.podAnnotations | nindent 4 }}
-    {{- end }}
-  {{- end }}
 spec:
   initContainers:
     {{- if and .Values.dags.gitSync.enabled (not 
.Values.dags.persistence.enabled) }}
diff --git a/docs/helm-chart/production-guide.rst 
b/docs/helm-chart/production-guide.rst
index 4261c9f9ad..ee1fc2308b 100644
--- a/docs/helm-chart/production-guide.rst
+++ b/docs/helm-chart/production-guide.rst
@@ -148,6 +148,22 @@ generated using the secret key has a short expiry time 
though - make sure that t
 that you run airflow components on is synchronized (for example using ntpd) 
otherwise you might get
 "forbidden" errors when the logs are accessed.
 
+Eviction configuration
+----------------------
+When running Airflow along with the `Kubernetes Cluster Autoscaler 
<https://github.com/kubernetes/autoscaler>`_, it is important to configure 
whether pods can be safely evicted.
+This setting can be configured in the Airflow chart at different levels:
+
+.. code-block:: yaml
+
+  workers:
+    safeToEvict: true
+  scheduler:
+    safeToEvict: true
+  webserver:
+    safeToEvict: true
+
+When using ``KubernetesExecutor``, ``workers.safeToEvict`` should be set to 
``false`` to avoid them being removed before finishing.
+
 Extending and customizing Airflow Image
 ---------------------------------------
 
diff --git a/helm_tests/airflow_aux/test_pod_template_file.py 
b/helm_tests/airflow_aux/test_pod_template_file.py
index 0bd044dcfc..cb360e7b21 100644
--- a/helm_tests/airflow_aux/test_pod_template_file.py
+++ b/helm_tests/airflow_aux/test_pod_template_file.py
@@ -645,6 +645,18 @@ class TestPodTemplateFile:
         assert "my_annotation" in annotations
         assert "annotated!" in annotations["my_annotation"]
 
+    @pytest.mark.parametrize("safe_to_evict", [True, False])
+    def test_safe_to_evict_annotation(self, safe_to_evict: bool):
+        docs = render_chart(
+            values={"workers": {"safeToEvict": safe_to_evict}},
+            show_only=["templates/pod-template-file.yaml"],
+            chart_dir=self.temp_chart_dir,
+        )
+        annotations = jmespath.search("metadata.annotations", docs[0])
+        assert annotations == {
+            "cluster-autoscaler.kubernetes.io/safe-to-evict": "true" if 
safe_to_evict else "false"
+        }
+
     def test_workers_pod_annotations(self):
         docs = render_chart(
             values={"workers": {"podAnnotations": {"my_annotation": 
"annotated!"}}},

Reply via email to