On this article, we’re going to deploy an Airflow utility in a Conda setting and safe the applying utilizing Nginx and request SSL certificates from Let’s Encrypt.
Airflow is a well-liked instrument that we are able to use to outline, schedule, and monitor our complicated workflows. We will create Directed Acyclic Graphs (DAGs) to automate duties throughout our work platforms, and being open-source, Airflow has a neighborhood to offer assist and enhance constantly.
It is a sponsored article by Vultr. Vultr is the world’s largest privately-held cloud computing platform. A favourite with builders, Vultr has served over 1.5 million prospects throughout 185 nations with versatile, scalable, world Cloud Compute, Cloud GPU, Naked Metallic, and Cloud Storage options. Study extra about Vultr.
Deploying a Server on Vultr
Let’s begin by deploying a Vultr server with the Anaconda market utility.
-
Join and log in to the Vultr Buyer Portal.
-
Navigate to the Merchandise web page.
-
Choose Compute from the aspect menu.
-
Click on Deploy Server.
-
Choose Cloud Compute because the server sort.
-
Select a Location.
-
Choose Anaconda amongst market purposes.
-
Select a Plan.
-
Choose any extra options as required within the “Further Options” part.
-
Click on the Deploy Now button.
Making a Vultr Managed Database
After deploying a Vultr server, we’ll subsequent deploy a Vultr-managed PostgreSQL Database. We’ll additionally create two new databases in our database occasion that can be used to attach with our Airflow utility later within the weblog.
-
Open the Vultr Buyer Portal.
-
Click on the Merchandise menu group and navigate to Databases to create a PostgreSQL managed database.
-
Click on Add Managed Databases.
-
Choose PostgreSQL with the newest model because the database engine.
-
Choose Server Configuration and Server Location.
-
Write a Label for the service.
-
Click on Deploy Now.
-
After the database is deployed, choose Customers & Databases.
-
Click on Add New Database.
-
Sort in a reputation, click on Add Database and title it
airflow-pgsql
. -
Repeat steps 9 and 10 so as to add one other database in the identical managed database and title it
airflow-celery
.
Getting Began with Conda and Airflow
Now that we’ve created a Vultr-managed PostgreSQL occasion, we’ll use the Vultr server to create a Conda setting and set up the required dependencies.
-
Examine for the Conda model:
-
Create a Conda setting:
$ conda create -n airflow python=3.8
-
Activate the setting:
-
Set up Redis server:
(airflow) $ apt set up -y redis-server
-
Allow the Redis server:
(airflow) $ sudo systemctl allow redis-server
-
Examine the standing:
(airflow) $ sudo systemctl standing redis-server
-
Set up the Python bundle supervisor:
(airflow) $ conda set up pip
-
Set up the required dependencies:
(airflow) $ pip set up psycopg2-binary virtualenv redis
-
Set up Airflow within the Conda setting:
(airflow) $ pip set up "apache-airflow[celery]==2.8.1" --constraint "https://uncooked.githubusercontent.com/apache/airflow/constraints-2.8.1/constraints-3.8.txt"
Connecting Airflow with Vultr Managed Database
After making ready the setting, now let’s join our Airflow utility with the 2 databases we created earlier inside our database occasion and make needed adjustments to the Airflow configuration to make our utility production-ready.
-
Set setting variable for database connection:
(airflow) $ export AIRFLOW__DATABASE__SQL_ALCHEMY_CONN="postgresql://consumer:password@hostname:port/db_name"
Ensure that to switch the
consumer
,password
,hostname
, andport
with the precise values within the connection particulars part by deciding on theairflow-pgsql
database. Exchange thedb_name
withairflow-pgsql
. -
Initialize the metadata database.
We should initialize a metadata database for Airflow to create needed tables and schema that shops data like DAGs and data associated to our workflows:
(airflow) $ airflow db init
-
Open the Airflow configuration file:
(airflow) $ sudo nano ~/airflow/airflow.cfg
-
Scroll down and alter the
executor
:executor = CeleryExecutor
-
Hyperlink the Vultr-managed PostgreSQL database, and alter the worth of
sql_alchemy_conn
:sql_alchemy_conn = "postgresql://consumer:password@hostname:port/db_name"
Ensure that to switch the
consumer
,password
,hostname
, and port with the precise values within the connection particulars part by deciding on theairflow-pgsql
database. Exchange thedb_name
withairflow-pgsql
. -
Scroll down and alter the employee and set off log ports:
worker_log_server_port = 8794 trigger_log_server_port = 8795
-
Change the
broker_url
:broker_url = redis://localhost:6379/0
-
Take away the
#
and alter theresult_backend
:result_backend = db+postgresql://consumer:password@hostname:port/db_name
Ensure that to switch the
consumer
,password
,hostname
, andport
with the precise values within the connection particulars part by deciding on theairflow-celery
database. Exchange thedb_name
withairflow-celery
. -
Save and exit the file.
-
Create an Airflow consumer:
(airflow) $ airflow customers create n --username admin n --firstname Peter n --lastname Parker n --role Admin n --email spiderman@superhero.org
Ensure that to switch all of the variable values with the precise values.
Enter a password when prompted to set it for the consumer whereas accessing the dashboard.
Daemonizing the Airflow Software
Now let’s daemonize our Airflow utility in order that it runs within the background and continues to run independently even after we shut the terminal and log off.
These steps can even assist us to create a persistent service for the Airflow webserver, scheduler, and celery employees.
-
View the
airflow
path:(airflow) $ which airflow
Copy and paste the trail into the clipboard.
-
Create an Airflow webserver service file:
(airflow) $ sudo nano /and many others/systemd/system/airflow-webserver.service
-
Paste the service configurations within the file.
airflow webserver
is answerable for offering a web-based consumer interface that may permit us to work together and handle our workflows. These configurations will make a background operating service for our Airflow webserver:[Unit] Description="Airflow Webserver" After=community.goal [Service] Consumer=example_user Group=example_user ExecStart=/residence/example_user/.native/bin/airflow webserver [Install] WantedBy=multi-user.goal
Ensure that to switch
Consumer
andGroup
together with your precise non-root sudo consumer account particulars, and exchange theExecStart
path with the precise Airflow path together with the executable binary we copied earlier within the clipboard. -
Save and shut the file.
-
Allow the
airflow-webserver
service, in order that the webserver robotically begins up throughout the system boot course of:(airflow) $ systemctl allow airflow-webserver
-
Begin the service:
(airflow) $ sudo systemctl begin airflow-webserver
-
Ensure that the service is up and operating:
(airflow) $ sudo systemctl standing airflow-webserver
Our output ought to seem just like the one pictured under.
-
Create an Airflow Celery service file:
(airflow) $ sudo nano /and many others/systemd/system/airflow-celery.service
-
Paste the service configurations within the file.
airflow celery employee
begins a Celery employee. Celery is a distributed process queue that may permit us to distribute and execute duties throughout a number of employees. The employees hook up with our Redis server to obtain and execute duties:[Unit] Description="Airflow Celery" After=community.goal [Service] Consumer=example_user Group=example_user ExecStart=/residence/example_user/.native/bin/airflow celery employee [Install] WantedBy=multi-user.goal
Ensure that to switch
Consumer
andGroup
together with your precise non-root sudo consumer account particulars, and exchange theExecStart
path with the precise Airflow path together with the executable binary we copied earlier within the clipboard. -
Save and shut the file.
-
Allow the
airflow-celery
service:(airflow) $ sudo systemctl allow airflow-celery
-
Begin the service:
(airflow) $ sudo systemctl begin airflow-celery
-
Ensure that the service is up and operating:
(airflow) $ sudo systemctl standing airflow-celery
-
Create an Airflow scheduler service file:
(airflow) $ sudo nano /and many others/systemd/system/airflow-scheduler.service
-
Paste the service configurations within the file.
airflow scheduler
is answerable for scheduling and triggering the DAGs and the duties outlined in them. It additionally checks the standing of DAGs and duties periodically:[Unit] Description="Airflow Scheduler" After=community.goal [Service] Consumer=example_user Group=example_user ExecStart=/residence/example_user/.native/bin/airflow scheduler [Install] WantedBy=multi-user.goal
Ensure that to switch
Consumer
andGroup
together with your precise non-root sudo consumer account particulars, and exchange theExecStart
path with the precise Airflow path together with the executable binary we copied earlier within the clipboard. -
Save and shut the file.
-
Allow the
airflow-scheduler
service:(airflow) $ sudo systemctl allow airflow-scheduler
-
Begin the service:
(airflow) $ sudo systemctl begin airflow-scheduler
-
Ensure that the service is up and operating:
(airflow) $ sudo systemctl standing airflow-scheduler
Our output ought to seem like that pictured under.
Establishing Nginx as a Reverse Proxy
We’ve created persistent companies for the Airflow utility, so now we’ll arrange Nginx as a reverse proxy to reinforce our utility’s safety and scalability following the steps outlined under.
-
Log in to the Vultr Buyer Portal.
-
Navigate to the Merchandise web page.
-
From the aspect menu, increase the Community drop down, and choose DNS.
-
Click on the Add Area button within the heart.
-
Observe the setup process so as to add your area title by deciding on the IP handle of your server.
-
Set the next hostnames as your area’s major and secondary nameservers together with your area registrar:
- ns1.vultr.com
- ns2.vultr.com
-
Set up Nginx:
(airflow) $ apt set up nginx
-
Ensure that to examine if the Nginx server is up and operating:
(airflow) $ sudo systemctl standing nginx
-
Create a brand new Nginx digital host configuration file within the
sites-available
listing:(airflow) $ sudo nano /and many others/nginx/sites-available/airflow.conf
-
Add the configurations to the file.
These configurations will direct the visitors on our utility from the precise area to the backend server at
http://127.0.0.1:8080
utilizing a proxy move:server { hear 80; hear [::]:80; server_name airflow.instance.com; location / { proxy_pass http://127.0.0.1:8080; } }
Ensure that to switch
airflow.instance.com
with the precise area we added within the Vultr dashboard. -
Save and shut the file.
-
Hyperlink the configuration file to the
sites-enabled
listing to activate the configuration file:(airflow) $ sudo ln -s /and many others/nginx/sites-available/airflow.conf /and many others/nginx/sites-enabled/
-
Ensure that to examine the configuration for errors:
(airflow) $ sudo nginx -t
Our output ought to seem like that pictured under.
-
Restart Nginx to use adjustments:
(airflow) $ sudo systemctl reload nginx
-
Permit the HTTP port
80
by means of the firewall for all of the incoming connections:(airflow) $ sudo ufw permit 80/tcp
-
Permit the HTTPS port
443
by means of the firewall for all incoming connections:(airflow) $ sudo ufw permit 443/tcp
-
Reload firewall guidelines to save lots of adjustments:
(airflow) $ sudo ufw reload
Making use of Let’s Encrypt SSL Certificates to the Airflow Software
The final step is to use a Let’s Encrypt SSL Certificates to our Airflow utility in order that it turns into way more safe and saves our utility from undesirable assaults.
-
Utilizing Snap, set up the Certbot Let’s Encrypt consumer:
(airflow) $ snap set up --classic certbot
-
Get a brand new SSL certificates for our area:
(airflow) $ certbot --nginx -d airflow.instance.com
Ensure that to switch
airflow.instance.com
with our precise area title.
And when prompted enter an e-mail handle and press Y to just accept the Let’s Encrypt phrases. -
Check that the SSL certificates auto-renews upon expiry.
Auto-renewal makes positive our SSL certificates are updated, lowering the chance of certificates expiry and sustaining the safety of our utility:
(airflow) $ certbot renew --dry-run
-
Use an internet browser to open our Airflow utility:
https://airflow.instance.com
.When prompted, enter the username and password we created earlier.
Upon accessing the dashboard, all of the DAGs can be seen which are offered by default.
Conclusion
On this article, we demonstrated methods to create Conda environments, deploy a production-ready Airflow utility, and enhance the efficiency and safety of an utility.