Upgrade Puppet code to make Airflow configuration files compatible with version 2.5.0
Closed, ResolvedPublic5 Estimated Story Points
Actions

Assigned To

Authored By

	Snwachukwu
	Aug 18 2022, 4:05 PM

Description

The goal is:

and fix breaking changes
to avoid deprecation warnings.
add datahub kafka test connection config to puppet

Notice: When switching between versions, we need to run airflow db upgrade.

Details

Other Assignee: Snwachukwu

Project	Branch	Lines +/-	Subject
operations/puppet	production	+182 -47	Update airflow conf compatibility with airflow 2.5.0 connect postgresql
operations/puppet	production	+27 -3	Use Airflow 2.4.3 + Postgres in test-cluster
labs/private	master	+4 -0	Add some dummy tokens for the airflow_test database
operations/puppet	production	+16 -13	Update Puppet files for Airflow Upgrade to 2.3.2

Customize query in gerrit

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Open		Antoine_Quhen	T326193 Airflow upgrade (refactor deb creation + version bump + switch to PostgreSQL)
		Resolved		Stevemunene	T315580 Upgrade Puppet code to make Airflow configuration files compatible with version 2.5.0

Event Timeline

Snwachukwu created this task.Aug 18 2022, 4:05 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 18 2022, 4:05 PM

Snwachukwu added a parent task: T309552: Update Airflow DAGs code to make it compatible with version V2.3.4 of Airflow.Aug 18 2022, 4:05 PM

• EChetty moved this task from Ready to In Progress on the Data Pipelines (Sprint 00) board.Aug 18 2022, 4:07 PM

Snwachukwu added a project: Data-Engineering-Planning.Aug 18 2022, 4:11 PM

• EChetty moved this task from Backlog to Pipelines on the Data-Engineering-Planning board.Aug 24 2022, 11:16 AM

• EChetty edited projects, added Data Pipelines; removed Data Pipelines (Sprint 00).

Ottomata added a subscriber: Ottomata.Aug 24 2022, 8:44 PM

Change 827526 had a related patch set uploaded (by Snwachukwu; author: Snwachukwu):

[operations/puppet@production] Update Puppet files for Airflow Upgrade to 2.3.2

https://gerrit.wikimedia.org/r/827526

gerritbot added a project: Patch-For-Review.Aug 29 2022, 4:10 PM

Snwachukwu edited projects, added Data Pipelines (Sprint 00); removed Data Pipelines.Aug 29 2022, 4:16 PM

Snwachukwu moved this task from In Progress to In Review on the Data Pipelines (Sprint 00) board.

We should make sure the last version of the airflow deb is not shipping this version of zlib: zlib 1.2.12 h7f8727e_1 The ..._1 upload is no more on the conda forge.

Currently, when cloning env, we get:
CondaHTTPError: HTTP 404 NOT FOUND for url <https://repo.anaconda.com/pkgs/main/linux-64/zlib-1.2.12-h7f8727e_1.conda>

here: https://gitlab.wikimedia.org/repos/data-engineering/airflow-dags/-/blob/main/run_dev_instance.sh#L243

Tmp fix is to copy the missing file:

mkdir -p /tmp/aqu2/.conda/envs
cp -R ~/.conda/envs/airflow_development /tmp/aqu2/.conda/envs/
chmod -R 777 /tmp/aqu2
sudo -u analytics-privatedata ./run_dev_instance.sh -m /tmp/aqu2 analytics-test

Antoine_Quhen mentioned this in T316592: Airflow development environment broken on all stat100x machines.Aug 31 2022, 2:57 PM

Hey all - Just a note from the Security-Team and @MoritzMuehlenhoff - Airflow should be bumped to 2.3.4 so as to avoid introducing https://nvd.nist.gov/vuln/detail/CVE-2022-38054.

sbassett added a project: SecTeam-Processed.Sep 2 2022, 2:55 PM

In T315580#8208647, @sbassett wrote:

Hey all - Just a note from the Security-Team and @MoritzMuehlenhoff - Airflow should be bumped to 2.3.4 so as to avoid introducing https://nvd.nist.gov/vuln/detail/CVE-2022-38054.

In addition 2.3.4 will also address CVE-2022-38170: https://www.openwall.com/lists/oss-security/2022/09/02/3

• EChetty moved this task from In Review to Blocked/Paused on the Data Pipelines (Sprint 00) board.Sep 5 2022, 4:12 PM

• EChetty moved this task from Blocked/Paused to In Progress on the Data Pipelines (Sprint 00) board.

• EChetty edited projects, added Data Pipelines (Sprint 01); removed Data Pipelines (Sprint 00).Sep 6 2022, 10:00 AM

• EChetty moved this task from Ready to In Progress on the Data Pipelines (Sprint 01) board.Sep 6 2022, 10:04 AM

• EChetty set the point value for this task to 5.Sep 6 2022, 10:08 AM

• EChetty moved this task from In Progress to In Review on the Data Pipelines (Sprint 01) board.Sep 6 2022, 2:16 PM

• EChetty moved this task from In Review to In Progress on the Data Pipelines (Sprint 01) board.

JAllemandou mentioned this in T311976: Investigate why airflow sensor tasks fail without sending errors.Sep 7 2022, 2:29 PM

• EChetty moved this task from In Progress to Blocked/Paused on the Data Pipelines (Sprint 01) board.Sep 8 2022, 4:07 PM

sbassett added a project: Vuln-VulnComponent.Sep 12 2022, 2:10 PM

JArguello-WMF moved this task from Blocked/Paused to In Progress on the Data Pipelines (Sprint 01) board.Sep 19 2022, 4:06 PM

• EChetty edited projects, added Data Pipelines (Sprint 02); removed Data Pipelines (Sprint 01).Sep 26 2022, 12:56 PM

• EChetty moved this task from Ready to In Progress on the Data Pipelines (Sprint 02) board.Sep 26 2022, 12:57 PM

• EChetty moved this task from In Progress to Next Up on the Data Pipelines (Sprint 02) board.Sep 26 2022, 3:14 PM

• EChetty edited projects, added Data Pipelines; removed Data Pipelines (Sprint 02).

• EChetty moved this task from Backlog to Next Up (revisit every 2 sprints) on the Data Pipelines board.Oct 14 2022, 8:44 AM

BTullis renamed this task from Puppet change for Airflow Upgrade to Upgrade Airflow configuration file in puppet to be compatible with version 2.3.4.Dec 7 2022, 11:30 AM

BTullis updated the task description. (Show Details)

BTullis mentioned this in T309552: Update Airflow DAGs code to make it compatible with version V2.3.4 of Airflow.Dec 7 2022, 11:33 AM

BTullis mentioned this in T322036: Implement periodical cleaning of Airflow databases.

Antoine_Quhen claimed this task.Dec 13 2022, 4:46 PM

Antoine_Quhen updated Other Assignee, added: Snwachukwu.

Antoine_Quhen edited projects, added Data Pipelines (Sprint 05-06); removed Data Pipelines.

Change 867668 had a related patch set uploaded (by Aqu; author: Aqu):

[operations/puppet@production] Use Airflow 2.4.3 + Postgres in test-cluster

https://gerrit.wikimedia.org/r/867668

JArguello-WMF moved this task from Ready to In Progress on the Data Pipelines (Sprint 05-06) board.Dec 13 2022, 5:16 PM

JArguello-WMF moved this task from In Progress to Blocked/Paused on the Data Pipelines (Sprint 05-06) board.Dec 21 2022, 5:17 PM

Antoine_Quhen edited parent tasks, added: T326193: Airflow upgrade (refactor deb creation + version bump + switch to PostgreSQL); removed: T309552: Update Airflow DAGs code to make it compatible with version V2.3.4 of Airflow.Jan 4 2023, 8:53 AM

Antoine_Quhen renamed this task from Upgrade Airflow configuration file in puppet to be compatible with version 2.3.4 to Upgrade Puppet code to make Airflow configuration files compatible with version 2.3.4.Jan 4 2023, 2:38 PM

Antoine_Quhen updated the task description. (Show Details)

Antoine_Quhen reassigned this task from Antoine_Quhen to Stevemunene.Jan 9 2023, 4:05 PM

Antoine_Quhen moved this task from Blocked/Paused to In Progress on the Data Pipelines (Sprint 05-06) board.

@Stevemunene This should be doable with minimal puppet code changes, I believe only hiera data changes are needed.

Change 878128 had a related patch set uploaded (by Stevemunene; author: Stevemunene):

[operations/puppet@production] Update analytics_text conf compatibility with airflow2.3.4 connect postgresql

https://gerrit.wikimedia.org/r/878128

@Ottomata some changes were needed on the $airflow_config Hash to remove deprecated sql_alchemy_conn from [core] now in [database] Ref .This is also reflected in hieradata

Stevemunene mentioned this in T326195: Edit puppet code to provide Airflow the PostgreSQL connection.Jan 11 2023, 3:35 PM

• EChetty moved this task from Sprint 05-06 to Sprint 07 on the Data Pipelines board.Jan 16 2023, 4:10 PM

• EChetty edited projects, added Data Pipelines (Sprint 07); removed Data Pipelines (Sprint 05-06).

• EChetty moved this task from Ready to In Review on the Data Pipelines (Sprint 07) board.Jan 16 2023, 4:14 PM

• EChetty moved this task from In Review to In Progress on the Data Pipelines (Sprint 07) board.Jan 19 2023, 5:06 PM

Here are the last modifications to add to the airflow configuration in the puppet code.

Configuration changes to airflow.cfg:

# Rename dag_concurrency to max_active_tasks_per_dag
# And remove sql_alchemy_conn + load_default_connections
[core]
# sql_alchemy_conn = mysql://airflow_data_engineering_dev:password@an-db1001.eqiad.wmnet:5432/airflow_data_engineering_dev
# load_default_connections = False
# dag_concurrency = 6
max_active_tasks_per_dag = 6

# Move 2 parameters [database] from [core]
[database]
sql_alchemy_conn = postgresql://airflow_data_engineering_dev:password@an-db1001.eqiad.wmnet:5432/airflow_data_engineering_dev
load_default_connections = False

# Rename auth_backend to auth_backends with an `s`
[api]
#auth_backend = airflow.api.auth.backend.default
auth_backends = airflow.api.auth.backend.default

# New block to add
[datahub]
enabled = False
conn_id = datahub_kafka_test
cluster = test

Configuration changes in connections.yml:

analytics-test-hive:
  conn_type: hive_metastore
  host: analytics-test-hive.eqiad.wmnet
  port: 9083
  extra_dejson:
    # Rename authMechanism to auth_mechanism
    auth_mechanism: GSSAPI

# Add the following connection
datahub_kafka_test:
  conn_type: datahub_kafka
  host: kafka-test1006.eqiad.wmnet:9092

Stevemunene updated the task description. (Show Details)Jan 31 2023, 2:53 PM

Stevemunene moved this task from In Progress to In Review on the Data Pipelines (Sprint 07) board.Feb 2 2023, 12:56 PM

• EChetty moved this task from Sprint 07 to Sprint 08 on the Data Pipelines board.Feb 7 2023, 12:24 PM

• EChetty edited projects, added Data Pipelines (Sprint 08); removed Data Pipelines (Sprint 07).

• EChetty moved this task from Ready to In Review on the Data Pipelines (Sprint 08) board.

JArguello-WMF moved this task from In Review to In Progress on the Data Pipelines (Sprint 08) board.Feb 7 2023, 5:11 PM

Change 887735 had a related patch set uploaded (by Btullis; author: Btullis):

[labs/private@master] Add some dummy tokens for the airflow_test database

https://gerrit.wikimedia.org/r/887735

Change 887735 merged by Btullis:

[labs/private@master] Add some dummy tokens for the airflow_test database

https://gerrit.wikimedia.org/r/887735

BTullis mentioned this in rLPRI2cc9d6c5633d: Add some dummy tokens for the airflow_test database.Feb 8 2023, 10:35 AM

In T315580#8543559, @Antoine_Quhen wrote:

Here are the last modifications to add to the airflow configuration in the puppet code.

Configuration changes to airflow.cfg:

# Rename dag_concurrency to max_active_tasks_per_dag
# And remove sql_alchemy_conn + load_default_connections
[core]
# sql_alchemy_conn = mysql://airflow_data_engineering_dev:jah~Cae9ohzohjie@an-db1001.eqiad.wmnet:5432/airflow_data_engineering_dev
# load_default_connections = False
# dag_concurrency = 6
max_active_tasks_per_dag = 6

# Move 2 parameters [database] from [core]
[database]
sql_alchemy_conn = postgresql://airflow_data_engineering_dev:jah~Cae9ohzohjie@an-db1001.eqiad.wmnet:5432/airflow_data_engineering_dev
load_default_connections = False

# Rename auth_backend to auth_backends with an `s`
[api]
#auth_backend = airflow.api.auth.backend.default
auth_backends = airflow.api.auth.backend.default

# New block to add
[datahub]
enabled = False
conn_id = datahub_kafka_test
cluster = test

Configuration changes in connections.yml:

analytics-test-hive:
  conn_type: hive_metastore
  host: analytics-test-hive.eqiad.wmnet
  port: 9083
  extra_dejson:
    # Rename authMechanism to auth_mechanism
    auth_mechanism: GSSAPI

# Add the following connection
datahub_kafka_test:
  conn_type: datahub_kafka
  host: kafka-test1006.eqiad.wmnet:9092

We were able to recreate the airflow.cfg and connections.yml as described in the comment above. Enlisted help on the password/secrets management for psql connection and were able to solve it. Working on refactoring the puppet code to avail this in a cleaner manner as per review.

BTullis renamed this task from Upgrade Puppet code to make Airflow configuration files compatible with version 2.3.4 to Upgrade Puppet code to make Airflow configuration files compatible with version 2.5.0.Feb 15 2023, 2:05 PM

JArguello-WMF moved this task from In Progress to In Review on the Data Pipelines (Sprint 08) board.Feb 16 2023, 5:07 PM

JArguello-WMF edited projects, added Data Pipelines (Sprint 11); removed Data Pipelines (Sprint 08).Feb 20 2023, 5:24 PM

JArguello-WMF moved this task from Ready to Blocked/Paused on the Data Pipelines (Sprint 11) board.Feb 20 2023, 5:25 PM

JArguello-WMF moved this task from Blocked/Paused to In Review on the Data Pipelines (Sprint 11) board.

Puppet code updated to provide airflow version compatible config based on provided airflow version. This shall be updated once all instances are on the same upgraded airflow version.

Change 867668 abandoned by Ottomata:

[operations/puppet@production] Use Airflow 2.4.3 + Postgres in test-cluster

Reason:

Work being done in https://gerrit.wikimedia.org/r/c/operations/puppet/+/878128/36..48

https://gerrit.wikimedia.org/r/867668

JArguello-WMF moved this task from In Review to Ready to Deploy on the Data Pipelines (Sprint 11) board.Thu, Feb 23, 5:03 PM

Change 878128 merged by Nicolas Fraison:

[operations/puppet@production] Update airflow conf compatibility with airflow 2.5.0 connect postgresql

https://gerrit.wikimedia.org/r/878128

JArguello-WMF moved this task from Ready to Deploy to Done on the Data Pipelines (Sprint 11) board.Thu, Mar 2, 5:40 PM

JArguello-WMF closed this task as Resolved.Mon, Mar 13, 1:55 PM

sbassett removed a project: Patch-For-Review.Mon, Mar 13, 3:06 PM