Add description about secret_key when Webserver > 1 (apache#15546)

when running more than 1 intances of websever, make sure all of them use the same ``secret_key`` otherwise one of them will error with "CSRF session token is missing".

closes apache#15532

airflow/config_templates/config.yml

@@ -993,8 +993,9 @@
       default: "False"
     - name: secret_key
       description: |
-        Secret key used to run your flask app
-        It should be as random as possible
+        Secret key used to run your flask app. It should be as random as possible. However, when running
+        more than 1 instances of webserver, make sure all of them use the same ``secret_key`` otherwise
+        one of them will error with "CSRF session token is missing".
       version_added: ~
       type: string
       sensitive: true

airflow/config_templates/default_airflow.cfg

@@ -505,8 +505,9 @@ worker_refresh_interval = 6000
 # then reload the gunicorn.
 reload_on_plugin_change = False
 
-# Secret key used to run your flask app
-# It should be as random as possible
+# Secret key used to run your flask app. It should be as random as possible. However, when running
+# more than 1 instances of webserver, make sure all of them use the same ``secret_key`` otherwise
+# one of them will error with "CSRF session token is missing".
 secret_key = {SECRET_KEY}
 
 # Number of workers to run the Gunicorn web server