Overview

IBM® Automation Flink, which is based on Apache Flink®, provides event-processing capabilities.

Event processing involves listening for events from one or more sources, performing meaningful operations such as aggregation and pattern detection, and then sending the processed events to one or more consumers or data stores.

A Flink cluster is an event processor, and a Flink job is an event processing task.

The iaf-flink-operator-controller-manager deployment provides the FlinkCluster APIs.

Prerequisites

The IBM Automation Flink service needs the following components:

Connection details for Elasticsearch

For easier access to Elastic runtime from within a Flink Job, you can provide the connection details in the FlinkCluster CR. Specify the following values for environment variables, volumes, and volumeMounts, with the connection credentials.

  envVars:
    - name: ELASTIC_AUTH_TYPE
      value: BASIC
    - name: ELASTIC_BASIC_USERNAME_PATH
      value: /var/iaf/auth/elastic/username
    - name: ELASTIC_BASIC_PASSWORD_PATH
      value: /var/iaf/auth/elastic/password
    - name: ELASTIC_TRUSTSTORE_PATH
      value: /opt/flink/truststore.p12
    - name: ELASTIC_CERTIFICATES
      value: /var/iaf/cacerts/elastic/ca.crt
    - name: ELASTIC_TRUSTSTORE_TYPE
      value: PKCS12
    - name: ELASTIC_TRUSTSTORE_PASSWORD_PATH
      value: /var/iaf/truststore/password
    - name: ELASTIC_TLS_VERSION
      value: TLSv1.2
    - name: ELASTIC_URI
      value: 'https://[location of iaf-system-elasticsearch-es Service]:9200' # e.x. https://iaf-system-elasticsearch-es.iaf:9200
    volumeMounts:
      - mountPath: /var/iaf/auth/elastic
        name: elastic-authentication
      - mountPath: /var/iaf/cacerts/elastic
        name: elastic-certificates
    volumes:
      - name: elastic-authentication
        secret:
          secretName: [cartridge-name]-es-auth
      - name: elastic-certificates
        secret:
          secretName: [automationbase-name]-automationbase-ab-ca

Storage

An RWX, shared PersistentVolumeClaim (PVC) for the Flink JobManagers and TaskManagers provides stateful checkpoint and savepoint for Flink jobs. When you have more than 1 Flink replica, the RWX PVC is mandatory.

For a single replica, you can mount the volume as read/write on a single node.

Note: Make sure that you provision an RWX storage class in your cluster.

In the FlinkCluster CR, provide the following PVC as the volume jobs-storage:

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: icp4adeploy-bai-pvc
spec:
  accessModes:
  - ReadWriteMany
  resources:
    requests:
      storage: 20Gi
  storageClassName: ocs-storagecluster-cephfs

Example Flink Cluster CR

A Flink cluster CR with status is shown in the following example:

apiVersion: flink.automation.ibm.com/v1beta1
kind: FlinkCluster
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration:
  name: rl-flink-test
  namespace: rl-flink-control
  labels:
    app: flink
    app.kubernetes.io/managed-by: iaf-flink-operator
spec:
  version: v1
status:
  basicAuthSecretName: rl-flink-test-admin-user
  components:
    configMap:
      name: rl-flink-test-configmap
      state: Ready
    jobManagerService:
      name: rl-flink-test-jobmanager
      state: Ready
    jobManagerStatefulSet:
      name: rl-flink-test-jobmanager
      state: Ready
    taskManagerService:
      name: rl-flink-test-taskmanager
      state: Ready
    taskManagerStatefulSet:
      name: rl-flink-test-taskmanager
      state: NotReady
  state: Reconciling
  versions:
    available:
      channels:
        - name: v1
        - name: v1.4
        - name: v1.3
        - name: v1.2
        - name: v1.1
        - name: v1.0
      versions:
        - name: 1.4.0
        - name: 1.3.0
        - name: 1.2.1
        - name: 1.2.0
        - name: 1.1.0
        - name: 1.0.0
    reconciled: 1.4.0