Skip to main content
Version: 0.2.0

Sink CRD configurations

This document lists CRD configurations available for Pulsar sink connectors. The sink CRD configurations consist of sink connector configurations and the common CRD configurations.

Sink configurations

This table lists sink configurations.

FieldDescription
nameThe name of a sink connector.
classnameThe class name of a sink connector.
tenantThe tenant of a sink connector.
namespaceThe Pulsar namespace of a sink connector.
clusterNameThe Pulsar cluster of a sink connector.
replicasThe number of instances that you want to run this sink connector. By default, the replicas is set to 1.
maxReplicasThe maximum number of Pulsar instances that you want to run for this sink connector. When the value of the maxReplicas parameter is greater than the value of replicas, it indicates that the sink controller automatically scales the sink connector based on the CPU usage. By default, maxReplicas is set to 0, which indicates that auto-scaling is disabled.
sinkConfigThe sink connector configurations in YAML format.
timeoutThe message timeout in milliseconds.
negativeAckRedeliveryDelayMsThe number of redelivered messages due to negative acknowledgement.
autoAckWhether or not the framework acknowledges messages automatically. This field is required. You can set it to true or false.
maxMessageRetryHow many times to process a message before giving up.
processingGuaranteeThe processing guarantees (delivery semantics) applied to the sink connector. Available values: atleast_once, atmost_once, effectively_once.
retainOrderingThe sink connector consumes and processes messages in order.
deadLetterTopicThe topic where all messages that were not processed successfully are sent.
subscriptionNameThe subscription name of the sink connector if you want a specific subscription name for the input-topic consumer.
cleanupSubscriptionConfigure whether to clean up subscriptions.
subscriptionPositionThe subscription position.

Images

This section describes image options available for Pulsar sink CRDs.

Base runner

The base runner is an image base for other runners. The base runner is located at ./pulsar-functions-base-runner. The base runner image contains basic tool-chains like /pulsar/bin, /pulsar/conf and /pulsar/lib to ensure that the pulsar-admin CLI tool works properly to support Apache Pulsar Packages.

Runner images

Function Mesh uses runner images as images of Pulsar connectors. Each runner image only contains necessary tool-chains and libraries for specified runtime.

Pulsar connectors support using the Java runner images as their images. The Java runner is based on the base runner and contains the Java function instance to run Java functions or connectors. The streamnative/pulsar-functions-java-runner Java runner is stored at the Docker Hub and is automatically updated to align with Apache Pulsar release.

Image pull policies

When the Function Mesh Operator creates a container, it uses the imagePullPolicy option to determine whether the image should be pulled prior to starting the container. There are three possible values for the imagePullPolicy option:

FieldDescription
AlwaysAlways pull the image.
NeverNever pull the image.
IfNotPresentOnly pull the image if the image does not already exist locally.

Input

The input topics of a Pulsar Function. The following table lists options available for the Input.

FieldDescription
topicsThe configuration of the topic from which messages are fetched.
customSerdeSourcesThe map of input topics to SerDe class names (as a JSON string).
customSchemaSourcesThe map of input topics to Schema class names (as a JSON string).
sourceSpecsThe map of source specifications to consumer specifications. Consumer specifications include these options:
- SchemaType: the built-in schema type or custom schema class name to be used for messages fetched by the connector.
- SerdeClassName: the SerDe class to be used for messages fetched by the connector.
- IsRegexPattern: configure whether the input topic adopts a Regex pattern.
- SchemaProperties: the schema properties for messages fetched by the connector.
- ConsumerProperties: the consumer properties for messages fetched by the connector.
- ReceiverQueueSize: the size of the consumer receive queue.
- cryptoConfig: cryptography configurations of the consumer.

Resources

When you specify a function or connector, you can optionally specify how much of each resource they need. The resources available to specify are CPU and memory (RAM).

If the node where a Pod is running has enough of a resource available, it is possible (and allowed) for a Pod to use more resources than its request for that resource. However, a Pod is not allowed to use more than its resource limit.

Secrets

Function Mesh provides the secretsMap field for Function, Source, and Sink in the CRD definition. You can refer to the created secrets under the same namespace and the controller can include those referred secrets. The secrets are provide by EnvironmentBasedSecretsProvider, which can be used by context.getSecret() in Pulsar functions and connectors.

The secretsMap field is defined as a Map struct with String keys and SecretReference values. The key indicates the environment value in the container, and the SecretReference is defined as below.

FieldDescription
pathThe name of the secret in the Pod's namespace to select from.
keyThe key of the secret to select from. It must be a valid secret key.

Suppose that there is a Kubernetes Secret named credential-secret defined as below:

apiVersion: v1
data:
username: foo
password: bar
kind: Secret
metadata:
name: credential-secret
type: Opaque

To use it in Pulsar Functions in a secure way, you can define the secretsMap in the Custom Resource:

secretsMap:
username:
path: credential-secret
key: username
password:
path: credential-secret
key: password

Then, in the Pulsar Functions and Connectors, you can call context.getSecret("username") to get the secret value (foo).

Authentication

Function Mesh provides the tlsSecret and authSecret fields for Function, Source, and Sink in the CRD definition. You can configure TLS encryption and/or TLS authentication using the following configurations.

  • TLS Secret

    FieldDescription
    tlsAllowInsecureConnectionAllow insecure TLS connection.
    tlsHostnameVerificationEnableEnable hostname verification.
    tlsTrustCertsFilePathThe path of the TLS trust certificate file.
  • Authentication Secret

    FieldDescription
    clientAuthenticationPluginThe client authentication plugin.
    clientAuthenticationParametersThe client authentication parameters.

Packages

Function Mesh supports running Pulsar connectors in Java.

FieldDescription
jarLocationPath to the JAR file for the connector.
extraDependenciesDirIt specifies the dependent directory for the JAR package.

Cluster location

In Function Mesh, the Pulsar cluster is defined through a ConfigMap. Pods can consume ConfigMaps as environment variables in a volume. The Pulsar cluster ConfigMap defines the Pulsar cluster URLs.

FieldDescription
webServiceURLThe Web service URL of the Pulsar cluster.
brokerServiceURLThe broker service URL of the Pulsar cluster.

Pod specifications

Function Mesh supports customizing the Pod running Pulsar connectors. This table lists sub-fields available for the pod field.

FieldDescription
labelsSpecify labels attached to a Pod.
nodeSelectorSpecify a map of key-value pairs. For a Pod running on a node, the node must have each of the indicated key-value pairs as labels.
affinitySpecify the scheduling constraints of a Pod.
tolerationsSpecify the tolerations of a Pod.
annotationsSpecify the annotations attached to a Pod.
securityContextSpecify the security context for a Pod.
terminationGracePeriodSecondsIt is the amount of time that Kubernetes gives for a Pod before terminating it.
volumesIt is a list of volumes that can be mounted by containers belonging to a Pod.
imagePullSecretsIt is an optional list of references to secrets in the same namespace for pulling any of the images used by a Pod.
serviceAccountNameSpecify the name of the service account which is used to run Pulsar Functions or connectors.
initContainersThe initialization containers belonging to a Pod. A typical use case could be using an initialization container to download a remote JAR to a local path.
sidecarsSidecar containers run together with the main function container in a Pod.
builtinAutoscalerSpecify the built-in autoscaling rules.
- CPU-based autoscaling: auto-scale the number of Pods based on the CPU usage (80%, 50%, or 20%).
- Memory-based autoscaling: auto-scale the number of Pods based on the memory usage (80%, 50%, or 20%).
If you configure the builtinAutoscaler field, you do not need to configure the autoScalingMetrics and autoScalingBehavior options and vice versa.
autoScalingMetricsSpecify how to scale based on customized metrics defined in connectors. For details, see MetricSpec v2 autoscaling.
autoScalingBehaviorConfigure the scaling behavior of the target in both up and down directions (scaleUp and scaleDown fields respectively). If not specified, the default Kubernetes scaling behaviors are adopted. For details, see HorizontalPodAutoscalerBehavior v2 autoscaling.