Homepage
/
Cloudera Streaming Analytics
1.5.0
(Private Cloud)
Search Documentation
▶︎
Cloudera
Reference Architectures
▶︎
Cloudera Public Cloud
Getting Started
Patterns
Preview Features
Data Catalog
Data Engineering
DataFlow
Data Hub
Data Warehouse
Data Warehouse Runtime
Cloudera AI
Management Console
Operational Database
Replication Manager
DataFlow for Data Hub
Runtime
▼
Cloudera Private Cloud
Getting Started
Base
Upgrade
Flow Management
Streaming Analytics
▶︎
Cloudera Manager
Cloudera Manager
▶︎
Applications
Cloudera Streaming Community Edition
Data Science Workbench
Data Visualization
Edge Management
Observability SaaS
Observability on premises
Workload XM On-Prem
▶︎
Legacy
Cloudera Enterprise
Flow Management
Stream Processing
HDP
HDF
Streams Messaging Manager
Streams Replication Manager
▶︎
Getting Started
Base
Upgrade
Flow Management
Streaming Analytics
«
Filter topics
Cloudera Streaming Analytics
▶︎
Release Notes
CVE-2021-45105 & CVE-2021-44832 remediation for CSA
What's new in Cloudera Streaming Analytics
Component support
Known issues and limitations
Unsupported features
▶︎
Download
Download location of CSA
▶︎
Apache Flink Overview
Streaming Analytics in Cloudera
What is Apache Flink?
Core Features of Flink
▶︎
SQL Stream Builder Overview
Introduction to SQL Stream Builder
Key features of SSB
Connector support in SSB
SQL Stream Builder architecture
▶︎
Commmunity Edition
▶︎
Community Edition Overview
Architecture
Release Notes
▶︎
Installing CSA Community Edition
System Prerequisites
▶︎
Community Edition Quickstart Guide
Creating a table
Running a SELECT query
Creating and querying a view
Adding a sink using a template
Adding a Materialized View
Troubleshooting
▶︎
Quick Start
▶︎
DataStream Applications
Quick Start for Flink
Flink Project Template
▶︎
SQL Stream Applications
Quick Start for SSB
▶︎
Deployment
Deployment scenarios
Cluster service layout with Flink
Cluster service layout with SSB
▶︎
Installation & Upgrade
▶︎
Support Matrix
System Requirements
Flink API Support
Default ports for Flink and SSB
▶︎
Installation
Installing CSD and parcel
▶︎
Adding Flink as a Service
Setting up your HDFS Home directory
Setting the Java executable for the Flink client
▶︎
Configuring databases for SSB
Setting up MySQL/MariaDB database for SSB
Setting up PostgreSQL database for SSB
Setting up Oracle database for SSB
Adding SSB as a service
▶︎
Upgrade
▶︎
Upgrading Flink service
Creating new Flink application versions
Stopping Flink applications
Upgrading CSA artifacts for Flink service
Resuming Flink applications
▶︎
Upgrading SQL Stream Builder service
Stopping SQL Stream jobs
Upgrading CSA artifacts for SQL Stream Builder service
Resuming SQL jobs
▶︎
Migration
Migrating Flink service to a different host
▼
Security
▼
Securing Apache Flink
Authentication and encryption for Flink
▶︎
Enabling security for Apache Flink
Configuring custom Kerberos principal for Apache Flink
Enabling SPNEGO authentication for Flink Dashboard
▶︎
Enabling Knox authentication for Flink Dashboard
Enabling Knox Auto Discovery for Flink
Enabling Knox manually for Flink Dashboard
Accessing the Flink Dashboard through Knox
Configuring Ranger policies for Flink
Securing Apache Flink jobs
Using EncryptTool for Flink properties
▶︎
Securing SQL Stream Builder
▶︎
Authentication in SSB
▶︎
Enabling Kerberos authentication
Configuring custom Kerberos principal for SQL Stream Builder
▶︎
Enabling Knox authentication
Enabling Knox Auto Discovery for SSB
▶︎
Enabling Knox manually for SSB
Extending Knox with the SSB service definitions
Adding SSB services to the default topologies
Defining the external URLs in SSB
Accessing the Streaming SQL Console through Knox
Uploading and unlocking your keytab in SSB
▶︎
Encryption in SSB
Enabling TLS for database connection
Configuring Ranger policies for SSB
Managing teams in Streaming SQL Console
▶︎
Using SQL Stream Builder
▶︎
Getting Started
Running a simple SQL job
▶︎
Streaming SQL Console
▶︎
Using the Streaming SQL Console
▶︎
Console Page
Compose Tab
Tables Tab
Functions Tab
History Tab
SQL Jobs Tab
Data Providers Page
Materialized Views Page
▶︎
Data Providers
▶︎
Registering Data Providers in SSB
Adding Kafka as Data Provider
Adding Schema Registry as Catalog
Adding Kudu as Catalog
Adding Hive as Catalog
Adding Custom Catalogs
Managing registered Data Providers
▶︎
Creating Tables
Concept of tables in SSB
Supported tables in SSB
▶︎
Creating Kafka tables
▶︎
Creating Kafka tables using Console wizard
Configuring Kafka tables
Creating Kafka tables using Templates
Integration with Kafka
Creating Flink tables using Templates
Creating Webhook tables
Managing time in SSB
▶︎
Flink SQL
▶︎
Flink SQL Overview
Flink DDL
Flink DML
Flink Queries
Other supported statements
SQL Examples
▶︎
Enriching streaming data with join
Joining streaming and bounded tables
Example: joining Kafka and Kudu tables
▶︎
Job Lifecycle
Running SQL Stream jobs
Configuring SQL job settings
Stopping, restarting and editing SQL jobs
Sampling data for a running job
▶︎
Managing session for SQL jobs
Executing SQL jobs in production mode
Using SQL Stream Builder REST API
▶︎
Materialized Views
Introduction to Materialized Views
Creating Materialized Views
Using Dynamic Materialized View Endpoints
Using SQL Stream Builder with Cloudera Data Visualization
▶︎
Input Transforms
Creating Input Transforms
▶︎
User Defined Functions
Creating a JavaScript function
Developing JavaScript functions
Adding Java to the Functions language option
▶︎
Monitoring
Monitoring SQL Stream jobs
Enabling Flink DEBUG logging for SQL Stream Builder
▶︎
Governance
SSB metadata collection using Atlas
▶︎
Reference
SQL Syntax Guide
▶︎
Using Apache Flink
▶︎
Getting Started
Running a simple Flink application
▶︎
Application Development
▶︎
Flink application structure
Source, operator and sink in DataStream API
Flink application example
Testing and validating Flink applications
▶︎
Configuring Flink applications
Setting parallelism and max parallelism
Configuring Flink application resources
Configuring RocksDB state backend
Enabling checkpoints for Flink applications
▶︎
DataStream Connectors
▶︎
HBase sink with Flink
Creating and configuring the HBaseSinkFunction
▶︎
Kafka with Flink
▶︎
Schema Registry with Flink
ClouderaRegistryKafkaSerializationSchema
ClouderaRegistryKafkaDeserializationSchema
Kafka Metrics Reporter
Kudu with Flink
▶︎
Job Lifecycle
Running a Flink job
Using Flink CLI
Enabling savepoints for Flink applications
▶︎
Monitoring
Flink Dashboard
Streams Messaging Manager integration
▶︎
SQL and Table API
▶︎
Flink SQL and Table API
SQL and Table API supported features
▶︎
DataStream API interoperability
Converting DataStreams to Tables
Converting Tables to DataStreams
Supported data types
▶︎
SQL catalogs for Flink
Hive catalog
Kudu catalog
Schema Registry catalog
▶︎
SQL connectors for Flink
Kafka connector
▶︎
Data types for Kafka connector
JSON format
CSV format
▶︎
Avro format
Supported basic data types
Schema Registry Avro format
▶︎
SQL Statements in Flink
CREATE Statements
DROP Statements
ALTER Statements
INSERT Statements
SQL Queries in Flink
▶︎
Governance
▶︎
Flink metadata collection using Atlas
Atlas entities in Flink metadata collection
Creating Atlas entity type definitions for Flink
Verifying metadata collection
▶︎
Reference
Flink Terminology
Cloudera Flink Tutorials
▶︎
Storm Flink Migration
▶︎
Comparing Storm and Flink
Conceptual differences
Differences in architecture
Differences in data distribution
Migrating from Storm to Flink
SQL Stream Builder REST API Reference
Accessing the Flink Dashboard through Knox
Accessing the Streaming SQL Console through Knox
Adding a Materialized View
Adding a sink using a template
Adding Custom Catalogs
Adding Flink as a Service
Adding Hive as Catalog
Adding Java to the Functions language option
Adding Kafka as Data Provider
Adding Kudu as Catalog
Adding Schema Registry as Catalog
Adding SSB as a service
Adding SSB services to the default topologies
ALTER Statements
Apache Flink Overview
Application Development
Architecture
Atlas entities in Flink metadata collection
Authentication and encryption for Flink
Authentication in SSB
Avro format
Cloudera Flink Tutorials
Cloudera Streaming Analytics
ClouderaRegistryKafkaDeserializationSchema
ClouderaRegistryKafkaSerializationSchema
Cluster service layout with Flink
Cluster service layout with SSB
Commmunity Edition
Community Edition Overview
Community Edition Quickstart Guide
Comparing Storm and Flink
Component support
Compose Tab
Concept of tables in SSB
Conceptual differences
Configuring custom Kerberos principal for Apache Flink
Configuring custom Kerberos principal for SQL Stream Builder
Configuring databases for SSB
Configuring Flink application resources
Configuring Flink applications
Configuring Kafka tables
Configuring Ranger policies for Flink
Configuring Ranger policies for SSB
Configuring RocksDB state backend
Configuring SQL job settings
Connector support in SSB
Console Page
Converting DataStreams to Tables
Converting Tables to DataStreams
Core Features of Flink
CREATE Statements
Creating a JavaScript function
Creating a table
Creating and configuring the HBaseSinkFunction
Creating and querying a view
Creating Atlas entity type definitions for Flink
Creating Flink tables using Templates
Creating Input Transforms
Creating Kafka tables
Creating Kafka tables using Console wizard
Creating Kafka tables using Templates
Creating Materialized Views
Creating new Flink application versions
Creating Tables
Creating Webhook tables
CSV format
CVE-2021-45105 & CVE-2021-44832 remediation for CSA
Data Providers
Data Providers Page
Data types for Kafka connector
DataStream API interoperability
DataStream Applications
DataStream Connectors
Default ports for Flink and SSB
Defining the external URLs in SSB
Deployment
Deployment scenarios
Developing JavaScript functions
Differences in architecture
Differences in data distribution
Download
Download location of CSA
DROP Statements
Enabling checkpoints for Flink applications
Enabling Flink DEBUG logging for SQL Stream Builder
Enabling Kerberos authentication
Enabling Knox authentication
Enabling Knox authentication for Flink Dashboard
Enabling Knox Auto Discovery for Flink
Enabling Knox Auto Discovery for SSB
Enabling Knox manually for Flink Dashboard
Enabling Knox manually for SSB
Enabling savepoints for Flink applications
Enabling security for Apache Flink
Enabling SPNEGO authentication for Flink Dashboard
Enabling TLS for database connection
Encryption in SSB
Enriching streaming data with join
Example: joining Kafka and Kudu tables
Executing SQL jobs in production mode
Extending Knox with the SSB service definitions
Flink API Support
Flink application example
Flink application structure
Flink Dashboard
Flink DDL
Flink DML
Flink metadata collection using Atlas
Flink Project Template
Flink Queries
Flink SQL
Flink SQL and Table API
Flink SQL Overview
Flink Terminology
Functions Tab
Getting Started
Getting Started
Governance
Governance
HBase sink with Flink
History Tab
Hive catalog
Input Transforms
INSERT Statements
Installation
Installing CSA Community Edition
Installing CSD and parcel
Integration with Kafka
Introduction to Materialized Views
Introduction to SQL Stream Builder
Job Lifecycle
Job Lifecycle
Joining streaming and bounded tables
JSON format
Kafka connector
Kafka Metrics Reporter
Kafka with Flink
Key features of SSB
Known issues and limitations
Kudu catalog
Kudu with Flink
Managing registered Data Providers
Managing session for SQL jobs
Managing teams in Streaming SQL Console
Managing time in SSB
Materialized Views
Materialized Views Page
Migrating Flink service to a different host
Migrating from Storm to Flink
Migration
Monitoring
Monitoring
Monitoring SQL Stream jobs
Other supported statements
Quick Start for Flink
Quick Start for SSB
Reference
Reference
Registering Data Providers in SSB
Release Notes
Release Notes
Resuming Flink applications
Resuming SQL jobs
Running a Flink job
Running a SELECT query
Running a simple Flink application
Running a simple SQL job
Running SQL Stream jobs
Sampling data for a running job
Schema Registry Avro format
Schema Registry catalog
Schema Registry with Flink
Securing Apache Flink
Securing Apache Flink jobs
Securing SQL Stream Builder
Security
Setting parallelism and max parallelism
Setting the Java executable for the Flink client
Setting up MySQL/MariaDB database for SSB
Setting up Oracle database for SSB
Setting up PostgreSQL database for SSB
Setting up your HDFS Home directory
Source, operator and sink in DataStream API
SQL and Table API
SQL and Table API supported features
SQL catalogs for Flink
SQL connectors for Flink
SQL Examples
SQL Jobs Tab
SQL Queries in Flink
SQL Statements in Flink
SQL Stream Applications
SQL Stream Builder architecture
SQL Stream Builder Overview
SQL Syntax Guide
SSB metadata collection using Atlas
Stopping Flink applications
Stopping SQL Stream jobs
Stopping, restarting and editing SQL jobs
Storm Flink Migration
Streaming Analytics in Cloudera
Streaming SQL Console
Streams Messaging Manager integration
Support Matrix
Supported basic data types
Supported data types
Supported tables in SSB
System Prerequisites
System Requirements
Tables Tab
Testing and validating Flink applications
Troubleshooting
Unsupported features
Upgrade
Upgrading CSA artifacts for Flink service
Upgrading CSA artifacts for SQL Stream Builder service
Upgrading Flink service
Upgrading SQL Stream Builder service
Uploading and unlocking your keytab in SSB
User Defined Functions
Using Dynamic Materialized View Endpoints
Using EncryptTool for Flink properties
Using Flink CLI
Using SQL Stream Builder REST API
Using SQL Stream Builder with Cloudera Data Visualization
Using the Streaming SQL Console
Verifying metadata collection
What is Apache Flink?
What's new in Cloudera Streaming Analytics
«
Filter topics
Securing Apache Flink
▼
Securing Apache Flink
Authentication and encryption for Flink
▶︎
Enabling security for Apache Flink
Configuring custom Kerberos principal for Apache Flink
Enabling SPNEGO authentication for Flink Dashboard
▶︎
Enabling Knox authentication for Flink Dashboard
Enabling Knox Auto Discovery for Flink
Enabling Knox manually for Flink Dashboard
Accessing the Flink Dashboard through Knox
Configuring Ranger policies for Flink
Securing Apache Flink jobs
Using EncryptTool for Flink properties
▶︎
Securing SQL Stream Builder
▶︎
Authentication in SSB
▶︎
Enabling Kerberos authentication
Configuring custom Kerberos principal for SQL Stream Builder
▶︎
Enabling Knox authentication
Enabling Knox Auto Discovery for SSB
▶︎
Enabling Knox manually for SSB
Extending Knox with the SSB service definitions
Adding SSB services to the default topologies
Defining the external URLs in SSB
Accessing the Streaming SQL Console through Knox
Uploading and unlocking your keytab in SSB
▶︎
Encryption in SSB
Enabling TLS for database connection
Configuring Ranger policies for SSB
Managing teams in Streaming SQL Console
»
Security
Securing Apache Flink
Authentication and encryption for Flink
You must use authentication and encryption to secure your data and data sources. You can use Kerberos and TLS/SSL authentication to secure your Flink jobs. The administrator should provide your keystore and truststore credentials for your Cloudera user.
Enabling security for Apache Flink
Since Flink is essentially just a YARN application, you mainly need to configure service level security settings for the Flink Dashboard and Gateway in Cloudera Manager. You can configure security during the installation or later in the Configuration menu for Flink.
Enabling SPNEGO authentication for Flink Dashboard
You must manually configure the SPNEGO authentication for Flink Dashboard in Cloudera Manager to enable secure access for users as by default the authentication is turned off.
Enabling Knox authentication for Flink Dashboard
You can use Knox authentication for Flink Dashboard to provide integration with customer Single Sign-On (SSO) solutions. Knox uses Kerberos (SPNEGO) to strongly authenticate itself towards the services.
Configuring Ranger policies for Flink
You must add Flink users to the Ranger policies that are used by Kafka, Schema Registry, and Kudu to provide access to topics, schemas and tables provided by the components.
Securing Apache Flink jobs
Submitting Flink jobs in a secure environment requires every security parameter for authentication, authorization and other connector related security settings. You should prepare your keystore and keytab files for Flink and for also the chosen connector component.
Using EncryptTool for Flink properties
Cloudera Streaming Analytics offers EncryptTool to further protect your user information and configurations when communicating with Flink using the command line. After generating a master key to the user, you need to manually encrypt the parameters and Flink automatically decrypts the protected values. You also must enable EncryptTool protection in the configuration file for Flink.
Feedback
We want your opinion
How can we improve this page?
What kind of feedback do you have?
I like something
I have an idea
Something's not working
Can we contact you for follow-up on this?
Back
Submit
OK
This site uses cookies and related technologies, as described in our
privacy policy
, for purposes that may include site operation, analytics, enhanced user experience, or advertising. You may choose to consent to our use of these technologies, or
manage your own preferences.
Accept all
1.14.0
1.13.3
1.13.2
1.13.1
1.13.0
1.12.0
1.11.2
1.11.1
1.11.0
1.10.0
1.9.0
1.8.0
1.7.0
1.6
1.6.3
1.6.2
1.6.1
1.6.0
1.5
1.5.3
1.5.1
1.5.0
1.4
1.4.1
1.4.0
1.3.0
1.2.0
1.1.0
