RE: Identifying a flink dashboard

[Schwalbe Matthias]

Hi Mike,

Let me sketch it:

  *   The trick I use (no idea if it is wise or not 😊 ) is to have 
nginx-ingress set up and then specify a service selecting the nginx…controller 
pods [1]
  *   You don’t need to bind to the node address (see externalIPs), you could 
much the same port-forward this service, but
the ingresses that specify the nginx-ingress, all relay over that same service, 
using a different https path respectively
  *   I’ll give an example configuration for flink-kubernetes-operator 
FlinkDeployment [2]
     *   template: is patched with the namespace and job name
     *   unfortunately, annotations: does not support templating (yet?),
     *   i.e. you need to manually replace the path which must be the same as 
what comes out of template:
     *   put in the <title/> whatever you like (that was your original question 
😊 )
  *   I work on a local VM with microk8s, so specifying that as externalIPs 
allows me to access it, however I also need to register this IP as 
local.ingress in my hosts file, and accept the certificate in the browser …
  *   In your case you could either expose that service with a port forward and 
also get the certificate and DNS business solved
  *   This is the result on my machine:

[cid:image001.png@01D9AA66.B544C770]




Hope that helps

Thias



[1] service-exposing-nginx-ingress-on-node.yaml :
apiVersion: v1
kind: Service
metadata:
  name: nginx-ingress-microk8s-service
  namespace: ingress
  labels:
    app: nginx-ingress
spec:
  ports:
    - port: 8095
      targetPort: http
      protocol: TCP
      name: http
    - port: 8444
      targetPort: https
      protocol: TCP
      name: https
  selector:
    name: nginx-ingress-microk8s
  externalIPs:
    - xxx.xxx.xxx.xxx


[2] basic.ingress.yaml :
################################################################################
#  Licensed to the Apache Software Foundation (ASF) under one
#  or more contributor license agreements.  See the NOTICE file
#  distributed with this work for additional information
#  regarding copyright ownership.  The ASF licenses this file
#  to you under the Apache License, Version 2.0 (the
#  "License"); you may not use this file except in compliance
#  with the License.  You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
# limitations under the License.
################################################################################
apiVersion: flink.apache.org/v1beta1
kind: FlinkDeployment
metadata:
  name: basic-ingress
  namespace: flink
spec:
  image: flink:1.16
  flinkVersion: v1_16
  ingress:
    template: "ingress.local/{{namespace}}/{{name}}(/|$)(.*)"
    className: "nginx"
    annotations:
      nginx.ingress.kubernetes.io/use-regex: "true"
      nginx.ingress.kubernetes.io/rewrite-target: "/$2"
      nginx.ingress.kubernetes.io/configuration-snippet: |
        proxy_set_header Accept-Encoding "";
        sub_filter_last_modified off;
        sub_filter '<base href="./">' '<base href="/flink/basic-ingress/">';
        sub_filter '<title>Apache Flink Web Dashboard</title>' '<title>flink: 
basic-ingress Dashboard</title>';
  flinkConfiguration:
    taskmanager.numberOfTaskSlots: "2"
  serviceAccount: flink
  jobManager:
    resource:
      memory: "2048m"
      cpu: 1
  taskManager:
    resource:
      memory: "2048m"
      cpu: 1
  job:
    jarURI: local:///opt/flink/examples/streaming/StateMachineExample.jar
    parallelism: 2
    upgradeMode: stateless

From: Mike Phillips <mike.phill...@intellisense.io>
Sent: Thursday, June 29, 2023 7:42 AM
To: Schwalbe Matthias <matthias.schwa...@viseca.ch>; user@flink.apache.org
Subject: Re: Identifying a flink dashboard

⚠EXTERNAL MESSAGE – CAUTION: Think Before You Click ⚠


G'day,

The flink and the dashboard are running in k8s and I am not on the same network.
We don't have a VPN into the cluster. (Don't ask)

I am not sure how I would access the dashboard without having a port forward.

On 28/06/2023 14:39, Schwalbe Matthias wrote:
Good Morning Mike,

As a quick fix, sort of, you could use an Ingress on nginx-ingress (instead of 
the port-forward) and
Add a sub_filter rule to patch the HTML response.
I use this to add a <base …/> tag to the header and for the Flink-Dashboard I 
experience no glitches.

As to point 3. … you don’t need to expose that Ingress to the internet, but 
only to the node IP, so it becomes visible only within your network, … there is 
a number of ways doing it

I could elaborate a little more, if interested

Hope this helps

Thias


From: Mike Phillips 
<mike.phill...@intellisense.io><mailto:mike.phill...@intellisense.io>
Sent: Wednesday, June 28, 2023 3:47 AM


G'day Alex,

Thanks!

1 - hmm.... maybe beyond my capabilities presently
2 - Yuck! :-) Will look at this
3 - Not possible, the dashboards are not accessible via the internet, so we use 
kube and port forward, URL looks like http://wobbegong:30000/ the port changes
4 - I think this requires the dashboard be internet accessible?

On Tue, 27 Jun 2023 at 17:21, Alexander Fedulov 
<alexander.fedu...@gmail.com<mailto:alexander.fedu...@gmail.com>> wrote:
Hi Mike,

no, it is currently hard-coded
https://github.com/apache/flink/blob/master/flink-runtime-web/web-dashboard/src/app/app.component.html#L23

Your options are:
1. Contribute a change to make it configurable
2. Use some browser plugin that allows renaming page titles
3. Always use different ports and bookmark the URLs accordingly
4. Use an Ingress in k8s

Best,
Alex

On Tue, 27 Jun 2023 at 05:58, Mike Phillips 
<mike.phill...@intellisense.io<mailto:mike.phill...@intellisense.io>> wrote:
G'day all,

Not sure if this is the correct place but...
We have a number of flink dashboards and it is difficult to know what dashboard 
we are looking at.
Is there a configurable way to change the 'Apache Flink Dashboard' heading on 
the dashboard?
Or some other way of uniquely identifying what dashboard I am currently looking 
at?
Flink is running in k8s and we use kubectl port forwarding to connect to the 
dashboard so we can't ID using the URL




Diese Nachricht ist ausschliesslich für den Adressaten bestimmt und beinhaltet 
unter Umständen vertrauliche Mitteilungen. Da die Vertraulichkeit von 
e-Mail-Nachrichten nicht gewährleistet werden kann, übernehmen wir keine 
Haftung für die Gewährung der Vertraulichkeit und Unversehrtheit dieser 
Mitteilung. Bei irrtümlicher Zustellung bitten wir Sie um Benachrichtigung per 
e-Mail und um Löschung dieser Nachricht sowie eventueller Anhänge. Jegliche 
unberechtigte Verwendung oder Verbreitung dieser Informationen ist streng 
verboten.

This message is intended only for the named recipient and may contain 
confidential or privileged information. As the confidentiality of email 
communication cannot be guaranteed, we do not accept any responsibility for the 
confidentiality and the intactness of this message. If you have received it in 
error, please advise the sender by return e-mail and delete this message and 
any attachments. Any unauthorised use or dissemination of this information is 
strictly prohibited.