Chainguard Container for flink

Apache Flink is an open source stream processing framework with powerful stream- and batch-processing capabilities.

Chainguard Containers are regularly-updated, secure-by-default container images.

Download this Container Image

For those with access, this container image is available on cgr.dev:

docker pull cgr.dev/ORGANIZATION/flink:latest

Be sure to replace the ORGANIZATION placeholder with the name used for your organization's private repository within the Chainguard Registry.

Usage

One of the simplest ways to get started with Apache Flink on Kubernetes is to use the Flink Kubernetes Operator provided by the Apache Flink community. The Flink Kubernetes Operator is a Kubernetes custom controller that simplifies the deployment and management of Apache Flink applications on Kubernetes.

Deploying Apache Flink on Kubernetes

The following example shows how to deploy Apache Flink on Kubernetes using the Flink Kubernetes Operator.

1. Install the Flink Kubernetes Operator by following the instructions in the Flink Kubernetes Operator documentation.

2. Create a FlinkDeployment resource to deploy Apache Flink on Kubernetes. The following example shows a basic FlinkDeployment resource that deploys a Flink job using the StateMachineExample.jar example JAR file.

⚠️ Note: Do not forget to deploy the FlinkDeployment with the same namespace where the Flink Kubernetes Operator is running.

apiVersion: flink.apache.org/v1beta1
kind: FlinkDeployment
metadata:
  name: basic-example
spec:
  image: cgr.dev/chainguard-private/flink:latest
  flinkVersion: v1_17
  flinkConfiguration:
    taskmanager.numberOfTaskSlots: "2"
  serviceAccount: flink
  jobManager:
    resource:
      memory: "2048m"
      cpu: 1
  taskManager:
    resource:
      memory: "2048m"
      cpu: 1
  job:
    jarURI: local:///opt/flink/examples/streaming/StateMachineExample.jar
    parallelism: 2
    upgradeMode: stateless

3. Apply the FlinkDeployment resource to deploy Apache Flink on Kubernetes.

kubectl apply -f flink-deployment.yaml

4. Monitor the Flink job by viewing the logs of the Flink job manager and task manager pods.

kubectl logs -f deploy/basic-example

5. To access the Flink web UI, port-forward the Flink job manager service to your local machine.

kubectl port-forward svc/basic-example-rest 8081

6. Open a web browser and navigate to http://localhost:8081 to access the Flink web UI.

That's it! You have successfully deployed Apache Flink on Kubernetes using the Flink Kubernetes Operator.

What are Chainguard Containers?

Chainguard Containers are minimal container images that are secure by default.

In many cases, the Chainguard Containers tagged as :latest contain only an open-source application and its runtime dependencies. These minimal container images typically do not contain a shell or package manager. Chainguard Containers are built with Wolfi, our Linux undistro designed to produce container images that meet the requirements of a more secure software supply chain.

The main features of Chainguard Containers include:

• Minimal design, without unnecessary software bloat
• Daily builds to ensure container images are up-to-date with available security patches
• High quality build-time SBOMs attesting to the provenance of all artifacts within the image
• Verifiable signatures provided by Sigstore
• Reproducible builds with Cosign and apko (read more about reproducibility)

For cases where you need container images with shells and package managers to build or debug, most Chainguard Containers come paired with a -dev variant.

Although the -dev container image variants have similar security features as their more minimal versions, they feature additional software that is typically not necessary in production environments. We recommend using multi-stage builds to leverage the -dev variants, copying application artifacts into a final minimal container that offers a reduced attack surface that won’t allow package installations or logins.

Learn More

To better understand how to work with Chainguard Containers, please visit Chainguard Academy and Chainguard Courses.

In addition to Containers, Chainguard offers VMs and Libraries. Contact Chainguard to access additional products.

Trademarks

This software listing is packaged by Chainguard. The trademarks set forth in this offering are owned by their respective companies, and use of them does not imply any affiliation, sponsorship, or endorsement by such companies.