Delivering data to Yandex Managed Service for OpenSearch using Yandex Data Transfer

A Yandex Managed Service for OpenSearch cluster can ingest data from Apache Kafka® topics in real time.

To start data delivery:

1. Prepare your test data.
2. Configure the target cluster.
3. Prepare and activate your transfer.
4. Test the transfer.

If you no longer need the resources you created, delete them.

Required paid resourcesRequired paid resources

• Managed Service for Apache Kafka® cluster, which includes computing resources allocated to hosts, storage and backup size (see Managed Service for Apache Kafka® pricing).
• Managed Service for OpenSearch cluster, which includes the use of computing resources and storage size (see Managed Service for OpenSearch pricing).
• Public IP addresses if public access is enabled for cluster hosts (see Yandex Virtual Private Cloud pricing).

Getting startedGetting started

1. Set up your data delivery infrastructure:

   Manually

   Terraform

   Note

   Public access to cluster hosts is required if you plan to connect to the cluster via the internet. This connection option is simpler and is recommended for the purposes of this guide. You can connect to non-public hosts as well but only from Yandex Cloud virtual machines located in the same cloud network as the cluster.

   1. Create a Managed Service for Apache Kafka® source cluster with your preferred configuration. Enable public access to the cluster during creation so you can connect to it from your local machine. Connections from within the Yandex Cloud network are enabled by default.

   2. In the source cluster, create a topic named sensors.

   3. In the source cluster, create a user named mkf-user with the ACCESS_ROLE_PRODUCER and ACCESS_ROLE_CONSUMER permissions for the new topic.

   4. Create a Managed Service for OpenSearch target cluster in any suitable configuration with the following settings:

      • In the same availability zone as the source cluster.
      • With public access to hosts with the DATA role.

   5. To connect to the cluster from your local machine, configure the security groups as follows:

      • Managed Service for Apache Kafka®.
      • Managed Service for OpenSearch.

   1. If you do not have Terraform yet, install it.

   2. Get the authentication credentials. You can add them to environment variables or specify them later in the provider configuration file.

   3. Configure and initialize a provider. There is no need to create a provider configuration file manually, you can download it.

   4. Place the configuration file in a separate working directory and specify the parameter values. If you did not add the authentication credentials to environment variables, specify them in the configuration file.

   5. Download the data-transfer-mkf-mos.tf configuration file to the same working directory.

      This file describes:

      • Network.
      • Subnet.
      • Security group and the rules allowing connections to the Managed Service for Apache Kafka® and Managed Service for OpenSearch clusters.
      • Managed Service for Apache Kafka® source cluster.
      • Apache Kafka® topic named sensors.
      • Apache Kafka® user named mkf-user with the ACCESS_ROLE_PRODUCER and ACCESS_ROLE_CONSUMER access permissions to the sensors topic.
      • Managed Service for OpenSearch target cluster.
      • Transfer.

   6. In the data-transfer-mkf-mos.tf file, specify these variables:

      • kf_version: Apache Kafka® version in the source cluster.
      • kf_user_password: mkf-user user password.
      • os_version: OpenSearch version in the source cluster.
      • os_user_password: admin user password.
      • transfer_enabled: Set to 0 to ensure that no transfer is created until you create endpoints manually.

   7. Validate your Terraform configuration files using this command:

      terraform validate
      

      Terraform will display any configuration errors detected in your files.

   8. Create the required infrastructure:

      1. Run this command to view the planned changes:

         terraform plan
         

         If you described the configuration correctly, the terminal will display a list of the resources to update and their parameters. This is a verification step that does not apply changes to your resources.

      2. If everything looks correct, apply the changes:

         1. Run this command:

            terraform apply
            

         2. Confirm updating the resources.

         3. Wait for the operation to complete.

      All the required resources will be created in the specified folder. You can check resource availability and their settings in the management console.

2. Install the following tools:

   • kafkacat: For reading from and writing to Apache Kafka® topics.

     sudo apt update && sudo apt install --yes kafkacat
     

     Check that you can use it to connect to the Managed Service for Apache Kafka® source cluster over SSL.

   • jq: For stream processing of JSON files.

     sudo apt update && sudo apt-get install --yes jq
     

Prepare your test dataPrepare your test data

Suppose the Apache Kafka® sensors topic in the source cluster receives JSON-formatted data from car sensors.

On your local machine, create a sample.json file with the following test data:

{
    "device_id": "iv9a94th6rzt********",
    "datetime": "2020-06-05 17:27:00",
    "latitude": 55.70329032,
    "longitude": 37.65472196,
    "altitude": 427.5,
    "speed": 0,
    "battery_voltage": 23.5,
    "cabin_temperature": 17,
    "fuel_level": null
}
{
    "device_id": "rhibbh3y08qm********",
    "datetime": "2020-06-06 09:49:54",
    "latitude": 55.71294467,
    "longitude": 37.66542005,
    "altitude": 429.13,
    "speed": 55.5,
    "battery_voltage": null,
    "cabin_temperature": 18,
    "fuel_level": 32
}
{
    "device_id": "iv9a94th6rzt********",
    "datetime": "2020-06-07 15:00:10",
    "latitude": 55.70985913,
    "longitude": 37.62141918,
    "altitude": 417.0,
    "speed": 15.7,
    "battery_voltage": 10.3,
    "cabin_temperature": 17,
    "fuel_level": null
}

Configure the target clusterConfigure the target cluster

1. Create a role with the create_index and write privileges for all indexes (*).

2. Create a user and assign this role to them.

Prepare and activate your transferPrepare and activate your transfer

1. Create an Apache Kafka® source endpoint:

   Endpoint parameters:

   • Connection settings:

     • Connection type: Managed Service for Apache Kafka cluster.

       • Managed Service for Apache Kafka cluster: Select the source cluster from the list.

       • Authentication: SASL.

         • Username: mkf-user.
         • Password: Enter the user password.

     • Topic full name: sensors.

   • Advanced settings → Conversion rules:

     • Conversion rules: json.

       • Data scheme: JSON specification.

         Paste the data schema in JSON format:

         json

         [
             {
                 "name": "device_id",
                 "type": "utf8",
                 "key": true
             },
             {
                 "name": "datetime",
                 "type": "utf8"
             },
             {
                 "name": "latitude",
                 "type": "double"
             },
             {
                 "name": "longitude",
                 "type": "double"
             },
             {
                 "name": "altitude",
                 "type": "double"
             },
             {
                 "name": "speed",
                 "type": "double"
             },
             {
                 "name": "battery_voltage",
                 "type": "double"
             },
             {
                 "name": "cabin_temperature",
                 "type": "uint16"
             },
             {
                 "name": "fuel_level",
                 "type": "uint16"
             }
         ]
         

2. Create an endpoint for the OpenSearch target:

   Endpoint parameters → Connection:

   • Connection type: Managed Service for OpenSearch cluster.

     • Managed Service for OpenSearch cluster: Select the source cluster from the list.

   • User: Enter the username.

   • Password: Enter the user password.

3. Create a transfer:

   Manually

   Terraform

   1. Create a transfer of the Replication-type that will use the endpoints you created.
   2. Activate the transfer and wait for its status to change to Replicating.

   1. In the data-transfer-mkf-mos.tf file, specify these variables:

      • source_endpoint_id: Source endpoint ID.
      • target_endpoint_id: Target endpoint ID.
      • transfer_enabled: Set to 1 to create a transfer.

   2. Validate your Terraform configuration files using this command:

      terraform validate
      

      Terraform will display any configuration errors detected in your files.

   3. Create the required infrastructure:

      1. Run this command to view the planned changes:

         terraform plan
         

         If you described the configuration correctly, the terminal will display a list of the resources to update and their parameters. This is a verification step that does not apply changes to your resources.

      2. If everything looks correct, apply the changes:

         1. Run this command:

            terraform apply
            

         2. Confirm updating the resources.

         3. Wait for the operation to complete.

   4. The transfer will be activated automatically. Wait for its status to change to Replicating.

Test the transferTest the transfer

Check that data from the Managed Service for Apache Kafka® source cluster’s topic is transferred to the Managed Service for OpenSearch cluster:

1. Send data from sample.json to the Managed Service for Apache Kafka® sensors topic using jq and kafkacat:

   jq -rc . sample.json | kafkacat -P \
      -b <broker_host_FQDN>:9091 \
      -t sensors \
      -k key \
      -X security.protocol=SASL_SSL \
      -X sasl.mechanisms=SCRAM-SHA-512 \
      -X sasl.username="mkf-user" \
      -X sasl.password="<user_password_in_source_cluster>" \
      -X ssl.ca.location=/usr/local/share/ca-certificates/Yandex/YandexInternalRootCA.crt -Z
   

   To learn more about setting up an SSL certificate and using kafkacat, see Connecting to an Apache Kafka® cluster from applications.

2. Check that the Managed Service for OpenSearch cluster's sensors index contains the data you sent:

   Bash

   OpenSearch Dashboards

   Run this command:

   curl \
       --user <username_in_target_cluster>:<user_password_in_target_cluster> \
       --cacert ~/.opensearch/root.crt \
       --header 'Content-Type: application/json' \
       --request GET 'https://<ID_of_OpenSearch_host_with_DATA_role>.rw.mdb.yandexcloud.net:9200/sensors/_search?pretty'
   

   1. Connect to the target cluster using OpenSearch Dashboards.
   2. Select the Global tenant.
   3. Open the management panel by clicking .
   4. Under OpenSearch Dashboards, select Discover.
   5. In the CHANGE INDEX PATTERN field, select the sensors index.

Delete the resources you createdDelete the resources you created

To minimize resource consumption, delete the resources you no longer need:

1. Delete the transfer.

2. Delete the source and target endpoints.

3. Delete other resources, applying the same method used for their creation:

   Manually

   Using Terraform

   1. Delete the Managed Service for OpenSearch cluster.
   2. Delete the Managed Service for Apache Kafka® cluster.

   1. In the terminal window, go to the directory containing the infrastructure plan.

      Warning

      Make sure the directory has no Terraform manifests with the resources you want to keep. Terraform deletes all resources that were created using the manifests in the current directory.

   2. Delete resources:

      1. Run this command:

         terraform destroy
         

      2. Confirm deleting the resources and wait for the operation to complete.

      All the resources described in the Terraform manifests will be deleted.