Current state: Under Discussion
Released: <Flink Version>
Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).
This FLIP aims to solve several problems/shortcomings in the current streaming source interface (
SourceFunction) and simultaneously to unify the source interfaces between the batch and streaming APIs. The shortcomings or points that we want to address are:
- One currently implements different sources for batch and streaming execution.
- The logic for "work discovery" (splits, partitions, etc) and actually "reading" the data is intermingled in the
SourceFunctioninterface and in the
DataStreamAPI, leading to complex implementations like the Kafka and Kinesis source.
- Partitions/shards/splits are not explicit in the interface. This makes it hard to implement certain functionalities in a source-independent way, for example event-time alignment, per-partition watermarks, dynamic split assignment, work stealing. For example, the Kafka source supports per-partition watermarks, the Kinesis source doesn't. Neither source supports event-time alignment (selectively reading from splits to make sure that we advance evenly in event time).
- The checkpoint lock is "owned" by the source function. The implementation has to ensure to make element emission and state update under the lock. There is no way for Flink to optimize how it deals with that lock.
The lock is not a fair lock. Under lock contention, some thready might not get the lock (the checkpoint thread).
This also stands in the way of a lock-free actor/mailbox style threading model for operators.
- There are no common building blocks, meaning every source implements a complex threading model by itself. That makes implementing and testing new sources hard, and adds a high bar to contributing to existing sources .
There are several key aspects in the design, which are discussed in each section.
Separating Work Discovery from Reading
The sources have two main components:
- SplitEnumerator: Discovers and assigns splits (files, partitions, etc.)
- Reader: Reads the actual data from the splits.
SplitEnumerator is similar to the old batch source interface's functionality of creating splits and assigning splits. It runs only once, not in parallel (but could be thought of to parallelize in the future, if necessary).
It might run on the JobManager or in a single task on a TaskManager (see below "Where to run the Enumerator").
- In the File Source , the
SplitEnumeratorlists all files (possibly sub-dividing them into blocks/ranges).
- For the Kafka Source, the
SplitEnumeratorfinds all Kafka Partitions that the source should read from.
- In the File Source , the
The Reader reads the data from the assigned splits. The reader encompasses most of the functionality of the current source interface.
Some readers may read a sequence of bounded splits after another, some may ready multiple (unbounded) splits in parallel.
This separation between enumerator and reader allows mixing and matching different enumeration strategies with split readers. For example, the current Kafka connector has different strategies for partition discovery that are intermingled with the rest of the code. With the new interfaces in place, we would only need one split reader implementation and there could be several split enumerators for the different partition discovery strategies.
With these two components encapsulating the core functionality, the main
Source interface itself is only a factory for creating split enumerators and readers.
Batch and Streaming Unification
Each source should be able to work as a bounded (batch) and as an unbounded (continuous streaming) source.
The actual decision whether it becomes bounded or unbounded is made in the DataStream API when creating the source stream.
Boundedness is a property that is passed to source when creating the
SplitEnumerator. The readers should be agnostic to this distinction, they will simply read the splits assigned to them. Whether a source is bounded or unbounded is passed to the
SplitEnumerator upon creation.
That way, we can also make the API type safe in the future, when we can explicitly model bounded streams.
- For "bounded input", it uses a
SplitEnumeratorthat enumerates once all files under the given path.
- For "continuous input", it uses a
SplitEnumeratorthat periodically enumerates once all files under the given path and assigns the new ones.
- For "bounded input", it uses a
SplitEnumeratorthat lists all partitions and gets the latest offset for each partition and attaches that as the "end offset" to the split.
- For "continuous input", it uses a
SplitEnumeratorthat lists all partitions and attaches LONG_MAX as the "end offset" to each split.
- The source may have another option to periodically discover new partitions. That would only be applicable to the "continuous input".
Reader Interface and Threading Model
The reader need to fulfill the following properties:
- No closed work loop, so it does not need to manage locking
- Non-blocking progress methods, to it supports running in an actor/mailbox/dispatcher style operator
- All methods called by the same on single thread, so implementors need not deal with concurrency
- Watermark / Event time handling abstracted to be extensible for split-awareness and alignment (see below sections "Per Split Event-time" and "Event-time Alignment")
- All readers should naturally supports state and checkpoints
- Watermark generation should be circumvented for batch execution
The following core aspects give us these properties:
- Splits are both the type of work assignment and the type of state held by the source. Assigning a split or restoring a split from a checkpoint is the same to the reader.
- Advancing the reader is a non-blocking call that returns a future.
- We build higher-level primitives on top of the main interface (see below "High-level Readers")
- We hide event-time / watermarks in the
SourceOutputand pass different source contexts for batch (no watermarks) and streaming (with watermarks).
SourceOutputalso abstract the per-partition watermark tracking.
The implementation assumes that there is a single thread that drives the source. This single thread calls
emitNext(...) when data is available and cedes execution when nothing is available. It also handles checkpoint triggering, timer callbacks, etc. thus making the task lock free.
The thread is expected to work on some form of mailbox, in which the data emitting loop is one possible task (next to timers, checkpoints, ...). Below is a very simple pseudo code for the driver loop.
This type of hot loop makes sure we do not use the future unless the reader is temporarily out of data, and we bypass the opportunistically bypass the mailbox for performance (mailbox will need some amount of synchronization).
The core source interface (the lowest level interface) is very generic. That makes it flexible, but hard to implement for contributors, especially for sufficiently complex reader patterns like in Kafka or Kinesis.
In general, most I/O libraries used for connectors are not asynchronous, and would need to spawn an I/O thread to make them non-blocking for the main thread.
We propose to solve this by building higher level source abstractions that offer simpler interfaces that allow for blocking calls.
These higher level abstractions would also solve the issue of sources that handle multiple splits concurrently, and the per-split event time logic.
Most readers fall into one of the following categories:
- Sequential Single Split (File, database query, most bounded splits)
- Multi-split multiplexed (Kafka, Pulsar, Pravega, ...)
- Multi-split multi-threaded (Kinesis, ...)
Sequential Single Split
Most of the readers implemented against these higher level building blocks would only need to implement an interface similar to this. The contract would also be that all methods except
wakeup() would be called by the same thread, obviating the need for any concurrency handling in the connector.
Per Split Event Time
Event Time Alignment
Where to Run the Enumerator
The communication of splits between the
Enumerator and the
SourceReader has specific requirements:
- Lazy / pull-based assignment: Only when a reader requests the next split should the enumerator send a split. That results in better load-balancing
- Payload on the "pull" message, to communicate information like "location" from the SourceReader to SplitEnumerator, thus supporting features like locality-aware split assignment.
- Exactly-once fault tolerant with checkpointing: A split is sent to the reader once. A split is either still part of the enumerator (and its checkpoint) or part of the reader or already complete.
- Exactly-once between checkpoints (and without checkpointing): Between checkpoints (and in the absence of checkpoints), the splits that were assigned to readers must be re-added to the enumerator upon failure / recovery.
- Communication channel must not connect tasks into a single failover region
Given these requirements, there would be two options to implement this communication.
Option 1: Enumerator on the TaskManager
SplitEnumerator runs as a task with parallelism one. Downstream of the enumerator are the SourceReader tasks, which run in parallel. Communication goes through the regular data streams.
The readers request splits by sending "backwards events", similar to "request partition" or the "superstep synchronization" in the batch iterations. These are not exposed in operators, but tasks have access to them.
The task reacts to the backwards events: Only upon an event will it send a split. That gives us lazy/pull-based assignment. Payloads on the request backwards event messages (for example for locality awareness) is possible.
Checkpoints and splits are naturally aligned, because splits go through the data channels. The enumerator is effectively the only entry task from the source, and the only one that receives the "trigger checkpoint" RPC call.
The network connection between enumerator and split reader is treated by the scheduler as a boundary of a failover region.
To decouple the enumerator and reader restart, we need one of the following mechanisms:
- Pipelined persistent channels: The contents of a channel is persistent between checkpoints. A receiving task requests the data "after checkpoint X". The data is pruned when checkpoint X+1 is completed.
When a reader fails, the recovered reader task can reconnect to the stream after the checkpoint and will get the previously assigned splits. Batch is a special case, if there are no checkpoints, then the channel holds all data since the beginning.
- Pro: The "pipelined persistent channel" has also applications beyond the enumerator to reader connection.
- Con: Splits always go to the same reader and cannot be distributed across multiple readers upon recovery. Especially for batch programs, this may create bad stragglers during recovery.
- Reconnects and task notifications on failures:The enumerator task needs to remember the splits assigned to each result partition until the next checkpoint completes. The enumerator task would have to be notified of the failure of a downstream task and add the splits back to the enumerator. Recovered reader tasks would simply reconnect and get a new stream.
- Pro: Re-distribution of splits across all readers upon failure/recovery (no stragglers).
- Con: Breaks abstraction that separates task and network stack.
Option 2: Enumerator on the JobManager
Similar to the current batch (DataSet) input spit assigner, the
SplitEnumerator code runs in the JobManager, as part of an
ExecutionJobVertex. To support periodic split discovery, the enumerator has to be periodically called from an additional thread.
The readers request splits via an RPC message and the enumerator responds via RPC. RPC messages carry payload for information like location.
Extra care needs to me taken to align the split assignment messages with checkpoint barriers. If we start to support metadata-based watermarks (to handle event time consistently when dealing with collections of bounded splits), we need to support that as well through RPC and align it with the input split assignment.
The enumerator creates its own piece of checkpoint state when a checkpoint is triggered.
Critical parts here are the added complexity on the master (ExecutionGraph) and the checkpoints. Aligning them properly with RPC messages is possible when going through the now single threaded execution graph dispatcher thread, but to support asynchronous checkpoint writing requires more complexity.
Option 3: Introduce an independent component named SourceCoordinator, Enumerator runs on the SourceCoordinator
SourceCoordinator is an independent component, not a part of
SourceCoordinator could run on
JobMaster or run as an independent process. There is no restrict by design. Communication with
Enumerator) is through RPC. Split assignment through RPC supports pull-based.
SourceReader need to register to
SourceCoordinator (address is in
TaskDeploymentDescriptor or be updated by
JobMaster through RPC) and then sends split request with payload information.
Each job has at most one
SourceCoordinator which is started by
JobMaster. There might be several
Enumerators in one job since there might be several different sources, all
Enumerators run on this
Split assignment need to satisfy the checkpointing mode semantics.
Enumerator has its own states (split assignment), they are a part of global checkpoint. When a new checkpoint is triggered,
CheckpointCoordinator sends barriers to
SourceCoordinator snapshots states of all
SourceCoordinator sends barriers to
SourceReader through RPC. The split and barrier through RPC is FIFO, so Flink could align the split assignment with checkpoint naturally.
If user specifies
RestartAllStrategy as the failover strategy, Flink restarts all tasks and
SourceCoordinator when a task fails. All tasks and
Enumerators are restarted and restored from last successful checkpoint.
If user specifies
RestartPipelinedRegionStrategy as failover strategy, it’s a little complicated. There is no failover region problem in this model, since there is no execution edge between
SourceCoordinator is not a port of
ExecutionGraph). We need to explain it separately.
JobMasterdoes not restart the
JobMastercancels other tasks in the same failover region with failed task as usual. Then
Enumeratorthe failure or cancelation of
SourceReadertasks (there might be multiple
SourceReadertasks in same failover region) and which checkpoint version will be restored from. The notification happens before restarting new tasks. When
Enumeratoris aware of the task failures, it restores the states related failed tasks from the specific checkpoint version. That means
SourceCoordinatorneed to support partial restoring.
Enumeratoralso keeps a two-level map of
SourceReader, checkpoint version and split assignment in memory. This map helps to find the splits should be reassigned or added back to
Enumerator. There would be different strategies to handle these failed splits. In some event-time based jobs, reassignment of failed splits to other tasks may break the watermark semantics. After restoring the split assignment state, reconstructing the map in memory and handling the failed splits,
Enumeratorreturns an acknowledgement back to
JobMasterrestarts the tasks of failed region. There might be an optimization that
Enumeratorreturns an acknowledgement immediately without waiting for restoring. Thus the scheduling of failed region tasks and restoring
Enumeratorcan be processing at the same time. Another important thing is that when
Enumeratoris restoring, the other running
SourceReadersshould work normally, including pulling next split.
SourceCoordinatorfails, if there is a write-ahead log available (mentioned below),
JobMasterwould restart the
SourceCoordinatorbut not restart
SourceReadertasks. After restarting,
Enumeratorrestores states, replays the write-ahead log, then starts to working. At the meantime,
SourceReaderwaits for reconnecting, there is no more splits assigned temporarily until reregistering successfully. The reregistration is necessary. There should be alignment after replaying write-ahead log between
Enumeratorcan not make sure last split assignments to each
SourceReaderare successful or not. The reconnection information is updated by
JobMasterif needed (process is crashed). If there is no write-ahead log available, the failover would fallback to global failover, all tasks and
Enumeratorswould be restarted and restored from last successful checkpoint.
CheckpointCoordinator should notify
Enumerator that checkpoint has been completed. So
Enumerator could prune the map kept in memory and the write-ahead log.
In both cases, the enumerator is a point of failure that requires a restart of the entire dataflow.
To circumvent that, we probably need an additional mechanism, like a write-ahead log for split assignment.
Comparison between Options
|Criterion||Enumerate on Task||Enumerate on JobManager||Enumerate on SourceCoordinator|
Encapsulation of Enumerator
|Encapsulation in separate Task||Additional complexity in ExecutionGraph||New component SourceCoordinator|
|Network Stack Changes||Significant changes.|
Some are more clear, like reconnecting. Some seem to break
abstractions, like notifying tasks of downstream failures.
|No Changes necessary||No Changes necessary|
|Scheduler / Failover Region||Minor changes||No changes necessary||Minor changes|
|Checkpoint alignment||No changes necessary|
(splits are data messages, naturally align with barriers)
|Careful coordination between split assignment|
and checkpoint triggering.
Might be simple if both actions are run in the
single-threaded ExecutionGraph thread.
No changes necessary (splits are through RPC, naturally align with barriers)
|Watermarks||No changes necessary|
(splits are data messages, watermarks naturally flow)
Watermarks would go through ExecutionGraph
|Watermarks would go through RPC|
|Checkpoint State||No additional mechanism (only regular task state)||Need to add support for asynchronous non-metadata|
state on the JobManager / ExecutionGraph
Need to add support for asynchronous state on the SourceCoordinator
(avoid full restarts)
Network reconnects (like above), plus write-ahead of split
Tracking split assignment between checkpoints, plus
|Tracking split assignment between checkpoints, plus|
write-ahead of split assignment between checkpoints
Personal opinion from Stephan: If we find an elegant way to abstract the network stack changes, I would lean towards running the Enumerator in a Task, not on the JobManager.
Core Public Interfaces
SourceOutput and Watermarking
The implementation should proceed in the following steps, some of which can proceed concurrently.
- Validate the interface proposal by implementing popular connectors of different patterns:
- For a row-wise format (splittable within files, checkpoint offset within a split)
- For a bulk format like Parquet / Orc.
- Bounded and unbounded split enumerator
- Unbounded without dynamic partition discovery
- Unbounded with dynamic partition discovery
- Implement test harnesses for the high-level readers patterns
- Test their functionality of the readers implemented in (1)
- Implement a new
SourceReaderTaskand implement the single-threaded mailbox logic
Implement the changes to network channels and scheduler, or to RPC service and checkpointing, to handle split assignment and checkpoints and re-adding splits.
Compatibility, Deprecation, and Migration Plan
In the DataStream API, we mark the existing source interface as deprecated but keep it for a few releases.
The new source interface is supported by different stream operators, so the two source interfaces can easily co-exist for a while.
We do not touch the DataSet API, which will be eventually subsumed by the DataStream API anyways.
We propose a new
Source interface along with two companion interfaces
The Source interface itself is really only a factory for creating split enumerators and split readers. A split enumerator is responsible for detecting new partitions/shards/splits while a split reader is responsible for reading from one split. This separates the concerns and allows putting the enumeration in a parallelism-one operation or outside the execution graph. And also gives Flink more possibilities to decide how processing of splits should be scheduled.
This also potentially allows mixing and matching different enumeration strategies with split readers. For example, the current Kafka connector has different strategies for partition discovery that are intermingled with the rest of the code. With the new interfaces in place, we would only need one split reader implementation and there could be several split enumerators for the different partition discovery strategies.
A naive implementation prototype that implements this in user space atop the existing Flink operations is given here: https://github.com/aljoscha/flink/commits/refactor-source-interface. This also comes with a complete Kafka source implementation that already supports checkpointing.
As an MVP, we propose to add the new interfaces and a runtime implementation using the existing
SourceFunction for running the enumerator along with a special operator implementation for running the split reader. As a next step, we can add a dedicated
StreamTask implementation for both the enumerator and reader to take advantage of the additional optimization potential. For example, more efficient handling of the checkpoint lock.
The next steps would be to implement event-time alignment.
Compatibility, Deprecation, and Migration Plan
- The new interface and new source implementations will be provided side-by-side to the existing sources, thus not breaking existing programs.
- We can think about allowing migrating existing jobs/savepoints smoothly to the new interface but it is a secondary concern.