OpenMetadata/openmetadata-docs/content/v1.0.0/connectors/database/datalake/airflow.md

title	slug
Run Datalake Connector using Airflow SDK	/connectors/database/datalake/airflow

Run Datalake using the Airflow SDK

{% multiTablesWrapper %}

Feature	Status
Stage	PROD
Metadata	{% icon iconName="check" /%}
Query Usage	{% icon iconName="cross" /%}
Data Profiler	{% icon iconName="check" /%}
Data Quality	{% icon iconName="check" /%}
Lineage	{% icon iconName="cross" /%}
DBT	{% icon iconName="check" /%}
Supported Versions	--

Feature	Status
Lineage	{% icon iconName="cross" /%}
Table-level	{% icon iconName="cross" /%}
Column-level	{% icon iconName="cross" /%}

{% /multiTablesWrapper %}

In this section, we provide guides and references to use the Datalake connector.

Configure and schedule Datalake metadata and profiler workflows from the OpenMetadata UI:

• Requirements
• Metadata Ingestion
• dbt Integration

Requirements

{%inlineCallout icon="description" bold="OpenMetadata 0.12 or later" href="/deployment"%} To deploy OpenMetadata, check the Deployment guides. {%/inlineCallout%}

To run the Ingestion via the UI you'll need to use the OpenMetadata Ingestion Container, which comes shipped with custom Airflow plugins to handle the workflow deployment.

Note: Datalake connector supports extracting metadata from file types JSON, CSV, TSV & Parquet.

S3 Permissions

To execute metadata extraction AWS account should have enough access to fetch required data. The Bucket Policy in AWS requires at least these permissions:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::<my bucket>",
                "arn:aws:s3:::<my bucket>/*"
            ]
        }
    ]
}

ADLS Permissions

To extract metadata from Azure ADLS (Storage Account - StorageV2), you will need an App Registration with the following permissions on the Storage Account:

• Storage Blob Data Contributor
• Storage Queue Data Contributor

Python Requirements

If running OpenMetadata version greater than 0.13, you will need to install the Datalake ingestion for GCS or S3:

S3 installation

pip3 install "openmetadata-ingestion[datalake-s3]"

GCS installation

pip3 install "openmetadata-ingestion[datalake-gcs]"

Azure installation

pip3 install "openmetadata-ingestion[datalake-azure]"

If version <0.13

You will be installing the requirements together for S3 and GCS

pip3 install "openmetadata-ingestion[datalake]"

Metadata Ingestion

All connectors are defined as JSON Schemas. Here you can find the structure to create a connection to Datalake.

In order to create and run a Metadata Ingestion workflow, we will follow the steps to create a YAML configuration able to connect to the source, process the Entities if needed, and reach the OpenMetadata server.

The workflow is modeled around the following JSON Schema.

1. Define the YAML Config

This is a sample config for Datalake using AWS S3:

{% codePreview %}

{% codeInfoContainer %}

Source Configuration - Service Connection

{% codeInfo srNumber=1 %}

• awsAccessKeyId: Enter your secure access key ID for your DynamoDB connection. The specified key ID should be authorized to read all databases you want to include in the metadata ingestion workflow.
• awsSecretAccessKey: Enter the Secret Access Key (the passcode key pair to the key ID from above).
• awsRegion: Specify the region in which your DynamoDB is located. This setting is required even if you have configured a local AWS profile.
• schemaFilterPattern and tableFilternPattern: Note that the schemaFilterPattern and tableFilterPattern both support regex as include or exclude. E.g.,

{% /codeInfo %}

Source Configuration - Source Config

{% codeInfo srNumber=2 %}

The sourceConfig is defined here:

markDeletedTables: To flag tables as soft-deleted if they are not present anymore in the source system.

includeTables: true or false, to ingest table data. Default is true.

includeViews: true or false, to ingest views definitions.

databaseFilterPattern, schemaFilterPattern, tableFilternPattern: Note that the filter supports regex as include or exclude. You can find examples here

{% /codeInfo %}

Sink Configuration

{% codeInfo srNumber=3 %}

To send the metadata to OpenMetadata, it needs to be specified as type: metadata-rest.

{% /codeInfo %}

Workflow Configuration

{% codeInfo srNumber=4 %}

The main property here is the openMetadataServerConfig, where you can define the host and security provider of your OpenMetadata installation.

For a simple, local installation using our docker containers, this looks like:

{% /codeInfo %}

{% /codeInfoContainer %}

{% codeBlock fileName="filename.yaml" %}

source:
  type: datalake
  serviceName: local_datalake
  serviceConnection:
    config:
      type: Datalake

      configSource:      
        securityConfig: 
          awsAccessKeyId: aws access key id
          awsSecretAccessKey: aws secret access key
          awsRegion: aws region
      bucketName: bucket name
      prefix: prefix

  sourceConfig:
    config:
      type: DatabaseMetadata
      markDeletedTables: true
      includeTables: true
      includeViews: true
      # includeTags: true
      # databaseFilterPattern:
      #   includes:
      #     - database1
      #     - database2
      #   excludes:
      #     - database3
      #     - database4
      # schemaFilterPattern:
      #   includes:
      #     - schema1
      #     - schema2
      #   excludes:
      #     - schema3
      #     - schema4
      # tableFilterPattern:
      #   includes:
      #     - users
      #     - type_test
      #   excludes:
      #     - table3
      #     - table4

sink:
  type: metadata-rest
  config: {}

workflowConfig:
  openMetadataServerConfig:
    hostPort: "http://localhost:8585/api"
    authProvider: openmetadata
    securityConfig:
      jwtToken: "{bot_jwt_token}"

{% /codeBlock %}

{% /codePreview %}

This is a sample config for Datalake using GCS:

{% codePreview %}

{% codeInfoContainer %}

Source Configuration - Service Connection

{% codeInfo srNumber=5 %}

• type: Credentials type, e.g. service_account.
• projectId
• privateKey
• privateKeyId
• clientEmail
• clientId
• authUri: https://accounts.google.com/o/oauth2/auth by default
• tokenUri: https://oauth2.googleapis.com/token by default
• authProviderX509CertUrl: https://www.googleapis.com/oauth2/v1/certs by default
• clientX509CertUrl
• bucketName: name of the bucket in GCS
• Prefix: prefix in gcs bucket

{% /codeInfo %}

Source Configuration - Source Config

{% codeInfo srNumber=6 %}

The sourceConfig is defined here:

markDeletedTables: To flag tables as soft-deleted if they are not present anymore in the source system.

includeTables: true or false, to ingest table data. Default is true.

includeViews: true or false, to ingest views definitions.

databaseFilterPattern, schemaFilterPattern, tableFilternPattern: Note that the filter supports regex as include or exclude. You can find examples here

{% /codeInfo %}

Sink Configuration

{% codeInfo srNumber=7 %}

To send the metadata to OpenMetadata, it needs to be specified as type: metadata-rest.

{% /codeInfo %}

Workflow Configuration

{% codeInfo srNumber=8 %}

The main property here is the openMetadataServerConfig, where you can define the host and security provider of your OpenMetadata installation.

For a simple, local installation using our docker containers, this looks like:

{% /codeInfo %}

{% /codeInfoContainer %}

{% codeBlock fileName="filename.yaml" %}

source:
  type: datalake
  serviceName: local_datalake
  serviceConnection:
    config:
      type: Datalake
      configSource:
        securityConfig:

          gcsConfig:
            type: type of account
            projectId: project id
            privateKeyId: private key id
            privateKey: private key
            clientEmail: client email
            clientId: client id
            authUri: https://accounts.google.com/o/oauth2/auth
            tokenUri: https://oauth2.googleapis.com/token
            authProviderX509CertUrl: https://www.googleapis.com/oauth2/v1/certs
            clientX509CertUrl:  clientX509 Certificate Url
      bucketName: bucket name
      prefix: prefix

  sourceConfig:
    config:
      type: DatabaseMetadata
      markDeletedTables: true
      includeTables: true
      includeViews: true
      # includeTags: true
      # databaseFilterPattern:
      #   includes:
      #     - database1
      #     - database2
      #   excludes:
      #     - database3
      #     - database4
      # schemaFilterPattern:
      #   includes:
      #     - schema1
      #     - schema2
      #   excludes:
      #     - schema3
      #     - schema4
      # tableFilterPattern:
      #   includes:
      #     - users
      #     - type_test
      #   excludes:
      #     - table3
      #     - table4

sink:
  type: metadata-rest
  config: {}

workflowConfig:
  openMetadataServerConfig:
    hostPort: "http://localhost:8585/api"
    authProvider: openmetadata
    securityConfig:
      jwtToken: "{bot_jwt_token}"

{% /codeBlock %}

{% /codePreview %}

This is a sample config for Datalake using Azure:

{% codePreview %}

{% codeInfoContainer %}

Source Configuration - Service Connection

{% codeInfo srNumber=9 %}

• Client ID : Client ID of the data storage account
• Client Secret : Client Secret of the account
• Tenant ID : Tenant ID under which the data storage account falls
• Account Name : Account Name of the data Storage

{% /codeInfo %}

Source Configuration - Source Config

{% codeInfo srNumber=10 %}

The sourceConfig is defined here:

markDeletedTables: To flag tables as soft-deleted if they are not present anymore in the source system.

includeTables: true or false, to ingest table data. Default is true.

includeViews: true or false, to ingest views definitions.

databaseFilterPattern, schemaFilterPattern, tableFilternPattern: Note that the filter supports regex as include or exclude. You can find examples here

{% /codeInfo %}

Sink Configuration

{% codeInfo srNumber=11 %}

To send the metadata to OpenMetadata, it needs to be specified as type: metadata-rest.

{% /codeInfo %}

Workflow Configuration

{% codeInfo srNumber=12 %}

The main property here is the openMetadataServerConfig, where you can define the host and security provider of your OpenMetadata installation.

For a simple, local installation using our docker containers, this looks like:

{% /codeInfo %}

{% /codeInfoContainer %}

{% codeBlock fileName="filename.yaml" %}

# Datalake with Azure 
source:
  type: datalake
  serviceName: local_datalake
  serviceConnection:
    config:
      type: Datalake
      configSource:    

        securityConfig: 
          clientId: client-id
          clientSecret: client-secret
          tenantId: tenant-id
          accountName: account-name
      prefix: prefix

  sourceConfig:
    config:
      type: DatabaseMetadata
      markDeletedTables: true
      includeTables: true
      includeViews: true
      # includeTags: true
      # databaseFilterPattern:
      #   includes:
      #     - database1
      #     - database2
      #   excludes:
      #     - database3
      #     - database4
      # schemaFilterPattern:
      #   includes:
      #     - schema1
      #     - schema2
      #   excludes:
      #     - schema3
      #     - schema4
      # tableFilterPattern:
      #   includes:
      #     - users
      #     - type_test
      #   excludes:
      #     - table3
      #     - table4

sink:
  type: metadata-rest
  config: {}

workflowConfig:
  openMetadataServerConfig:
    hostPort: "http://localhost:8585/api"
    authProvider: openmetadata
    securityConfig:
      jwtToken: "{bot_jwt_token}"

{% /codeBlock %}

{% /codePreview %}

Workflow Configs for Security Provider

We support different security providers. You can find their definitions here.

Openmetadata JWT Auth

• JWT tokens will allow your clients to authenticate against the OpenMetadata server. To enable JWT Tokens, you will get more details here.

workflowConfig:
  openMetadataServerConfig:
    hostPort: "http://localhost:8585/api"
    authProvider: openmetadata
    securityConfig:
      jwtToken: "{bot_jwt_token}"

• You can refer to the JWT Troubleshooting section link for any issues in your JWT configuration. If you need information on configuring the ingestion with other security providers in your bots, you can follow this doc link.

2. Prepare the Ingestion DAG

Create a Python file in your Airflow DAGs directory with the following contents:

{% codePreview %}

{% codeInfoContainer %}

{% codeInfo srNumber=13 %}

Import necessary modules

The Workflow class that is being imported is a part of a metadata ingestion framework, which defines a process of getting data from different sources and ingesting it into a central metadata repository.

Here we are also importing all the basic requirements to parse YAMLs, handle dates and build our DAG.

{% /codeInfo %}

{% codeInfo srNumber=14 %}

Default arguments for all tasks in the Airflow DAG.

• Default arguments dictionary contains default arguments for tasks in the DAG, including the owner's name, email address, number of retries, retry delay, and execution timeout.

{% /codeInfo %}

{% codeInfo srNumber=15 %}

• config: Specifies config for the metadata ingestion as we prepare above.

{% /codeInfo %}

{% codeInfo srNumber=16 %}

• metadata_ingestion_workflow(): This code defines a function metadata_ingestion_workflow() that loads a YAML configuration, creates a Workflow object, executes the workflow, checks its status, prints the status to the console, and stops the workflow.

{% /codeInfo %}

{% codeInfo srNumber=17 %}

• DAG: creates a DAG using the Airflow framework, and tune the DAG configurations to whatever fits with your requirements
• For more Airflow DAGs creation details visit here.

{% /codeInfo %}

Note that from connector to connector, this recipe will always be the same. By updating the YAML configuration, you will be able to extract metadata from different sources.

{% /codeInfoContainer %}

{% codeBlock fileName="filename.py" %}

import pathlib
import yaml
from datetime import timedelta
from airflow import DAG
from metadata.config.common import load_config_file
from metadata.ingestion.api.workflow import Workflow
from airflow.utils.dates import days_ago

try:
    from airflow.operators.python import PythonOperator
except ModuleNotFoundError:
    from airflow.operators.python_operator import PythonOperator

default_args = {
    "owner": "user_name",
    "email": ["username@org.com"],
    "email_on_failure": False,
    "retries": 3,
    "retry_delay": timedelta(minutes=5),
    "execution_timeout": timedelta(minutes=60)
}

config = """
<your YAML configuration>
"""

def metadata_ingestion_workflow():
    workflow_config = yaml.safe_load(config)
    workflow = Workflow.create(workflow_config)
    workflow.execute()
    workflow.raise_from_status()
    workflow.print_status()
    workflow.stop()

with DAG(
    "sample_data",
    default_args=default_args,
    description="An example DAG which runs a OpenMetadata ingestion workflow",
    start_date=days_ago(1),
    is_paused_upon_creation=False,
    schedule_interval='*/5 * * * *',
    catchup=False,
) as dag:
    ingest_task = PythonOperator(
        task_id="ingest_using_recipe",
        python_callable=metadata_ingestion_workflow,
    )

{% /codeBlock %}

{% /codePreview %}

dbt Integration

{% tilesContainer %}

{% tile icon="mediation" title="dbt Integration" description="Learn more about how to ingest dbt models' definitions and their lineage." link="/connectors/ingestion/workflows/dbt" /%}

{% /tilesContainer %}

Related

{% tilesContainer %}

{% tile title="Ingest with the CLI" description="Run a one-time ingestion using the metadata CLI" link="/connectors/database/datalake/cli" / %}

{% /tilesContainer %}