CREATE SINK statement to create a sink. You can create a sink with data from a materialized view or a table. RisingWave only supports writing messages in non-transactional mode.
Delivery semantics
The Kafka sink provides at-least-once delivery guarantees. RisingWave will retry failed sends, which may result in duplicate messages being written to Kafka topics during failures or retries.- For upsert sinks, duplicates are naturally handled by Kafka consumers through primary key deduplication.
- For append-only sinks, downstream consumers should handle potential duplicates.
properties.enable.idempotence = true. Note that this provides idempotence for individual sends but does not guarantee end-to-end exactly-once when combined with RisingWave’s checkpoint mechanism.
Syntax
Names and unquoted identifiers are case-insensitive. Therefore, you must double-quote any of these fields for them to be case-sensitive. See also Identifiers.
Basic parameters
AllWITH options are required unless explicitly mentioned as optional.
Additional Kafka parameters
When creating a Kafka sink in RisingWave, you can specify the following Kafka-specific parameters. To set the parameter, add the RisingWave equivalent of the Kafka parameter as aWITH option. For additional details on these parameters, see the Configuration properties.
Set
properties.ssl.endpoint.identification.algorithm to none to bypass the verification of CA certificates and resolve SSL handshake failure. This parameter can be set to either https or none. By default, it is https.
To monitor Kafka metrics in Grafana, set properties.statistics.interval.ms to a non-zero value. The granularity is 1000ms.
Starting with version 2.0, the default value for properties.message.timeout.ms has changed from 5 seconds to 5 minutes, aligning with the default setting in the official Kafka library.
FORMAT and ENCODE options
These options should be set in
FORMAT data_format ENCODE data_encode (key = 'value'), instead of the WITH clause.Avro
When creating an Avro sink, the following options can be used followingFORMAT UPSERT ENCODE AVRO or FORMAT PLAIN ENCODE AVRO.
Syntax
Use AWS Glue Schema Registry
AWS Glue Schema Registry is a serverless feature of AWS Glue that allows you to centrally manage and enforce schemas for data streams, enabling data validation and compatibility checks. It helps in improving the quality of data streams by providing a central repository for managing and enforcing schemas across various AWS services and custom applications. You can specify the following configurations in theFORMAT PLAIN ENCODE AVRO (...) or FORMAT UPSERT ENCODE AVRO (...) clause. This allows RisingWave to load schemas from and encode metadata for AWS Glue Schema Registry, in addition to Confluent Schema Registry.
Auth-related configurations:
In RisingWave Cloud, AWS credentials (
aws.credentials.access_key_id, aws.credentials.secret_access_key) are required and cannot be omitted. In self-hosted deployments, you may omit them to rely on the AWS SDK default credential chain (for example, EC2 instance profile or environment variables).Example
Protobuf
When creating an append-only Protobuf sink, the following options can be used followingFORMAT PLAIN ENCODE PROTOBUF or FORMAT UPSERT ENCODE PROTOBUF.
The
file:// format is not recommended for production use. If it is used, it needs to be available for both Meta and Compute Nodes.When using Protobuf with Confluent Schema Registry, RisingWave bundles only protobuf well-known types, such as
google/protobuf/timestamp.proto, duration.proto, any.proto, empty.proto, struct.proto, and wrappers. Other imports, including Google common types such as google/type/date.proto, google/type/latlng.proto, google/rpc/*, google/api/*, and confluent/meta.proto, must also be registered as schema references in Schema Registry so that RisingWave can encode them properly.FORMAT as PLAIN
FORMAT as UPSERT
JSON
Thejsonb.handling.mode determines how jsonb data types are encoded. This parameter has two possible values:
string: Encodes thejsonbtype to a string. For example, if you set this parameter,{"k": 2}will be converted to"{\"k\": 2}".dynamic: Dynamically encodes ajsonbtype value to a JSON type value. For example, if you set this parameter,{"k": 2}will be converted to{"k": 2}. Here thejsonbvalue is encoded to a JSON object type value.
WITH clause of ENCODE JSON.
For data mapping, the serial type is supported. However, note that it is mapped into a JSON string like
"0x05fb93d677c4e000" instead of a JSON number 431100738685689856.This string form avoids JSON number precision issues with large int64 values, and you can still order by the fixed-length hexadecimal string to obtain the same order as the serial number (whereas variable-length string "12" sorts before "7").BYTES
The BYTES encoding allows you to sink raw binary data directly to Kafka topics. This is useful for scenarios where you need to output unencoded binary payloads. Requirements:- Only supported with
FORMAT PLAIN - The source table or materialized view must have exactly one column of type
bytea force_append_only='true'must be specified
Example
Examples
Create a sink by selecting an entire materialized view.message.max.bytes set at 2000 by setting properties.message.max.bytes to 2000.
distance and duration from taxi_trips.
The schema of taxi_trips is like this:
Create sink with PrivateLink connection
If your Kafka sink service is located in a different VPC from RisingWave, use AWS PrivateLink or GCP Private Service Connect to establish a secure and direct connection. For details on how to set up an AWS PrivateLink connection, see Create an AWS PrivateLink connection. To create a Kafka sink with a PrivateLink connection, in the WITH section of yourCREATE SINK statement, specify the following parameters.
Here is an example of creating a Kafka sink using a PrivateLink connection. Notice that
{"port": 8001} corresponds to the broker ip1:9092, and {"port": 8002} corresponds to the broker ip2:9092.
TLS/SSL encryption and SASL authentication
RisingWave can sink data to Kafka that is encrypted with Transport Layer Security (TLS) and/or authenticated with SASL. Secure Sockets Layer (SSL) was the predecessor of Transport Layer Security (TLS), and has been deprecated since June 2015. For historical reasons,SSL is used in configuration and code instead of TLS.
Simple Authentication and Security Layer (SASL) is a framework for authentication and data security in Internet protocols.
RisingWave supports these SASL authentication mechanisms:
SASL/PLAINSASL/SCRAMSASL/GSSAPISASL/OAUTHBEARER
CREATE SINK statement.
- SSL without SASL
- SASL/PLAIN
- SASL/SCRAM
- SASL/GSSAPI
- SASL/OAUTHBEARER
To sink data encrypted with SSL without SASL authentication, specify these parameters in the WITH section of your Here is an example of creating a sink encrypted with SSL without using SASL authentication.
CREATE SINK statement.For the definitions of the parameters, see the librdkafka properties list. Note that the parameters in the list assumes all parameters start with
properties. and therefore do not include this prefix.