If you reconfigure the IPv4 CIDR blocks for fully managed Flink or encounter the issue that a deployment fails to start, you may need to modify a vSwitch to resolve the issue. This topic describes how to modify a vSwitch.
Precautions
When you add a vSwitch to fully managed Flink, you must configure the CIDR blocks for fully managed Flink based on your business requirements.
When you add a vSwitch for fully managed Flink, make sure that the number of available IP addresses of the vSwitch is sufficient. If the number of IP addresses of the vSwitch is insufficient, deployments may fail to start or the console of fully managed Flink cannot be upgraded.
If you want to configure a whitelist for the upstream and downstream storage of a fully managed Flink deployment, you must add the CIDR blocks of the vSwitch of the deployment to the whitelist of the upstream and downstream storage.
When you delete the old vSwitch and use the new vSwitch, existing deployments that are started continue to use the old vSwitch until the next time the deployments are restarted.
Procedure
Log on to the Realtime Compute for Apache Flink console.
Find the workspace that you want to manage and choose
in the Actions column.In the Modify vSwitches dialog box, select a zone.
In the Modify vSwitches dialog box, select the vSwitch that you want to add.
NoteThe vSwitch that you add must reside in the same virtual private cloud (VPC) and in the same zone as the fully managed Flink workspace.
If no vSwitch meets your business requirements in the vSwitch list, click Create vSwitch in the note at the top of the list to create a vSwitch in the same VPC as the fully managed Flink workspace. After you create the vSwitch, click the icon in the upper-left corner of the list to refresh the Modify vSwitches dialog box and select the new vSwitch.
Click OK.
References
After the network architecture of Realtime Compute for Apache Flink is upgraded, the number of IP addresses that are used by your vSwitch can be significantly reduced. For more information, see Network architecture upgrade.
By default, the fully managed Flink service cannot access the Internet. Therefore, Alibaba Cloud provides NAT gateways to enable communications between VPCs and the Internet. You can create a NAT gateway in a VPC. Then, create a source network address translation (SNAT) entry to bind the vSwitch that is associated with the fully managed Flink service to an elastic IP address (EIP). This way, the service can access the Internet by using the EIP. For more information, see How does the fully managed Flink service access the Internet?