You can collect Object Storage Service (OSS) events from MnsOss event sources and manage the events accordingly. This is suitable for scenarios where facial recognition is required. This topic describes how to use Knative to manage MnsOss event sources.

Prerequisites

Step 1: Deploy MnsOss

  1. Log on to the ACK console.
  2. In the left-side navigation pane of the ACK console, click Clusters.
  3. On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
  4. On the details page of the cluster, choose Applications > Knative.
  5. On the Components tab, find MnsOss and click Deploy in the Actions column.
  6. In the Deploy MnsOss message, click Confirm.

Step 2: Configure OSS event notification settings

  1. Log on to the OSS console.
  2. In the left-side navigation pane, click Buckets. On the Buckets page, click the name of the bucket for which you want to configure event notification rules.
  3. In the left-side navigation pane, choose Basic Settings > Event Notification.
  4. In the Event Notification section, click Configure. On the page that appears, click Create Rule.
  5. In the Create Rule panel, set the following parameters.
    Parameter Description
    Rule Name Specify the name of the event notification rule.

    The name of each event notification rule that is created by using the same Alibaba Cloud account must be unique in the same region. The name of an event notification rule must start with a letter and can contain only letters, digits, and hyphens (-). The name cannot exceed 85 characters in length.

    Events Select one or more events that can trigger the event notification rule from the drop-down list. For example, if you want to receive a notification when a specific object is created or overwritten by copying an object, select CopyObject.

    You can configure an event notification rule for a specific object and specify multiple types of events that can trigger the rule. You can also configure multiple event notification rules for an object. When you configure multiple event notification rules, take note of the following items:

    • If the multiple event notification rules apply to the same object, the values of this parameter in these rules must be different. For example, if you select CopyObject for Events when you create an event notification rule for objects whose names contain the images prefix, CopyObject cannot be selected for Events when you create another event notification rule for objects whose names contain the same images prefix.
    • If the multiple event notification rules apply to different objects, the values of this parameter in these rules can be the same. For example, if you select PutObject for Events when you create an event notification rule for objects whose names contain the images prefix and the .png suffix, you can select PutObject or DeleteObject for Events when you create another event notification rule for objects whose names contain the log prefix and the .jpg suffix.
    Notice If you do not specify the version ID when you delete an object from a versioned bucket, the DeleteObject or DeleteObjects event notification is not triggered. In this case, no version of the object is deleted. The current version of the object is converted into a previous version and a delete marker is added to the object.

    For more information about the object operations that correspond to the event types, see Events.

    Resource Description Specify the objects to which the event notification rule applies.
    • Select Full Name to apply the rule to an object whose name matches the specified name.
      • To create a rule that applies to an object named exampleobject.txt in the root directory of the bucket, enter exampleobject.txt.
      • To create a rule that applies to an object named myphoto.jpg in the destdir directory within the root directory of the bucket, enter destdir/myphoto.jpg.
    • Select Prefix and Suffix to apply the rule to objects whose names contain the specified prefix and suffix.
      • To create a rule that applies to all objects in the bucket, leave Prefix and Suffix empty.
      • To create a rule that applies to all objects in the examplefolder directory within the root directory of the bucket, set Prefix to examplefolder/ and leave Suffix empty.
      • To create a rule that applies to all JPG objects in the bucket, leave Prefix empty and set Suffix to .jpg.
      • To create a rule that applies to all MP3 objects in the examplefolder directory within the root directory of the bucket, set Prefix to examplefolder/ and Suffix to .mp3.

    To create a Resource Description entry, click Add. You can create up to five Resource Description entries.

    Endpoint Specify the endpoint to which notifications are sent. Valid values: HTTP and Queue.
    • HTTP: Enter the HTTP endpoint to which notifications are sent. Example: http://198.51.100.1:8080. For more information about how to enable an HTTP endpoint, see Manage topics and HttpEndpoint.
    • Queue: Enter the name of an MNS queue. For more information about how to create a queue, see Create a queue.

    To create an endpoint, click Add. You can create up to five endpoints.

  6. Click OK.
    After you configure the event notification rule, the rule takes effect after approximately 10 minutes. After you configure the OSS event notification settings, a topic is created on the Topics page in the MNS console.

Step 3: Create an MNS token

  1. Log on to the MNS console.
  2. In the left-side navigation pane, click Topics.
  3. In the top navigation bar, select a region from the drop-down list.
  4. On the Topics page, click the topic that you want to manage.
  5. On the Topics page, click Get Endpoint in the upper-right corner of the page.
  6. In the Endpoint section of the Topic Details page, copy the public endpoint.
  7. Obtain an AccessKey ID and AccessKey secret of the current account. For more information, see How can I obtain an AccessKey pair?.
  8. Run the following command to encode the public endpoint, AccessKey ID, and AccessKey secret by using Base64. Then, a token is generated.
    echo '{ "url":"https://xxxx.mns.cn-shanghai.aliyuncs.com/", "accessKeyId":"xxx","accessKeySecret":"xx" }' | base64
  9. Create a Secret to store and manage the token.
    1. Create a file named mnsoss-secret.yaml.
      apiVersion: v1
      kind: Secret
      metadata:
        name: mnsoss-secret
      type: Opaque
      data:
        mns: eyAidXJsIjoiaHR0cHM6Ly94eHh4Lm1ucy5jbi1zaGFuZ2hhaS5hbGl5dW5jcy5jb20vIiwgImFjY2Vzc0tleUlkIjoieHh4IiwiYWNjZXNzS2V5U2VjcmV0IjoieHgi****

      Replace the value of mns with the token that is generated in Step 8.

    2. Run the following command to create a Secret:
      kubectl apply -f mnsoss-secret.yaml

Step 4: Create a service account and a service broker

  1. Create a service account.
    1. Create a file named mnsoss-sa.yaml.
      apiVersion: rbac.authorization.k8s.io/v1
      kind: ClusterRoleBinding
      metadata:
        name: eventing-sources-mnsoss
      subjects:
      - kind: ServiceAccount
        name: mnsoss-sa
        namespace: default
      roleRef:
        apiGroup: rbac.authorization.k8s.io
        kind: ClusterRole
        name: eventing-sources-mnsoss-controller
      ---
      apiVersion: v1
      kind: ServiceAccount
      metadata:
        name: mnsoss-sa
    2. Run the following command to create a service account:
      kubectl apply -f mnsoss-sa.yaml
  2. Run the following command to create a service broker:
    kubectl label namespace default knative-eventing-injection=enabled

Step 5: Create an MnsOss event source

To receive MnsOss events, you must create an MnsOss event source.

  1. Create a file named mnsoss-source.yaml.
    apiVersion: sources.eventing.knative.dev/v1alpha1
    kind: MnsOssSource
    metadata:
      labels:
        controller-tools.k8s.io: "1.0"
      name: mnsoss-face
    spec:
      # Add fields here
      serviceAccountName: mnsoss-sa
      accessToken:
        secretKeyRef:
          name: mnsoss-secret
          key: mns
      sink:
        apiVersion: eventing.knative.dev/v1alpha1
        kind: Broker
        name: default
      topic: mns-en-topics-oss-face-image-2381221888dds9129

    Set topic to the name of the topic that is generated in the MNS console.

  2. Run the following command to create an MnsOss event source:
    kubectl  apply -f mnsoss-source.yaml

Step 6: Create a Knative Service

Create a Knative Service to verify whether the created MnsOss event source works as normal. A Knative Service named event-display is created in this example.

  1. Create a service.yaml file.
    apiVersion: serving.knative.dev/v1
    kind: Service
    metadata:
      name: event-dispaly
      namespace: default
    spec:
      template:
        spec:
          containers:
          - image: registry.cn-hangzhou.aliyuncs.com/knative-sample/event-display:1215
  2. Run the following command to create a Knative Service:
    kubectl apply -f service.yaml

Step 7: Create a trigger

Create a trigger to subscribe to OSS events.

  1. Create a file named trigger.yaml.
    apiVersion: eventing.knative.dev/v1alpha1
    kind: Trigger
    metadata:
      name: oss-trigger
      namespace: default
    spec:
      subscriber:
        ref:
          apiVersion: serving.knative.dev/v1alpha1
          kind: Service
          name: event-dispaly
  2. Run the following command to create a trigger:
    kubectl apply -f trigger.yaml

Result

When you upload files to the OSS bucket, notifications are sent to pods.
2020/12/16 13:04:19 receive cloudevents.Event:
{"events": [{
            "eventName": "ObjectCreated:PostObject",
            "eventSource": "acs:oss",
            "eventTime": "2019-06-18T06:44:16.000Z",
            "eventVersion": "1.0",
            "oss": {
                "bucket": {
                    "arn": "acs:oss:cn-beijing:1041208914252405:testjian",
                    "name": "testjian",
                    "ownerIdentity": "1041208914252405",
                    "virtualBucket": ""},
                "object": {
                    "deltaSize": 0,
                    "eTag": "137138904F2E18D307D04EB38EA44CDA",
                    "key": "timg.jpg",
                    "size": 12990},
                "ossSchemaVersion": "1.0",
                "ruleId": "demo-i****"},
            "region": "cn-beijing",
            "requestParameters": {"sourceIPAddress": "42.120.7*.***"},
            "responseElements": {"requestId": "5D08884070BC12B192C6****"},
            "userIdentity": {"principalId": "104120891425****"}}]}