Orchestrator

Available when using an authoring Data Collector version 5.6.0 or later.

To create an Orchestrator connection, the Orchestrator stage library, streamsets-datacollector-orchestrator-lib, must be installed on the selected authoring Data Collector.

For a description of the Orchestrator connection properties, see Orchestrator Connection Properties.

After you create an Orchestrator connection, you can use the connection in the following stages:
Engine Stages
Data Collector 5.6.0 or later
  • Start Jobs origin
  • Control Hub API processor
  • Start Jobs processor
  • Wait for Jobs processor
Note: You cannot use the same connection in the Control Hub API processor and the other stages. The property values and supported properties differ for the Control Hub API processor.

Orchestrator Connection Properties

When creating an Orchestrator connection, configure the following property on the Control Hub tab:
Property Description
Control Hub URL URL to Control Hub or a Control Hub REST API.

For connections used in the Control Hub API processor, specify the URL to a Control Hub REST API.

For connections used in other orchestrator stages, specify the URL to the Control Hub instance that runs jobs:
  • For Control Hub cloud, enter https://cloud.streamsets.com.
  • For Control Hub on-premises, enter the URL provided by your system administrator. For example, https://<hostname>:18631.
Configure the following properties on the Credentials tab:
Property Description
Authentication Type Method for specifying authentication details:
  • User & Password (SCH 3.x only) - Use when Data Collector is registered with Control Hub cloud or Control Hub on-premises version 3.x.
  • API User Credentials - Use when Data Collector is deployed from Control Hub in IBM StreamSets.
User Name Control Hub user that starts the jobs or that calls the API. Enter in the following format:
<ID>@<organization ID>

Available when Authentication Type is set to User & Password.

Auth ID ID of a Control Hub API credential for someone authorized to run the job or someone authorized to call the API.

Available when Authentication Type is set to API User Credentials.

Password Password for the specified Control Hub user or the token for the specified Control Hub API credential.
Tip: To secure sensitive information, you can use credential stores or runtime resources.
Configure the following property on the HTTP tab:
Property Description
Use Proxy Enables using an HTTP proxy to connect to Control Hub.
If you selected Use Proxy, configure the following properties on the Proxy tab:
Proxy Property Description
Proxy URI Proxy URI.
Username Proxy user name.
Password Proxy password.
Tip: To secure sensitive information, you can use credential stores or runtime resources.
Configure the following properties on the TLS tab:
TLS Property Description
Use TLS Enables the use of TLS.
Use Remote Keystore Enables loading the contents of the keystore from a remote credential store or from values entered in the stage properties.

For more information, see Remote Keystore and Truststore.

Only used in connections for the Control Hub API processor.

Private Key Private key used in the remote keystore. Enter a credential function that returns the key or enter the contents of the key.

For more information about credential functions, see Credential Functions.

Only used in connections for the Control Hub API processor.

Certificate Chain Each PEM certificate used in the remote keystore. Enter a credential function that returns the certificate or enter the contents of the certificate.

Using simple or bulk edit mode, click the Add icon to add additional certificates.

For more information about credential functions, see Credential Functions.

Only used in connections for the Control Hub API processor.

Keystore File Path to the local keystore file. Enter an absolute path to the file or enter the following expression to define the file stored in the Data Collector resources directory: ${runtime:resourcesDirPath()}/keystore.jks

By default, no keystore is used.

Only used in connections for the Control Hub API processor.

Keystore Type Type of keystore to use. Use one of the following types:
  • Java Keystore File (JKS)
  • PKCS #12 (p12 file)

Default is Java Keystore File (JKS).

Only used in connections for the Control Hub API processor.

Keystore Password Password to the keystore file. A password is optional, but recommended.
Tip: To secure sensitive information, you can use credential stores or runtime resources.

Only used in connections for the Control Hub API processor.

Keystore Key Algorithm Algorithm to manage the keystore.

Default is SunX509.

Only used in connections for the Control Hub API processor.

Use Remote Truststore Enables loading the contents of the truststore from a remote credential store or from values entered in the stage properties.

For more information, see Remote Keystore and Truststore.

Trusted Certificates Each PEM certificate used in the remote truststore. Enter a credential function that returns the certificate or enter the contents of the certificate.

Using simple or bulk edit mode, click the Add icon to add additional certificates.

Truststore File Path to the local truststore file. Enter an absolute path to the file or enter the following expression to define the file stored in the Data Collector resources directory: ${runtime:resourcesDirPath()}/truststore.jks

By default, no truststore is used.

Truststore Type Type of truststore to use. Use one of the following types:
  • Java Keystore File (JKS)
  • PKCS #12 (p12 file)

Default is Java Keystore File (JKS).

Truststore Password Password to the truststore file. A password is optional, but recommended.
Tip: To secure sensitive information, you can use credential stores or runtime resources.
Truststore Trust Algorithm Algorithm to manage the truststore.

Default is SunX509.

Use Default Protocols Uses the default TLSv1.2 transport layer security (TLS) protocol. To use a different protocol, clear this option.
Transport Protocols TLS protocols to use. To use a protocol other than the default TLSv1.2, click the Add icon and enter the protocol name. You can use simple or bulk edit mode to add protocols.
Note: Older protocols are not as secure as TLSv1.2.
Use Default Cipher Suites Uses a default cipher suite for the SSL/TLS handshake. To use a different cipher suite, clear this option.
Cipher Suites Cipher suites to use. To use a cipher suite that is not a part of the default set, click the Add icon and enter the name of the cipher suite. You can use simple or bulk edit mode to add cipher suites.

Enter the Java Secure Socket Extension (JSSE) name for the additional cipher suites that you want to use.