# Dataproc with BigLake Metastore

A guide to setting up a single-node Dataproc cluster with a BigLake Metastore.

**Note:** Steps 1-3 are for provisioning the cluster from your local environment.

## Step 1: Configure Cluster Settings

Set the configuration for your Dataproc cluster. **Replace placeholders** with your Google Cloud project details.

In [None]:
# CONFIG: Replace these values with your project details.
PROJECT_ID = "my-project-id"  # Your Google Cloud project ID
REGION = "us-central1"      # The region for the cluster
CLUSTER_NAME = "my-single-node-cluster"  # A name for your Dataproc cluster
BUCKET_NAME = f"{PROJECT_ID}-dataproc-bucket"  # A unique GCS bucket name

# Hive settings
HIVE_DB = "my_hive_db"
HIVE_TABLE = f"{HIVE_DB}.people_hive"
HIVE_GCS_TABLE = f"{HIVE_DB}.people_hive_gcs"

# Iceberg on Hive settings
ICEBERG_HIVE_CATALOG = "iceberg_on_hive"
ICEBERG_HIVE_DB = "my_iceberg_db"
ICEBERG_HIVE_TABLE = f"{ICEBERG_HIVE_CATALOG}.{ICEBERG_HIVE_DB}.people_iceberg"
ICEBERG_HIVE_FROM_BQ = f"{ICEBERG_HIVE_CATALOG}.{ICEBERG_HIVE_DB}.people_filtered_bq"
ICEBERG_HIVE_FROM_SPARK = f"{ICEBERG_HIVE_CATALOG}.{ICEBERG_HIVE_DB}.people_filtered_spark"

# Iceberg on BigLake Metastore settings
BIGLAKE_DATASET = "my_iceberg_metastore"
BIGLAKE_TABLE = f"{BIGLAKE_DATASET}.people_biglake"
ICEBERG_BIGLAKE_CATALOG = "iceberg_on_bq"
ICEBERG_BIGLAKE_TABLE = f"{ICEBERG_BIGLAKE_CATALOG}.{BIGLAKE_TABLE}"
ICEBERG_BIGLAKE_FROM_SPARK = f"{ICEBERG_BIGLAKE_CATALOG}.{BIGLAKE_DATASET}.people_filtered_spark"

# # Trino on GCE settings
# GCE_INSTANCE_TRINO = "trino-biglake-vm"
# GCE_ZONE_TRINO = "us-central1-a"
GCE_INSTANCE_SPARK = "spark-biglake-vm"
GCE_ZONE_SPARK = "us-central1-a"

## Step 2: Create and Upload Initialization Script

This script downloads Iceberg and BigQuery JARs and places them in Spark's classpath. It's uploaded to a GCS bucket for use during cluster creation.

In [None]:
# This script downloads required JARs for Iceberg on BigLake Metastore integration.
init_script_content = """#!/bin/bash
# install-jars.sh
set -e -x

# URLs for the JAR files
ICEBERG_RUNTIME_URL="https://storage-download.googleapis.com/maven-central/maven2/org/apache/iceberg/iceberg-spark-runtime-3.5_2.12/1.6.1/iceberg-spark-runtime-3.5_2.12-1.6.1.jar"
BQ_CATALOG_JAR_GCS="gs://spark-lib/bigquery/iceberg-bigquery-catalog-1.6.1-1.0.1-beta.jar"

# Download JARs to Spark's classpath
wget -P /usr/lib/spark/jars/ "$ICEBERG_RUNTIME_URL"
gsutil cp "$BQ_CATALOG_JAR_GCS" /usr/lib/spark/jars/
"""

# Define local and GCS paths
local_script_path = "install-jars.sh"
gcs_script_path = f"gs://{BUCKET_NAME}/scripts/{local_script_path}"

# Write the script to a local file
with open(local_script_path, "w") as f:
    f.write(init_script_content)

print(f"Initialization script created at: {local_script_path}")

# Upload the script to GCS
!gsutil cp {local_script_path} {gcs_script_path}

print(f"Successfully uploaded script to: {gcs_script_path}")

## Step 3: Create Dataproc Cluster with Iceberg Catalog

This command creates a Dataproc cluster with the necessary Spark properties for Iceberg. Setting these at the cluster level ensures the Spark session is pre-configured.

In [None]:
# Define properties for the Dataproc cluster
properties_list = [
    "spark:spark.sql.extensions=org.apache.iceberg.spark.extensions.IcebergSparkSessionExtensions",
    f"spark:spark.sql.catalog.{ICEBERG_HIVE_CATALOG}=org.apache.iceberg.spark.SparkCatalog",
    f"spark:spark.sql.catalog.{ICEBERG_HIVE_CATALOG}.type=hive",
    f"spark:spark.sql.catalog.{ICEBERG_HIVE_CATALOG}.warehouse=hdfs:///user/iceberg_on_hive",
    f"spark:spark.sql.catalog.{ICEBERG_BIGLAKE_CATALOG}=org.apache.iceberg.spark.SparkCatalog",
    f"spark:spark.sql.catalog.{ICEBERG_BIGLAKE_CATALOG}.catalog-impl=org.apache.iceberg.gcp.bigquery.BigQueryMetastoreCatalog",
    f"spark:spark.sql.catalog.{ICEBERG_BIGLAKE_CATALOG}.gcp_project={PROJECT_ID}",
    f"spark:spark.sql.catalog.{ICEBERG_BIGLAKE_CATALOG}.location={REGION}",
    f"spark:spark.sql.catalog.{ICEBERG_BIGLAKE_CATALOG}.warehouse=gs://{BUCKET_NAME}/{ICEBERG_BIGLAKE_CATALOG}"
]
PROPERTIES = ",".join(properties_list)

# Create the Dataproc cluster
!gcloud dataproc clusters create {CLUSTER_NAME} \
    --project {PROJECT_ID} \
    --region {REGION} \
    --single-node \
    --image-version 2.2-debian12 \
    --optional-components=JUPYTER \
    --enable-component-gateway \
    --bucket {BUCKET_NAME} \
    --initialization-actions={gcs_script_path} \
    --properties="{PROPERTIES}"

print(f"Cluster '{CLUSTER_NAME}' creation initiated.")

## Step 4: Access Jupyter and Get Spark Session

Once the cluster is running, access the Jupyter environment. The Spark session is pre-configured, so no extra setup is needed.

In [None]:
# Get the pre-configured Spark session
from pyspark.sql import SparkSession

spark = SparkSession.builder.getOrCreate()

print("Spark session is active and ready to use.")

## Step 5: Create a Sample DataFrame and Write to HDFS

Create a sample DataFrame and write it to HDFS as a Parquet file.

In [None]:
# Create a sample DataFrame
df = spark.createDataFrame(
    [('Alice', 25), ('Bob', 30), ('Charlie', 35)], ['name', 'age'])

# Write the DataFrame to HDFS
df.write.mode('overwrite').parquet('/user/my_data/people')

# Verify the file was created in HDFS
!hdfs dfs -ls /user/my_data/people

---

## Scenario 1: Create a Hive Table from HDFS

Create a Hive table from the data in HDFS.

In [None]:
# Create a Hive database
spark.sql(
    f"CREATE DATABASE IF NOT EXISTS {HIVE_DB} LOCATION 'hdfs:///user/hive_db'")

# Drop the table if it already exists
spark.sql(f"DROP TABLE IF EXISTS {HIVE_TABLE}")

# Create an external Hive table pointing to the HDFS data
spark.sql(f"""
    CREATE EXTERNAL TABLE IF NOT EXISTS {HIVE_TABLE} (
        name STRING,
        age BIGINT
    )
    STORED AS PARQUET
    LOCATION '/user/my_data/people'
""")

print("--- Standard Hive Table ---")
# Query the Hive table
spark.sql(f"SELECT * FROM {HIVE_TABLE}").show()

## Scenario 2: Create an Iceberg Table from HDFS

Create an Iceberg table using the Hive metastore.

In [None]:
print("Verifying the Iceberg catalog...")
# Show databases in the Hive Iceberg catalog
spark.sql(f"SHOW DATABASES IN {ICEBERG_HIVE_CATALOG}").show()

# Create a database in the Hive Iceberg catalog
spark.sql(
    f"CREATE DATABASE IF NOT EXISTS {ICEBERG_HIVE_CATALOG}.{ICEBERG_HIVE_DB}")

# Write the DataFrame to an Iceberg table
spark.sql(f"SELECT * FROM {HIVE_TABLE}") \
    .write \
    .format("iceberg") \
    .mode("overwrite") \
    .saveAsTable(ICEBERG_HIVE_TABLE)

print("--- Iceberg Table on Hive Metastore ---")
# Query the Iceberg table
spark.sql(f"SELECT * FROM {ICEBERG_HIVE_TABLE}").show()

---

## Scenario 3: Create a Hive (or Iceberg) Table from GCS

Copy the Parquet file to GCS and create a Hive table from it.

In [None]:
# Define GCS path and create the GCS directory if needed
GCS_PATH = f"gs://{BUCKET_NAME}/hive_on_gcs/data"
!touch _CF && gsutil cp -r _CF {GCS_PATH}/ && rm _CF

# Copy the HDFS data to GCS
!hdfs dfs -cp /user/my_data/people {GCS_PATH}/{HIVE_GCS_TABLE}

# Drop the table if it already exists
spark.sql(f"DROP TABLE IF EXISTS {HIVE_GCS_TABLE}")

# Create an external Hive table pointing to the GCS data
spark.sql(f"""
    CREATE EXTERNAL TABLE IF NOT EXISTS {HIVE_GCS_TABLE} (
        name STRING,
        age BIGINT
    )
    STORED AS PARQUET
    LOCATION '{GCS_PATH}/{HIVE_GCS_TABLE}'
""")

print("--- Hive Table on GCS ---")
# Query the Hive table
spark.sql(f"SELECT * FROM {HIVE_GCS_TABLE}").show()

## Scenario 4: Create an Iceberg Table with BigLake Metastore

Create an Iceberg table using the BigLake metastore.

In [None]:
print("Verifying the BigQuery catalog...")
# Show databases in the BigQuery Iceberg catalog
spark.sql(f"SHOW DATABASES IN {ICEBERG_BIGLAKE_CATALOG}").show()

# Create the BigQuery dataset to act as the metastore
!bq mk --connection --location={REGION} --project_id={PROJECT_ID} --connection_type=CLOUD_RESOURCE default-{REGION}
!bq --location={REGION} mk --dataset {PROJECT_ID}:{BIGLAKE_DATASET}

# Drop the table if it already exists
spark.sql(f"DROP TABLE IF EXISTS {ICEBERG_BIGLAKE_TABLE}")

# Create the Iceberg table in the BigLake metastore
spark.sql(f"""
CREATE TABLE IF NOT EXISTS
  {ICEBERG_BIGLAKE_TABLE} ( name string,
    age int )
USING
  ICEBERG TBLPROPERTIES ('bq_connection'='projects/{PROJECT_ID}/locations/{REGION}/connections/default-{REGION}');
""")

# Save the DataFrame to the BigLake metastore
spark.sql(f"SELECT * FROM {ICEBERG_HIVE_TABLE}") \
    .write \
    .format("iceberg") \
    .mode("overwrite") \
    .save(ICEBERG_BIGLAKE_TABLE)

# Query the Iceberg table from Spark
# spark.sql(f"SELECT * FROM {ICEBERG_BIGLAKE_TABLE}").show()

sql_query = f"SELECT * FROM {BIGLAKE_TABLE}"
df = spark.read \
    .format("bigquery") \
    .option("viewsEnabled", "true") \
    .option("query", sql_query) \
    .option("materializationDataset", BIGLAKE_DATASET) \
    .load()
df.show()

---

## Scenario 5: Push Down Computation to BigQuery

Use the BigQuery Connector to execute a SQL query directly in BigQuery. Only the results are returned to Spark.

In [None]:
# This query is executed directly in BigQuery
bq_sql_query = f"""
SELECT
    name,
    age
FROM
    {BIGLAKE_TABLE}
WHERE
    age > 28
"""

# Use the 'bigquery' format to send the query to BigQuery
filtered_df = spark.read \
    .format("bigquery") \
    .option("viewsEnabled", "true") \
    .option("query", bq_sql_query) \
    .option("materializationDataset", BIGLAKE_DATASET) \
    .load()

print(f"--- Data returned from BigQuery ---")
filtered_df.show()

# Save the filtered results to the Hive metastore
filtered_df.write.format("iceberg").mode(
    "overwrite").saveAsTable(ICEBERG_HIVE_FROM_BQ)

print("--- Iceberg Table on Hive Metastore ---")
spark.sql(f"SELECT * FROM {ICEBERG_HIVE_FROM_BQ}").show()

## Scenario 6: Push Down Computation with Serverless Spark

Use Serverless Spark to execute a query. The results are written to the Hive metastore.

In [None]:
# Python script for the Spark job
pyspark_job_content = f"""
from pyspark.sql import SparkSession

# These values are injected by the gcloud command
ICEBERG_BIGLAKE_TABLE = "{ICEBERG_BIGLAKE_TABLE}"
ICEBERG_BIGLAKE_FROM_SPARK = f"{ICEBERG_BIGLAKE_FROM_SPARK}"

def main():
    spark = SparkSession.builder \\
        .appName("Dataproc Serverless Spark Filter") \\
        .getOrCreate()

    # This is a Spark SQL query, not a BigQuery query
    filter_query = f'''
    SELECT
        name,
        age
    FROM
        {{ICEBERG_BIGLAKE_TABLE}}
    WHERE
        age > 28
    '''

    print(f"--- Running Spark SQL query: {{filter_query}} ---")

    filtered_df = spark.sql(filter_query)

    print("--- Filtered data computed by Spark ---")
    filtered_df.show()

    # Save results to a new Iceberg table
    print(f"--- Saving results to: {{ICEBERG_BIGLAKE_FROM_SPARK}} ---")
    filtered_df.write \\
        .format("iceberg") \\
        .mode("overwrite") \\
        .saveAsTable(ICEBERG_BIGLAKE_FROM_SPARK)

    print("Job completed.")

if __name__ == "__main__":
    main()
"""

# Define local and GCS paths for the job script
local_job_path = "filter_job_spark_sql.py"
gcs_job_path = f"gs://{BUCKET_NAME}/scripts/{local_job_path}"

# Write and upload the script
with open(local_job_path, "w") as f:
    f.write(pyspark_job_content)

!gsutil cp {local_job_path} {gcs_job_path}

print(f"Successfully uploaded Spark job script to: {gcs_job_path}")

In [None]:
# Define properties for the serverless Dataproc job
properties_list = [
    "spark.sql.extensions=org.apache.iceberg.spark.extensions.IcebergSparkSessionExtensions",
    f"spark.sql.catalog.{ICEBERG_BIGLAKE_CATALOG}=org.apache.iceberg.spark.SparkCatalog",
    f"spark.sql.catalog.{ICEBERG_BIGLAKE_CATALOG}.catalog-impl=org.apache.iceberg.gcp.bigquery.BigQueryMetastoreCatalog",
    f"spark.sql.catalog.{ICEBERG_BIGLAKE_CATALOG}.gcp_project={PROJECT_ID}",
    f"spark.sql.catalog.{ICEBERG_BIGLAKE_CATALOG}.location={REGION}",
    f"spark.sql.catalog.{ICEBERG_BIGLAKE_CATALOG}.warehouse=gs://{BUCKET_NAME}/{ICEBERG_BIGLAKE_CATALOG}"
]
PROPERTIES = ",".join(properties_list)

# Submit the PySpark job to a serverless Dataproc cluster
!gcloud dataproc batches submit pyspark {gcs_job_path} \
    --project={PROJECT_ID} \
    --region={REGION} \
    --batch="serverless-spark-engine-job" \
    --version="2.2" \
    --subnet="default" \
    --jars="gs://spark-lib/bigquery/iceberg-bigquery-catalog-1.6.1-1.0.1-beta.jar,https://storage-download.googleapis.com/maven-central/maven2/org/apache/iceberg/iceberg-spark-runtime-3.5_2.12/1.6.1/iceberg-spark-runtime-3.5_2.12-1.6.1.jar" \
    --properties="{PROPERTIES}"

print("Serverless batch job submitted.")

In [None]:
# Query the table created by the serverless Spark job
print(f"--- Data returned from Spark query ---")
spark.sql(f"SELECT * FROM {ICEBERG_BIGLAKE_FROM_SPARK}").show()

# Create a new Iceberg table from the results
spark.sql(f"""
    CREATE TABLE IF NOT EXISTS {ICEBERG_HIVE_FROM_SPARK}
    USING iceberg
    AS
    SELECT * FROM {ICEBERG_BIGLAKE_FROM_SPARK}
""")

print("--- Iceberg Table on Hive Metastore ---")
spark.sql(f"SELECT * FROM {ICEBERG_HIVE_FROM_SPARK}").show()

---

## [WIP - Not Working] Scenario 7: Trino on GCE with BigLake Metastore
#### Notes: (1) Currently there's limited/no header support on the Iceberg connector for Trino 476 *header.x-goog-user-project*, which is needed to connect to *v1beta/restcatalog*. (2) There's a OAUTH2 token decoding error using the latest Iceberg connector.

This scenario demonstrates how to set up a Trino server on a Google Compute Engine (GCE) virtual machine, install Trino using Docker, and configure it to access the BigLake Metastore via the Iceberg REST API.

### Create a GCE VM

First, create a GCE instance with the necessary scopes to interact with BigQuery and Cloud Storage.

In [None]:
# # Create a GCE instance
# startup_script = """#!/bin/bash
# sudo apt-get update
# sudo apt-get install -y apt-transport-https ca-certificates curl gnupg lsb-release
# curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
# echo \
#   "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian \
#   $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
# sudo apt-get update
# sudo apt-get install -y docker-ce docker-ce-cli containerd.io python3 python3-pip
# sudo systemctl start docker
# sudo systemctl enable docker
# sudo usermod -aG docker $USER
# """

# # Write the script to a local file in your notebook environment
# with open("startup.sh", "w") as f:
#     f.write(startup_script)

# print("Startup script saved to startup.sh")

# # Create the GCE instance using the script file
# # This is the corrected command
# !gcloud compute instances create {GCE_INSTANCE_TRINO} \
#     --project={PROJECT_ID} \
#     --zone={GCE_ZONE_TRINO} \
#     --machine-type=e2-medium \
#     --image-family=debian-11 \
#     --image-project=debian-cloud \
#     --scopes=https://www.googleapis.com/auth/cloud-platform \
#     --tags=http-server,https-server \
#     --metadata-from-file=startup-script=startup.sh

# print(f"GCE instance '{GCE_INSTANCE_TRINO}' creation initiated.")

### Install and Configure Trino with Docker

Once the VM is running, SSH into it and install Docker. Then, configure Trino to use the BigLake Metastore.

In [None]:
# trino_script = f"""#!/bin/bash
# set -e # Exit immediately if a command exits with a non-zero status.

# echo "--- SCRIPT START ---"

# # Install required Python packages
# echo "Installing required Python packages..."
# pip install google-auth google-auth-oauthlib google-auth-httplib2

# # Get access token using Python
# echo "Getting Google Cloud access token..."
# ACCESS_TOKEN=$(python3 << 'EOF'
# import sys
# import google.auth
# from google.auth.transport.requests import Request

# def get_access_token():
#     try:
#         credentials, project_id = google.auth.default()
#         credentials.refresh(Request())
#         access_token = credentials.token
#         return access_token, project_id
#     except Exception as e:
#         print(f"Error getting credentials: {{e}}", file=sys.stderr)
#         return None, None

# # Get the token
# access_token, project_id = get_access_token()

# if access_token:
#     print(access_token)
# else:
#     sys.exit(1)
# EOF
# )

# # Check if we got the access token
# if [ -z "$ACCESS_TOKEN" ]; then
#     echo "Failed to get access token"
#     exit 1
# fi

# echo "Access token obtained successfully"
# echo "Token preview: ${{ACCESS_TOKEN:0:20}}..."

# # Create Trino config directories
# mkdir -p ~/trino/etc/catalog

# # Create the Iceberg catalog file with the ACTUAL ACCESS TOKEN
# echo "Creating Trino config..."
# cat <<EOF > ~/trino/etc/catalog/{ICEBERG_BIGLAKE_CATALOG}.properties
# connector.name=iceberg
# iceberg.catalog.type=rest
# iceberg.rest-catalog.uri=https://biglake.googleapis.com/iceberg/v1beta/restcatalog
# iceberg.rest-catalog.warehouse=gs://{BUCKET_NAME}/{ICEBERG_BIGLAKE_CATALOG}
# iceberg.rest-catalog.security=OAUTH2
# iceberg.rest-catalog.oauth2.token=$ACCESS_TOKEN
# EOF

# # Create the other Trino config files
# cat <<EOF > ~/trino/etc/jvm.config
# -server
# -Xmx1G
# -XX:+UseG1GC
# -XX:G1HeapRegionSize=32M
# -XX:+UseGCOverheadLimit
# -XX:+ExplicitGCInvokesConcurrent
# -XX:+HeapDumpOnOutOfMemoryError
# -XX:+ExitOnOutOfMemoryError
# EOF

# cat <<EOF > ~/trino/etc/node.properties
# node.environment=production
# node.data-dir=/data/trino
# EOF

# cat <<EOF > ~/trino/etc/config.properties
# coordinator=true
# node-scheduler.include-coordinator=true
# http-server.http.port=8080
# discovery.uri=http://localhost:8080
# EOF

# # Stop and remove any existing Trino container
# sudo docker stop trino || true
# sudo docker rm trino || true

# # Pull and run the Trino container
# echo "Starting Trino container..."
# sudo docker run -d --name trino \
#     -p 8080:8080 \
#     -v ~/trino/etc:/etc/trino \
#     trinodb/trino:476

# echo "--- SCRIPT FINISHED ---"
# echo "Trino should now be starting successfully. Please check 'docker logs trino'."
# """

# # Write the script to a local file
# with open("setup_trino.sh", "w") as f:
#     f.write(trino_script)
# print("Local script 'setup_trino.sh' created.")

# !gcloud compute scp setup_trino.sh {GCE_INSTANCE_TRINO}:~/ --project={PROJECT_ID} --zone={GCE_ZONE_TRINO}
# print(f"Script copied to '{GCE_INSTANCE_TRINO}'.")

# !gcloud compute ssh {GCE_INSTANCE_TRINO} --project={PROJECT_ID} --zone={GCE_ZONE_TRINO} --command="chmod +x ~/setup_trino.sh && bash ~/setup_trino.sh"
# print(f"Trino installation command executed on '{GCE_INSTANCE_TRINO}'.")

### Query Data from Trino

Now, you can connect to the Trino server and query the Iceberg table managed by BigLake Metastore.

In [None]:
# # Query from Trino
# !gcloud compute ssh {GCE_INSTANCE_TRINO} --project={PROJECT_ID} --zone={GCE_ZONE_TRINO} --command="""
#     docker exec trino trino --catalog {ICEBERG_BIGLAKE_CATALOG} --schema {BIGLAKE_DATASET} --execute "SHOW SCHEMAS;"
#     docker exec trino trino --catalog {ICEBERG_BIGLAKE_CATALOG} --schema {BIGLAKE_DATASET} --execute "SHOW TABLES;"
#     docker exec trino trino --catalog {ICEBERG_BIGLAKE_CATALOG} --schema {BIGLAKE_DATASET} --execute "SELECT * FROM {BIGLAKE_TABLE};"
# """
# print(f"Queries executed on Trino instance '{GCE_INSTANCE_TRINO}'.")

## [WIP] Scenario 8: Spark on GCE with BigLake Metastore

This scenario demonstrates how to set up a Spark on a Google Compute Engine (GCE) virtual machine, install Spark using Docker, and configure it to access the BigLake Metastore via the Iceberg REST API.

In [None]:
# Create a GCE instance
startup_script = """#!/bin/bash
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl gnupg lsb-release
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install -y docker-ce docker-ce-cli containerd.io
sudo systemctl start docker
sudo systemctl enable docker
sudo usermod -aG docker $USER
"""

# Write the script to a local file in your notebook environment
with open("startup.sh", "w") as f:
    f.write(startup_script)

print("Startup script saved to startup.sh")

# Create the GCE instance using the script file
# This is the corrected command
!gcloud compute instances create {GCE_INSTANCE_SPARK} \
    --project={PROJECT_ID} \
    --zone={GCE_ZONE_SPARK} \
    --machine-type=e2-medium \
    --image-family=debian-11 \
    --image-project=debian-cloud \
    --scopes=https://www.googleapis.com/auth/cloud-platform \
    --tags=http-server,https-server \
    --metadata-from-file=startup-script=startup.sh

print(f"GCE instance '{GCE_INSTANCE_SPARK}' creation initiated.")

### Install and Configure Spark with Docker

Once the VM is running, SSH into it and install Docker. Then, configure Spark to use the BigLake Metastore.

In [None]:
# Step 1: Define the shell script for Spark setup.
spark_setup_script = f"""#!/bin/bash
set -e

echo '--- SCRIPT START ---'

# Pull the Spark Docker image
sudo docker pull bitnami/spark:3.5

# Stop and remove any existing Spark container
sudo docker stop spark-biglake || true
sudo docker rm spark-biglake || true

# Run the Spark container in detached mode with proper GCP authentication
sudo docker run -d --name spark-biglake \\
    --user root \\
    --network host \\
    -e SPARK_HOME=/opt/bitnami/spark \\
    -e JAVA_HOME=/opt/bitnami/java \\
    -e HADOOP_USER_NAME=root \\
    -e USER=root \\
    -e HOME=/root \\
    -e GOOGLE_CLOUD_PROJECT={PROJECT_ID} \\
    -e HADOOP_CONF_DIR=/opt/bitnami/spark/conf \\
    -e HADOOP_HOME=/opt/bitnami/spark \\
    bitnami/spark:3.5

# Setup directories, install packages, and test GCP authentication
docker exec spark-biglake bash -c "
    # Create necessary directories
    mkdir -p /tmp/.ivy2
    chmod 777 /tmp/.ivy2

    # Install required Python packages for OAuth2 authentication
    echo 'Installing required Python packages...'
    pip install google-auth google-auth-oauthlib google-auth-httplib2 || echo 'Package installation failed, continuing...'
"

# Create a Python launcher script for interactive Spark session with OAuth2 authentication
cat <<EOF > ~/spark_launcher.py
#!/usr/bin/env python3

import sys
import code
import google.auth
from google.auth.transport.requests import Request
from pyspark.sql import SparkSession

def main():
    print("=== Getting Google Cloud credentials ===")

    # Get default credentials and project
    try:
        credentials, project_id = google.auth.default()
        credentials.refresh(Request())
        access_token = credentials.token
    except Exception as e:
        print(f"Failed to get credentials: {{e}}")
        sys.exit(1)

    print("=== Initializing Spark with BigLake/Iceberg Configuration ===")

    # Configuration
    catalog_name = "{ICEBERG_BIGLAKE_CATALOG}"
    warehouse_bucket = "gs://{BUCKET_NAME}"

    # Create Spark session with OAuth2 token authentication
    spark = SparkSession.builder \\
        .appName("BigLake-Iceberg-Interactive") \\
        .config("spark.sql.extensions", "org.apache.iceberg.spark.extensions.IcebergSparkSessionExtensions") \\
        .config("spark.sql.defaultCatalog", catalog_name) \\
        .config(f"spark.sql.catalog.{{catalog_name}}", "org.apache.iceberg.spark.SparkCatalog") \\
        .config(f"spark.sql.catalog.{{catalog_name}}.type", "rest") \\
        .config(f"spark.sql.catalog.{{catalog_name}}.uri", "https://biglake.googleapis.com/iceberg/v1beta/restcatalog") \\
        .config(f"spark.sql.catalog.{{catalog_name}}.warehouse", f"{{warehouse_bucket}}/{{catalog_name}}") \\
        .config(f"spark.sql.catalog.{{catalog_name}}.token", access_token) \\
        .config(f"spark.sql.catalog.{{catalog_name}}.oauth2-server-uri", "https://oauth2.googleapis.com/token") \\
        .config(f"spark.sql.catalog.{{catalog_name}}.header.x-goog-user-project", project_id) \\
        .config(f"spark.sql.catalog.{{catalog_name}}.io-impl", "org.apache.iceberg.hadoop.HadoopFileIO") \\
        .config(f"spark.sql.catalog.{{catalog_name}}.rest-metrics-reporting-enabled", "false") \\
        .getOrCreate()

    print("Spark session created successfully!")
    print(f"Spark version: {{spark.version}}")
    print(f"Application ID: {{spark.sparkContext.applicationId}}")
    print("\\n=== Interactive Spark Session Ready ===")

    # Make spark and sc available in the interactive session
    sc = spark.sparkContext

    # Start interactive Python shell with spark session available
    code.interact(local=locals())

if __name__ == "__main__":
    main()
EOF

# Create a helper script to run the interactive Spark session
cat <<EOF > ~/run_pyspark.sh
#!/bin/bash

echo "Starting interactive Spark session with BigLake/Iceberg configuration..."

# Copy the launcher script into the container
docker cp ~/spark_launcher.py spark-biglake:/tmp/spark_launcher.py

# Run the launcher script using spark-submit with comprehensive GCP authentication
docker exec -it spark-biglake /opt/bitnami/spark/bin/spark-submit \\
    --packages org.apache.iceberg:iceberg-spark-runtime-3.5_2.12:1.6.1,org.apache.iceberg:iceberg-gcp:1.6.1 \\
    --conf spark.sql.adaptive.enabled=false \\
    --conf spark.jars.ivy=/tmp/.ivy2 \\
    --conf spark.hadoop.fs.gs.auth.service.account.enable=true \\
    --conf spark.hadoop.google.cloud.auth.service.account.enable=true \\
    --conf spark.hadoop.fs.gs.impl=com.google.cloud.hadoop.fs.gcs.GoogleHadoopFileSystem \\
    --conf spark.hadoop.fs.AbstractFileSystem.gs.impl=com.google.cloud.hadoop.fs.gcs.GoogleHadoopFS \\
    --conf spark.hadoop.security.authentication=simple \\
    --conf spark.hadoop.security.authorization=false \\
    --conf spark.sql.execution.arrow.pyspark.enabled=false \\
    --driver-java-options "-Dhadoop.home.dir=/opt/bitnami/spark -Duser.name=root -DHADOOP_USER_NAME=root -Dcom.google.cloud.hadoop.util.HttpTransportFactory.type=java_net -Djava.security.auth.login.config=/dev/null -Djava.security.krb5.conf=/dev/null -Dhadoop.security.authentication=simple -Dhadoop.security.authorization=false" \\
    --repositories https://repo1.maven.org/maven2/ \\
    /tmp/spark_launcher.py
EOF

chmod +x ~/run_pyspark.sh

echo '--- SCRIPT FINISHED ---'
echo 'Spark container is running.'
echo 'The interactive session will have spark and sc objects available.'
"""

# Step 2: Write the script to a local file.
with open("setup_spark.sh", "w") as f:
    f.write(spark_setup_script)
print("Local script 'setup_spark.sh' created.")

# Step 3: Copy the script to your GCE instance.
!gcloud compute scp setup_spark.sh {GCE_INSTANCE_SPARK}:~/ --project={PROJECT_ID} --zone={GCE_ZONE_SPARK}
print(f"Script copied to '{GCE_INSTANCE_SPARK}'.")

# Step 4: Execute the script on the GCE instance.
!gcloud compute ssh {GCE_INSTANCE_SPARK} --project={PROJECT_ID} --zone={GCE_ZONE_SPARK} --command=\"chmod +x ~/setup_spark.sh && bash ~/setup_spark.sh\"
print(f"Spark installation command executed on '{GCE_INSTANCE_SPARK}'.")

### [WIP] Query Data from Spark

In [None]:
# TBA

---

## Step 6: Clean Up Resources

Delete the Dataproc cluster and GCE instance to avoid charges.

In [None]:
# Delete the Dataproc cluster
!gcloud dataproc clusters delete {CLUSTER_NAME} --region {REGION}

# # Delete the GCE instance
# !gcloud compute instances delete {GCE_INSTANCE_TRINO} --project={PROJECT_ID} --zone={GCE_ZONE_TRINO} --quiet
# print(f"GCE instance '{GCE_INSTANCE_TRINO}' deletion initiated.")
!gcloud compute instances delete {GCE_INSTANCE_SPARK} --project={PROJECT_ID} --zone={GCE_ZONE_SPARK} --quiet
print(f"GCE instance '{GCE_INSTANCE_SPARK}' deletion initiated.")

---

## [WIP] Scenario X: PyIceberg with BigLake Metastore
#### Notes: Currently there's limitation on how PyIceberg can communicate to the Iceberg REST API on the BigLake Metastore, especially on the authentication part.

This scenario demonstrates how to set up a PyIceberg and configure it to access the BigLake Metastore via the Iceberg REST API.

In [None]:
# Install dependencies
!pip install pyiceberg google-auth google-auth-oauthlib google-auth-httplib2 pandas pyarrow

In [None]:
import logging
import os
import sys
from typing import Any, Dict, Optional

try:
    import google.auth
    from google.auth.transport.requests import Request
    import pandas as pd
    from pyiceberg.catalog.rest import RestCatalog
    from pyiceberg.exceptions import NoSuchNamespaceError
    from pyiceberg.exceptions import NoSuchTableError
except ImportError as e:
    print(f"Missing required dependency: {e}")
    print("Please install required packages:")
    print("pip install pyiceberg google-auth google-auth-oauthlib google-auth-httplib2 pandas pyarrow")

# Configure logging
logging.basicConfig(level=logging.INFO,
                    format='%(asctime)s - %(levelname)s - %(message)s')
logger = logging.getLogger(__name__)

In [None]:
class BigLakeIcebergClient:
    """
    A client for connecting to Google Cloud BigLake Metastore using PyIceberg.
    """

    def __init__(self, project_id: str, region: str, bucket_name: str, catalog_name: str = "iceberg_on_bq"):
        """
        Initialize the BigLake Iceberg client.

        Args:
            project_id: Google Cloud project ID
            region: Google Cloud region
            bucket_name: GCS bucket name for Iceberg warehouse
            catalog_name: Name of the Iceberg catalog
        """
        self.project_id = project_id
        self.region = region
        self.bucket_name = bucket_name
        self.catalog_name = catalog_name
        self.warehouse_path = f"gs://{bucket_name}"
        self.catalog = None
        self._access_token = None

    def _get_access_token(self) -> str:
        """
        Get Google Cloud access token using default credentials.

        Returns:
            Access token string
        """
        try:
            credentials, _ = google.auth.default()
            credentials.refresh(Request())
            self._access_token = credentials.token
            logger.info("Successfully obtained Google Cloud access token")
            return self._access_token
        except Exception as e:
            logger.error(f"Failed to get Google Cloud credentials: {e}")
            raise

    def connect(self) -> None:
        """
        Connect to the BigLake Metastore using PyIceberg REST catalog.
        """
        try:
            # Get access token
            access_token = self._get_access_token()

            # Configure the REST catalog for BigLake Metastore
            # Use direct token authentication and explicitly disable access delegation
            catalog_config = {
                "uri": "https://biglake.googleapis.com/iceberg/v1beta/restcatalog",
                "warehouse": self.warehouse_path,
                "token": access_token,
                "header.Authorization": f"Bearer {access_token}",
                "header.x-goog-user-project": self.project_id,
                "header.X-Iceberg-Access-Delegation": "",  # Explicitly disable delegation
            }

            logger.info(f"Connecting to BigLake Metastore...")
            logger.info(f"  Project: {self.project_id}")
            logger.info(f"  Region: {self.region}")
            logger.info(f"  Warehouse: {self.warehouse_path}")

            # Create the REST catalog
            self.catalog = RestCatalog(
                name=self.catalog_name,
                **catalog_config
            )

            logger.info("Successfully connected to BigLake Metastore!")

        except Exception as e:
            logger.error(f"Failed to connect to BigLake Metastore: {e}")
            raise

    def list_namespaces(self) -> list:
        """
        List all namespaces (datasets) in the catalog.

        Returns:
            List of namespace names
        """
        if not self.catalog:
            raise RuntimeError("Not connected. Call connect() first.")

        try:
            namespaces = list(self.catalog.list_namespaces())
            logger.info(f"Found {len(namespaces)} namespaces:")
            for ns in namespaces:
                logger.info(f"  - {'.'.join(ns)}")
            return namespaces
        except Exception as e:
            logger.error(f"Failed to list namespaces: {e}")
            raise

    def list_tables(self, namespace: str) -> list:
        """
        List all tables in a specific namespace.

        Args:
            namespace: Namespace (dataset) name

        Returns:
            List of table identifiers
        """
        if not self.catalog:
            raise RuntimeError("Not connected. Call connect() first.")

        try:
            namespace_tuple = (namespace,) if isinstance(
                namespace, str) else namespace
            tables = list(self.catalog.list_tables(namespace_tuple))
            logger.info(
                f"Found {len(tables)} tables in namespace '{namespace}':")
            for table in tables:
                logger.info(f"  - {'.'.join(table)}")
            return tables
        except NoSuchNamespaceError:
            logger.warning(f"Namespace '{namespace}' does not exist")
            return []
        except Exception as e:
            logger.error(
                f"Failed to list tables in namespace '{namespace}': {e}")
            raise

    def get_table_schema(self, namespace: str, table_name: str) -> Optional[Dict[str, Any]]:
        """
        Get the schema of a specific table.

        Args:
            namespace: Namespace (dataset) name
            table_name: Table name

        Returns:
            Table schema information
        """
        if not self.catalog:
            raise RuntimeError("Not connected. Call connect() first.")

        try:
            table_id = (namespace, table_name)
            table = self.catalog.load_table(table_id)
            schema = table.schema()

            logger.info(f"Schema for table '{namespace}.{table_name}':")
            for field in schema.fields:
                logger.info(f"  - {field.name}: {field.field_type}")

            return {
                "fields": [(field.name, str(field.field_type)) for field in schema.fields],
                "schema": schema
            }
        except NoSuchTableError:
            logger.warning(f"Table '{namespace}.{table_name}' does not exist")
            return None
        except Exception as e:
            logger.error(
                f"Failed to get schema for table '{namespace}.{table_name}': {e}")
            raise

    def query_table(self, namespace: str, table_name: str, limit: int = 10) -> Optional[pd.DataFrame]:
        """
        Query data from a specific table.

        Args:
            namespace: Namespace (dataset) name
            table_name: Table name
            limit: Maximum number of rows to return

        Returns:
            Pandas DataFrame with query results
        """
        if not self.catalog:
            raise RuntimeError("Not connected. Call connect() first.")

        try:
            table_id = (namespace, table_name)
            table = self.catalog.load_table(table_id)

            logger.info(
                f"Querying table '{namespace}.{table_name}' (limit: {limit})...")

            # Scan the table and convert to pandas DataFrame
            scan = table.scan(limit=limit)
            df = scan.to_pandas()

            logger.info(
                f"Retrieved {len(df)} rows from '{namespace}.{table_name}'")
            logger.info(f"Columns: {list(df.columns)}")

            return df

        except NoSuchTableError:
            logger.warning(f"Table '{namespace}.{table_name}' does not exist")
            return None
        except Exception as e:
            logger.error(
                f"Failed to query table '{namespace}.{table_name}': {e}")
            raise

    def create_sample_table(self, namespace: str, table_name: str) -> bool:
        """
        Create a sample table for testing purposes.

        Args:
            namespace: Namespace (dataset) name
            table_name: Table name

        Returns:
            True if successful, False otherwise
        """
        if not self.catalog:
            raise RuntimeError("Not connected. Call connect() first.")

        try:
            import pyarrow as pa
            from pyiceberg.schema import Schema
            from pyiceberg.types import IntegerType
            from pyiceberg.types import NestedField
            from pyiceberg.types import StringType

            # Create namespace if it doesn't exist
            try:
                self.catalog.create_namespace((namespace,))
                logger.info(f"Created namespace '{namespace}'")
            except Exception:
                logger.info(f"Namespace '{namespace}' already exists")

            # Define schema
            schema = Schema(
                NestedField(field_id=1, name="name",
                            field_type=StringType(), required=True),
                NestedField(field_id=2, name="age",
                            field_type=IntegerType(), required=True),
            )

            # Create table
            table_id = (namespace, table_name)
            table = self.catalog.create_table(table_id, schema)

            # Create sample data
            sample_data = pa.Table.from_pydict({
                "name": ["Alice", "Bob", "Charlie", "Diana"],
                "age": [25, 30, 35, 28]
            })

            # Write data to table
            table.append(sample_data)

            logger.info(
                f"Successfully created sample table '{namespace}.{table_name}' with {len(sample_data)} rows")
            return True

        except Exception as e:
            logger.error(
                f"Failed to create sample table '{namespace}.{table_name}': {e}")
            return False

In [None]:
client = BigLakeIcebergClient(
    PROJECT_ID, REGION, BUCKET_NAME, ICEBERG_BIGLAKE_CATALOG)
client.connect()

# List namespaces
namespaces = client.list_namespaces()

# List tables in a namespace
if namespaces:
    # Replace with your dataset name
    tables = client.list_tables("my_iceberg_metastore")

    # Query a table
    if tables:
        df = client.query_table("my_iceberg_metastore",
                                "people_biglake", limit=10)
        display(df)

In [None]:
client.create_sample_table(
    namespace="iceberg_rest_on_bq", table_name="people_biglake")