SlideShare a Scribd company logo

A Primer Towards Running Kafka on Top of Kubernetes.pdf

A
AvinashUpadhyaya3

The document discusses the implementation and management of Apache Kafka on Kubernetes (k8s) using operators, highlighting benefits such as scalability, operational features, and security. It covers tools like Confluent for Kubernetes and Strimzi, emphasizing the necessity of resource constraints and proper configurations for running Kafka efficiently. Key takeaways suggest that using an operator for Kafka at scale saves time and resources, although Kafka is not fully 'k8s native' and each operator offers unique functionalities.

Technology
1 of 17
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
Lessons on running Kafka on K8S Avinash Upadhyaya Tech Socialite @ Platformatory Ashwin Venkatesh Principal Engineer @ Platformatory
Speaker Info ● Platform engineer @ platformatory.io ● Meetup organizer for Kong, Kafka, Grafana, Docker and Bangalore Streams ● CCDAK among other cloud certs ● Principal Engineer @ platformatory.io ● Experienced Apache Kafka consultant ● CCDAK
Cloud native what?
Hold my beer while I rebalance stuff
- More gluttony for torture - Surprisingly simpler than configuring server.properties by hand (or ansible) - (if done well) You want to run Kafka on K8S?
The Operator Pattern in a summary - Kubernetes operator watches a CR type and takes application-specific actions to make the current state match the desired state in that resource - Implement domain-specific knowledge using Kubernetes - Allows managing complex applications using the Kubernetes API and the kubectl interface
Any complex stateful workload that can’t be run as a fully managed service will be provided as a K8S operator
Scope of coverage: A mental model on Kubernetes Operators for kafka - Operator Core - Custom Resources - Workload Type - Networking - Storage - Security - Authentication - Authorization - Operational Features - Balancing - Monitoring - Disaster Recovery - Scale up/out - Deployments & Rollouts - Extensibility
Security: What is a typical requirement for kafka? ● Auto generate certificates for TLS and mTLS between brokers and other internal components ● Natively support authentication mechanism such as SASL/PLAIN, SASL/SCRAM, SASL/OAUTHBEARER, SASL/GSSAPI ● Authorization with ACLs - Provide user management capabilities using the k8s API
Operations: What is a typical requirement for kafka? ● Re-balancing partitions when the load on the brokers is uneven, broker is added/removed ● Monitoring cluster health with JMX metrics ● Rolling upgrades with no downtime ● Replicate data across clusters ● Rack awareness for durability
Confluent For Kubernetes(CFK) ● Confluent Platform on Kubernetes ● Based on experience of running Kafka on Kubernetes for Confluent Cloud ● Uses StatefulSets for restoring a Kafka pod with the same Kafka broker ID, configuration, and persistent storage volumes if a failure occurs. ● Provides server properties, JVM, and Log4j configuration overrides for customization of all Confluent Platform components. ● Complete granular RBAC ● Support for credential management systems, such as Hashicorp Vault, to inject sensitive configurations in memory to Confluent deployments ● Supports tiered storage ● Supports multi-region
Strimzi ● Open source, CNCF sandbox project ● Implement security in a Kubernetes-native fashion ● Uses StrimziPodSets to overcome challenges of StatefulSets ○ Add/remove broker arbitrarily ○ Stretch cluster across k8s clusters ○ Different configurations and volumes for different brokers ● KafkaBridge for a RESTful HTTP interface
Koperator (Banzai Cloud) ● Open-source core component of Banzai Cloud Supertubes ○ most of the compelling features and integrations are only available as part of the Supertubes Core or Supertubes Pro product suites ● Envoy based load balancing for external access ● Uses pods instead of StatefulSets, in order to ○ modify the configuration of unique Brokers ○ remove specific Brokers from clusters ○ use multiple Persistent Volumes for each Broker
Comparison
Prescriptive Advise - As with all things, k8s: It is important to setup resource constraints (CPU, MemLimits) - Generally advised to have Kafka nodes tainted to NoSchedule and run on a dedicated basis. - = no binpack nodes - For most real-life use-cases, CRs are a starting point. Will need to be or packaged to “platform recipes” with different components, orienting some level of tenancy around the brokers as well as the components - Typically a higher order Helm chart, preferably with GitOps style deployments - Prospective users must also think about operator tenancy itself. Could be a global operator or a namespaced operator
Key Takeaways - Running Kafka on K8S can be a lot of toil, without an operator. If you are running Kafka at scale (and not on a managed service), consider running one. It will save you time, money & sanity - You can make a choice based on your environment, features (or the lack thereof), licensing and other specialized purposes - YMMV with Operator CRs. Each operator has its own opinion based on the realities it was designed for - Kafka is ultimately not “k8s native”. The operator only provides so much operational sugar - As a result, there are several shoehorning mechanisms (such as config overrides to inject component properties, builtin); Full expressivity of the workload doesn’t quite exist - All operators provide comparable performance
Thank you hello@platformatory.com www.platformatory.io

More Related Content

PDF
Stories from running Kafka on K8S.pdf
AvinashUpadhyaya3
 
PPTX
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with A...
confluent
 
PDF
Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...
Jakob Karalus
 
PDF
The Kubernetes Operator Pattern - ContainerConf Nov 2017
Jakob Karalus
 
PDF
Production Ready Kafka on Kubernetes (Devandra Tagare, Lyft) Kafka Summit SF ...
confluent
 
PDF
Deploying Anything as a Service (XaaS) Using Operators on Kubernetes
All Things Open
 
PDF
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
confluent
 
PDF
Running Kafka On Kubernetes With Strimzi For Real-Time Streaming Applications
Lightbend
 
Stories from running Kafka on K8S.pdf
AvinashUpadhyaya3
 
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with A...
confluent
 
Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...
Jakob Karalus
 
The Kubernetes Operator Pattern - ContainerConf Nov 2017
Jakob Karalus
 
Production Ready Kafka on Kubernetes (Devandra Tagare, Lyft) Kafka Summit SF ...
confluent
 
Deploying Anything as a Service (XaaS) Using Operators on Kubernetes
All Things Open
 
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
confluent
 
Running Kafka On Kubernetes With Strimzi For Real-Time Streaming Applications
Lightbend
 

Similar to A Primer Towards Running Kafka on Top of Kubernetes.pdf (20)

PDF
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
confluent
 
PDF
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
HostedbyConfluent
 
PPTX
Caribbean Developers Conference - 201K8s
Ravi Lachhman
 
PDF
Deploying Kafka on DC/OS
Kaufman Ng
 
PDF
The Operator Pattern - Managing Stateful Services in Kubernetes
QAware GmbH
 
PDF
OSDC 2019 | Introducing Kudo – Kubernetes Operators the easy way by Matt Jarvis
NETWAYS
 
PPTX
How kubernetes operators can rescue dev secops in midst of a pandemic updated
Shikha Srivastava
 
PDF
Netflix Keystone Pipeline at Big Data Bootcamp, Santa Clara, Nov 2015
Monal Daxini
 
PPTX
Ofir Makmal - Intro To Kubernetes Operators - Google Cloud Summit 2018 Tel Aviv
Ofir Makmal
 
PPTX
Putting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OS
Lightbend
 
PPTX
ApacheCon2019 Talk: Kafka, Cassandra and Kubernetes at Scale – Real-time Ano...
Paul Brebner
 
PPTX
Building big data pipelines with Kafka and Kubernetes
Venu Ryali
 
PDF
Self-hosting Kafka at Scale: Netflix's Journey & Challenges
Nick Mahilani
 
PDF
Everything you ever needed to know about Kafka on Kubernetes but were afraid ...
HostedbyConfluent
 
PDF
Secure Kafka at scale in true multi-tenant environment ( Vishnu Balusu & Asho...
confluent
 
PDF
Strimzi - Where Apache Kafka meets OpenShift - OpenShift Spain MeetUp
José Román Martín Gil
 
PDF
Reliable Performance at Scale with Apache Spark on Kubernetes
Databricks
 
PPTX
Cloud native Kafka | Sascha Holtbruegge and Margaretha Erber, HiveMQ
HostedbyConfluent
 
PDF
Capital One Delivers Risk Insights in Real Time with Stream Processing
confluent
 
PPTX
Best Practices for Running Kafka on Docker Containers
BlueData, Inc.
 
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
confluent
 
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
HostedbyConfluent
 
Caribbean Developers Conference - 201K8s
Ravi Lachhman
 
Deploying Kafka on DC/OS
Kaufman Ng
 
The Operator Pattern - Managing Stateful Services in Kubernetes
QAware GmbH
 
OSDC 2019 | Introducing Kudo – Kubernetes Operators the easy way by Matt Jarvis
NETWAYS
 
How kubernetes operators can rescue dev secops in midst of a pandemic updated
Shikha Srivastava
 
Netflix Keystone Pipeline at Big Data Bootcamp, Santa Clara, Nov 2015
Monal Daxini
 
Ofir Makmal - Intro To Kubernetes Operators - Google Cloud Summit 2018 Tel Aviv
Ofir Makmal
 
Putting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OS
Lightbend
 
ApacheCon2019 Talk: Kafka, Cassandra and Kubernetes at Scale – Real-time Ano...
Paul Brebner
 
Building big data pipelines with Kafka and Kubernetes
Venu Ryali
 
Self-hosting Kafka at Scale: Netflix's Journey & Challenges
Nick Mahilani
 
Everything you ever needed to know about Kafka on Kubernetes but were afraid ...
HostedbyConfluent
 
Secure Kafka at scale in true multi-tenant environment ( Vishnu Balusu & Asho...
confluent
 
Strimzi - Where Apache Kafka meets OpenShift - OpenShift Spain MeetUp
José Román Martín Gil
 
Reliable Performance at Scale with Apache Spark on Kubernetes
Databricks
 
Cloud native Kafka | Sascha Holtbruegge and Margaretha Erber, HiveMQ
HostedbyConfluent
 
Capital One Delivers Risk Insights in Real Time with Stream Processing
confluent
 
Best Practices for Running Kafka on Docker Containers
BlueData, Inc.
 
Ad

Recently uploaded (20)

PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Cloud computing and distributed systems.
kkkkkhan
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
KodekX | Application Modernization Development
KodekX
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Ad

A Primer Towards Running Kafka on Top of Kubernetes.pdf

  • 1. Lessons on running Kafka on K8S Avinash Upadhyaya Tech Socialite @ Platformatory Ashwin Venkatesh Principal Engineer @ Platformatory
  • 2. Speaker Info ● Platform engineer @ platformatory.io ● Meetup organizer for Kong, Kafka, Grafana, Docker and Bangalore Streams ● CCDAK among other cloud certs ● Principal Engineer @ platformatory.io ● Experienced Apache Kafka consultant ● CCDAK
  • 4. Hold my beer while I rebalance stuff
  • 5. - More gluttony for torture - Surprisingly simpler than configuring server.properties by hand (or ansible) - (if done well) You want to run Kafka on K8S?
  • 6. The Operator Pattern in a summary - Kubernetes operator watches a CR type and takes application-specific actions to make the current state match the desired state in that resource - Implement domain-specific knowledge using Kubernetes - Allows managing complex applications using the Kubernetes API and the kubectl interface
  • 7. Any complex stateful workload that can’t be run as a fully managed service will be provided as a K8S operator
  • 8. Scope of coverage: A mental model on Kubernetes Operators for kafka - Operator Core - Custom Resources - Workload Type - Networking - Storage - Security - Authentication - Authorization - Operational Features - Balancing - Monitoring - Disaster Recovery - Scale up/out - Deployments & Rollouts - Extensibility
  • 9. Security: What is a typical requirement for kafka? ● Auto generate certificates for TLS and mTLS between brokers and other internal components ● Natively support authentication mechanism such as SASL/PLAIN, SASL/SCRAM, SASL/OAUTHBEARER, SASL/GSSAPI ● Authorization with ACLs - Provide user management capabilities using the k8s API
  • 10. Operations: What is a typical requirement for kafka? ● Re-balancing partitions when the load on the brokers is uneven, broker is added/removed ● Monitoring cluster health with JMX metrics ● Rolling upgrades with no downtime ● Replicate data across clusters ● Rack awareness for durability
  • 11. Confluent For Kubernetes(CFK) ● Confluent Platform on Kubernetes ● Based on experience of running Kafka on Kubernetes for Confluent Cloud ● Uses StatefulSets for restoring a Kafka pod with the same Kafka broker ID, configuration, and persistent storage volumes if a failure occurs. ● Provides server properties, JVM, and Log4j configuration overrides for customization of all Confluent Platform components. ● Complete granular RBAC ● Support for credential management systems, such as Hashicorp Vault, to inject sensitive configurations in memory to Confluent deployments ● Supports tiered storage ● Supports multi-region
  • 12. Strimzi ● Open source, CNCF sandbox project ● Implement security in a Kubernetes-native fashion ● Uses StrimziPodSets to overcome challenges of StatefulSets ○ Add/remove broker arbitrarily ○ Stretch cluster across k8s clusters ○ Different configurations and volumes for different brokers ● KafkaBridge for a RESTful HTTP interface
  • 13. Koperator (Banzai Cloud) ● Open-source core component of Banzai Cloud Supertubes ○ most of the compelling features and integrations are only available as part of the Supertubes Core or Supertubes Pro product suites ● Envoy based load balancing for external access ● Uses pods instead of StatefulSets, in order to ○ modify the configuration of unique Brokers ○ remove specific Brokers from clusters ○ use multiple Persistent Volumes for each Broker
  • 15. Prescriptive Advise - As with all things, k8s: It is important to setup resource constraints (CPU, MemLimits) - Generally advised to have Kafka nodes tainted to NoSchedule and run on a dedicated basis. - = no binpack nodes - For most real-life use-cases, CRs are a starting point. Will need to be or packaged to “platform recipes” with different components, orienting some level of tenancy around the brokers as well as the components - Typically a higher order Helm chart, preferably with GitOps style deployments - Prospective users must also think about operator tenancy itself. Could be a global operator or a namespaced operator
  • 16. Key Takeaways - Running Kafka on K8S can be a lot of toil, without an operator. If you are running Kafka at scale (and not on a managed service), consider running one. It will save you time, money & sanity - You can make a choice based on your environment, features (or the lack thereof), licensing and other specialized purposes - YMMV with Operator CRs. Each operator has its own opinion based on the realities it was designed for - Kafka is ultimately not “k8s native”. The operator only provides so much operational sugar - As a result, there are several shoehorning mechanisms (such as config overrides to inject component properties, builtin); Full expressivity of the workload doesn’t quite exist - All operators provide comparable performance