Confluent for Kubernetes (CfK) Examples
Simple Broker and Zookeeper
Start the confluent-operator pod (see the quick start guide for more information):
kubectl create namespace confluent
kubectl config set-context --current --namespace confluent
helm repo add confluentinc https://packages.confluent.io/helm
helm repo update
helm upgrade --install confluent-operator confluentinc/confluent-for-kubernetesStart Zookeeper and the broker:
cd simple-broker-and-zookeeper
kubectl apply -f zookeeper.yaml
kubectl apply -f broker.yamlConfirm the pods (kafka-0 and zookeeper-0) are up:
kubectl get podsYou should see:
NAME READY STATUS RESTARTS AGE
confluent-operator-64c5c5756d-66f4m 1/1 Running 0 101m
kafka-0 0/1 Running 0 6s
zookeeper-0 1/1 Running 0 58sSanity check for Zookeeper
To test zookeeper we will ssh into the instance and run zookeeper-shell:
kubectl --namespace=confluent exec -it zookeeper-0 -- bash
zookeeper-shell localhost:2181
ls /
ls /kafka-confluent/brokers
get /kafka-confluent/controllerYou should see evidence of a controller broker:
{"version":1,"brokerid":0,"timestamp":"1653049092079"}Sanity check for the Kafka broker
kubectl --namespace=confluent exec -it kafka-0 -- bash
kafka-console-producer --bootstrap-server localhost:9092 --topic testProduce some content and Ctrl+C when done.
Check the test topic:
kafka-topics --bootstrap-server localhost:9092 --describe --topic testConsume from the test topic:
kafka-console-consumer --bootstrap-server localhost:9092 --topic testTail the logs on the broker / zookeeper
kubectl logs --follow kafka-0
kubectl logs --follow zookeeper-0Create the example topic
kubectl apply -f example-topic.yamlConfirm on the broker that the topic was created
kubectl --namespace=confluent exec -it kafka-0 -- bash
kafka-topics --bootstrap-server localhost:9092 --describe --topic example-topicYou should see:
Topic: example-topic PartitionCount: 4 ReplicationFactor: 1 Configs: min.insync.replicas=1,segment.bytes=1073741824,retention.ms=86400000,message.format.version=2.6-IV0
Topic: example-topic Partition: 0 Leader: 0 Replicas: 0 Isr: 0 Offline:
Topic: example-topic Partition: 1 Leader: 0 Replicas: 0 Isr: 0 Offline:
Topic: example-topic Partition: 2 Leader: 0 Replicas: 0 Isr: 0 Offline:
Topic: example-topic Partition: 3 Leader: 0 Replicas: 0 Isr: 0 Offline:Adding mTLS
Create the secret from secret.txt in the single-broker-with-tls-and-zookeeper directory:
cd single-broker-with-tls-and-zookeeper
kubectl create secret generic credential \
--from-file=my_credentials=secret.txtCreate the CA
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=foo.bar.com"then:
kubectl create secret tls ca-pair-sslcerts --key="tls.key" --cert="tls.crt"Or:
cat tls.crt | base64
cat tls.key | base64And add the output into tls.yaml and apply to create the secret
Spin up the broker (and Zookeeper if needed):
kubectl apply -f ../simple-broker-and-zookeeper/zookeeper.yaml
kubectl apply -f broker.yamlOlder pieces
kubectl create secret tls ca-pair-sslcerts \
--cert=/path/to/ca.pem \
--key=/path/to/ca-key.pemkubectl get secret confluent-operator-licensing -o jsonpath='{.data}'Debugging
kubectl --namespace=confluent exec -it kafka-0 -- bash
more /opt/confluentinc/etc/kafka/kafka.propertiesSomething failed? Check the Operator!
kubectl logs confluent-operator-64c5c5756d-vwb9sList recent events in time order
kubectl get events --sort-by=.metadata.creationTimestampNuke Minikube
minikube delete && minikube start --vm-driver kvm2get rolebindings
kubectl get confluentrolebindings
kubectl api-resources | grep bindings