Running Redpanda on Kubernetes
In this article, you will learn how to install and manage Redpanda on Kubernetes. It is not the first article related to Redpanda on my blog. You can read more about Redpanda in my earlier post here. I’m describing there how to do a local development of Java apps with Redpanda, Quarkus, and Testcontainers.
You can use Redpanda in local development as an alternative to the standard Apache KafkaⓇ. It is a Kafka API-compatible tool but does not use ZooKeeper or JVM.
In this article, I’m going to show that you can also easily run and use Redpanda on Kubernetes. There are some interesting features that will surely interest you. Let’s begin.
Source Code
If you would like to try this exercise yourself, you may always take a look at my source code. In order to do that, you need to clone my GitHub repository. Then switch to the redpanda branch. You will find sample applications for sending and receiving messages to Kafka in the event-driven directory. After that, just follow my instructions.
Install Cert Manager on Kubernetes
The recommended way to install Redpanda on Kubernetes is through the operator. The Redpanda operator requires the cert-manager to create certificates for TLS communication. So in the first step, we need to install cert-manager. We will use Helm for that. Let’s add the following Helm repository:
$ helm repo add jetstack https://charts.jetstack.io && \
helm repo updateAfter that, we can install cert-manager in the cert-manager namespace. In order to create a namespace automatically, we should enable the create-namespace option. By default, the Cert Manager does not install CRDs on Kubernetes. Let’s enable it using the installCRDs Helm parameter:
$ helm install cert-manager \
--namespace cert-manager --create-namespace \
--set installCRDs=true \
--version v1.9.1 jetstack/cert-managerHere’s the list of the cert-manager pods. Assuming you have a similar result, you may proceed to the next section.
$ kubectl get pod -n cert-manager
NAME READY STATUS RESTARTS AGE
cert-manager-877fd747c-lhrgd 1/1 Running 0 1m
cert-manager-cainjector-bbdb88874-tmlg9 1/1 Running 0 1m
cert-manager-webhook-5774d5d8f7-flv7s 1/1 Running 0 1mInstall Redpanda Operator using Helm
Before we install the Redpanda operator we need to apply a single Cluster object CRD:
$ kubectl apply -k 'https://github.com/redpanda-data/redpanda/src/go/k8s/config/crd?ref=v22.2.2'The same as before, we will use Helm in the installation process. Firstly, let’s add the official Redpanda Helm repository:
$ helm repo add redpanda https://charts.vectorized.io && \
helm repo updateWe will install the latest version of the Redpanda operator (22.2) in the redpanda-system namespace.
$ helm install redpanda-operator redpanda/redpanda-operator \
--namespace redpanda-system \
--create-namespace \
--set monitoring.enabled=true \
--version v22.2.2After that, we may use the Cluster CRD object to create a single-node Redpanda cluster on Kubernetes. Also, let’s enable developer mode. Redpanda provides a built-in HTTP proxy and schema registry. The name of our cluster is one-node-cluster.
apiVersion: redpanda.vectorized.io/v1alpha1
kind: Cluster
metadata:
name: one-node-cluster
spec:
image: vectorized/redpanda
version: latest
replicas: 1
resources:
requests:
cpu: 1
memory: 2Gi
limits:
cpu: 1
memory: 2Gi
configuration:
rpcServer:
port: 33145
kafkaApi:
- port: 9092
pandaproxyApi:
- port: 8082
schemaRegistry:
port: 8081
adminApi:
- port: 9644
developerMode: trueRedpanda will run in the redpanda namespace. Let’s create that namespace first.
$ kubectl create ns redpandaThen, let’s create the Cluster object in the redpanda namespace.
$ kubectl apply -f redpanda-cluster.yaml -n redpandaThe Redpanda operator creates two Kubernetes Services for the cluster. The first of them one-node-cluster is a headless service and it is used in internal communication. We could have enabled external communication, but it is not required in our scenario. Applications are using the port 9092, which is compatible with the Kafka API. There is also a dedicated service for exposing the schema registry under the port 8081.
$ kubectl get svc -n redpanda
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
one-node-cluster ClusterIP None <none> 9644/TCP,9092/TCP,8082/TCP 3m
one-node-cluster-cluster ClusterIP 10.98.26.202 <none> 8081/TCP 3mInstall via Helm without operator
We can also use the Redpanda Helm chart, which does not require the installation of CRDs or an operator, but instead creates a cluster according to the configuration in a values.yaml file. This is the recommended way to install Redpanda on Kubernetes. In order to use it, clone the Redpanda repository with the Helm chart:
$ git clone https://github.com/redpanda-data/helm-charts.git
$ cd helm-charts/redpandaThen, you need to install Redpanda using the following Helm command. Since we use a single-node Kubernetes cluster we override the default number of brokers using the statefulset.replicas parameter.
$ helm install redpanda . \
-n redpanda \
--create-namespace \
--set statefulset.replicas=1In comparison to the previous installation method, you would have to install the kube-prometheus-stack separately.
$ helm repo add prometheus-community https://prometheus-community.github.io/helm-charts && \
helm repo updateEnable Prometheus Metrics
In the previous section, we installed the Prometheus stack using the Redpanda operator. By default, it monitors Kubernetes core components and the Redpanda operator. Our goal is to enable monitoring of the currently created Redpanda cluster in the redpanda namespace. To do that, we need to create the PodMonitor object provided by the Prometheus operator. It requires us to at least set the pod target namespace, label selector, and metrics endpoints. The Redpanda operator exposes metrics on the admin port (9644) under metrics and public_metrics paths.
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
labels:
app.kubernetes.io/instance: redpanda-cluster
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redpanda-cluster
app.kubernetes.io/version: v22.2.2
helm.sh/chart: redpanda-operator-v22.2.2
release: redpanda-operator
name: redpanda-cluster-monitor
namespace: redpanda-system
spec:
namespaceSelector:
matchNames:
- redpanda
podMetricsEndpoints:
- path: /metrics
port: admin
- path: /public_metrics
port: admin
selector:
matchLabels:
app.kubernetes.io/name: redpanda
Once you create the PodMonitor, you will be able to query Redpanda metrics. There are a lot of exported metrics. You can verify these metrics in the Prometheus dashboard. Their names are starting with the vectorized_ prefix.
The simplest way to view important metrics is through the Grafana dashboard. Therefore, we are going to create a dashboard there. Fortunately, Redpanda provides an automatic mechanism for generating a Grafana dashboard. There is a dedicated Redpanda CLI (rpk) command to do it. We just need to set the name of the data source (Prometheus) and metrics endpoint URL (public_metrics).
$ kubectl exec pod/one-node-cluster-0 -n redpanda -c redpanda \
-- rpk generate grafana-dashboard --datasource Prometheus \
--metrics-endpoint http://localhost:9644/public_metrics \
> redpanda-dashboard.jsonOnce we export the dashboard as a JSON file, we may import it into the Grafana dashboard.
Enable Redpanda Console
Redpanda provides a UI dashboard for managing cluster instances called Redpanda Console. However, it is not installed by the operator. In order to run it on Kubernetes, we will use the Helm chart. Firstly, let’s add the required Helm repository:
$ helm repo add redpanda-console https://packages.vectorized.io/public/console/helm/charts/ && \
helm repo updateWe need to override some configuration settings. By default, the Redpanda Console tries to detect both broker and schema registry on a localhost address. Since we are running Redpanda on Kubernetes we need to set the name of the service one-node-cluster for the broker and one-node-cluster-cluster for the schema registry. Here’s our values.yaml file:
console:
config:
kafka:
brokers:
- one-node-cluster:9092
clientId: redpanda-console
schemaRegistry:
enabled: true
urls: ["http://one-node-cluster-cluster:8081"]
username: console
password: redactedFinally, let’s install the console in the same namespace as the broker.
$ helm install redpanda-console redpanda-console/console \
--values values.yaml \
-n redpandaThe Redpanda Console is available under the 8080 port. We can enable port-forward to access it locally.
Integrate Spring Boot with Redpanda
Our instance of Redpanda is ready. Let’s run sample applications on Kubernetes. They are sending events to Redpanda and receiving them from Redpanda. Our applications are written in Kotlin and built on top of Spring Boot and use Spring Cloud Stream to integrate with the Kafka-compatible API. They are using the Avro format for serializing and deserializing messages. Thanks to the Spring Cloud Schema Registry client, they may also integrate with the schema registry provided by Redpanda.
Here’s the list of required modules for both producer and consumer apps:
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-stream-binder-kafka</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-schema-registry-client</artifactId>
</dependency>If you would like to read more about Spring Cloud support for Kafka and schema registry you can refer to this article on my blog. It describes how to build event-driven architectures with Spring Cloud Stream Kafka and use Avro format in communication between apps.
Our producer app continuously generates and sends messages to the Redpanda topic. It is integrated with the schema registry available under the address provided in the spring.cloud.schemaRegistryClient.endpoint property. To enable that integration, we need to annotate the main class with the @EnableSchemaRegistryClient.
@SpringBootApplication
@EnableSchemaRegistryClient
class ProductionApplication {
var id: Int = 0
@Value("\${callme.supplier.enabled}")
val supplierEnabled: Boolean = false
@Bean
fun callmeEventSupplier(): Supplier<Message<CallmeEvent>?> = Supplier { createEvent() }
@Primary
@Bean
fun schemaRegistryClient(@Value("\${spring.cloud.schemaRegistryClient.endpoint}") endpoint: String?): SchemaRegistryClient {
val client = ConfluentSchemaRegistryClient()
client.setEndpoint(endpoint)
return client
}
private fun createEvent(): Message<CallmeEvent>? {
return if (supplierEnabled)
MessageBuilder.withPayload(CallmeEvent(++id, "I'm callme event!", "ping"))
.setHeader("to_process", true)
.build()
else
null
}
}Our app does not contain a lot of code, however, we need to provide some configuration settings. In order to enable serialization with Avro, we need to set a default content type to application/*+avro (1). The target topic on Redpanda is callme-events (2). It consists of 2 partitions (3). We also need to set the name of bean responsible for generating messages (4). With the property spring.cloud.schema.avro.dynamicSchemaGenerationEnabled we may enable automatic generation of the Avro schema based on the source code (5). Of course, we also need provide the Redpanda broker address (6) and schema registry address (7).
spring.application.name=producer-service
spring.cloud.stream.default.contentType=application/*+avro # (1)
spring.cloud.stream.bindings.callmeEventSupplier-out-0.contentType=application/*+avro
spring.cloud.stream.bindings.callmeEventSupplier-out-0.destination=callme-events # (2)
spring.cloud.stream.bindings.callmeEventSupplier-out-0.producer.partitionKeyExpression=payload.id
spring.cloud.stream.bindings.callmeEventSupplier-out-0.producer.partitionCount=2 # (3)
spring.cloud.stream.source=callmeEventSupplier # (4)
spring.cloud.schema.avro.dynamicSchemaGenerationEnabled=true # (5)
spring.cloud.schemaRegistryClient.endpoint=http://one-node-cluster-cluster:8081/ # (6)
spring.kafka.bootstrap-servers=one-node-cluster:9092 # (7)
spring.main.allow-bean-definition-overriding=true
callme.supplier.enabled=trueFinally, let’s build and deploy our producer app on Kubernetes. We may use Skaffold for that. The app source code is configured to support it. Here’s our Deployment manifest:
apiVersion: apps/v1
kind: Deployment
metadata:
name: producer
spec:
selector:
matchLabels:
app: producer
template:
metadata:
labels:
app: producer
spec:
containers:
- name: producer
image: piomin/producer-service
ports:
- containerPort: 8080Let’s verify a list of running pods in the redpanda namespace:
$ kubectl get pod -n redpanda
NAME READY STATUS RESTARTS AGE
one-node-cluster-0 1/1 Running 0 112m
producer-5b7f5cfcc6-586z2 1/1 Running 0 65m
redpanda-console-dcf446dc8-fzc2t 1/1 Running 0 104mMonitor Redpanda on Kubernetes with Console and Prometheus
Our producer app is running on Kubernetes. It generates and sends messages. Let’s switch to the Redpanda Console. Here’s the view with a list of topics. As you see, the topic callme-events has been created:
If you click on the topic, you will see the details and a list of messages:
Also, let’s verify the message schema available under the Schema Registry menu. You can compare it with the CallmeEvent object in the source code.
Then, let’s run our consumer app. It also integrates with the schema registry and receives messages form callme-events topic.
Thanks to Prometheus and Grafana, we can monitor several parameters related to the Redpanda broker. Here’s the screen from the Grafana dashboard:
Final Thoughts
Redpanda simplifies deployment on Kubernetes in comparison to the standard Kafka. Within the single pod, we have a broker, a schema registry, and an HTTP proxy. We can also easily install a UI console to manage Redpanda graphically. We can easily customize the Redpanda cluster using the CRD object provided by the operator.
2 COMMENTS