Let’s discuss the kafka-ui project.
The idea (was born here) is to share your experience so far, your thoughts, and pros and cons which you already noticed!
Recently gave it a try. And this is what I can say:
Features:
- Sleak interface
- Support of Schema Registry, Kafka Connect and ksqlDB
- Support of Avro
- Gives very good overview on your Consumers
- Runs in a container
Discovered issues:
- Requires
DescribeConfigsCLUSTER level ACL orAuditAdminRBAC role to start, which are rarely given to end users - Not clear how to use “centrally” (so that every end user uses their credentials to access Kafka Cluster, and not the credentials with which the service started)
- Doesn’t support SSL and mTLS for Schema Registry connection (which leads to inability to deserialize Avro messages if the schemas are in a secured Schema Registry), addressed here
- Doesn’t support SSL and mTLS for Kafka Connect (and probably ksqlDB - this wasn’t tested)
- Configuration is not easy, due to poorly organized documentation, addressed here
1 Like
Was able to overcome this by providing it with Truststore and Keystore in JVM properties like this (this is an additional environment variable set for the kafka-ui service in my docker-compose.yml:
JAVA_OPTS: "-Djavax.net.ssl.keyStore=/path/to/keystore.jks -Djavax.net.ssl.trustStore=/path/to/truststore.jks -Djavax.net.ssl.keyStorePassword=$KEYSTORE_PASSWORD -Djavax.net.ssl.trustStorePassword=$TRUSTSTORE_PASSWORD"
Keystore and Truststore passwords are provided in the .env file.
1 Like