Let’s discuss the kafka-ui project.
The idea (was born here) is to share your experience so far, your thoughts, and pros and cons which you already noticed!
Recently gave it a try. And this is what I can say:
Features:
- Sleak interface
- Support of Schema Registry, Kafka Connect and ksqlDB
- Support of Avro
- Gives very good overview on your Consumers
- Runs in a container
Discovered issues:
- Requires
DescribeConfigsCLUSTER level ACL orAuditAdminRBAC role to start, which are rarely given to end users - Not clear how to use “centrally” (so that every end user uses their credentials to access Kafka Cluster, and not the credentials with which the service started)
- Doesn’t support SSL and mTLS for Schema Registry connection (which leads to inability to deserialize Avro messages if the schemas are in a secured Schema Registry), addressed here
- Doesn’t support SSL and mTLS for Kafka Connect (and probably ksqlDB - this wasn’t tested)
- Configuration is not easy, due to poorly organized documentation, addressed here
Was able to overcome this by providing it with Truststore and Keystore in JVM properties like this (this is an additional environment variable set for the kafka-ui service in my docker-compose.yml:
JAVA_OPTS: "-Djavax.net.ssl.keyStore=/path/to/keystore.jks -Djavax.net.ssl.trustStore=/path/to/truststore.jks -Djavax.net.ssl.keyStorePassword=$KEYSTORE_PASSWORD -Djavax.net.ssl.trustStorePassword=$TRUSTSTORE_PASSWORD"
Keystore and Truststore passwords are provided in the .env file.