A Helm chart for Confluent Schema Registry on Kubernetes
This chart bootstraps a Schema Registry using the Confluent stable version.
Schema Registry is a distributed storage layer for schemas which uses Kafka as its underlying storage mechanism.
| component | version |
|---|---|
| Podman | v4.3.1 |
| Minikube | v1.28.0 |
| Kubernetes | v1.25.3 |
| Helm | v3.10.2 |
| Confluent Platform | v7.3.0 |
Add the chart repository, if not done before:
helm repo add rhcharts https://ricardo-aires.github.io/helm-charts/
Schema Registry lives outside of and separately from your Kafka brokers. By default this chart is set to use the umbrella chart kstack, but can be run against an external Kafka by:
helm install --set kafka.enabled=false --set kafka.bootstrapServers=PLAINTEXT://kstack-kafka-headless.default:9092 ktool rhcharts/schema-registry
NAME: ktool
LAST DEPLOYED: Tue Mar 23 18:35:37 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
** Please be patient while the schema-registry chart is being deployed in release ktool **
This chart bootstraps a Confluent Schema Registry that can be accessed from within your cluster:
ktool-schema-registry.default:8081
$
These commands deploy Schema Registry on the Kubernetes cluster in the default configuration. The Parameters section lists the parameters that can be configured during installation.
One can run the:
The chart uses the compatibility API endpoint to check availability.
To uninstall the ktool deployment run:
helm uninstall ktool
The command removes all the Kubernetes components associated with the chart and deletes the release.
You can specify each parameter using the --set key=value[,key=value] argument to helm install.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
helm install ktool -f my-values.yaml rhcharts/schema-registry
A default values.yaml is available and should be checked for more advanced usage.
By default the confluentinc/cp-schema-registry is in use.
| Parameter | Description | Default |
|---|---|---|
image.registry |
Registry used to distribute the Docker Image. | docker.io |
image.repository |
Docker Image of Confluent Schema Registry. | confluentinc/cp-schema-registry |
image.tag |
Docker Image Tag of Confluent Schema Registry. | 7.3.0 |
One can easily change the image.tag to use another version. When using a local/proxy docker registry we must change image.registry as well.
The next configuration related to Kafka Schema Registry are available:
| Parameter | Description | Default |
|---|---|---|
leaderEligibility |
If true, this node can participate in primary election. | true |
accessControl.allowMethods |
Set value to Jetty Access-Control-Allow-Origin header for specified methods. |
GET,POST,PUT,OPTIONS |
accessControl.AllowOrigin |
Set value for Jetty Access-Control-Allow-Origin header. |
"*" |
schemaCompatibilityLevel |
The schema compatibility type. | full |
More information can be found in the Confluent Documentation.
By default the Service will expose the pods in the port 8081, port.
This chart is prepared to enable Kerberos authentication in Kafka
| Parameter | Description | Default |
|---|---|---|
kerberos.enabled |
Boolean to control if Kerberos is enabled. | false |
kerberos.krb5Conf |
Name of the ConfigMap that stores the krb5.conf, Kerberos Configuration file |
nil¹ |
kerberos.keyTabSecret |
Name of the Secret that stores the Keytab | nil¹ |
kafka.kerberos.serviceName |
Primary of the Principal (user, service, host) used to connect to Kafka Brokers | nil |
kafka.kerberos.domain |
REALM of the Principal used to connect to Kafka Brokers | nil |
¹ When
kerberos.enabledthese parameters are required, and the ConfigMap and Secret need to exist beforehand.
Regarding the management of Resources for Containers the next defaults regarding requests and limits are set:
| Parameter | Description | Default |
|---|---|---|
resources.limits.cpu |
a container cannot use more CPU than the configured limit | 200m |
resources.limits.memory |
a container cannot use more Memory than the configured limit | 1400Mi |
resources.requests.cpu |
a container is guaranteed to be allocated as much CPU as it requests | 100m |
resources.requests.memory |
a container is guaranteed to be allocated as much Memory as it requests | 512Mi |
In terms of the JVM the next default is set:
| Parameter | Description | Default |
|---|---|---|
heapOpts |
The JVM Heap Options for Schema Registry. | "-XX:MaxRAMPercentage=75.0 -XX:InitialRAMPercentage=50.0" |
Check the values.yaml for more advance configuration such as: