Use Kpow with Aiven for Apache Kafka®
Kpow by Factor House is a popular Web UI for Apache Kafka® that allows you to monitor a cluster, view topics and consumer groups, produce and consume data with integration into the Schema Registry.
Prerequisites
To connect Kpow to Aiven for Apache Kafka®, create a Java keystore and truststore containing the service SSL certificates.
Kpow uses a set of Apache Kafka topics to store the working information. You can either create the topics manually or enable the automatic creation of topics for the Aiven for Apache Kafka service.
Also collect the following information for Apache Kafka and Kpow:
If you create a Kpow trial, you should receive all the KPOW
related
parameters in the welcome email, scrolling down to the relevant
Certificates section.
APACHE_KAFKA_HOST
: The Aiven for Apache Kafka hostnameAPACHE_KAFKA_PORT
: The Aiven for Apache Kafka portKEYSTORE_FILE_NAME
: The name of the Java keystore containing the Aiven for Apache Kafka SSL certificatesSSL_KEYSTORE_PASSWORD
: The password used to secure the Java keystoreSSL_KEY_PASSWORD
: The password used to secure the Java key. If you created the keystore according to Java keystore and truststore, this will be the same as the Java keystore passwordSSL_TRUSTSTORE_LOCATION
: The password used to secure the Java truststoreSSL_TRUSTSTORE_PASSWORD
: The password used to secure the Java truststoreSSL_STORE_FOLDER
: The absolute path of the folder containing both the truststore and keystoreKPOW_LICENSE_ID
: Kpow license IDKPOW_LICENSE_CODE
: Kpow license codeKPOW_LICENSEE
: Kpow licenseeKPOW_LICENSE_EXPIRY_DATE
: Kpow license expiry dateKPOW_LICENSE_SIGNATURE
: Kpow license signature
Retrieve Aiven for Apache Kafka® SSL certificate files
Aiven for Apache Kafka® by default enables TLS security. Downloaded the certificates from the service overview page in the Aiven console, or via the dedicated Aiven CLI command.
Set up a Kpow configuration file
Kpow supports both SASL and SSL authentication methods. The following example shows the SSL version which requires a keystore and truststore that can be created following the dedicated documentation.
Once the keystore and truststore are created, define a Kpow
configuration file named kpow.env
with the following content,
replacing the APACHE_KAFKA_HOST
, APACHE_KAFKA_PORT
,
KPOW_LICENSE_ID
, KPOW_LICENSE_CODE
, KPOW_LICENSEE
,
KPOW_LICENSE_EXPIRY_DATE
, KPOW_LICENSE_SIGNATURE
,
SSL_KEYSTORE_FILE_NAME
, SSL_KEYSTORE_PASSWORD
, SSL_KEY_PASSWORD
,
SSL_TRUSTSTORE_FILE_NAME
and SSL_TRUSTSTORE_PASSWORD
with the the
respective values taken from the prerequisites section:
BOOTSTRAP=APACHE_KAFKA_HOST:APACHE_KAFKA_PORT
LICENSE_ID=KPOW_LICENSE_ID
LICENSE_CODE=KPOW_LICENSE_CODE
LICENSEE=KPOW_LICENSEE
LICENSE_EXPIRY=KPOW_LICENSE_EXPIRY_DATE
LICENSE_SIGNATURE=KPOW_LICENSE_SIGNATURE
SECURITY_PROTOCOL=SSL
SSL_KEYSTORE_LOCATION=/ssl/SSL_KEYSTORE_FILE_NAME
SSL_KEYSTORE_PASSWORD=SSL_KEYSTORE_PASSWORD
SSL_KEY_PASSWORD=SSL_KEY_PASSWORD
SSL_TRUSTSTORE_LOCATION=/ssl/SSL_TRUSTSTORE_FILE_NAME
SSL_TRUSTSTORE_PASSWORD=SSL_TRUSTSTORE_PASSWORD
don't remove the /ssl/
prefix before the keystore and truststore
setting, the SSL_STORE_FOLDER
local folder containing the keystore and
truststore will be mapped to the /ssl/
folder during the docker
instance creation.
The full list of configuration parameters is available at the dedicated Kpow page.
Run Kpow on Docker
You can run Kpow in a Docker/Podman container with the following
command, by replacing the SSL_STORE_FOLDER
with the name of the folder
containing the Java keystore and truststore:
docker run -p 3000:3000 -m2G \
-v SSL_STORE_FOLDER:/ssl \
--env-file ./kpow.env factorhouse/kpow-ee:latest
Use Kpow
Once Kpow starts, access the interface at localhost:3000
.
You can perform the following tasks with Kpow over an Aiven for Apache Kafka® service:
- View and search topics
- Create and delete topics
- View brokers
- Produce and consume messages