This repository contains example configurations and docker-compose files demonstrating various features of Kong Event Gateway (Kiburi).
- Docker and Docker Compose
- kafkactl (optional, for testing)
Basic setup demonstrating Kafka proxy functionality:
- Simple proxy configuration
- Anonymous authentication
- Direct pass-through of Kafka operations
- Ideal for development environments and testing
Shows how to configure topic name aliasing using CEL expressions:
- Dynamic topic name transformation
- Bidirectional name mapping
- Predefined name aliases
- Transparent operation for clients
- Ideal for standardizing naming conventions
Shows how to configure automatic topic name filtering:
- Automatic topic name prefixing
- Prefix-based topic filtering
- Transparent operation for clients
- Ideal for multi-tenant environments and namespace isolation
Demonstrates JWT authentication configuration with two clusters:
- Anonymous authentication cluster (port 19092)
- JWT-authenticated cluster (port 29092)
- Separate authentication methods per virtual cluster
- Perfect for mixed security requirements and gradual security implementation
Showcases message-level encryption/decryption capabilities:
- Automatic encryption of produced messages
- Automatic decryption of consumed messages
- Uses symmetric key encryption (128-bit)
- Includes key generation scripts (
generate_key.sh) - Messages encrypted at rest in Kafka
Example of schema validation configuration:
- Message schema validation
- Integration with Schema Registry
- Validation before message production
- Error handling for invalid messages
- Ideal for ensuring data quality and contract-first development
- Confluent Cloud Integration (
examples/A1-confluent-cloud)- Secure connection to Confluent Cloud
- SASL/PLAIN authentication
- TLS encryption
- SNI-based routing
- Secrets management for credentials
Each example directory contains:
config.yaml: Kong Event Gateway configurationdocker-compose.yaml: Required services configurationREADME.md: Detailed documentation and usage instructions
To run any example:
cd examples/[example-directory]
docker-compose up -dThe .kafkactl.yml configuration includes three contexts:
default: Direct connection to Kafka (localhost:9092)virtual: Connection through basic proxy (localhost:19092)secured: Connection through authenticated proxy (localhost:29092)
Switch contexts using:
kafkactl config use-context [context-name]The main docker-compose file includes:
- Apache Kafka
- Schema Registry
- Kong Event Gateway (Kiburi)
- Kafka UI (available at http://localhost:8080)
Required environment variables for Kong Event Gateway:
KONNECT_CP_HOST: Konnect Control Plane hostKONNECT_PAT: Personal Access Token
-
Development and Testing
- Use the Basic Proxy example
- Anonymous authentication
- Direct pass-through functionality
-
Multi-tenant Environments
- Topic Filter example for namespace isolation
- Authentication Mediation for security
- Schema Validation for data governance
-
Security Implementation
- Authentication Mediation for access control
- Encryption for data protection
- Multiple authentication methods
-
Data Quality
- Schema Validation for message format enforcement
- Topic Filter for organizational standards
- Error handling and validation
-
Cloud Integration
- Confluent Cloud integration for managed Kafka
- Secure credential management
- TLS and SASL authentication
Common issues across examples:
-
Connection Issues
- Verify services are running (
docker ps) - Check port availability
- Confirm environment variables are set
- Verify services are running (
-
Authentication Problems
- Verify correct context in kafkactl
- Check JWT token validity
- Confirm proxy port usage
-
Configuration
- Validate config.yaml syntax
- Check service dependencies
- Verify network connectivity
This project is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.