Forem: Arata The latest articles on Forem by Arata (@aratax). https://forem.com/aratax https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3409523%2Fe3cd41ec-b172-43b7-b9f9-ffc2a5165393.png Forem: Arata https://forem.com/aratax en Building a Multi-Node Kubernetes Cluster with Vagrant Arata Mon, 10 Nov 2025 07:49:56 +0000 https://forem.com/aratax/building-a-multi-node-kubernetes-cluster-with-vagrant-o0h https://forem.com/aratax/building-a-multi-node-kubernetes-cluster-with-vagrant-o0h <p>"In distributed systems, consistency isn’t just a property — it’s a promise."</p> <h2> Why This Article </h2> <p>Imagine you’re building a small banking application. Users can deposit and withdraw money, check their balances, and expect data accuracy every single time — even if multiple requests hit the system simultaneously. But the moment you deploy it across containers, networks, and replicas, one question starts haunting every architect:</p> <p>How do we keep data consistent when everything is happening everywhere?</p> <p>In this tutorial, we’ll explore that question through a hands-on story — from concept to infrastructure — and deploy a Spring Boot + PostgreSQL banking demo across a five-node Kubernetes lab, fully automated with Vagrant. Our goal isn’t to ship production code, but to understand the design thinking behind consistency, locking, and automation.</p> <p>Most tutorials use <strong>Minikube</strong> or <strong>kind</strong>, which are great for learning but limited to single-node simulations.<br><br> What if you could spin up a <strong>full Kubernetes cluster</strong> — control plane, multiple worker nodes, real networking, storage, and ingress — entirely automated and reproducible?</p> <p>It’s a perfect local lab for experimenting with deployments, storage, and load testing — without relying on cloud services.</p> <h2> What You’ll Learn </h2> <ul> <li><p>Build a <strong>5-node Kubernetes cluster</strong> using Vagrant and VirtualBox</p></li> <li><p>Automate provisioning with <strong>Bash scripts</strong></p></li> <li><p>Deploy a real <strong>Spring Boot + Postgres</strong> application</p></li> <li><p>Test the rest endpoint using <strong>k6</strong> load testing</p></li> </ul> <blockquote> <p>Build, deploy, and test a real multi-node Kubernetes cluster from scratch — all on your local machine.</p> </blockquote> <h2> Design </h2> <p>The system provides RESTful endpoints for withdrawal and deposit operations, served by a Spring Boot–based API backend. When the API receives a client request, it updates the account balance in a PostgreSQL relational database. To ensure data consistency under concurrent transactions, the system supports both optimistic and pessimistic locking mechanisms.</p> <p>Both the API backend and the PostgreSQL database are deployed on a Kubernetes cluster comprising five virtual machines:</p> <ul> <li><p>One control plane node for cluster management</p></li> <li><p>One edge node for network routing and ingress</p></li> <li><p>Two worker nodes hosting the Spring Boot web applications</p></li> <li><p>One database node running PostgreSQL</p></li> </ul> <p>This is a visual representation of the cluster setup:</p> <h3> K8S Architecture Overview </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>┌─────────────────────────────────────────────────────────────┐ │ Kubernetes Cluster │ ├─────────────────────────────────────────────────────────────┤ │ │ │ Control Plane (k8s-cp-01) │ │ └─ IP: 192.168.56.10 │ │ └─ Role: Master node, API server, scheduler, controller │ │ │ │ Worker Nodes: │ │ ├─ k8s-node-01 (192.168.56.11) - tier: edge │ │ │ └─ Ingress Controller, Local Path Provisioner, MetalLB │ │ ├─ k8s-node-02 (192.168.56.12) - tier: backend │ │ │ └─ Spring Boot Application Pods │ │ ├─ k8s-node-03 (192.168.56.13) - tier: backend │ │ │ └─ Spring Boot Application Pods │ │ └─ k8s-node-04 (192.168.56.14) - tier: database │ │ └─ PostgreSQL Database │ │ │ │ LoadBalancer IP Pool: 192.168.56.240-250 │ └─────────────────────────────────────────────────────────────┘ </code></pre> </div> <h2> Building the Complete Environment: </h2> <p>The environment will be provisioned using Vagrant, which automates the creation of virtual machines and the setup of the Kubernetes cluster. Once the infrastructure is ready, it will deploy the prebuilt cloud-native Spring Boot web application and the fully configured PostgreSQL database, assembling the complete application service environment.</p> <h3> Prerequisites </h3> <p>The following tools are required on your host machine:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Tool</th> <th>Version</th> <th>Install</th> </tr> </thead> <tbody> <tr> <td>VirtualBox</td> <td>≥ 7.1.6</td> <td>See install checklist</td> </tr> <tr> <td>Vagrant</td> <td>≥ 2.4.9</td> <td>See install checklist</td> </tr> <tr> <td>RAM</td> <td>≥ 13 GB</td> <td>3GB for cp + 2 GB per node</td> </tr> <tr> <td>CPU</td> <td>≥ 4 cores</td> <td>Recommended</td> </tr> <tr> <td>Network</td> <td>192.168.56.0/24</td> <td>VirtualBox Host-Only</td> </tr> </tbody> </table></div> <p>Below is the installation command:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Windows (Chocolatey, run admin PowerShell)</span> choco <span class="nb">install </span>virtualbox vagrant <span class="c"># Ubuntu/Debian</span> <span class="nb">sudo </span>apt-get update <span class="o">&amp;&amp;</span> <span class="nb">sudo </span>apt-get <span class="nb">install</span> <span class="nt">-y</span> virtualbox <span class="c"># Get latest vagrant from HashiCorp website or apt repo</span> <span class="c"># Install HashiCorp GPG key</span> wget <span class="nt">-O-</span> https://apt.releases.hashicorp.com/gpg | <span class="nb">sudo </span>gpg <span class="nt">--dearmor</span> <span class="nt">-o</span> /usr/share/keyrings/hashicorp-archive-keyring.gpg <span class="c"># Add HashiCorp repository</span> <span class="nb">echo</span> <span class="s2">"deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] </span><span class="se">\</span><span class="s2"> https://apt.releases.hashicorp.com </span><span class="si">$(</span>lsb_release <span class="nt">-cs</span><span class="si">)</span><span class="s2"> main"</span> | <span class="nb">sudo tee</span> /etc/apt/sources.list.d/hashicorp.list <span class="nb">sudo </span>apt-get <span class="nb">install</span> <span class="nt">-y</span> vagrant </code></pre> </div> <h2> Step 1: Vagrant </h2> <p>Clone the project<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>git clone https://github.com/arata-x/vagrant-k8s-bank-demo.git </code></pre> </div> <h3> Project Structure </h3> <p>The outline of the project structure is as follows:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Root: │ Vagrantfile │ └─provision ├─deployment │ │ │ └─standard │ ├─app │ │ 10-config.yml │ │ 20-rbac.yml │ │ 30-db-deploy.yml │ │ 40-app-deploy.yml │ │ 50-services.yml │ │ 60-network-policy.yml │ │ 70-utilities.yml │ │ │ └─infra │ 10-storage-class.yml │ 20-metallb.yaml │ └─foundation 10-common.sh 20-node-network.sh 30-control-panel.sh 40-join-node.sh 50-after-vagrant-setup.sh join-command.sh </code></pre> </div> <p>A <strong>Vagrantfile</strong> is a configuration file written in Ruby syntax that defines how Vagrant should provision and manage a virtual machine (VM). It’s the heart of any Vagrant project—used to automate the setup of reproducible development environments.</p> <p>Vagrantfile specifies:</p> <p>-Base OS image (e.g., ubuntu/jammy64) -Resources (CPU, memory, disk) -Networking (port forwarding, private/public networks) -Provisioning scripts (e.g., install Java, Maven, Docker) -Shared folders between host and VM</p> <p>Below is the content of Vagrantfile<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="no">Vagrant</span><span class="p">.</span><span class="nf">configure</span><span class="p">(</span><span class="s2">"2"</span><span class="p">)</span> <span class="k">do</span> <span class="o">|</span><span class="n">config</span><span class="o">|</span> <span class="n">config</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">box</span> <span class="o">=</span> <span class="s2">"ubuntu/jammy64"</span> <span class="n">config</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">synced_folder</span> <span class="s2">"."</span><span class="p">,</span> <span class="s2">"/vagrant"</span> <span class="n">root_path</span> <span class="o">=</span> <span class="s2">"provision/foundation/"</span><span class="p">;</span> <span class="c1"># Common setup for all nodes</span> <span class="n">config</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">provision</span> <span class="s2">"shell"</span><span class="p">,</span> <span class="ss">path: </span><span class="n">root_path</span> <span class="o">+</span> <span class="s2">"10-common.sh"</span> <span class="c1"># Node definitions</span> <span class="n">nodes</span> <span class="o">=</span> <span class="p">[</span> <span class="p">{</span> <span class="ss">name: </span><span class="s2">"k8s-cp-01"</span><span class="p">,</span> <span class="ss">ip: </span><span class="s2">"192.168.56.10"</span><span class="p">,</span> <span class="ss">script: </span><span class="s2">"30-control-panel.sh"</span><span class="p">,</span> <span class="ss">memory: </span><span class="mi">3072</span> <span class="p">},</span> <span class="p">{</span> <span class="ss">name: </span><span class="s2">"k8s-node-01"</span><span class="p">,</span> <span class="ss">ip: </span><span class="s2">"192.168.56.11"</span><span class="p">,</span> <span class="ss">script: </span><span class="s2">"40-join-node.sh"</span><span class="p">,</span> <span class="ss">memory: </span><span class="mi">2048</span> <span class="p">},</span> <span class="p">{</span> <span class="ss">name: </span><span class="s2">"k8s-node-02"</span><span class="p">,</span> <span class="ss">ip: </span><span class="s2">"192.168.56.12"</span><span class="p">,</span> <span class="ss">script: </span><span class="s2">"40-join-node.sh"</span><span class="p">,</span> <span class="ss">memory: </span><span class="mi">2048</span> <span class="p">},</span> <span class="p">{</span> <span class="ss">name: </span><span class="s2">"k8s-node-03"</span><span class="p">,</span> <span class="ss">ip: </span><span class="s2">"192.168.56.13"</span><span class="p">,</span> <span class="ss">script: </span><span class="s2">"40-join-node.sh"</span><span class="p">,</span> <span class="ss">memory: </span><span class="mi">2048</span> <span class="p">},</span> <span class="p">{</span> <span class="ss">name: </span><span class="s2">"k8s-node-04"</span><span class="p">,</span> <span class="ss">ip: </span><span class="s2">"192.168.56.14"</span><span class="p">,</span> <span class="ss">script: </span><span class="s2">"40-join-node.sh"</span><span class="p">,</span> <span class="ss">memory: </span><span class="mi">2048</span> <span class="p">},</span> <span class="p">]</span> <span class="c1"># Create VMs</span> <span class="n">nodes</span><span class="p">.</span><span class="nf">each</span> <span class="k">do</span> <span class="o">|</span><span class="n">node</span><span class="o">|</span> <span class="n">config</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">define</span> <span class="n">node</span><span class="p">[</span><span class="ss">:name</span><span class="p">]</span> <span class="k">do</span> <span class="o">|</span><span class="n">node_vm</span><span class="o">|</span> <span class="n">node_vm</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">provider</span> <span class="s2">"virtualbox"</span> <span class="k">do</span> <span class="o">|</span><span class="n">vb</span><span class="o">|</span> <span class="n">vb</span><span class="p">.</span><span class="nf">cpus</span> <span class="o">=</span> <span class="mi">2</span> <span class="n">vb</span><span class="p">.</span><span class="nf">memory</span> <span class="o">=</span> <span class="n">node</span><span class="p">[</span><span class="ss">:memory</span><span class="p">]</span> <span class="k">end</span> <span class="n">node_vm</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">hostname</span> <span class="o">=</span> <span class="n">node</span><span class="p">[</span><span class="ss">:name</span><span class="p">]</span> <span class="n">node_vm</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">network</span> <span class="s2">"private_network"</span><span class="p">,</span> <span class="ss">ip: </span><span class="n">node</span><span class="p">[</span><span class="ss">:ip</span><span class="p">]</span> <span class="n">node_vm</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">provision</span> <span class="s2">"shell"</span><span class="p">,</span> <span class="ss">path: </span><span class="n">root_path</span> <span class="o">+</span> <span class="s2">"20-node-network.sh"</span><span class="p">,</span> <span class="ss">args: </span><span class="n">node</span><span class="p">[</span><span class="ss">:ip</span><span class="p">]</span> <span class="n">node_vm</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">provision</span> <span class="s2">"shell"</span><span class="p">,</span> <span class="ss">path: </span><span class="n">root_path</span> <span class="o">+</span> <span class="s2">"</span><span class="si">#{</span><span class="n">node</span><span class="p">[</span><span class="ss">:script</span><span class="p">]</span><span class="si">}</span><span class="s2">"</span> <span class="k">end</span> <span class="k">end</span> <span class="k">end</span> </code></pre> </div> <h3> 1️⃣ Overview </h3> <p>This Vagrantfile provisions :</p> <ul> <li><p>Creates 5 Ubuntu 22.04 VMs</p></li> <li><p>Installs Docker, kubeadm, kubelet, kubectl</p></li> <li><p>Initializes Kubernetes control plane</p></li> <li><p>Joins 4 worker nodes</p></li> <li><p>Configures Calico CNI networking</p></li> </ul> <h3> 2️⃣ Global Configuration </h3> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="no">Vagrant</span><span class="p">.</span><span class="nf">configure</span><span class="p">(</span><span class="s2">"2"</span><span class="p">)</span> <span class="k">do</span> <span class="o">|</span><span class="n">config</span><span class="o">|</span> <span class="n">config</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">box</span> <span class="o">=</span> <span class="s2">"ubuntu/jammy64"</span> <span class="n">config</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">synced_folder</span> <span class="s2">"."</span><span class="p">,</span> <span class="s2">"/vagrant"</span> </code></pre> </div> <ul> <li><p><code>Vagrant.configure("2")</code> → Uses configuration syntax version 2.</p></li> <li><p><code>config.vm.box</code> → Every VM uses Ubuntu 22.04 LTS (“jammy64”).</p></li> <li><p><code>config.vm.synced_folder</code> → Shares your project folder on the host with each guest VM at <code>/vagrant</code>.</p></li> </ul> <h3> 3️⃣ Common Provisioning </h3> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code> <span class="n">root_path</span> <span class="o">=</span> <span class="s2">"provision/foundation/"</span> <span class="n">config</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">provision</span> <span class="s2">"shell"</span><span class="p">,</span> <span class="ss">path: </span><span class="n">root_path</span> <span class="o">+</span> <span class="s2">"10-common.sh"</span> </code></pre> </div> <p>Runs <strong>once globally</strong> for all machines to install baseline packages, set host files, etc.</p> <h3> 4️⃣ Cluster node setup </h3> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="n">nodes</span> <span class="o">=</span> <span class="p">[</span> <span class="p">{</span> <span class="ss">name: </span><span class="s2">"k8s-cp-01"</span><span class="p">,</span> <span class="ss">ip: </span><span class="s2">"192.168.56.10"</span><span class="p">,</span> <span class="ss">script: </span><span class="s2">"30-control-panel.sh"</span><span class="p">,</span> <span class="ss">memory: </span><span class="mi">3072</span> <span class="p">},</span> <span class="p">{</span> <span class="ss">name: </span><span class="s2">"k8s-node-01"</span><span class="p">,</span> <span class="ss">ip: </span><span class="s2">"192.168.56.11"</span><span class="p">,</span> <span class="ss">script: </span><span class="s2">"40-join-node.sh"</span><span class="p">,</span> <span class="ss">memory: </span><span class="mi">2048</span> <span class="p">},</span> <span class="p">{</span> <span class="ss">name: </span><span class="s2">"k8s-node-02"</span><span class="p">,</span> <span class="ss">ip: </span><span class="s2">"192.168.56.12"</span><span class="p">,</span> <span class="ss">script: </span><span class="s2">"40-join-node.sh"</span><span class="p">,</span> <span class="ss">memory: </span><span class="mi">2048</span> <span class="p">},</span> <span class="p">{</span> <span class="ss">name: </span><span class="s2">"k8s-node-03"</span><span class="p">,</span> <span class="ss">ip: </span><span class="s2">"192.168.56.13"</span><span class="p">,</span> <span class="ss">script: </span><span class="s2">"40-join-node.sh"</span><span class="p">,</span> <span class="ss">memory: </span><span class="mi">2048</span> <span class="p">},</span> <span class="p">{</span> <span class="ss">name: </span><span class="s2">"k8s-node-04"</span><span class="p">,</span> <span class="ss">ip: </span><span class="s2">"192.168.56.14"</span><span class="p">,</span> <span class="ss">script: </span><span class="s2">"40-join-node.sh"</span><span class="p">,</span> <span class="ss">memory: </span><span class="mi">2048</span> <span class="p">},</span> <span class="p">]</span> </code></pre> </div> <p>Defines five nodes for node creation loop.</p> <h3> 5️⃣ Node Creation Loop </h3> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="n">nodes</span><span class="p">.</span><span class="nf">each</span> <span class="k">do</span> <span class="o">|</span><span class="n">node</span><span class="o">|</span> <span class="n">config</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">define</span> <span class="n">node</span><span class="p">[</span><span class="ss">:name</span><span class="p">]</span> <span class="k">do</span> <span class="o">|</span><span class="n">node_vm</span><span class="o">|</span> <span class="n">node_vm</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">provider</span> <span class="s2">"virtualbox"</span> <span class="k">do</span> <span class="o">|</span><span class="n">vb</span><span class="o">|</span> <span class="n">vb</span><span class="p">.</span><span class="nf">cpus</span> <span class="o">=</span> <span class="mi">2</span> <span class="n">vb</span><span class="p">.</span><span class="nf">memory</span> <span class="o">=</span> <span class="n">node</span><span class="p">[</span><span class="ss">:memory</span><span class="p">]</span> <span class="k">end</span> <span class="n">node_vm</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">hostname</span> <span class="o">=</span> <span class="n">node</span><span class="p">[</span><span class="ss">:name</span><span class="p">]</span> <span class="n">node_vm</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">network</span> <span class="s2">"private_network"</span><span class="p">,</span> <span class="ss">ip: </span><span class="n">node</span><span class="p">[</span><span class="ss">:ip</span><span class="p">]</span> <span class="n">node_vm</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">provision</span> <span class="s2">"shell"</span><span class="p">,</span> <span class="ss">path: </span><span class="n">root_path</span> <span class="o">+</span> <span class="s2">"20-node-network.sh"</span><span class="p">,</span> <span class="ss">args: </span><span class="n">node</span><span class="p">[</span><span class="ss">:ip</span><span class="p">]</span> <span class="n">node_vm</span><span class="p">.</span><span class="nf">vm</span><span class="p">.</span><span class="nf">provision</span> <span class="s2">"shell"</span><span class="p">,</span> <span class="ss">path: </span><span class="n">root_path</span> <span class="o">+</span> <span class="s2">"</span><span class="si">#{</span><span class="n">node</span><span class="p">[</span><span class="ss">:script</span><span class="p">]</span><span class="si">}</span><span class="s2">"</span> <span class="k">end</span> <span class="k">end</span> </code></pre> </div> <p>For each node:</p> <ol> <li><p><strong>Allocates</strong> cpus = 2 and memory</p></li> <li><p><strong>Defines</strong> a named VM.</p></li> <li><p><strong>Sets hostname</strong> inside the guest.</p></li> <li><p><strong>Configures a private network</strong> on <code>192.168.56.0/24</code>.</p></li> <li><p><strong>Runs</strong> <code>setup-node-network.sh</code> to configure IPs, <code>/etc/hosts</code>, etc.</p></li> <li><p><strong>Runs role-specific script</strong> (<code>setup-controller.sh</code> or <code>setup-node.sh</code>).</p></li> </ol> <h3> 6️⃣ Build the Cluster </h3> <p>Run vagrant up to start provisioning.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">cd </span>k8s vagrant up </code></pre> </div> <p>🕒 <strong>Expected duration:</strong> 10–15 minutes.</p> <p>Verify all VMs are running:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>vagrant status </code></pre> </div> <h3> 7️⃣ <strong>Provisioning Scripts Deep Dive</strong> </h3> <p>Let's take a closer look at the shell scripts used during provisioning.</p> <p><strong>10-common.sh</strong></p> <p>The script configures the operating system’s memory settings, installs the required Kubernetes components, and sets up the environment for Kubernetes networking.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Disable Swap</span> <span class="nb">sudo </span>swapoff <span class="nt">-a</span> <span class="nb">sudo sed</span> <span class="nt">-i</span> <span class="s1">'/ swap / s/^/#/'</span> /etc/fstab <span class="c"># Install Core Dependencies</span> <span class="nb">sudo </span>apt-get <span class="nb">install</span> <span class="nt">-y</span> kubelet kubeadm containerd <span class="nb">cat</span> <span class="o">&lt;&lt;</span><span class="no">EOF</span><span class="sh"> | sudo tee /etc/modules-load.d/k8s.conf overlay br_netfilter </span><span class="no">EOF </span><span class="nb">sudo </span>modprobe overlay <span class="nb">sudo </span>modprobe br_netfilter <span class="nb">sudo cat</span> <span class="o">&lt;&lt;</span><span class="sh">'</span><span class="no">EOF</span><span class="sh">' | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.ipv4.ip_forward = 1 </span><span class="no">EOF </span><span class="nb">sudo </span>sysctl <span class="nt">--system</span> </code></pre> </div> <p><strong>Purpose</strong></p> <p><strong>1. Disable Swap</strong> Ensures Kubernetes can accurately manage memory resources.</p> <p><strong>2. Add Kubernetes Repository and Install Components</strong></p> <p>Configures the official Kubernetes APT repo and installs kubelet, kubeadm, and containerd.</p> <p><strong>3. Setup Kernel Modules</strong></p> <p>Enables overlay and br_netfilter modules required for container networking and storage layers.</p> <p><strong>4. Set Kernel Parameters</strong></p> <p>Adjusts sysctl settings to enable IP forwarding and proper packet handling between bridged interfaces.</p> <p><strong>20-common.sh</strong></p> <p>This script configures the Kubernetes node’s network identity by explicitly assigning its IP address to the kubelet service, ensuring proper communication and cluster registration.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">NODE_IP</span><span class="o">=</span><span class="si">$(</span>ip <span class="nt">-4</span> addr show enp0s8 | <span class="nb">grep</span> <span class="nt">-oP</span> <span class="s1">'(?&lt;=inet\s)\d+(\.\d+){3}'</span><span class="si">)</span> <span class="nv">DROPIN_FILE</span><span class="o">=</span>/lib/systemd/system/kubelet.service.d/10-kubeadm.conf <span class="k">if</span> <span class="o">!</span> <span class="nb">grep</span> <span class="nt">-q</span> <span class="nt">--</span> <span class="s2">"--node-ip=</span><span class="nv">$NODE_IP</span><span class="s2">"</span> <span class="s2">"</span><span class="nv">$DROPIN_FILE</span><span class="s2">"</span><span class="p">;</span> <span class="k">then </span><span class="nb">sudo sed</span> <span class="nt">-i</span> <span class="s2">"0,/^Environment=</span><span class="se">\"</span><span class="s2">KUBELET_KUBECONFIG_ARGS=/s|</span><span class="se">\"</span><span class="nv">$|</span><span class="s2"> --node-ip=</span><span class="nv">$NODE_IP</span><span class="se">\"</span><span class="s2">|"</span> <span class="s2">"</span><span class="nv">$DROPIN_FILE</span><span class="s2">"</span> <span class="k">fi </span><span class="nb">sudo </span>systemctl daemon-reexec <span class="nb">sudo </span>systemctl daemon-reload <span class="nb">sudo </span>systemctl restart kubelet </code></pre> </div> <p>When using Vagrant, a default NAT interface (enp0s3) is created for outbound network access. A second, user-defined network interface (enp0s8) is typically added for internal cluster communication. However, Kubernetes may fail to correctly resolve the node’s IP address in this setup, requiring manual configuration.</p> <p>After testing, the following approach proves effective: explicitly assign the node IP to the enp0s8 interface and configure the kubelet to use this IP. Once applied, the kubelet service starts with the correct node IP address, ensuring reliable communication between cluster components and accurate node registration within the Kubernetes control plane.</p> <p><strong>30-contol-panel.sh</strong></p> <p>This script automates the setup of a Kubernetes control plane node in a virtualized environment. It also takes care of installing and configuring essential tools like kubectl, the Container Network Interface (CNI), and a monitoring stack to give you full visibility into your cluster.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">sudo </span>apt-get <span class="nb">install</span> <span class="nt">-y</span> kubectl <span class="c"># Initialize cluster</span> <span class="nb">sudo </span>kubeadm init <span class="nt">--apiserver-advertise-address</span><span class="o">=</span>192.168.56.10 <span class="nt">--pod-network-cidr</span><span class="o">=</span>10.224.0.0/16 <span class="c"># Setup kubeconfig</span> <span class="nb">mkdir</span> <span class="nt">-p</span> /home/vagrant/.kube <span class="nb">cp</span> /etc/kubernetes/admin.conf /home/vagrant/.kube/config <span class="nb">chown </span>vagrant:vagrant /home/vagrant/.kube/config <span class="nb">mkdir</span> <span class="nt">-p</span> ~/.kube <span class="nb">cp</span> /etc/kubernetes/admin.conf ~/.kube/config <span class="c"># Create join command</span> <span class="nb">sudo </span>kubeadm token create <span class="nt">--print-join-command</span> <span class="o">&gt;</span> /vagrant/provision/foundation/join-command.sh <span class="c"># Install Calico network plugin</span> <span class="nv">AUTO_METHOD</span><span class="o">=</span><span class="s2">"cidr=192.168.56.0/24"</span> curl <span class="nt">-O</span> https://raw.githubusercontent.com/projectcalico/calico/v3.30.3/manifests/calico.yaml kubectl apply <span class="nt">-f</span> calico.yaml kubectl <span class="nb">set env </span>daemonset/calico-node <span class="nt">-n</span> kube-system <span class="nv">IP_AUTODETECTION_METHOD</span><span class="o">=</span><span class="s2">"</span><span class="nv">$AUTO_METHOD</span><span class="s2">"</span> <span class="nb">sudo </span>systemctl restart kubelet <span class="c"># Install K9s</span> wget https://github.com/derailed/k9s/releases/latest/download/k9s_linux_amd64.deb <span class="nb">sudo </span>apt <span class="nb">install</span> ./k9s_linux_amd64.deb </code></pre> </div> <p><strong>1. Installs kubectl</strong></p> <p>Initializes the Kubernetes cluster using kubeadm, specifying the API server advertise address (192.168.56.10) and the Pod network CIDR (10.224.0.0/16).</p> <p><strong>2. Kubeconfig Configuration</strong></p> <p>Sets up the Kubernetes configuration (admin.conf) for both the vagrant user and the root user, enabling access to cluster management commands.</p> <p><strong>3. Node Join Command Generation</strong></p> <p>Creates and stores the cluster join command in /vagrant/provision/foundation/join-command.sh for worker nodes to join the cluster.</p> <p><strong>3. Calico Network Plugin Setup</strong></p> <p>Downloads and applies the Calico manifest to enable networking between pods. Configures Calico’s IP autodetection method to use the local network (cidr=192.168.56.0/24).</p> <p><strong>4. Kubernetes Management Tool Installation</strong></p> <p>Installs k9s, a terminal-based Kubernetes cluster management tool</p> <h2> Step 2: Post-Init Setup </h2> <p>SSH into the control plane:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>vagrant ssh k8s-cp-01 </code></pre> </div> <p>Run the post-initialization script:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">sudo</span> /vagrant/provision/foundation/50-after-vagrant-setup </code></pre> </div> <p><strong><em>50-after-vagrant-setup</em></strong></p> <p>This script configures functional labels to define node roles(edge, backend, database), and configures essential Kubernetes components with targeted scheduling.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">NODES</span><span class="o">=(</span>k8s-node-01 k8s-node-02 k8s-node-03 k8s-node-04<span class="o">)</span> kubectl label node <span class="s2">"</span><span class="k">${</span><span class="nv">NODES</span><span class="p">[0]</span><span class="k">}</span><span class="s2">"</span> node-role.kubernetes.io/worker-node<span class="o">=</span><span class="s2">""</span> <span class="nv">tier</span><span class="o">=</span>edge <span class="nt">--overwrite</span> kubectl label node <span class="s2">"</span><span class="k">${</span><span class="nv">NODES</span><span class="p">[1]</span><span class="k">}</span><span class="s2">"</span> node-role.kubernetes.io/worker-node<span class="o">=</span><span class="s2">""</span> <span class="nv">tier</span><span class="o">=</span>backend <span class="nt">--overwrite</span> kubectl label node <span class="s2">"</span><span class="k">${</span><span class="nv">NODES</span><span class="p">[2]</span><span class="k">}</span><span class="s2">"</span> node-role.kubernetes.io/worker-node<span class="o">=</span><span class="s2">""</span> <span class="nv">tier</span><span class="o">=</span>backend <span class="nt">--overwrite</span> kubectl label node <span class="s2">"</span><span class="k">${</span><span class="nv">NODES</span><span class="p">[3]</span><span class="k">}</span><span class="s2">"</span> node-role.kubernetes.io/worker-node<span class="o">=</span><span class="s2">""</span> <span class="nv">tier</span><span class="o">=</span>database <span class="nt">--overwrite</span> <span class="c"># Install Local Path Provisioner for dynamic storage provisioning</span> kubectl apply <span class="nt">-f</span> https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml <span class="c"># Install NGINX Ingress Controller</span> kubectl apply <span class="nt">-f</span> https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/cloud/deploy.yaml <span class="c"># Install MetalLB</span> kubectl apply <span class="nt">-f</span> https://raw.githubusercontent.com/metallb/metallb/v0.15.2/config/manifests/metallb-native.yaml </code></pre> </div> <p>After labeling, it deploys several core infrastructure components:</p> <ol> <li><p>Local Path Provisioner – Enables dynamic storage provisioning</p></li> <li><p>NGINX Ingress Controller – Provides ingress routing</p></li> <li><p>MetalLB – Implements Layer 2 load balancing with controller deployment</p></li> </ol> <p>Verify:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>kubectl get nodes <span class="nt">--show-labels</span> kubectl get pods <span class="nt">-A</span> </code></pre> </div> <h2> Step 3: Deploy Infrastructure </h2> <p>Apply storage and networking configuration.</p> <p><strong>Run Deployment</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>kubectl apply <span class="nt">-f</span> /vagrant/provision/deployment/standard/infra </code></pre> </div> <h3> What’s Inside </h3> <ul> <li><p><code>10-storage-class.yml</code> — Local path dynamic PV provisioning</p></li> <li><p><code>20-metallb.yaml</code> — IP pool and L2Advertisement setup</p></li> </ul> <h3> Confiuration Review </h3> <p><strong>10-storage-class.yml</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">apiVersion</span><span class="pi">:</span> <span class="s">storage.k8s.io/v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">StorageClass</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">vm-storage</span> <span class="na">provisioner</span><span class="pi">:</span> <span class="s">rancher.io/local-path</span> <span class="na">volumeBindingMode</span><span class="pi">:</span> <span class="s">WaitForFirstConsumer</span> <span class="na">reclaimPolicy</span><span class="pi">:</span> <span class="s">Delete</span> </code></pre> </div> <p>This manifest defines a StorageClass named <code>vm-storage</code> that uses the Rancher Local Path Provisioner to dynamically create node-local PersistentVolumes. It sets <code>volumeBindingMode: WaitForFirstConsumer</code> so volume provisioning is deferred until a pod is scheduled, ensuring the PV is created on the same node as the workload. The <code>reclaimPolicy: Delete</code> cleans up underlying storage when the PersistentVolumeClaim is removed.</p> <p><strong>20-metallb.yaml</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">apiVersion</span><span class="pi">:</span> <span class="s">metallb.io/v1beta1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">IPAddressPool</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">default-address-pool</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">metallb-system</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">addresses</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">192.168.56.240-192.168.56.250</span> <span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">metallb.io/v1beta1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">L2Advertisement</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">default-l2-advert</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">metallb-system</span> </code></pre> </div> <p>In cloud environments, services like AWS or GCP automatically provide load balancers to expose your applications to the outside world. But on bare-metal or virtualized Kubernetes clusters, you don’t get that luxury out of the box — and that’s where MetalLB steps in.</p> <p>The manifest configures <code>MetalLB</code> to handle external traffic just like a cloud load balancer would. It defines an IPAddressPool that allocates IPs from <code>192.168.56.240–192.168.56.250</code>, and an <code>L2Advertisement</code> that announces those addresses at Layer 2 so other devices on the network can reach your services directly.</p> <p>The result is seamless, cloud-like load balancing for your on-premises or Vagrant-based Kubernetes setups — giving your local cluster the same networking power as a managed one.</p> <p>Verify:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>kubectl get storageclass kubectl get ipaddresspool <span class="nt">-n</span> metallb-system </code></pre> </div> <h2> Step 4: Deploy the Application </h2> <p>In this step, we’re bringing everything together — deploying a complete multi-tier application stack on Kubernetes. This manifests sets up dedicated namespaces, injects configuration data, and applies the necessary RBAC permissions for secure access control. It also provisions a PostgreSQL database backed by persistent storage, then deploys a Spring Boot application with multiple replicas for scalability and resilience.</p> <p>To make the services accessible, it exposes them through ClusterIP and NodePort, and strengthens cluster security with NetworkPolicies that control how pods communicate. Optionally, it can also install monitoring and maintenance utilities, giving you full visibility and manageability of your application stack — all running seamlessly inside Kubernetes.</p> <p><strong>Run Deployment</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>kubectl apply <span class="nt">-f</span> /vagrant/provision/deployment/standard/app </code></pre> </div> <h3> What’s Inside </h3> <ul> <li><p><code>10-config.yml</code> — Namespaces, ConfigMaps, Secrets</p></li> <li><p><code>20-rbac.yml</code> — RBAC setup</p></li> <li><p><code>30-db-deploy.yml</code> — PostgreSQL with PVC</p></li> <li><p><code>40-app-deply.yml</code> — Spring Boot app (2 replicas)</p></li> <li><p><code>50-services.yml</code> — ClusterIP and NodePort</p></li> <li><p><code>60-network-policy.yml</code> — Secure traffic rules</p></li> <li><p><code>70-utilities.yml</code> — Optional utilities</p></li> </ul> <h3> Confiuration Review </h3> <p><strong>10-config.yml</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Namespace</span> <span class="na">metadata</span><span class="pi">:</span> <span class="pi">{</span> <span class="nv">name</span><span class="pi">:</span> <span class="nv">demo</span> <span class="pi">}</span> </code></pre> </div> <p>Creates a <code>demo</code> namespace for isolating application resources.</p> <p><strong>20-rbac.yml</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">apiVersion</span><span class="pi">:</span> <span class="s">rbac.authorization.k8s.io/v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">RoleBinding</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">database-rolebinding</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">subjects</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">ServiceAccount</span> <span class="na">name</span><span class="pi">:</span> <span class="s">postgres-sa</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">roleRef</span><span class="pi">:</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Role</span> <span class="na">name</span><span class="pi">:</span> <span class="s">database-role</span> <span class="na">apiGroup</span><span class="pi">:</span> <span class="s">rbac.authorization.k8s.io</span> <span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">rbac.authorization.k8s.io/v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">RoleBinding</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">app-rolebinding</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">subjects</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">ServiceAccount</span> <span class="na">name</span><span class="pi">:</span> <span class="s">app-sa</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">roleRef</span><span class="pi">:</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Role</span> <span class="na">name</span><span class="pi">:</span> <span class="s">app-role</span> <span class="na">apiGroup</span><span class="pi">:</span> <span class="s">rbac.authorization.k8s.io</span> </code></pre> </div> <p>The manifest defines two service accounts: <code>database-sa</code> for PostgreSQL and <code>app-sa</code> for the Spring Boot service, enabling least-privilege access and clear separation of duties.</p> <p><strong>30-db-deploy.yml</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">ConfigMap</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">db-cm</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">data</span><span class="pi">:</span> <span class="na">POSTGRES_USER</span><span class="pi">:</span> <span class="s">postgres</span> <span class="na">POSTGRES_DB</span><span class="pi">:</span> <span class="s">appdb</span> <span class="na">APP_USER</span><span class="pi">:</span> <span class="s">appuser</span> <span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Secret</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">db-secret</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">type</span><span class="pi">:</span> <span class="s">Opaque</span> <span class="na">stringData</span><span class="pi">:</span> <span class="na">POSTGRES_PASSWORD</span><span class="pi">:</span> <span class="s">strong-password</span> <span class="na">APP_PASSWORD</span><span class="pi">:</span> <span class="s">strong-password</span> <span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">ConfigMap</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">db-init</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">dem</span> <span class="na">data</span><span class="pi">:</span> <span class="na">00-roles.sql</span><span class="pi">:</span> <span class="s">(skip)</span> <span class="na">01-db.sql</span><span class="pi">:</span> <span class="s">(skip)</span> <span class="na">02-schema.sql</span><span class="pi">:</span> <span class="s">(skip)</span> <span class="na">03-comments.sql</span><span class="pi">:</span> <span class="s">(skip)</span> <span class="na">04-table.sql</span><span class="pi">:</span> <span class="s">(skip)</span> <span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Service</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">postgres-headless</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">labels</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="s">postgres</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">clusterIP</span><span class="pi">:</span> <span class="s">None</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">pg</span> <span class="na">port</span><span class="pi">:</span> <span class="m">5432</span> <span class="na">targetPort</span><span class="pi">:</span> <span class="m">5432</span> <span class="na">selector</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="s">postgres</span> <span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Service</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">postgres</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">labels</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="s">postgres</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">type</span><span class="pi">:</span> <span class="s">ClusterIP</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">pg</span> <span class="na">port</span><span class="pi">:</span> <span class="m">5432</span> <span class="na">targetPort</span><span class="pi">:</span> <span class="m">5432</span> <span class="na">selector</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="s">postgres</span> <span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">apps/v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">StatefulSet</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">postgres</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">serviceName</span><span class="pi">:</span> <span class="s">postgres-headless</span> <span class="na">replicas</span><span class="pi">:</span> <span class="m">1</span> <span class="na">selector</span><span class="pi">:</span> <span class="na">matchLabels</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="s">postgres</span> <span class="na">template</span><span class="pi">:</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">labels</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="s">postgres</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">serviceAccountName</span><span class="pi">:</span> <span class="s">database-sa</span> <span class="na">nodeSelector</span><span class="pi">:</span> <span class="na">tier</span><span class="pi">:</span> <span class="s">database</span> <span class="na">containers</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">postgres</span> <span class="na">image</span><span class="pi">:</span> <span class="s">postgres:18</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">containerPort</span><span class="pi">:</span> <span class="m">5432</span> <span class="na">name</span><span class="pi">:</span> <span class="s">pg</span> <span class="na">envFrom</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">secretRef</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">db-secret</span> <span class="pi">-</span> <span class="na">configMapRef</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">db-cm</span> <span class="na">volumeMounts</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">db-data</span> <span class="na">mountPath</span><span class="pi">:</span> <span class="s">/var/lib/postgresql/</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">run-socket</span> <span class="na">mountPath</span><span class="pi">:</span> <span class="s">/var/run/postgresql</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">db-init</span> <span class="na">mountPath</span><span class="pi">:</span> <span class="s">/docker-entrypoint-initdb.</span> <span class="na">volumes</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">run-socket</span> <span class="na">emptyDir</span><span class="pi">:</span> <span class="pi">{}</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">db-init</span> <span class="na">configMap</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">db-init</span> <span class="na">volumeClaimTemplates</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">db-data</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">accessModes</span><span class="pi">:</span> <span class="pi">[</span><span class="s2">"</span><span class="s">ReadWriteOnce"</span><span class="pi">]</span> <span class="na">storageClassName</span><span class="pi">:</span> <span class="s">vm-storage</span> <span class="na">resources</span><span class="pi">:</span> <span class="na">requests</span><span class="pi">:</span> <span class="na">storage</span><span class="pi">:</span> <span class="s">5Gi</span> </code></pre> </div> <p>The manifest provisions a <code>single-replica</code> PostgreSQL database as a <code>StatefulSet</code> on the <code>database</code> tier. It uses the <code>database-sa</code> service account, loads environment variables and credentials from ConfigMaps and Secret, runs optional init SQL from a ConfigMap, and persists data via a PersistentVolumeClaim using the <code>vm-storage</code> StorageClass, and exposes the database through two Kubernetes Services: a standard ClusterIP Service <code>postgres</code> for in-cluster access on port <code>5432</code>, and a headless Service <code>postgres-headless</code> to enable direct pod-to-pod communication and stable DNS resolution—typically.</p> <p><strong>40-app-deply.yml</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">ConfigMap</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">springboot-cm</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">labels</span><span class="pi">:</span> <span class="na">environment</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">data</span><span class="pi">:</span> <span class="na">BPL_JVM_THREAD_COUNT</span><span class="pi">:</span> <span class="s2">"</span><span class="s">100"</span> <span class="na">JAVA_TOOL_OPTIONS</span><span class="pi">:</span> <span class="s2">"</span><span class="s">-XX:InitialRAMPercentage=25.0</span><span class="nv"> </span><span class="s">-XX:MaxRAMPercentage=75.0"</span> <span class="na">LOGGING_LEVEL_ROOT</span><span class="pi">:</span> <span class="s">INFO</span> <span class="na">SPRING_PROFILES_ACTIVE</span><span class="pi">:</span> <span class="s">prod</span> <span class="na">SPRING_DATASOURCE_URL</span><span class="pi">:</span> <span class="s2">"</span><span class="s">jdbc:postgresql://postgres.demo.svc.cluster.local:5432/appdb"</span> <span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Secret</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">springboot-secret</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">labels</span><span class="pi">:</span> <span class="na">environment</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">type</span><span class="pi">:</span> <span class="s">Opaque</span> <span class="na">stringData</span><span class="pi">:</span> <span class="na">spring.datasource.username</span><span class="pi">:</span> <span class="s">appuser</span> <span class="na">spring.datasource.password</span><span class="pi">:</span> <span class="s">strong-password</span> <span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Service</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">api-svc</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">labels</span><span class="pi">:</span> <span class="na">environment</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">selector</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="s">api</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">port</span><span class="pi">:</span> <span class="m">80</span> <span class="na">targetPort</span><span class="pi">:</span> <span class="m">8080</span> <span class="na">type</span><span class="pi">:</span> <span class="s">ClusterIP</span> <span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">apps/v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Deployment</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">bank-account-demo</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">replicas</span><span class="pi">:</span> <span class="m">2</span> <span class="na">selector</span><span class="pi">:</span> <span class="na">matchLabels</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="s">api</span> <span class="na">template</span><span class="pi">:</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">labels</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="s">api</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">serviceAccountName</span><span class="pi">:</span> <span class="s">app-sa</span> <span class="na">affinity</span><span class="pi">:</span> <span class="na">nodeAffinity</span><span class="pi">:</span> <span class="na">requiredDuringSchedulingIgnoredDuringExecution</span><span class="pi">:</span> <span class="na">nodeSelectorTerms</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">matchExpressions</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">key</span><span class="pi">:</span> <span class="s">tier</span> <span class="na">operator</span><span class="pi">:</span> <span class="s">In</span> <span class="na">values</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">backend</span> <span class="na">topologySpreadConstraints</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">maxSkew</span><span class="pi">:</span> <span class="m">1</span> <span class="na">topologyKey</span><span class="pi">:</span> <span class="s">kubernetes.io/hostname</span> <span class="na">whenUnsatisfiable</span><span class="pi">:</span> <span class="s">DoNotSchedule</span> <span class="na">labelSelector</span><span class="pi">:</span> <span class="na">matchLabels</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="s">api</span> <span class="na">containers</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">bank-account-demo</span> <span class="na">image</span><span class="pi">:</span> <span class="s">docker.io/aratax/bank-account-demo:1.0</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">containerPort</span><span class="pi">:</span> <span class="m">8080</span> <span class="na">envFrom</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">configMapRef</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">springboot-cm</span> <span class="pi">-</span> <span class="na">secretRef</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">springboot-secret</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">wait-for-database</span> <span class="na">image</span><span class="pi">:</span> <span class="s">busybox</span> <span class="na">command</span><span class="pi">:</span> <span class="pi">[</span><span class="s1">'</span><span class="s">sh'</span><span class="pi">,</span> <span class="s1">'</span><span class="s">-c'</span><span class="pi">,</span> <span class="s1">'</span><span class="s">until</span><span class="nv"> </span><span class="s">nc</span><span class="nv"> </span><span class="s">-z</span><span class="nv"> </span><span class="s">postgres.demo.svc.cluster.local</span><span class="nv"> </span><span class="s">5432;</span><span class="nv"> </span><span class="s">do</span><span class="nv"> </span><span class="s">echo</span><span class="nv"> </span><span class="s">waiting;</span><span class="nv"> </span><span class="s">sleep</span><span class="nv"> </span><span class="s">2;</span><span class="nv"> </span><span class="s">done;'</span><span class="pi">]</span> </code></pre> </div> <p>This manifest provisions a <code>two-replica</code> Spring Boot application deployment in the <code>backend</code> tier. It uses the <code>app-sa</code> service account, loads runtime configuration and credentials from the ConfigMap and Secret, and connects to the PostgreSQL database via the internal DNS endpoint <code>postgres.demo.svc.cluster.local:5432</code>. The deployment includes an init container <code>wait-for-database</code> to ensure the database is reachable before application startup. It exposes the application through a ClusterIP Service named <code>api-svc</code> on port <code>80</code>. The deployment is set up to run only on <code>backend</code> nodes and to spread its pods evenly across different nodes for better reliability and load balance.</p> <p><strong>50-services.yml</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Service</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">database-nodeport</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">labels</span><span class="pi">:</span> <span class="na">environment</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">type</span><span class="pi">:</span> <span class="s">NodePort</span> <span class="na">selector</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="s">postgres</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">pg</span> <span class="na">port</span><span class="pi">:</span> <span class="s">5432</span> <span class="na">targetPort</span><span class="pi">:</span> <span class="s">5432</span> <span class="na">nodePort</span><span class="pi">:</span> <span class="m">30000</span> <span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">networking.k8s.io/v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Ingress</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">webapp-ingress</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">labels</span><span class="pi">:</span> <span class="na">environment</span><span class="pi">:</span> <span class="s">demo</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">ingressClassName</span><span class="pi">:</span> <span class="s">nginx</span> <span class="na">rules</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">host</span><span class="pi">:</span> <span class="s">app.demo.local</span> <span class="na">http</span><span class="pi">:</span> <span class="na">paths</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">path</span><span class="pi">:</span> <span class="s">/</span> <span class="na">pathType</span><span class="pi">:</span> <span class="s">Prefix</span> <span class="na">backend</span><span class="pi">:</span> <span class="na">service</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">api-svc</span> <span class="na">port</span><span class="pi">:</span> <span class="na">number</span><span class="pi">:</span> <span class="m">80</span> </code></pre> </div> <p>The manifest enables both the application and the database to be accessed from inside and outside the cluster. It defines a NodePort Service named <code>database-nodeport</code> that exposes the PostgreSQL database on port <code>30000</code> for external access, typically used for development and debugging. It also creates an Ingress resource named <code>webapp-ingress</code> that routes web traffic for <code>app.demo.local</code> to the internal <code>api-svc</code> service, which runs the Spring Boot application on port 80.</p> <h2> Step 5: Review Application Design </h2> <p>To implement a simple banking system, two tables were designed:</p> <ul> <li><p><code>accounts</code> — stores core account information (owner, currency, balance, etc.).</p></li> <li><p><code>ledger_entries</code> — records all debit/credit transactions linked to each account for auditing and reconciliation.</p></li> </ul> <p>This schema ensures data integrity, supports concurrent balance updates via versioning, and provides immutable transaction history.</p> <h3> Database Table Layout: </h3> <div class="highlight js-code-highlight"> <pre class="highlight sql"><code><span class="o">+</span><span class="c1">------------------------------------------------------------+</span> <span class="o">|</span> <span class="n">accounts</span> <span class="o">|</span> <span class="o">+</span><span class="c1">------------------------------------------------------------+</span> <span class="o">|</span> <span class="k">Column</span> <span class="o">|</span> <span class="k">Type</span> <span class="o">|</span> <span class="k">Constraints</span> <span class="o">/</span> <span class="k">Default</span> <span class="o">|</span> <span class="o">|</span><span class="c1">--------------|----------------|----------------------------|</span> <span class="o">|</span> <span class="n">id</span> <span class="o">|</span> <span class="n">UUID</span> <span class="p">(</span><span class="n">PK</span><span class="p">)</span> <span class="o">|</span> <span class="k">DEFAULT</span> <span class="n">uuidv7</span><span class="p">()</span> <span class="o">|</span> <span class="o">|</span> <span class="n">owner_name</span> <span class="o">|</span> <span class="nb">TEXT</span> <span class="o">|</span> <span class="k">NOT</span> <span class="k">NULL</span> <span class="o">|</span> <span class="o">|</span> <span class="n">currency</span> <span class="o">|</span> <span class="nb">CHAR</span><span class="p">(</span><span class="mi">3</span><span class="p">)</span> <span class="o">|</span> <span class="k">NOT</span> <span class="k">NULL</span> <span class="o">|</span> <span class="o">|</span> <span class="n">balance</span> <span class="o">|</span> <span class="nb">NUMERIC</span><span class="p">(</span><span class="mi">18</span><span class="p">,</span><span class="mi">2</span><span class="p">)</span> <span class="o">|</span> <span class="k">NOT</span> <span class="k">NULL</span> <span class="k">DEFAULT</span> <span class="mi">0</span> <span class="o">|</span> <span class="o">|</span> <span class="k">version</span> <span class="o">|</span> <span class="nb">BIGINT</span> <span class="o">|</span> <span class="k">NOT</span> <span class="k">NULL</span> <span class="k">DEFAULT</span> <span class="mi">0</span> <span class="o">|</span> <span class="o">|</span> <span class="n">updated_at</span> <span class="o">|</span> <span class="n">TIMESTAMPTZ</span> <span class="o">|</span> <span class="k">NOT</span> <span class="k">NULL</span> <span class="k">DEFAULT</span> <span class="n">NOW</span><span class="p">()</span> <span class="o">|</span> <span class="o">+</span><span class="c1">------------------------------------------------------------+</span> <span class="o">|</span> <span class="k">INDEX</span><span class="p">:</span> <span class="n">idx_accounts_owner</span> <span class="p">(</span><span class="n">owner_name</span><span class="p">)</span> <span class="o">|</span> <span class="o">+</span><span class="c1">------------------------------------------------------------+</span> <span class="mi">1</span> <span class="n">accounts</span> <span class="err">─────────────┐</span> <span class="err">│</span> <span class="p">(</span><span class="n">fk_ledger_account</span><span class="p">)</span> <span class="err">▼</span> <span class="o">+</span><span class="c1">------------------------------------------------------------+</span> <span class="o">|</span> <span class="n">ledger_entries</span> <span class="o">|</span> <span class="o">+</span><span class="c1">------------------------------------------------------------+</span> <span class="o">|</span> <span class="k">Column</span> <span class="o">|</span> <span class="k">Type</span> <span class="o">|</span> <span class="k">Constraints</span> <span class="o">/</span> <span class="k">Default</span> <span class="o">|</span> <span class="o">|</span><span class="c1">--------------|----------------|----------------------------|</span> <span class="o">|</span> <span class="n">id</span> <span class="o">|</span> <span class="n">UUID</span> <span class="p">(</span><span class="n">PK</span><span class="p">)</span> <span class="o">|</span> <span class="k">DEFAULT</span> <span class="n">uuidv7</span><span class="p">()</span> <span class="o">|</span> <span class="o">|</span> <span class="n">account_id</span> <span class="o">|</span> <span class="n">UUID</span> <span class="p">(</span><span class="n">FK</span><span class="p">)</span> <span class="o">|</span> <span class="k">REFERENCES</span> <span class="n">accounts</span><span class="p">(</span><span class="n">id</span><span class="p">)</span> <span class="o">|</span> <span class="o">|</span> <span class="n">direction</span> <span class="o">|</span> <span class="nb">TEXT</span> <span class="o">|</span> <span class="k">NOT</span> <span class="k">NULL</span> <span class="o">|</span> <span class="o">|</span> <span class="n">amount</span> <span class="o">|</span> <span class="nb">NUMERIC</span><span class="p">(</span><span class="mi">18</span><span class="p">,</span><span class="mi">2</span><span class="p">)</span> <span class="o">|</span> <span class="k">NOT</span> <span class="k">NULL</span> <span class="k">CHECK</span> <span class="p">(</span><span class="n">amount</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">)</span><span class="o">|</span> <span class="o">|</span> <span class="n">reason</span> <span class="o">|</span> <span class="nb">TEXT</span> <span class="o">|</span> <span class="o">|</span> <span class="o">|</span> <span class="n">created_at</span> <span class="o">|</span> <span class="n">TIMESTAMPTZ</span> <span class="o">|</span> <span class="k">NOT</span> <span class="k">NULL</span> <span class="k">DEFAULT</span> <span class="n">NOW</span><span class="p">()</span> <span class="o">|</span> <span class="o">+</span><span class="c1">------------------------------------------------------------+</span> </code></pre> </div> <h3> SpringBoot: </h3> <p>The Java application provide unified transaction endpoint processes both deposit and withdrawal operations, allowing clients to specify the locking strategy (OPTIMISTIC or PESSIMISTIC) per request.</p> <p><strong>Rest Endpoints</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="nd">@RestController</span> <span class="nd">@RequestMapping</span><span class="o">(</span><span class="s">"/api/accounts"</span><span class="o">)</span> <span class="kd">public</span> <span class="kd">class</span> <span class="nc">AccountController</span> <span class="o">{</span> <span class="kd">private</span> <span class="kd">final</span> <span class="nc">AccountService</span> <span class="n">accountService</span><span class="o">;</span> <span class="kd">public</span> <span class="nf">AccountController</span><span class="o">(</span><span class="nc">AccountService</span> <span class="n">accountService</span><span class="o">)</span> <span class="o">{</span> <span class="k">this</span><span class="o">.</span><span class="na">accountService</span> <span class="o">=</span> <span class="n">accountService</span><span class="o">;}</span> <span class="nd">@PostMapping</span><span class="o">(</span><span class="n">value</span> <span class="o">=</span> <span class="s">"/{id}/transaction"</span><span class="o">,</span> <span class="n">produces</span> <span class="o">=</span> <span class="nc">MediaType</span><span class="o">.</span><span class="na">APPLICATION_JSON_VALUE</span><span class="o">)</span> <span class="kd">public</span> <span class="nc">ResponseEntity</span><span class="o">&lt;</span><span class="nc">TransactionResponse</span><span class="o">&gt;</span> <span class="nf">transaction</span><span class="o">(</span> <span class="nd">@PathVariable</span> <span class="no">UUID</span> <span class="n">id</span><span class="o">,</span> <span class="nd">@Valid</span> <span class="nd">@RequestBody</span> <span class="nc">TransactionRequest</span> <span class="n">request</span><span class="o">)</span> <span class="o">{</span> <span class="nc">TransactionResponse</span> <span class="n">response</span> <span class="o">=</span> <span class="n">accountService</span><span class="o">.</span><span class="na">executeTransaction</span><span class="o">(</span><span class="n">id</span><span class="o">,</span> <span class="n">request</span> <span class="o">);</span> <span class="k">return</span> <span class="nc">ResponseEntity</span><span class="o">.</span><span class="na">ok</span><span class="o">(</span><span class="n">response</span><span class="o">);</span> <span class="o">}</span> <span class="o">}</span> </code></pre> </div> <p><strong>Rest Example</strong> POST /api/accounts/3f93c1c2-1c52-4df5-8c6a-9b0c6d7c5c11/transaction<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"DEPOSIT"</span><span class="p">,</span><span class="w"> </span><span class="nl">"amount"</span><span class="p">:</span><span class="w"> </span><span class="mi">500</span><span class="p">,</span><span class="w"> </span><span class="nl">"lockingMode"</span><span class="p">:</span><span class="w"> </span><span class="s2">"OPTIMISTIC"</span><span class="p">,</span><span class="w"> </span><span class="nl">"reason"</span><span class="p">:</span><span class="w"> </span><span class="s2">"API_DEPOSIT"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="err">or</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"WITHDRAWAL"</span><span class="p">,</span><span class="w"> </span><span class="nl">"amount"</span><span class="p">:</span><span class="w"> </span><span class="mi">300</span><span class="p">,</span><span class="w"> </span><span class="nl">"lockingMode"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PESSIMISTIC"</span><span class="p">,</span><span class="w"> </span><span class="nl">"reason"</span><span class="p">:</span><span class="w"> </span><span class="s2">"API_WITHDRAWAL"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p><strong>Concurrency Control Strategy in JPA</strong> The Java application uses JPA (Java Persistence API) — an ORM framework — to interact with a PostgreSQL database while maintaining data integrity during concurrent transactions. It also explores two different locking strategies, described below, to demonstrate how JPA handles concurrency in real-world scenarios.</p> <p><strong>Optimistic Locking Strategy</strong></p> <p>The <code>@Version</code> field provides optimistic concurrency control — each update automatically increments the version. When two transactions modify the same Account, the second commit detects a version mismatch and throws an OptimisticLockException, preventing lost updates without requiring database locks. A retry strategy with controlled backoff (<code>5</code> attempts) can be applied to gracefully handle these transient conflicts.</p> <p>Entity<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="nd">@Data</span> <span class="nd">@Entity</span> <span class="nd">@Table</span><span class="o">(</span><span class="n">name</span> <span class="o">=</span> <span class="s">"accounts"</span><span class="o">,</span> <span class="n">schema</span> <span class="o">=</span> <span class="s">"app"</span><span class="o">)</span> <span class="kd">public</span> <span class="kd">class</span> <span class="nc">Account</span> <span class="o">{</span> <span class="nd">@Id</span> <span class="nd">@UuidGenerator</span> <span class="kd">private</span> <span class="no">UUID</span> <span class="n">id</span><span class="o">;</span> <span class="nd">@Column</span><span class="o">(</span><span class="n">name</span> <span class="o">=</span> <span class="s">"owner_name"</span><span class="o">,</span> <span class="n">nullable</span> <span class="o">=</span> <span class="kc">false</span><span class="o">)</span> <span class="kd">private</span> <span class="nc">String</span> <span class="n">ownerName</span><span class="o">;</span> <span class="nd">@Column</span><span class="o">(</span><span class="n">length</span> <span class="o">=</span> <span class="mi">3</span><span class="o">,</span> <span class="n">nullable</span> <span class="o">=</span> <span class="kc">false</span><span class="o">)</span> <span class="kd">private</span> <span class="nc">String</span> <span class="n">currency</span><span class="o">;</span> <span class="nd">@Column</span><span class="o">(</span><span class="n">nullable</span> <span class="o">=</span> <span class="kc">false</span><span class="o">,</span> <span class="n">precision</span> <span class="o">=</span> <span class="mi">18</span><span class="o">,</span> <span class="n">scale</span> <span class="o">=</span> <span class="mi">2</span><span class="o">)</span> <span class="kd">private</span> <span class="nc">BigDecimal</span> <span class="n">balance</span> <span class="o">=</span> <span class="nc">BigDecimal</span><span class="o">.</span><span class="na">ZERO</span><span class="o">;</span> <span class="nd">@Version</span> <span class="nd">@Column</span><span class="o">(</span><span class="n">nullable</span> <span class="o">=</span> <span class="kc">false</span><span class="o">)</span> <span class="kd">private</span> <span class="kt">long</span> <span class="n">version</span><span class="o">;</span> <span class="nd">@Column</span><span class="o">(</span><span class="n">name</span> <span class="o">=</span> <span class="s">"updated_at"</span><span class="o">,</span> <span class="n">columnDefinition</span> <span class="o">=</span> <span class="s">"timestamptz"</span><span class="o">,</span> <span class="n">nullable</span> <span class="o">=</span> <span class="kc">false</span><span class="o">)</span> <span class="kd">private</span> <span class="nc">Instant</span> <span class="n">updatedAt</span> <span class="o">=</span> <span class="nc">Instant</span><span class="o">.</span><span class="na">now</span><span class="o">();</span> <span class="o">}</span> </code></pre> </div> <p>Service<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="nd">@Transactional</span><span class="o">(</span><span class="n">isolation</span><span class="o">=</span> <span class="nc">Isolation</span><span class="o">.</span><span class="na">READ_COMMITTED</span><span class="o">,</span> <span class="n">rollbackFor</span> <span class="o">=</span> <span class="nc">Exception</span><span class="o">.</span><span class="na">class</span><span class="o">)</span> <span class="nd">@Override</span> <span class="kd">public</span> <span class="nc">TransactionResponse</span> <span class="nf">execute</span><span class="o">(</span><span class="no">UUID</span> <span class="n">id</span><span class="o">,</span> <span class="nc">TransactionType</span> <span class="n">type</span><span class="o">,</span> <span class="nc">BigDecimal</span> <span class="n">amt</span><span class="o">,</span> <span class="nc">String</span> <span class="n">reason</span><span class="o">)</span> <span class="o">{</span> <span class="kt">var</span> <span class="n">account</span> <span class="o">=</span> <span class="n">accountRepo</span><span class="o">.</span><span class="na">findById</span><span class="o">(</span><span class="n">id</span><span class="o">).</span><span class="na">orElseThrow</span><span class="o">();</span> <span class="k">if</span> <span class="o">(</span><span class="nc">TransactionType</span><span class="o">.</span><span class="na">DEPOSIT</span><span class="o">.</span><span class="na">equals</span><span class="o">(</span><span class="n">type</span><span class="o">))</span> <span class="n">account</span><span class="o">.</span><span class="na">deposit</span><span class="o">(</span><span class="n">amt</span><span class="o">);</span> <span class="k">else</span> <span class="n">account</span><span class="o">.</span><span class="na">withdraw</span><span class="o">(</span><span class="n">amt</span><span class="o">);</span> <span class="kt">var</span> <span class="n">ledgerEntry</span> <span class="o">=</span> <span class="n">ledgerRepo</span><span class="o">.</span><span class="na">save</span><span class="o">(</span><span class="nc">LedgerEntry</span><span class="o">.</span><span class="na">of</span><span class="o">(</span><span class="n">account</span><span class="o">,</span> <span class="n">type</span><span class="o">,</span> <span class="n">amt</span><span class="o">,</span> <span class="n">reason</span><span class="o">));</span> <span class="k">return</span> <span class="nc">TransactionResponse</span><span class="o">.</span><span class="na">success</span><span class="o">(</span><span class="n">account</span><span class="o">,</span> <span class="n">ledgerEntry</span><span class="o">);</span> <span class="o">}</span> </code></pre> </div> <p><strong>Pessimistic Locking Strategy</strong></p> <p>The <code>@Lock(LockModeType.PESSIMISTIC_WRITE)</code> annotation enforces pessimistic locking by issuing a <code>database-level SELECT ... FOR UPDATE query</code>. This explicitly locks the selected Account row until the current transaction completes.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="kd">public</span> <span class="kd">interface</span> <span class="nc">AccountRepository</span> <span class="kd">extends</span> <span class="nc">JpaRepository</span><span class="o">&lt;</span><span class="nc">Account</span><span class="o">,</span> <span class="no">UUID</span><span class="o">&gt;</span> <span class="o">{</span> <span class="c1">// Pessimistic row lock (SELECT ... FOR UPDATE)</span> <span class="nd">@Lock</span><span class="o">(</span><span class="nc">LockModeType</span><span class="o">.</span><span class="na">PESSIMISTIC_WRITE</span><span class="o">)</span> <span class="nd">@Query</span><span class="o">(</span><span class="s">"select a from Account a where a.id = :id"</span><span class="o">)</span> <span class="nc">Optional</span><span class="o">&lt;</span><span class="nc">Account</span><span class="o">&gt;</span> <span class="nf">findForUpdate</span><span class="o">(</span><span class="nd">@Param</span><span class="o">(</span><span class="s">"id"</span><span class="o">)</span> <span class="no">UUID</span> <span class="n">id</span><span class="o">);</span> <span class="o">}</span> </code></pre> </div> <h2> Step 6: Access the App </h2> <p>Get the Ingress IP:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>kubectl get ingress <span class="nt">-n</span> demo </code></pre> </div> <p>Example output:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>NAME CLASS HOSTS ADDRESS PORTS AGE webapp-ingress nginx app.demo.local 192.168.56.240 80 21h </code></pre> </div> <p>Then test endpoints from your host:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>curl <span class="nt">-H</span> <span class="s2">"Host: app.demo.local"</span> http://192.168.56.240/actuator/health </code></pre> </div> <h2> Step 7: Testing with k6 </h2> <p>In this step, the environment is fully prepared to simulate concurrent bank account transactions and observe how the locking mechanisms behave under load.</p> <p>You can use the built-in k6 test script to run the simulation. For each test run, you’ll choose an account and a specific locking strategy (for example, optimistic or pessimistic locking). The script then launches <code>50</code> virtual users (VUs) running concurrently, using the shared-iterations executor — a total of <code>100</code> iterations distributed across all VUs. This setup effectively mimics concurrent access to the same account, allowing you to verify how data integrity is preserved during simultaneous transactions.</p> <p>To get started, install k6 on your host system:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Debian/Ubuntu</span> <span class="nb">sudo </span>gpg <span class="nt">-k</span> <span class="nb">sudo </span>gpg <span class="nt">--no-default-keyring</span> <span class="nt">--keyring</span> /usr/share/keyrings/k6-archive-keyring.gpg <span class="nt">--keyserver</span> hkp://keyserver.ubuntu.com:80 <span class="nt">--recv-keys</span> C5AD17C747E3415A3642D57D77C6C491D6AC1D69 <span class="nb">echo</span> <span class="s2">"deb [signed-by=/usr/share/keyrings/k6-archive-keyring.gpg] https://dl.k6.io/deb stable main"</span> | <span class="nb">sudo tee</span> /etc/apt/sources.list.d/k6.list <span class="nb">sudo </span>apt-get update <span class="nb">sudo </span>apt-get <span class="nb">install </span>k6 <span class="c"># Windows</span> choco <span class="nb">install </span>k6 </code></pre> </div> <p>Run the load test:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># host</span> k6 run <span class="nt">-e</span> <span class="nv">BASE_URL</span><span class="o">=</span><span class="sb">`</span>http://192.168.56.240<span class="sb">`</span> <span class="nt">-e</span> <span class="nv">ACCOUNT_ID</span><span class="o">=</span><span class="sb">`</span>3f93c1c2-1c52-4df5-8c6a-9b0c6d7c5c11<span class="sb">`</span> <span class="nt">-e</span> <span class="nv">MODE</span><span class="o">=</span><span class="sb">`</span>OPTIMISTIC<span class="sb">`</span> <span class="nb">test</span>/k6-load-test.js </code></pre> </div> <p>You will get the output like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="o">/</span><span class="err">\</span> <span class="nx">Grafana</span> <span class="o">/</span><span class="err">‾‾</span><span class="o">/</span> <span class="sr">/</span><span class="se">\ </span><span class="sr"> /</span> <span class="err">\</span> <span class="o">|</span><span class="err">\</span> <span class="nx">__</span> <span class="o">/</span> <span class="sr">/ </span><span class="err"> </span> <span class="o">/</span> <span class="err">\</span><span class="o">/</span> <span class="err">\</span> <span class="o">|</span> <span class="o">|</span><span class="sr">/ /</span> <span class="o">/</span> <span class="err">‾‾\</span> <span class="o">/</span> <span class="err">\</span> <span class="o">|</span> <span class="p">(</span> <span class="o">|</span> <span class="p">(</span><span class="err">‾</span><span class="p">)</span> <span class="o">|</span> <span class="sr">/ __________ </span><span class="se">\ </span><span class="sr"> |_|</span><span class="se">\_\ </span><span class="sr"> </span><span class="se">\_</span><span class="sr">____/</span> <span class="nx">execution</span><span class="p">:</span> <span class="nx">local</span> <span class="nx">script</span><span class="p">:</span> <span class="nx">k6</span><span class="o">-</span><span class="nx">load</span><span class="o">-</span><span class="nx">test</span><span class="p">.</span><span class="nx">js</span> <span class="nx">output</span><span class="p">:</span> <span class="o">-</span> <span class="nx">scenarios</span><span class="p">:</span> <span class="p">(</span><span class="mf">100.00</span><span class="o">%</span><span class="p">)</span> <span class="mi">1</span> <span class="nx">scenario</span><span class="p">,</span> <span class="mi">50</span> <span class="nx">max</span> <span class="nx">VUs</span><span class="p">,</span> <span class="mi">2</span><span class="nx">m30s</span> <span class="nx">max</span> <span class="nf">duration </span><span class="p">(</span><span class="nx">incl</span><span class="p">.</span> <span class="nx">graceful</span> <span class="nx">stop</span><span class="p">):</span> <span class="o">*</span> <span class="nx">concurrent_load</span><span class="p">:</span> <span class="mi">100</span> <span class="nx">iterations</span> <span class="nx">shared</span> <span class="nx">among</span> <span class="mi">50</span> <span class="nc">VUs </span><span class="p">(</span><span class="nx">maxDuration</span><span class="p">:</span> <span class="mi">2</span><span class="nx">m0s</span><span class="p">,</span> <span class="nx">gracefulStop</span><span class="p">:</span> <span class="mi">30</span><span class="nx">s</span><span class="p">)</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="err">━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="err">▶</span> <span class="nx">K6</span> <span class="nx">Load</span> <span class="nx">Test</span> <span class="k">for</span> <span class="nx">AccountController</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="err">━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="err">▶</span> <span class="nx">Target</span> <span class="nx">base</span> <span class="nx">URL</span> <span class="p">:</span> <span class="nx">http</span><span class="p">:</span><span class="c1">//192.168.56.240:8080 source=console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="err">▶</span> <span class="nx">Account</span> <span class="nx">ID</span> <span class="p">:</span> <span class="mi">3</span><span class="nx">f93c1c2</span><span class="o">-</span><span class="mi">1</span><span class="nx">c52</span><span class="o">-</span><span class="mi">4</span><span class="nx">df5</span><span class="o">-</span><span class="mi">8</span><span class="nx">c6a</span><span class="o">-</span><span class="mi">9</span><span class="nx">b0c6d7c5c11</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="err">▶</span> <span class="nx">Locking</span> <span class="nx">Mode</span> <span class="p">:</span> <span class="nx">OPTIMISTIC</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="err">━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="err">📊</span> <span class="nx">Initial</span> <span class="nx">Account</span> <span class="nx">State</span><span class="p">:</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="nx">Balance</span><span class="p">:</span> <span class="mi">10</span> <span class="nx">USD</span> <span class="o">|</span> <span class="nx">Version</span><span class="p">:</span> <span class="mi">494</span> <span class="o">|</span> <span class="nx">Owner</span><span class="p">:</span> <span class="nx">Alice</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="err">━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">ERRO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="p">[</span><span class="nx">ERROR</span> <span class="mi">422</span><span class="p">]</span> <span class="nx">WITHDRAWAL</span> <span class="mi">60</span> <span class="nx">failed</span><span class="p">:</span> <span class="nx">Business</span> <span class="nx">rule</span> <span class="nx">violation</span> <span class="o">-</span> <span class="nx">insufficient</span> <span class="nx">funds</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="p">[</span><span class="mi">2025</span><span class="o">-</span><span class="mi">11</span><span class="o">-</span><span class="mi">02</span><span class="nx">T13</span><span class="p">:</span><span class="mi">20</span><span class="p">:</span><span class="mf">44.705</span><span class="nx">Z</span><span class="p">]</span> <span class="nx">TX</span><span class="p">:</span><span class="nx">a52d4700</span><span class="o">-</span><span class="nx">e63a</span><span class="o">-</span><span class="mi">463</span><span class="nx">c</span><span class="o">-</span><span class="mi">808</span><span class="nx">e</span><span class="o">-</span><span class="mi">66</span><span class="nx">bf4132ba26</span> <span class="o">|</span> <span class="nx">DEPOSIT</span> <span class="mi">24</span> <span class="nx">USD</span> <span class="o">|</span> <span class="nx">Balance</span><span class="p">:</span> <span class="mi">34</span> <span class="nc">USD </span><span class="p">(</span><span class="nx">v494</span><span class="p">)</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="p">[</span><span class="mi">2025</span><span class="o">-</span><span class="mi">11</span><span class="o">-</span><span class="mi">02</span><span class="nx">T13</span><span class="p">:</span><span class="mi">20</span><span class="p">:</span><span class="mf">44.709</span><span class="nx">Z</span><span class="p">]</span> <span class="nx">TX</span><span class="p">:</span><span class="mi">8</span><span class="nx">d001c33</span><span class="o">-</span><span class="nx">c64a</span><span class="o">-</span><span class="mi">44</span><span class="nx">eb</span><span class="o">-</span><span class="nx">b39f</span><span class="o">-</span><span class="mi">93</span><span class="nx">ed854c6e02</span> <span class="o">|</span> <span class="nx">DEPOSIT</span> <span class="mi">46</span> <span class="nx">USD</span> <span class="o">|</span> <span class="nx">Balance</span><span class="p">:</span> <span class="mi">159</span> <span class="nc">USD </span><span class="p">(</span><span class="nx">v496</span><span class="p">)</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="p">[</span><span class="mi">2025</span><span class="o">-</span><span class="mi">11</span><span class="o">-</span><span class="mi">02</span><span class="nx">T13</span><span class="p">:</span><span class="mi">20</span><span class="p">:</span><span class="mf">44.709</span><span class="nx">Z</span><span class="p">]</span> <span class="nx">TX</span><span class="p">:</span><span class="nx">ba848747</span><span class="o">-</span><span class="nx">f5ea</span><span class="o">-</span><span class="mi">4</span><span class="nx">ebf</span><span class="o">-</span><span class="nx">b1b2</span><span class="o">-</span><span class="mi">3</span><span class="nx">c501c44cd2b</span> <span class="o">|</span> <span class="nx">DEPOSIT</span> <span class="mi">79</span> <span class="nx">USD</span> <span class="o">|</span> <span class="nx">Balance</span><span class="p">:</span> <span class="mi">113</span> <span class="nc">USD </span><span class="p">(</span><span class="nx">v495</span><span class="p">)</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0000</span><span class="p">]</span> <span class="p">[</span><span class="mi">2025</span><span class="o">-</span><span class="mi">11</span><span class="o">-</span><span class="mi">02</span><span class="nx">T13</span><span class="p">:</span><span class="mi">20</span><span class="p">:</span><span class="mf">44.723</span><span class="nx">Z</span><span class="p">]</span> <span class="nx">TX</span><span class="p">:</span><span class="mi">87</span><span class="nx">d8874d</span><span class="o">-</span><span class="nx">af6c</span><span class="o">-</span><span class="mi">47</span><span class="nx">a5</span><span class="o">-</span><span class="mi">9901</span><span class="o">-</span><span class="mi">823</span><span class="nx">f616e8add</span> <span class="o">|</span> <span class="nx">DEPOSIT</span> <span class="mi">10</span> <span class="nx">USD</span> <span class="o">|</span> <span class="nx">Balance</span><span class="p">:</span> <span class="mi">169</span> <span class="nc">USD </span><span class="p">(</span><span class="nx">v497</span><span class="p">)</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="p">...</span> <span class="nx">skip</span> <span class="p">...</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0004</span><span class="p">]</span> <span class="err">━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0004</span><span class="p">]</span> <span class="err">📊</span> <span class="nx">Final</span> <span class="nx">Account</span> <span class="nx">State</span><span class="p">:</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0004</span><span class="p">]</span> <span class="nx">Balance</span><span class="p">:</span> <span class="mi">501</span> <span class="nx">USD</span> <span class="o">|</span> <span class="nx">Version</span><span class="p">:</span> <span class="mi">582</span> <span class="o">|</span> <span class="nx">Owner</span><span class="p">:</span> <span class="nx">Alice</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0004</span><span class="p">]</span> <span class="err">📈</span> <span class="nx">Changes</span><span class="p">:</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0004</span><span class="p">]</span> <span class="nx">Balance</span> <span class="nx">Change</span><span class="p">:</span> <span class="o">+</span><span class="mi">491</span> <span class="nx">USD</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0004</span><span class="p">]</span> <span class="nx">Version</span> <span class="nx">Change</span><span class="p">:</span> <span class="o">+</span><span class="mi">88</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0004</span><span class="p">]</span> <span class="err">━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="nx">INFO</span><span class="p">[</span><span class="mi">0004</span><span class="p">]</span> <span class="err">✅</span> <span class="nx">Test</span> <span class="nx">completed</span> <span class="nx">successfully</span><span class="o">!</span> <span class="nx">source</span><span class="o">=</span><span class="nx">console</span> <span class="err">█</span> <span class="nx">THRESHOLDS</span> <span class="nx">http_req_duration</span> <span class="err">✓</span> <span class="dl">'</span><span class="s1">p(95)&lt;2000</span><span class="dl">'</span> <span class="nf">p</span><span class="p">(</span><span class="mi">95</span><span class="p">)</span><span class="o">=</span><span class="mf">1.02</span><span class="nx">s</span> <span class="nx">http_req_failed</span> <span class="err">✗</span> <span class="dl">'</span><span class="s1">rate&lt;0.1</span><span class="dl">'</span> <span class="nx">rate</span><span class="o">=</span><span class="mf">11.76</span><span class="o">%</span> <span class="nx">version_conflicts</span> <span class="err">✓</span> <span class="dl">'</span><span class="s1">rate&lt;0.3</span><span class="dl">'</span> <span class="nx">rate</span><span class="o">=</span><span class="mf">0.00</span><span class="o">%</span> <span class="err">█</span> <span class="nx">TOTAL</span> <span class="nx">RESULTS</span> <span class="nx">checks_total</span><span class="p">.......:</span> <span class="mi">300</span> <span class="mf">74.544329</span><span class="o">/</span><span class="nx">s</span> <span class="nx">checks_succeeded</span><span class="p">...:</span> <span class="mf">88.00</span><span class="o">%</span> <span class="mi">264</span> <span class="nx">out</span> <span class="k">of</span> <span class="mi">300</span> <span class="nx">checks_failed</span><span class="p">......:</span> <span class="mf">12.00</span><span class="o">%</span> <span class="mi">36</span> <span class="nx">out</span> <span class="k">of</span> <span class="mi">300</span> <span class="err">✗</span> <span class="nx">status</span> <span class="nx">is</span> <span class="mi">200</span> <span class="err">↳</span> <span class="mi">88</span><span class="o">%</span> <span class="err">—</span> <span class="err">✓</span> <span class="mi">88</span> <span class="o">/</span> <span class="err">✗</span> <span class="mi">12</span> <span class="err">✗</span> <span class="nx">response</span> <span class="nx">has</span> <span class="nx">account</span> <span class="nx">data</span> <span class="err">↳</span> <span class="mi">88</span><span class="o">%</span> <span class="err">—</span> <span class="err">✓</span> <span class="mi">88</span> <span class="o">/</span> <span class="err">✗</span> <span class="mi">12</span> <span class="err">✗</span> <span class="nx">response</span> <span class="nx">has</span> <span class="nx">transaction</span> <span class="nx">data</span> <span class="err">↳</span> <span class="mi">88</span><span class="o">%</span> <span class="err">—</span> <span class="err">✓</span> <span class="mi">88</span> <span class="o">/</span> <span class="err">✗</span> <span class="mi">12</span> <span class="nx">CUSTOM</span> <span class="nx">account_balance</span><span class="p">................:</span> <span class="nx">avg</span><span class="o">=</span><span class="mf">499.056818</span> <span class="nx">min</span><span class="o">=</span><span class="mi">30</span> <span class="nx">med</span><span class="o">=</span><span class="mi">506</span> <span class="nx">max</span><span class="o">=</span><span class="mi">983</span> <span class="nf">p</span><span class="p">(</span><span class="mi">90</span><span class="p">)</span><span class="o">=</span><span class="mf">767.9</span> <span class="nf">p</span><span class="p">(</span><span class="mi">95</span><span class="p">)</span><span class="o">=</span><span class="mf">815.95</span> <span class="nx">deposits_total</span><span class="p">.................:</span> <span class="mi">48</span> <span class="mf">11.927093</span><span class="o">/</span><span class="nx">s</span> <span class="nx">other_errors</span><span class="p">...................:</span> <span class="mi">12</span> <span class="mf">2.981773</span><span class="o">/</span><span class="nx">s</span> <span class="nx">version_conflicts</span><span class="p">..............:</span> <span class="mf">0.00</span><span class="o">%</span> <span class="mi">0</span> <span class="nx">out</span> <span class="k">of</span> <span class="mi">0</span> <span class="nx">withdraws_total</span><span class="p">................:</span> <span class="mi">52</span> <span class="mf">12.921017</span><span class="o">/</span><span class="nx">s</span> <span class="nx">HTTP</span> <span class="nx">http_req_duration</span><span class="p">..............:</span> <span class="nx">avg</span><span class="o">=</span><span class="mf">308.79</span><span class="nx">ms</span> <span class="nx">min</span><span class="o">=</span><span class="mf">10.07</span><span class="nx">ms</span> <span class="nx">med</span><span class="o">=</span><span class="mf">91.88</span><span class="nx">ms</span> <span class="nx">max</span><span class="o">=</span><span class="mf">2.11</span><span class="nx">s</span> <span class="nf">p</span><span class="p">(</span><span class="mi">90</span><span class="p">)</span><span class="o">=</span><span class="mf">900.17</span><span class="nx">ms</span> <span class="nf">p</span><span class="p">(</span><span class="mi">95</span><span class="p">)</span><span class="o">=</span><span class="mf">1.02</span><span class="nx">s</span> <span class="p">{</span> <span class="nl">expected_response</span><span class="p">:</span><span class="kc">true</span> <span class="p">}...:</span> <span class="nx">avg</span><span class="o">=</span><span class="mf">332.89</span><span class="nx">ms</span> <span class="nx">min</span><span class="o">=</span><span class="mf">10.07</span><span class="nx">ms</span> <span class="nx">med</span><span class="o">=</span><span class="mf">99.69</span><span class="nx">ms</span> <span class="nx">max</span><span class="o">=</span><span class="mf">2.11</span><span class="nx">s</span> <span class="nf">p</span><span class="p">(</span><span class="mi">90</span><span class="p">)</span><span class="o">=</span><span class="mf">932.24</span><span class="nx">ms</span> <span class="nf">p</span><span class="p">(</span><span class="mi">95</span><span class="p">)</span><span class="o">=</span><span class="mf">1.24</span><span class="nx">s</span> <span class="nx">http_req_failed</span><span class="p">................:</span> <span class="mf">11.76</span><span class="o">%</span> <span class="mi">12</span> <span class="nx">out</span> <span class="k">of</span> <span class="mi">102</span> <span class="nx">http_reqs</span><span class="p">......................:</span> <span class="mi">102</span> <span class="mf">25.345072</span><span class="o">/</span><span class="nx">s</span> <span class="nx">EXECUTION</span> <span class="nx">iteration_duration</span><span class="p">.............:</span> <span class="nx">avg</span><span class="o">=</span><span class="mf">1.5</span><span class="nx">s</span> <span class="nx">min</span><span class="o">=</span><span class="mf">578.54</span><span class="nx">ms</span> <span class="nx">med</span><span class="o">=</span><span class="mf">1.48</span><span class="nx">s</span> <span class="nx">max</span><span class="o">=</span><span class="mf">3.79</span><span class="nx">s</span> <span class="nf">p</span><span class="p">(</span><span class="mi">90</span><span class="p">)</span><span class="o">=</span><span class="mf">2.12</span><span class="nx">s</span> <span class="nf">p</span><span class="p">(</span><span class="mi">95</span><span class="p">)</span><span class="o">=</span><span class="mf">2.51</span><span class="nx">s</span> <span class="nx">iterations</span><span class="p">.....................:</span> <span class="mi">100</span> <span class="mf">24.84811</span><span class="o">/</span><span class="nx">s</span> <span class="nx">vus</span><span class="p">............................:</span> <span class="mi">1</span> <span class="nx">min</span><span class="o">=</span><span class="mi">1</span> <span class="nx">max</span><span class="o">=</span><span class="mi">50</span> <span class="nx">vus_max</span><span class="p">........................:</span> <span class="mi">50</span> <span class="nx">min</span><span class="o">=</span><span class="mi">50</span> <span class="nx">max</span><span class="o">=</span><span class="mi">50</span> <span class="nx">NETWORK</span> <span class="nx">data_received</span><span class="p">..................:</span> <span class="mi">94</span> <span class="nx">kB</span> <span class="mi">23</span> <span class="nx">kB</span><span class="o">/</span><span class="nx">s</span> <span class="nx">data_sent</span><span class="p">......................:</span> <span class="mi">28</span> <span class="nx">kB</span> <span class="mf">6.9</span> <span class="nx">kB</span><span class="o">/</span><span class="nx">s</span> <span class="nf">running </span><span class="p">(</span><span class="mi">0</span><span class="nx">m04</span><span class="p">.</span><span class="mi">0</span><span class="nx">s</span><span class="p">),</span> <span class="mi">00</span><span class="o">/</span><span class="mi">50</span> <span class="nx">VUs</span><span class="p">,</span> <span class="mi">100</span> <span class="nx">complete</span> <span class="nx">and</span> <span class="mi">0</span> <span class="nx">interrupted</span> <span class="nx">iterations</span> <span class="nx">concurrent_load</span> <span class="err">✓</span> <span class="p">[</span><span class="o">======================================</span><span class="p">]</span> <span class="mi">50</span> <span class="nx">VUs</span> <span class="mi">0</span><span class="nx">m04</span><span class="p">.</span><span class="mi">0</span><span class="nx">s</span><span class="o">/</span><span class="mi">2</span><span class="nx">m0s</span> <span class="mi">100</span><span class="o">/</span><span class="mi">100</span> <span class="nx">shared</span> <span class="nx">iters</span> </code></pre> </div> <h2> Step 8: Monitoring Kubernetes </h2> <h3> Using k9s </h3> <p>k9s is a terminal-based UI for Kubernetes. Instead of typing dozens of kubectl commands, you get a fast, interactive dashboard right inside your terminal — perfect for developers, DevOps engineers, and operators who live in the CLI.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>k9s </code></pre> </div> <p><strong>Useful views:</strong></p> <ul> <li><p><code>:node</code> - View all nodes</p></li> <li><p><code>:pod</code> - View all pods</p></li> <li><p><code>:deployment</code> - View deployments</p></li> <li><p><code>:service</code> - View services</p></li> <li><p><code>:ingress</code> - View ingress rules</p></li> <li><p><code>:pv</code> - View persistent volumes</p></li> <li><p><code>:pvc</code> - View persistent volume claims</p></li> <li><p><code>:event</code> - View cluster events</p></li> </ul> <h2> Step 9: Cleanup </h2> <p>Stop all VMs but keep state:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>vagrant halt </code></pre> </div> <p>Destroy everything (full reset):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>vagrant destroy <span class="nt">-f</span> </code></pre> </div> <h2> Key Takeaways </h2> <ul> <li><p><strong>Infrastructure as Code made simple</strong> — Spin up a complete multi-node Kubernetes cluster with one vagrant up. No cloud required.</p></li> <li><p><strong>Realistic local lab</strong> — Simulate a production-like environment with control plane, workers, networking, storage, and ingress — all from your laptop.</p></li> <li><p><strong>Application + Infrastructure synergy</strong> — Deploy a real Spring Boot + PostgreSQL system to understand how app logic and cluster behavior interact under load.</p></li> <li><p><strong>Data consistency in action</strong> — Experiment hands-on with JPA’s optimistic and pessimistic locking strategies to see how concurrency control works in practice.</p></li> <li><p><strong>Performance validation</strong> — Use k6 to generate concurrent transactions and validate system reliability through real metrics and stress tests.</p></li> <li><p><strong>Full observability from the CLI</strong> — With k9s, monitor nodes, pods, and resources interactively — no GUI required.</p></li> <li><p><strong>Reproducibility and cleanup</strong> — Destroy and rebuild your environment anytime with vagrant destroy -f, ensuring consistent test conditions for every run.</p></li> </ul> <h2> Conclusion </h2> <p>We’ve built more than just a demo — we’ve created a fully automated multi-node Kubernetes lab that runs a real Spring Boot + PostgreSQL banking system with live networking, storage, and load testing. From Vagrant provisioning to JPA locking strategies and k6 concurrency simulations, every layer demonstrates how consistency and automation come together in modern systems.</p> <p>This setup isn’t about production readiness — it’s about understanding. You now have a reproducible playground to experiment with distributed transactions, concurrency control, and cluster operations — all on your own machine. It’s a hands-on way to learn how reliability and scalability emerge when software, data, and infrastructure align.</p> <h2> Resources </h2> <ul> <li><p><a href="https://developer.hashicorp.com/vagrant/docs" rel="noopener noreferrer">Vagrant Docs</a></p></li> <li><p><a href="https://kubernetes.io/docs/home/" rel="noopener noreferrer">Kubernetes Docs</a></p></li> <li><p><a href="https://k9scli.io/" rel="noopener noreferrer">k9s</a></p></li> <li><p><a href="https://k6.io/docs/" rel="noopener noreferrer">k6 Load Testing</a></p></li> <li><p><a href="https://github.com/arata-x/vagrant-k8s-bank-demo.git" rel="noopener noreferrer"><em>Demo Project</em></a></p></li> </ul> <blockquote> <p>🧡 <em>“Build it. Break it. Rebuild it — that’s how real engineering insight is forged.”</em><br><br> — ArataX</p> </blockquote> kubernetes vagrant springboot postgres Mastering Kafka: Concept, Architecture, and Deployment Arata Tue, 23 Sep 2025 13:03:09 +0000 https://forem.com/aratax/mastering-kafka-concept-architecture-design-and-deployment-4pm9 https://forem.com/aratax/mastering-kafka-concept-architecture-design-and-deployment-4pm9 <h2> Preface </h2> <p>Before diving into this deep-dive, I encourage you first to read the article <strong>“<a href="https://dev.to/aratax/kafka-made-simple-a-hands-on-quickstart-with-docker-and-spring-boot-180i">Kafka Made Simple: A Hands-On Quickstart with Docker and Spring Boot</a>”</strong><br><br> That piece serves as a practical gateway into the Kafka ecosystem, helping you set up a local cluster, publish your first events, and see how Kafka fits into a real Spring Boot project. </p> <p>This article builds on that foundation. Instead of focusing only on the <em>how</em>, here we unpack the <em>why</em> and the <em>what</em>: </p> <ul> <li>The <strong>concepts</strong> that make Kafka more than just a messaging system. </li> <li>The <strong>architecture</strong> that ensures durability, scalability, and fault tolerance. </li> <li>The <strong>design principles</strong> behind Kafka’s performance. </li> <li>A systematic <strong>deep dive</strong> into partitions, logs, replication, producers, consumers, transactions, and rebalancing. </li> <li>Practical <strong>deployment insights</strong> and configuration guidance. </li> </ul> <p>👉 Think of this as the <strong>conceptual companion</strong> to your hands-on quickstart—helping you see the big picture, design production-ready systems, and apply Kafka confidently in real-world projects.</p> <h2> Outline </h2> <ul> <li>1. Core Design Principles</li> <li>2. Partitions</li> <li>3. Log</li> <li>4. Key and Log Compaction</li> <li>5. Replication</li> <li>6. Controller</li> <li>7. Producer</li> <li>8. Consumer</li> <li>9. Offset Tracking</li> <li>10. Rebalance</li> <li>11. Exactly-Once and Transactions</li> <li>12. Deployment</li> <li>13. Key Takeaways</li> <li>14. Conclusion</li> <li>Appendix: Demo Project</li> </ul> <h2> 1. Core Design Principles </h2> <h3> Distributed and Scalable Architecture </h3> <ul> <li>Kafka runs as a cluster of brokers, enabling horizontal scalability.</li> <li>Topics are partitioned across brokers to support parallelism and high throughput.</li> </ul> <h3> Immutable, Append-Only Log </h3> <ul> <li>Each partition is a structured commit log with sequential message appends.</li> <li>Simplifies replication, recovery, and stream processing.</li> </ul> <h3> Decoupled Producers and Consumers </h3> <ul> <li>Kafka uses a publish-subscribe model with loose coupling.</li> <li>Consumers read independently without affecting producers.</li> </ul> <h3> Message Durability and Fault Tolerance </h3> <ul> <li>Messages are persisted to disk and replicated across brokers.</li> <li>Leader-follower replication ensures durability during broker failures.</li> </ul> <h3> High Throughput and Low Latency </h3> <ul> <li>Kafka handles millions of messages per second with minimal latency.</li> <li>Batching, compression, and efficient I/O optimize performance.</li> </ul> <h3> Stream-Oriented Processing </h3> <ul> <li>Kafka Streams and integrations (e.g., Flink, Spark) support real-time processing.</li> <li>Enables event-driven architectures and stateful computations.</li> </ul> <h3> Consumer-Controlled Offset Management </h3> <ul> <li>Consumers manage their own offsets for replayability and fault recovery.</li> <li>Supports exactly-once or at-least-once semantics based on configuration.</li> </ul> <h3> Pluggable and Extensible APIs </h3> <ul> <li>Kafka provides Producer, Consumer, Streams, and Connect APIs.</li> <li>Kafka Connect simplifies integration with external systems like databases and Hadoop.</li> </ul> <h2> 2. Partitions </h2> <p>Partitions are fundamental to Kafka’s ability to scale horizontally and maintain high availability across distributed systems. <br> Each topic is split into one or more partitions, which serve as independent, ordered logs.</p> <h3> What is a Partition? </h3> <ul> <li>An <strong>ordered, immutable log</strong> of records. </li> <li>Each record has a unique <strong>offset</strong> (like a line number). </li> <li>Ordering is <strong>guaranteed within a partition</strong>, but not across partitions. </li> <li>Producers append sequentially, consumers read sequentially. </li> </ul> <p>✅ Think of a partition as a “mini-log” that can be processed independently.</p> <h3> Partitioning Strategy </h3> <ul> <li> <strong>Round-robin</strong> → default if no key is provided; balances evenly. </li> <li> <strong>Key-based hashing</strong> → same key always maps to the same partition; ensures per-key ordering. </li> <li> <strong>Custom partitioner</strong> → user-supplied logic for specialized routing.</li> </ul> <p>✅ Use a meaningful key (e.g., customer ID) for predictable ordering.</p> <h3> Ordering Guarantees </h3> <ul> <li>Records with the same key always land in the same partition. </li> <li> <strong>Per-key ordering is guaranteed.</strong> </li> <li>Global ordering across partitions is <strong>not provided</strong>. </li> </ul> <p>⚠️ If you need total ordering, use a <strong>single partition</strong> (but this limits throughput).</p> <h3> Parallelism &amp; Consumer Scaling </h3> <ul> <li>One consumer in a group reads from one or more partitions. </li> <li>More partitions → more consumers can share the workload. </li> <li>This enables Kafka to scale horizontally with <strong>consumer groups</strong>.</li> </ul> <p>✅ Match partition count to expected parallelism (e.g., number of consumer instances).</p> <h3> Trade-offs </h3> <p>Adding partitions boosts throughput and enables horizontal scaling, but also increases metadata, file handles, and controller load—balance performance with operational overhead.</p> <p>⚠️ Too many partitions per broker can hurt stability (common pitfall in large clusters).</p> <h3> Partition Reassignment &amp; Expansion </h3> <ul> <li>Kafka supports <strong>rebalancing partitions</strong> across brokers for load balancing. </li> <li>Adding partitions later increases capacity but may <strong>break key ordering</strong> (keys may re-hash to new partitions). </li> </ul> <p>✅ Plan partition counts in advance. Increase only when unavoidable.</p> <h3> Summary </h3> <ul> <li>Partitions = <strong>scaling + ordering + parallelism</strong>. </li> <li>They allow Kafka to distribute work across consumers and brokers. </li> <li>The number of partitions directly impacts <strong>performance, cost, and design trade-offs</strong>. </li> </ul> <blockquote> <p>💡 Pick partition counts carefully: balance <strong>parallelism vs overhead</strong>.</p> </blockquote> <h2> 3. Log </h2> <p>At the core of Kafka is the <strong>log</strong> — an append-only data structure where each topic-partition maintains a sequential list of records. The log underpins durability, ordering, and replayability in Kafka. </p> <h3> Log Fundamentals </h3> <ul> <li> <strong>Append-only</strong>: Producers write new records only at the end. </li> <li> <strong>Sequential reads</strong>: Consumers read messages by offset in order. </li> <li> <strong>Immutability</strong>: Records are never modified once written. </li> <li> <strong>Ordering</strong>: Within a partition, offsets guarantee strict ordering. </li> <li> <strong>Durability</strong>: Backed by disk with efficient sequential writes and OS page cache. </li> </ul> <p>✅ Simplifies recovery and replay by ensuring deterministic ordering.<br> ⚠️ Updates or deletes are handled via <strong>compaction</strong> or <strong>tombstones</strong>, not in-place mutation. </p> <h3> Partition as a Folder </h3> <ul> <li>Each partition maps to a <strong>directory</strong> on disk (e.g., <code>/var/lib/kafka/volumes/kafka_data/_data/order-0</code>). </li> </ul> <p>✅ Keeps partition data isolated for replication and recovery. </p> <p><strong>Inside a Partition Directory</strong> </p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>File Name</th> <th>Purpose</th> </tr> </thead> <tbody> <tr> <td><code>*.log</code></td> <td>Stores Kafka records (key-value pairs).</td> </tr> <tr> <td><code>*.index</code></td> <td>Maps offsets to byte positions in the <code>.log</code> file.</td> </tr> <tr> <td><code>*.timeindex</code></td> <td>Maps timestamps to offsets for time-based lookups.</td> </tr> <tr> <td><code>leader-epoch-checkpoint</code></td> <td>Tracks leader epochs for replication consistency.</td> </tr> <tr> <td><code>partition.metadata</code></td> <td>Stores partition-level configuration or state.</td> </tr> </tbody> </table></div> <h3> Log Lifecycle </h3> <ul> <li>As data grows, Kafka rolls logs into <strong>segments</strong>. </li> <li>Each segment has a <code>.log</code>, <code>.index</code>, and <code>.timeindex</code> file. </li> <li>New messages go into the <strong>active segment</strong> (latest <code>.log</code>). </li> <li>Old segments can be safely deleted or compacted based on retention rules. </li> </ul> <p><strong>Example</strong> (partition <code>order-0</code>):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>00000000000000000000.log → Log segment storing the actual messages 00000000000000000000.index → Offset index for fast lookup of records 00000000000000000000.timeindex → Timestamp index for time-based queries leader-epoch-checkpoint → Tracks changes in partition leadership partition.metadata → Metadata about the partition configuration </code></pre> </div> <p>As more data arrives and the first segment grows beyond the configured segment size, Kafka rolls over to create new segments:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>00000000000000000001.log 00000000000000000001.index 00000000000000000001.timeindex </code></pre> </div> <h3> Retention and Compaction </h3> <ul> <li>Kafka does not keep logs forever → policies determine retention. </li> </ul> <p><strong>Retention Policies</strong>: </p> <ul> <li> <strong>Time-based</strong>: Delete records older than <code>retention.ms</code>. </li> <li> <strong>Size-based</strong>: Delete when total log size exceeds <code>retention.bytes</code>. </li> <li> <strong>Compaction</strong>: Retain only the latest value per key. </li> </ul> <p>✅ Retention prevents unbounded disk usage.<br> ⚠️ Aggressive retention can delete records needed for replay or lagging consumers. </p> <h3> Performance Considerations </h3> <ul> <li> <strong>Segment size</strong> and retention settings impact disk churn and log cleanup frequency. </li> <li> <strong>Disk throughput</strong> and filesystem tuning (XFS recommended) directly affect performance. </li> <li> <strong>Consumer lag</strong> → large replay windows may require higher retention to allow catch-up. </li> </ul> <p>✅ SSDs improve latency, but sequential disk writes mean <strong>HDDs can still perform well</strong>.<br> ⚠️ Misconfigured retention can either exhaust disk or delete needed data too quickly. </p> <h3> Summary </h3> <p>The Kafka log is: </p> <ul> <li> <strong>Append-only</strong> → simple and efficient for writes. </li> <li> <strong>Segmented</strong> → scalable and manageable on disk. </li> <li> <strong>Retained or compacted</strong> → supports both replayability and bounded storage. </li> </ul> <blockquote> <p>💡 Proper tuning of <strong>segment size, retention, and compaction</strong> ensures Kafka logs remain durable, performant, and aligned with application needs.</p> </blockquote> <h2> 4. Key and Log Compaction </h2> <p>Kafka topics allow multiple messages with the same <strong>key</strong>, and Kafka provides <strong>log compaction</strong> to keep only the latest value per key. This design supports stateful stream processing, caching, and event sourcing use cases. </p> <h3> Keys in Kafka </h3> <ul> <li>Kafka does not enforce <strong>uniqueness</strong> of keys. </li> <li>The key determines <strong>partition placement</strong>: <ul> <li>Same key → always routed to the same partition. </li> <li>Ensures <strong>per-key ordering</strong> of events. </li> </ul> </li> </ul> <p><strong>Common Use Cases:</strong> </p> <ul> <li>Updates to the same entity (e.g., user profile changes). </li> <li>Event streams per entity (e.g., customer actions). </li> <li>Stateful stream processing (aggregates or reducers). </li> <li>Materialized views (latest state per key). </li> <li>Caching or event sourcing (replay per entity). </li> </ul> <p>⚠️ Keys don’t guarantee global uniqueness — they only ensure ordering within a partition. </p> <h3> Log Compaction </h3> <ul> <li> <strong>Log compaction</strong> removes older records for a given key, retaining only the most recent value. </li> <li>Enabled via <strong><code>cleanup.policy=compact</code></strong>. </li> </ul> <p>✅ Benefits: </p> <ul> <li>Keeps the latest value per key for <strong>stateful applications</strong>. </li> <li>Reduces disk usage while preserving key-level history. </li> </ul> <p>⚠️ Considerations: </p> <ul> <li>Compaction is <strong>asynchronous</strong> → old versions may remain temporarily. </li> <li> <strong>Offsets and order are preserved</strong> even after compaction. </li> <li>Not a replacement for time/size-based retention. </li> </ul> <p><strong>Key Configurations</strong>: </p> <ul> <li> <code>cleanup.policy=compact</code> → enable compaction. </li> <li> <code>min.cleanable.dirty.ratio</code> → % of log dirtiness before cleaning triggers. </li> <li> <code>min.compaction.lag.ms</code> / <code>max.compaction.lag.ms</code> → control delay before segments are compacted. </li> <li> <code>delete.retention.ms</code> → how long tombstones are retained. </li> </ul> <h3> Tombstones </h3> <ul> <li>A <strong>tombstone</strong> is a message with a key and a <code>null</code> value. </li> <li>Signals that all previous values for that key should be deleted during compaction. </li> </ul> <p><strong>Example</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"key"</span><span class="p">:</span><span class="w"> </span><span class="s2">"user123"</span><span class="p">,</span><span class="w"> </span><span class="nl">"value"</span><span class="p">:</span><span class="w"> </span><span class="kc">null</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>How Tombstones Work:</p> <ol> <li>Marks the key for deletion → tells Kafka “forget this key.” </li> <li>During compaction, Kafka removes earlier messages with that key. </li> <li>The tombstone itself is later removed after <code>delete.retention.ms</code>. </li> </ol> <p>✅ Enables explicit <strong>deletes</strong> in a compacted topic.<br> ⚠️ Consumers must be designed to interpret null values correctly. </p> <h3> Summary </h3> <ul> <li> <strong>Keys</strong> define partitioning and enable ordered per-entity streams. </li> <li> <strong>Log compaction</strong> ensures only the latest record per key is retained, reducing log size while preserving correctness. </li> <li> <strong>Tombstones</strong> provide a mechanism for deleting keys in compacted topics. </li> </ul> <blockquote> <p>💡 keys + compaction allow Kafka to serve as both a durable event log and a state store for real-time applications. </p> </blockquote> <h2> 5. Replication </h2> <p>Replication in Kafka ensures resilience and fault tolerance by distributing partitions across multiple brokers. Each partition has one <strong>leader</strong> and one or more <strong>followers</strong> that maintain synchronized copies. </p> <h3> Leader and Followers </h3> <ul> <li> <strong>Leader</strong> → handles all reads and writes for the partition. </li> <li> <strong>Followers</strong> → replicate the leader’s log asynchronously to stay in sync. </li> </ul> <p>✅ Clients always interact with the leader, simplifying producer/consumer logic. </p> <h3> Replication Factor </h3> <ul> <li>Defines the number of copies per partition. </li> <li>Common default: <strong>3 (1 leader, 2 followers)</strong>. </li> </ul> <p>✅ Higher replication factor = stronger fault tolerance.<br> ⚠️ Increases storage and network overhead. </p> <h3> In-Sync Replicas (ISR) </h3> <ul> <li>ISRs are replicas fully caught up with the leader. </li> <li>Only ISRs are eligible for promotion during failover. </li> </ul> <p>✅ Ensures safe and consistent recovery.<br> ⚠️ Too many out-of-sync replicas weaken durability guarantees. </p> <h3> Leader Election and Failover </h3> <ul> <li>If the leader fails, a new one is chosen from the ISR set. </li> <li>The <strong>Controller</strong> (see Section 8) coordinates this election. </li> </ul> <p>✅ Enables fast recovery and high availability. </p> <h3> Consistency vs Latency Trade-offs </h3> <ul> <li> <strong><code>acks=all</code></strong> → strongest durability. Leader waits for all ISR acknowledgments. </li> <li> <strong><code>acks=1</code></strong> → leader-only acknowledgment. Faster writes, but less durable.</li> </ul> <p>⚠️ <strong>More replicas = More safety</strong>, but also higher cost and latency.</p> <h3> Summary </h3> <p>Replication provides: </p> <ul> <li> <strong>High availability</strong> through leader/follower design. </li> <li> <strong>Durability</strong> via multiple replicas and ISRs. </li> <li> <strong>Fault tolerance</strong> with automatic leader election. </li> </ul> <blockquote> <p>💡 Balance <strong>safety</strong> and <strong>performance</strong> by adjusting replication and acknowledgments.</p> </blockquote> <h2> 6. Controller </h2> <p>The <strong>Kafka Controller</strong> is a special broker role that manages <strong>cluster-wide metadata and coordination</strong>.<br><br> In modern <strong>KRaft mode (Kafka Raft)</strong>, controllers form a <strong>quorum</strong> that replaces ZooKeeper, ensuring metadata consistency and high availability. </p> <h3> Metadata Management </h3> <ul> <li>Tracks topics, partitions, broker registrations, and configurations. </li> <li>Persists updates in the internal metadata log <strong><code>__cluster_metadata</code></strong>. </li> </ul> <p>✅ Ensures all brokers share a consistent view of the cluster. </p> <h3> Leader Election </h3> <ul> <li>Coordinates <strong>partition leader elections</strong> when brokers fail or join. </li> <li>Relies on the ISR set maintained by replication (see Section 7). </li> </ul> <p>✅ Keeps partitions highly available with minimal downtime. </p> <h3> Partition Assignment </h3> <ul> <li>Distributes partitions across brokers for load balancing. </li> <li>Reassigns partitions during rebalances, broker failures, or cluster expansion. </li> </ul> <p>⚠️ Frequent reassignments add overhead; prefer stable membership. </p> <h3> Quorum Coordination (KRaft) </h3> <ul> <li>Controllers form a <strong>Raft quorum</strong>: <ul> <li>One acts as the <strong>active leader</strong>. </li> <li>Others are <strong>followers</strong>, replicating metadata changes. </li> </ul> </li> </ul> <p>✅ Provides fault tolerance without external ZooKeeper. </p> <h3> Cluster Health and Recovery </h3> <ul> <li>Detects broker failures and updates cluster state. </li> <li>Removes failed brokers from the ISR (in coordination with replication). </li> <li>Triggers <strong>leader re-election</strong> for affected partitions. </li> </ul> <p>✅ Enables rapid self-healing and resilience. </p> <h3> Active vs. Follower Controllers </h3> <ul> <li> <strong>Active Controller (Leader)</strong> <ul> <li>Makes cluster-wide decisions: </li> <li>Runs leader elections. </li> <li>Updates ISR lists. </li> <li>Tracks broker registrations and failures. </li> <li>Applies config changes (topics, ACLs, quotas). </li> <li>Persists changes in <strong><code>__cluster_metadata</code></strong>, replicated to followers. </li> </ul> </li> </ul> <p>👉 Functions as the <strong>“cluster brain.”</strong> </p> <ul> <li> <strong>Follower Controllers</strong> <ul> <li>Replicate metadata log entries from the active controller. </li> <li>Do not make independent decisions. </li> <li>Stay ready to take over if the active controller fails.</li> </ul> </li> </ul> <p>👉 Serve as <strong>“standby brains.”</strong> </p> <h3> Summary </h3> <p>The Controller is the <strong>control plane</strong> of Kafka: </p> <ul> <li>Maintains <strong>metadata consistency</strong>. </li> <li>Runs <strong>leader elections</strong> based on ISR information. </li> <li>Coordinates <strong>partition assignment</strong> and cluster state changes. </li> <li>In KRaft mode, controllers use Raft quorum replication, removing ZooKeeper. </li> </ul> <blockquote> <p>💡 Together with <strong>Replication (7)</strong>, the Controller ensures Kafka remains highly available, consistent, and fault-tolerant. </p> </blockquote> <h2> 7. Producer </h2> <p>Producers are responsible for reliable, ordered, and efficient delivery of messages to Kafka topics. Their configuration balances durability, ordering, latency, and resource usage through several key mechanisms. </p> <h3> Durability and Acknowledgments (acks) </h3> <ul> <li>Producers control how many broker acknowledgments are required before a send is considered successful. <ul> <li> <code>acks=0</code> → fire-and-forget, lowest latency, no durability. </li> <li> <code>acks=1</code> → leader acknowledgment only, balances latency and durability. </li> <li> <code>acks=all</code> → requires leader + ISR acknowledgment, strongest durability.</li> </ul> </li> </ul> <p>✅ Use <code>acks=all</code> for critical data. </p> <h3> Ordering and Retries </h3> <ul> <li>Kafka producers retry failed sends automatically. </li> <li>Retries can break ordering if multiple requests are in flight. </li> <li>Use <code>max.in.flight.requests.per.connection=1</code> to strictly preserve order. </li> <li> <strong>Idempotence</strong> (<code>enable.idempotence=true</code>) ensures retries don’t produce duplicates. </li> </ul> <p>✅ Combine retries + idempotence to achieve exactly-once semantics. </p> <h3> Batching and Latency Trade-offs </h3> <ul> <li>Producers buffer messages into batches before sending. </li> <li> <strong><code>batch.size</code></strong> controls max size of a batch in bytes. </li> <li> <strong><code>linger.ms</code></strong> sets how long to wait before sending a partially full batch. <ul> <li>Larger batches / higher linger → better throughput, higher latency. </li> <li>Smaller batches / lower linger → lower latency, reduced throughput. </li> </ul> </li> </ul> <p>✅ Tune for workload: real-time systems prefer low latency; batch pipelines prefer throughput. </p> <h3> Compression </h3> <ul> <li>Supported codecs: <code>gzip</code>, <code>snappy</code>, <code>lz4</code>, <code>zstd</code>. </li> <li>Compression applies per batch, saving bandwidth and storage. </li> <li>Default is <code>none</code>. </li> <li> <code>gzip</code> costs higher CPU usage for compression/decompression. </li> </ul> <p>✅ <code>lz4</code> or <code>zstd</code> for good speed/ratio balance. </p> <h3> Resource Limits and Buffering </h3> <ul> <li> <strong><code>buffer.memory</code></strong>: max memory available for unsent records. </li> <li> <strong><code>max.block.ms</code></strong>: how long <code>send()</code> will block when buffer is full. </li> <li> <strong><code>max.request.size</code></strong>: prevents oversized requests. </li> <li>These settings protect the producer and broker from overload. </li> </ul> <p>✅ Monitor producer metrics (buffer exhaustion, errors) to detect bottlenecks. </p> <h3> Summary </h3> <p>Producer tuning is about balancing: </p> <ul> <li> <strong>Durability vs. latency</strong> (<code>acks</code>). </li> <li> <strong>Ordering vs. throughput</strong> (retries, in-flight requests). </li> <li> <strong>CPU vs. I/O efficiency</strong> (compression, batching). </li> </ul> <blockquote> <p>💡 With correct configuration, producers achieve high throughput without sacrificing reliability. </p> </blockquote> <h2> 8. Consumer </h2> <p>Consumers are responsible for reading messages from topics, tracking their progress, and coordinating with other consumers in a group. Their configuration impacts delivery guarantees, throughput, latency, fault tolerance, and ordering. </p> <h3> Offset Management and Delivery Guarantees </h3> <ul> <li> <strong>Automatic commits</strong> (<code>enable.auto.commit=true</code>) → simple, but only <em>at-least-once</em> delivery since commits are decoupled from processing. </li> <li> <strong>Manual commits</strong> (<code>commitSync</code> / <code>commitAsync</code>) → give precise control to commit only after successful processing. </li> <li>For <strong>exactly-once semantics</strong>, bind offset commits to transactions or use manual synchronous commit. </li> <li> <strong><code>auto.offset.reset</code></strong> determines startup behavior if no committed offset exists: <ul> <li> <code>earliest</code> → start from the beginning (useful for replays). </li> <li> <code>latest</code> → only consume new records. </li> </ul> </li> </ul> <p>✅ Use manual commits or transactional commits in critical pipelines. </p> <h3> Partition Assignment and Rebalancing </h3> <ul> <li>Within one consumer group, each partition is assigned to <strong>at most one member</strong> at a time. </li> <li>Multiple consumer groups can read the same partition independently. </li> <li>Assignment strategies: <ul> <li> <strong>Range</strong> → contiguous partition sets. </li> <li> <strong>RoundRobin</strong> → even distribution across members. </li> <li> <strong>Sticky</strong> → minimizes partition movement during rebalances. </li> </ul> </li> <li>Frequent join/leave events → trigger rebalances and pause consumption. </li> </ul> <p>✅ Keep membership stable to reduce churn.<br><br> ⚠️ Tune <strong><code>session.timeout.ms</code></strong> and <strong><code>heartbeat.interval.ms</code></strong>: </p> <ul> <li>Higher values tolerate long GC pauses or transient work. </li> <li>Lower values detect failures faster but may cause false positives. </li> </ul> <h3> Poll and Fetch Tuning </h3> <ul> <li> <strong><code>max.poll.records</code></strong>: <ul> <li>Increase for higher throughput. </li> <li>Reduce to limit per-iteration processing and avoid long loops. </li> </ul> </li> <li> <strong><code>max.partition.fetch.bytes</code></strong> and <strong><code>fetch.max.wait.ms</code></strong>: <ul> <li>Larger values → better for bulk processing. </li> <li>Smaller values → better for low-latency use cases. </li> </ul> </li> <li> <strong><code>fetch.min.bytes</code></strong>: <ul> <li>Set higher to batch more data (throughput). </li> <li>Set to <code>1</code> for immediate returns (latency). </li> </ul> </li> <li>The poll loop must call <code>poll()</code> frequently: <ul> <li>Long processing requires increasing <strong><code>max.poll.interval.ms</code></strong>. </li> <li>Handle rebalance callbacks to stay responsive. </li> </ul> </li> </ul> <p>✅Balance throughput vs latency depending on workload. </p> <h3> Summary </h3> <p>Consumer tuning balances: </p> <ul> <li> <strong>Delivery guarantees vs. simplicity</strong> (auto vs manual commits). </li> <li> <strong>Partition stability vs. flexibility</strong> (assignment and rebalance strategies). </li> <li> <strong>Throughput vs. latency</strong> (poll/fetch tuning). </li> </ul> <blockquote> <p>💡Use manual or transactional commits for critical pipelines, keep consumer group membership stable, and tune poll/fetch settings to balance throughput with latency.</p> </blockquote> <h2> 9. Offset Tracking </h2> <p>An <strong>offset</strong> is a position marker that tells a consumer <em>which record it has read up to</em> in a partition, and where to resume on restart or after a failure. Kafka tracks offsets <strong>per partition, per consumer group</strong>, allowing multiple consumers to share work safely. </p> <h3> How Offset Tracking Works </h3> <ul> <li> <p><strong>Consumer Pull Model</strong> </p> <ul> <li>Consumers request data from partitions starting from a specific offset. </li> <li>They control whether to begin from <code>earliest</code>, <code>latest</code>, or a committed offset. </li> </ul> </li> <li> <p><strong>Offset Commitment</strong> </p> <ul> <li>Consumers save progress by committing offsets, either automatically or manually. </li> <li>Committed offsets are stored in Kafka’s internal topic <strong><code>__consumer_offsets</code></strong>, which is partitioned and replicated. </li> </ul> </li> </ul> <p>✅ Automatic commits are simple for <em>at-least-once</em> delivery.<br> ⚠️ Manual commits are safer for critical processing, but require more application logic. </p> <h3> Consumer Position vs. Committed Offset </h3> <ul> <li> <strong>Consumer Position</strong> → the <strong>next</strong> record the consumer will read (held in memory). </li> <li> <strong>Committed Offset</strong> → the last offset safely stored as a checkpoint. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>[00][01][02][03][04][05][06][07][08][09][10][11] ^-- committed = 09 (resume here) ^-- position = 11 (next to read) </code></pre> </div> <p>👉 If the consumer crashes, it restarts from the <strong>committed offset</strong>, not the in-memory position.<br><br> This means it may <strong>re-read some records</strong> but won’t skip any. </p> <h3> Summary </h3> <ul> <li>Offsets are <strong>per-partition position markers</strong>. </li> <li>Kafka persists committed offsets in the <code>__consumer_offsets</code> topic. </li> <li>The gap between <strong>position vs. committed offset</strong> provides fault tolerance, but may cause duplicates. </li> </ul> <blockquote> <p>💡 Correct offset management is essential for delivery guarantees (<em>at-least-once, at-most-once, exactly-once</em>). </p> </blockquote> <h2> 10. Rebalance </h2> <p>Rebalancing is the process where Kafka’s <strong>Group Coordinator</strong> redistributes partitions among consumers in a <strong>consumer group</strong> whenever the workload relationship changes. </p> <h3> When Rebalancing Happens </h3> <ul> <li>A new consumer joins the group (more parallelism). </li> <li>An existing consumer leaves or fails (load must be reassigned). </li> <li>A topic’s partitions increase (new partitions must be assigned). </li> </ul> <h3> How Rebalancing Works </h3> <ol> <li>Group Coordinator detects a change in group membership. </li> <li>All consumers stop fetching temporarily. </li> <li>Coordinator calculates a new partition assignment. </li> <li>Each consumer receives its updated assignment. </li> <li>Consumers resume reading from their assigned offsets. </li> </ol> <blockquote> <p>💡 Minimize unnecessary group membership changes and control partition counts carefully to reduce rebalance frequency and consumer downtime.</p> </blockquote> <h2> 11. Exactly Once and Transactions </h2> <p>Kafka’s <strong>Exactly-Once Semantics (EOS)</strong> ensures that messages are processed <em>once and only once</em>, even in the face of retries or failures. This combines idempotent production, transactions, and offset commits into a unified model for reliable stream processing. </p> <h3> Idempotent Producer </h3> <ul> <li>When <strong><code>enable.idempotence=true</code></strong>, the producer is assigned a <strong>Producer ID (PID)</strong> and per-partition sequence numbers. </li> <li>Retries are deduplicated at the broker using these sequence numbers. </li> </ul> <p>✅ Guarantees <em>no duplicates</em> in a single partition, even under retries.<br> ⚠️ Does not guarantee atomicity across multiple partitions or topics by itself. </p> <h3> Transactional Producer </h3> <ul> <li>A <strong>transactional producer</strong> groups multiple writes and offset commits into a single atomic unit. </li> <li>Either all messages + offset commits succeed, or none do. </li> <li>Controlled via a stable <strong><code>transactional.id</code></strong>, which enables fencing (old producers with the same ID are invalidated). </li> </ul> <p>✅ Provides atomic <em>read → process → write</em> semantics. </p> <h3> Transaction Coordinator </h3> <ul> <li>A special broker component that manages transaction state. </li> <li>Persists transaction metadata in the internal topic <strong><code>__transaction_state</code></strong>. </li> <li>Ensures commit/abort decisions are coordinated for each <code>transactional.id</code>. </li> </ul> <p>⚠️ Coordinator bottlenecks can occur if too many producers use transactions with wide scope. </p> <h3> Consumer Isolation Levels </h3> <ul> <li>Consumers control visibility into transactional writes via <strong><code>isolation.level</code></strong>: <ul> <li> <code>read_uncommitted</code> → sees all records (including aborted transactions). </li> <li> <code>read_committed</code> → sees only records from successfully committed transactions. </li> </ul> </li> </ul> <p>✅ Use <code>read_committed</code> in pipelines that require strict correctness. </p> <h3> Offsets in Transactions </h3> <ul> <li>The <strong><code>sendOffsetsToTransaction</code></strong> API binds offset commits to producer transactions. </li> <li>Offsets are only committed if the producer transaction itself commits. </li> </ul> <p>✅ Ensures <em>exactly-once</em> end-to-end semantics: messages are processed and offsets advanced atomically. </p> <h3> Summary </h3> <ul> <li> <strong>Idempotence</strong> removes duplicates per partition. </li> <li> <strong>Transactions</strong> extend atomicity across topics + offsets. </li> <li> <strong>Coordinators</strong> maintain transaction state. </li> <li> <strong>Isolation levels</strong> let consumers choose between speed (<code>read_uncommitted</code>) and safety (<code>read_committed</code>). </li> </ul> <blockquote> <p>💡 Enable <strong>enable.idempotence=true</strong> by default and use <strong>transactions</strong> (transactional.id + sendOffsetsToTransaction) only when strict exactly-once guarantees across topics and offsets are required.</p> </blockquote> <h2> 12. Deployment </h2> <h3> Cluster Topology and Roles </h3> <ul> <li>Separate <strong>controller</strong> and <strong>broker</strong> roles on dedicated nodes for production-scale clusters. </li> <li>Run a <strong>controller-only quorum</strong> of 3 or 5 nodes. <ul> <li>Three controllers are sufficient for moderate clusters. </li> <li>Five controllers are preferred for larger clusters or higher availability needs. </li> </ul> </li> <li>Use <strong>broker-only nodes</strong> for the data plane (producers and consumers). </li> <li>Deploy at least three brokers and configure <code>replication.factor ≥ 3</code> for critical topics. </li> </ul> <h3> Storage and Disks </h3> <ul> <li>Use <strong>JBOD (Just a Bunch of Disks)</strong> — no RAID. Present disks individually to brokers and let Kafka handle replication. </li> <li>Prefer the <strong>XFS filesystem</strong> tuned for large files; mount broker volumes with <code>noatime</code> (or <code>relatime</code> if atime tracking is required). </li> <li>Use <strong>HDDs</strong> on brokers for high sequential throughput and cost efficiency. Consider <strong>SSDs/NVMe</strong> for controller nodes (metadata logs) or if your workloads involve heavy random reads or strict latency SLAs.</li> <li>Tune <code>log.segment.bytes</code> and retention policies to manage the number of segments and control <code>mmap</code> usage. </li> </ul> <h3> Memory, Heap, and OS Tuning </h3> <ul> <li>Keep broker JVM heap <strong>small and fixed</strong> (typically 4–8 GB). Leave the remaining RAM for the OS page cache. </li> <li>Apply the <strong>RAM sizing rule</strong>: provision enough RAM to buffer approximately 30 seconds of peak ingest throughput in the page cache.</li> </ul> <blockquote> <p><strong>Example</strong><br> If ingest is 300 MB/s, you want ~9 GB RAM just for cache.</p> <p><strong>Formula</strong><br> Required RAM for cache ≈ (ingest throughput in MB/s) × 30 seconds</p> </blockquote> <ul> <li>Raise <code>vm.max_map_count</code> for large clusters with many partitions or segments (e.g., set to 262144 or higher when required).</li> </ul> <blockquote> <p><strong>Formula</strong><br> required_vm.max_map_count ≈ partitions_per_broker × segments_per_partition × 2</p> </blockquote> <ul> <li>Increase file descriptor limits (<code>ulimit -n</code>) to at least 100k. </li> <li>For networking, provision <strong>10Gbps NICs</strong> for high-throughput clusters and tune socket buffers for cross–data center replication. </li> </ul> <h3> Availability, Replication, and Durability </h3> <ul> <li>Configure <code>min.insync.replicas ≥ 2</code> when <code>replication.factor = 3</code> to ensure durability even if one replica fails. </li> <li>Require producers to use <code>acks=all</code> for critical topics to ensure writes are fully replicated before acknowledgment. </li> <li>Enable <strong>rack awareness</strong> (<code>broker.rack</code>) so replicas are distributed across racks or availability zones for better fault tolerance. </li> <li>Consider <strong>tiered storage</strong> (e.g., S3 or HDFS) for offloading cold data while keeping hot data local to brokers. </li> </ul> <h3> Security and Networking </h3> <ul> <li>Enable <strong>TLS encryption</strong> for both client–broker and inter-broker communication. </li> <li>Use <strong>SASL authentication</strong> (SCRAM, mTLS, or GSSAPI depending on your environment). </li> <li>Apply <strong>Kafka ACLs</strong> to enforce least-privilege access control. </li> <li>Restrict broker ports to trusted networks and place brokers/controllers in <strong>private subnets</strong>. </li> </ul> <h3> Operations, Monitoring, and Alerting </h3> <p>Kafka’s monitoring flow begins with JMX exposing internal metrics, which are collected by a Prometheus exporter and visualized through Grafana dashboards for real-time tracking and alerting.</p> <ul> <li> <p><strong>Key Metrics to Track</strong> </p> <ul> <li>Under-replicated or offline partitions</li> <li>Request latency across produce and fetch paths</li> <li>ISR size fluctuations and consumer lag</li> <li>Disk usage and I/O saturation</li> <li>GC pause duration and frequency</li> </ul> </li> <li> <p><strong>Critical Alerts</strong> </p> <ul> <li>Shrinking ISR or under-replicated partitions. </li> <li>Offline or missing replicas. </li> <li>Disk pressure or high utilization. </li> <li>Long GC pauses. </li> <li>Frequent rebalances. </li> </ul> </li> </ul> <h2> 13. Key Takeaways </h2> <ul> <li> <strong>Kafka is not just a queue</strong> : it’s a <strong>distributed event streaming platform</strong> for high-throughput, real-time data pipelines.</li> <li> <strong>Core roles</strong> : Producers publish, Consumers subscribe, Topics organize, and Partitions enable horizontal scalability.</li> <li> <strong>Immutable, ordered logs</strong> : guarantee replayable data streams and predictable processing.</li> <li> <strong>Replication and ISR</strong> : leaders handle writes, followers stay synchronized to ensure fault tolerance.</li> <li> <strong>KRaft replaces ZooKeeper</strong> : simplifying cluster metadata management and deployment complexity.</li> <li> <strong>Performance is filesystem-driven</strong> : sequential disk I/O, OS page cache, and batching give Kafka exceptional throughput.</li> <li> <strong>Exactly-once semantics (EOS)</strong> : achieved through idempotent + transactional producers combined with committed offsets.</li> <li> <strong>Production readiness</strong> : comes from careful tuning: partitions, replication factor, monitoring, and security controls.</li> </ul> <h2> 14. Conclusion </h2> <p>Kafka has become the backbone of modern data systems. Its <strong>distributed log architecture</strong> delivers scalability, fault tolerance, and speed—making it ideal for event-driven microservices, real-time analytics, and data pipelines. </p> <p>By understanding <strong>core concepts</strong> (topics, partitions, logs, replication, controllers) and applying <strong>best practices</strong> in deployment and tuning, you can build <strong>robust, scalable, and future-proof systems</strong> powered by Kafka. </p> <h2> Appendix: Demo Project </h2> <p>To complement the concepts explored in this article, I’ve built a hands-on demo project that puts Kafka’s architecture and transactional patterns into practice.</p> <p><strong>GitHub Repository:</strong> <em><a href="https://github.com/arata-x/springboot-kafka-cluster" rel="noopener noreferrer">Spring Boot Kafka Cluster</a></em></p> <p>This project showcases a production-grade Kafka setup running in <strong>KRaft</strong> mode, integrated with <strong>Spring Boot</strong> and <strong>PostgreSQL</strong>. It includes:</p> <ul> <li>A multi-node Kafka cluster with <strong>3 controllers</strong> and <strong>3 brokers</strong> </li> <li>A RESTful producer service that publishes events to Kafka</li> <li>Three consumer services demonstrating: <ul> <li>Manual acknowledgment</li> <li>Kafka transactions</li> <li>Database transactions</li> </ul> </li> <li>A PostgreSQL-backed persistence layer</li> <li>Docker Compose orchestration for easy startup</li> <li>Scripts for testing, error simulation, and direct Kafka publishing</li> </ul> <p>Whether you're exploring offset management, transactional guarantees, or deployment strategies, this demo gives you a practical playground to experiment with real-world Kafka patterns.</p> <blockquote> <p>💡 Use it as a reference, a starting point, or a sandbox to deepen your Kafka mastery.</p> </blockquote> kafka Kafka Made Simple: A Hands-On Quickstart with Docker and Spring Boot Arata Sat, 20 Sep 2025 07:56:42 +0000 https://forem.com/aratax/kafka-made-simple-a-hands-on-quickstart-with-docker-and-spring-boot-180i https://forem.com/aratax/kafka-made-simple-a-hands-on-quickstart-with-docker-and-spring-boot-180i <p>Apache Kafka is a distributed, durable, real-time event streaming platform. It goes beyond a message queue by providing scalability, persistence, and stream processing capabilities.</p> <p>In this guide, we’ll quickly spin up Kafka with Docker, explore it with CLI tools, and integrate it into a Spring Boot application.</p> <h2> 1. What is Kafka? </h2> <p>Apache Kafka is a <strong>distributed, durable, real-time event streaming platform</strong>.<br><br> It was originally developed at LinkedIn and is now part of the Apache Software Foundation.<br><br> Kafka is designed for <strong>high-throughput, low-latency data pipelines, streaming analytics, and event-driven applications</strong>. </p> <h3> What is an Event? </h3> <p>An <strong>event</strong> is simply a <strong>record of something that happened</strong> in the system.<br><br> Each event usually includes:</p> <ul> <li> <strong>Key</strong> → identifier (e.g., user ID, order ID). </li> <li> <strong>Value</strong> → the payload (e.g., “order created with total = $50”). </li> <li> <strong>Timestamp</strong> → when the event occurred. </li> </ul> <p>Example event:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"key"</span><span class="p">:</span><span class="w"> </span><span class="s2">"order-123"</span><span class="p">,</span><span class="w"> </span><span class="nl">"value"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"customer"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Alice"</span><span class="p">,</span><span class="w"> </span><span class="nl">"total"</span><span class="p">:</span><span class="w"> </span><span class="mi">50</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"timestamp"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2025-09-19T10:15:00Z"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> What is an Event Streaming Platform? </h3> <p>An <strong>event streaming platform</strong> is a system designed to handle continuous flows of data — or <em>events</em> — in real time.<br><br> Instead of working in batches (processing data after the fact), it allows applications to <strong>react as events happen</strong>.</p> <h2> 2. What Kafka Can Do </h2> <p>Kafka is more than a message queue—it's a real-time event backbone for modern systems.</p> <h3> Messaging Like a Message Queue </h3> <p>Kafka decouples producers and consumers, enabling asynchronous communication between services.<br> <strong>Example</strong>:<br> A banking system publishes transaction events to Kafka. Fraud detection, ledger updates, and notification services consume these events independently.</p> <h3> Event Streaming </h3> <p>Kafka streams data in real time, allowing systems to react instantly.<br> <strong>Example</strong>:<br> An insurance platform streams claim events to trigger automated validation, underwriting checks, and customer updates in real time.</p> <h3> Data Integration </h3> <p>Kafka Connect bridges Kafka with databases, cloud storage, and analytics platforms.<br> <strong>Example</strong>:<br> A semiconductor company streams sensor data from manufacturing equipment into a data lake for predictive maintenance and yield optimization.</p> <h3> Log Aggregation </h3> <p>Kafka centralizes logs from multiple services for monitoring and analysis.<br> <strong>Example</strong>:<br> An industrial automation system sends logs from PLCs and controllers to Kafka, where they’re consumed by a monitoring dashboard for anomaly detection.</p> <h3> Replayable History </h3> <p>Kafka retains events for reprocessing or backfilling.<br> <strong>Example</strong>:<br> An insurance company replays past policy events to train a model that predicts claim risk or customer churn. This avoids relying on static snapshots and gives the model a dynamic, time-aware view of behavior.</p> <h3> Scalable Microservices Communication </h3> <p>Kafka handles high-throughput messaging across distributed services.<br> <strong>Example</strong>:<br> A financial institution uses Kafka to coordinate customer onboarding, KYC checks, and account provisioning across multiple microservices.</p> <h2> 3. Architecture </h2> <p>Apache Kafka’s architecture is built for high throughput, fault tolerance, and horizontal scalability. At its core, Kafka relies on a log-based storage model and a distributed broker cluster.</p> <h3> Core Components </h3> <ul> <li><p><strong>Producer</strong> → Publishes records (events/messages) to topics. Can be idempotent or transactional.</p></li> <li><p><strong>Topic</strong> → Logical category/feed for messages. Divided into partitions for parallelism.</p></li> <li><p><strong>Partition</strong> → Ordered, immutable commit log. Records have sequential offsets.</p></li> <li><p><strong>Broker</strong> → A Kafka server that stores partitions. Clusters have multiple brokers.</p></li> <li><p><strong>Consumer</strong> → Subscribes to topics and processes messages. Part of a consumer group for scaling.</p></li> <li><p><strong>Controller</strong> → Special broker role that manages metadata, leader election, and partition assignment.</p></li> <li><p><strong>Replication</strong> → Each partition has one leader and multiple followers in the ISR (in-sync replicas).</p></li> </ul> <h3> Data Flow </h3> <ul> <li>Producers send records to brokers.</li> <li>Records are appended to the leader partition log.</li> <li>Followers replicate the leader’s log for durability.</li> <li>Consumers fetch records from leaders, tracking their offsets.</li> </ul> <h2>  Architecture Diagram </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> +-----------------+ | Producers | +-----------------+ | | | v v v +------------------------+ | Kafka Cluster | | +---------+ | | | Broker 1| &lt;--------------- Partition 0 Leader | +---------+ | | | Broker 2| &lt;--------------- Partition 0 Follower | +---------+ | | | Broker 3| &lt;--------------- Partition 1 Leader | +---------+ | +------------------------+ | | | v v v +-------------------+ | Consumer Group | |-------------------| | Consumer A → P0 | | Consumer B → P1 | +-------------------+ </code></pre> </div> <h2> 4. QuickStart with Docker </h2> <p>This configuration sets up a single-node Kafka broker using the KRaft. It’s ideal for development, testing scenarios<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">name</span><span class="pi">:</span> <span class="s">kafka</span> <span class="na">services</span><span class="pi">:</span> <span class="na">kafka</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">apache/kafka:4.1.0</span> <span class="na">container_name</span><span class="pi">:</span> <span class="s">kafka</span> <span class="na">environment</span><span class="pi">:</span> <span class="na">KAFKA_NODE_ID</span><span class="pi">:</span> <span class="m">1</span> <span class="na">KAFKA_PROCESS_ROLES</span><span class="pi">:</span> <span class="s">broker,controller</span> <span class="na">KAFKA_LISTENERS</span><span class="pi">:</span> <span class="s">BROKER://:9092,CONTROLLER://:9093</span> <span class="na">KAFKA_CONTROLLER_QUORUM_VOTERS</span><span class="pi">:</span> <span class="s">1@localhost:9093</span> <span class="na">KAFKA_CONTROLLER_LISTENER_NAMES</span><span class="pi">:</span> <span class="s">CONTROLLER</span> <span class="na">KAFKA_INTER_BROKER_LISTENER_NAME</span><span class="pi">:</span> <span class="s">BROKER</span> <span class="na">KAFKA_LISTENER_SECURITY_PROTOCOL_MAP</span><span class="pi">:</span> <span class="s">BROKER:PLAINTEXT,CONTROLLER:PLAINTEXT</span> <span class="na">KAFKA_ADVERTISED_LISTENERS</span><span class="pi">:</span> <span class="s">BROKER://localhost:9092</span> <span class="na">KAFKA_CLUSTER_ID</span><span class="pi">:</span> <span class="s2">"</span><span class="s">kafka-1"</span> <span class="na">KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR</span><span class="pi">:</span> <span class="m">1</span> <span class="na">KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR</span><span class="pi">:</span> <span class="m">1</span> <span class="na">KAFKA_TRANSACTION_STATE_LOG_MIN_ISR</span><span class="pi">:</span> <span class="m">1</span> <span class="na">KAFKA_LOG_DIRS</span><span class="pi">:</span> <span class="s">/var/lib/kafka/data</span> <span class="na">volumes</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">kafka_data:/var/lib/kafka/data</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="s2">"</span><span class="s">9092:9092"</span> <span class="na">volumes</span><span class="pi">:</span> <span class="na">kafka_data</span><span class="pi">:</span> </code></pre> </div> <h2> How to Run </h2> <p>Start the Kafka container using:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker compose up </code></pre> </div> <p>Kafka will be available at localhost:9092 for producers and consumers, and internally at localhost:9093 for controller communication.</p> <h2> 5. Kafka CLI </h2> <p>Before running Kafka commands, log into the Kafka container:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker container <span class="nb">exec</span> <span class="nt">-it</span> localhost bash </code></pre> </div> <h3> Create Topic </h3> <p>Create a topic named quickstart with one partition and a replication factor of 1:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>/opt/kafka/bin/kafka-topics.sh <span class="nt">--create</span> <span class="se">\</span> <span class="nt">--bootstrap-server</span> localhost:9092 <span class="se">\</span> <span class="nt">--replication-factor</span> 1 <span class="se">\</span> <span class="nt">--partitions</span> 1 <span class="se">\</span> <span class="nt">--topic</span> quickstart </code></pre> </div> <h3> List Topic </h3> <p>Check all existing topics:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>/opt/kafka/bin/kafka-topics.sh <span class="nt">--list</span> <span class="se">\</span> <span class="nt">--bootstrap-server</span> localhost:9092 </code></pre> </div> <h3> Consume Message </h3> <p>Read messages from the order topic starting from the beginning:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>/opt/kafka/bin/kafka-console-consumer.sh <span class="se">\</span> <span class="nt">--bootstrap-server</span> localhost:9092 <span class="se">\</span> <span class="nt">--topic</span> quickstart <span class="se">\</span> <span class="nt">--from-beginning</span> </code></pre> </div> <h3> Send Message </h3> <p>You can send messages to the quickstart topic using either direct input or a file.</p> <h3> Option A: Send a single message </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">echo</span> <span class="s1">'This is Event 1'</span> | <span class="se">\</span> /opt/kafka/bin/kafka-console-producer.sh <span class="se">\</span> <span class="nt">--bootstrap-server</span> localhost:9092 <span class="se">\</span> <span class="nt">--topic</span> quickstart </code></pre> </div> <h3> Option B: Send multiple messages from a file </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>echo 'This is Event 2' &gt; messages.txt echo 'This is Event 3' &gt;&gt; messages.txt cat messages.txt | \ /opt/kafka/bin/kafka-console-producer.sh \ --bootstrap-server localhost:9092 \ --topic quickstart </code></pre> </div> <h2> 5. Spring Boot Integration </h2> <p>This configuration enables seamless integration between a Spring Boot application and an Apache Kafka broker. It defines both producer and consumer settings for message serialization, deserialization, and connection behavior.</p> <h3> pom.xml </h3> <div class="highlight js-code-highlight"> <pre class="highlight xml"><code><span class="c">&lt;!-- spring-web --&gt;</span> <span class="nt">&lt;dependency&gt;</span> <span class="nt">&lt;groupId&gt;</span>org.springframework.boot<span class="nt">&lt;/groupId&gt;</span> <span class="nt">&lt;artifactId&gt;</span>spring-boot-starter-web<span class="nt">&lt;/artifactId&gt;</span> <span class="nt">&lt;version&gt;</span>3.4.9<span class="nt">&lt;/version&gt;</span> <span class="nt">&lt;/dependency&gt;</span> <span class="c">&lt;!-- kafka --&gt;</span> <span class="nt">&lt;dependency&gt;</span> <span class="nt">&lt;groupId&gt;</span>org.springframework.kafka<span class="nt">&lt;/groupId&gt;</span> <span class="nt">&lt;artifactId&gt;</span>spring-kafka<span class="nt">&lt;/artifactId&gt;</span> <span class="nt">&lt;version&gt;</span>3.3.9<span class="nt">&lt;/version&gt;</span> <span class="nt">&lt;/dependency&gt;</span> <span class="c">&lt;!-- Lombok(optional) --&gt;</span> <span class="nt">&lt;dependency&gt;</span> <span class="nt">&lt;groupId&gt;</span>org.projectlombok<span class="nt">&lt;/groupId&gt;</span> <span class="nt">&lt;artifactId&gt;</span>lombok<span class="nt">&lt;/artifactId&gt;</span> <span class="nt">&lt;version&gt;</span>1.18.30<span class="nt">&lt;/version&gt;</span> <span class="nt">&lt;optional&gt;</span>true<span class="nt">&lt;/optional&gt;</span> <span class="nt">&lt;/dependency&gt;</span> </code></pre> </div> <h3> applicaiton.yml </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">spring</span><span class="pi">:</span> <span class="na">kafka</span><span class="pi">:</span> <span class="na">bootstrap-servers</span><span class="pi">:</span> <span class="s">localhost:9092</span> <span class="na">template</span><span class="pi">:</span> <span class="na">default-topic</span><span class="pi">:</span> <span class="s">orders</span> <span class="na">consumer</span><span class="pi">:</span> <span class="na">group-id</span><span class="pi">:</span> <span class="s">quickstart-group</span> <span class="na">auto-offset-reset</span><span class="pi">:</span> <span class="s">latest</span> <span class="na">key-deserializer</span><span class="pi">:</span> <span class="s">org.apache.kafka.common.serialization.StringDeserializer</span> <span class="na">value-deserializer</span><span class="pi">:</span> <span class="s">org.springframework.kafka.support.serializer.JsonDeserializer</span> <span class="na">properties</span><span class="pi">:</span> <span class="na">spring.json.trusted.packages</span><span class="pi">:</span> <span class="s2">"</span><span class="s">dev.aratax.messaging.kafka.model"</span> <span class="na">producer</span><span class="pi">:</span> <span class="na">key-serializer</span><span class="pi">:</span> <span class="s">org.apache.kafka.common.serialization.StringSerializer</span> <span class="na">value-serializer</span><span class="pi">:</span> <span class="s">org.springframework.kafka.support.serializer.JsonSerializer</span> </code></pre> </div> <h3> Topic Setup </h3> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="nd">@Bean</span> <span class="kd">public</span> <span class="nc">NewTopic</span> <span class="nf">defaultTopic</span><span class="o">()</span> <span class="o">{</span> <span class="k">return</span> <span class="k">new</span> <span class="nf">NewTopic</span><span class="o">(</span><span class="s">"orders"</span><span class="o">,</span> <span class="mi">1</span><span class="o">,</span> <span class="o">(</span><span class="kt">short</span><span class="o">)</span> <span class="mi">1</span><span class="o">);</span> <span class="o">}</span> </code></pre> </div> <h3> Event Model </h3> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="kd">public</span> <span class="kd">class</span> <span class="nc">OrderEvent</span> <span class="o">{</span> <span class="kd">private</span> <span class="nc">String</span> <span class="n">id</span><span class="o">;</span> <span class="kd">private</span> <span class="nc">Status</span> <span class="n">status</span><span class="o">;</span> <span class="kd">private</span> <span class="nc">BigDecimal</span> <span class="n">totalAmount</span><span class="o">;</span> <span class="kd">private</span> <span class="nc">Instant</span> <span class="n">createdAt</span> <span class="o">=</span> <span class="nc">Instant</span><span class="o">.</span><span class="na">now</span><span class="o">();</span> <span class="kd">private</span> <span class="nc">String</span> <span class="n">createdBy</span><span class="o">;</span> <span class="kd">public</span> <span class="kd">enum</span> <span class="nc">Status</span> <span class="o">{</span> <span class="no">IN_PROGRESS</span><span class="o">,</span> <span class="no">COMPLETED</span><span class="o">,</span> <span class="no">CANCELLED</span> <span class="o">}</span> <span class="o">}</span> </code></pre> </div> <h3> Producer Example </h3> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="nd">@RestController</span> <span class="nd">@RequestMapping</span><span class="o">(</span><span class="s">"/api"</span><span class="o">)</span> <span class="nd">@RequiredArgsConstructor</span> <span class="kd">public</span> <span class="kd">class</span> <span class="nc">OrderEventController</span> <span class="o">{</span> <span class="kd">private</span> <span class="kd">final</span> <span class="nc">KafkaTemplate</span><span class="o">&lt;</span><span class="nc">String</span><span class="o">,</span> <span class="nc">OrderEvent</span><span class="o">&gt;</span> <span class="n">kafkaTemplate</span><span class="o">;</span> <span class="nd">@PostMapping</span><span class="o">(</span><span class="s">"/orders"</span><span class="o">)</span> <span class="kd">public</span> <span class="nc">String</span> <span class="nf">create</span><span class="o">(</span><span class="nd">@RequestBody</span> <span class="nc">OrderEvent</span> <span class="n">event</span><span class="o">)</span> <span class="o">{</span> <span class="n">event</span><span class="o">.</span><span class="na">setId</span><span class="o">(</span><span class="no">UUID</span><span class="o">.</span><span class="na">randomUUID</span><span class="o">().</span><span class="na">toString</span><span class="o">());</span> <span class="n">event</span><span class="o">.</span><span class="na">setCreatedAt</span><span class="o">(</span><span class="nc">Instant</span><span class="o">.</span><span class="na">now</span><span class="o">());</span> <span class="n">kafkaTemplate</span><span class="o">.</span><span class="na">sendDefault</span><span class="o">(</span><span class="n">event</span><span class="o">.</span><span class="na">getId</span><span class="o">(),</span> <span class="n">event</span><span class="o">);</span> <span class="k">return</span> <span class="s">"Order sent to Kafka"</span><span class="o">;</span> <span class="o">}</span> <span class="o">}</span> </code></pre> </div> <h3> Consumer Example </h3> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="nd">@Component</span> <span class="kd">public</span> <span class="kd">class</span> <span class="nc">OrderEventsListener</span> <span class="o">{</span> <span class="nd">@KafkaListener</span><span class="o">(</span><span class="n">topics</span> <span class="o">=</span> <span class="s">"orders"</span><span class="o">)</span> <span class="kd">public</span> <span class="kt">void</span> <span class="nf">handle</span><span class="o">(</span><span class="nc">OrderEvent</span> <span class="n">event</span><span class="o">)</span> <span class="o">{</span> <span class="nc">System</span><span class="o">.</span><span class="na">out</span><span class="o">.</span><span class="na">println</span><span class="o">(</span><span class="s">"Received order: "</span> <span class="o">+</span> <span class="n">event</span><span class="o">);</span> <span class="o">}</span> <span class="o">}</span> </code></pre> </div> <h2> 6. Demo Project </h2> <p>I built a demo project using Spring Boot and Kafka to demonstrate basic producer/consumer functionality. <br> Check it out on GitHub: <a href="https://github.com/arata-x/springboot-kafka-quickstart" rel="noopener noreferrer">springboot-kafka-quickstart</a></p> <h2> 7. Key Takeaways </h2> <ul> <li>Kafka is more than a message queue—it's a scalable, durable event streaming platform.</li> <li>Events are central to Kafka’s architecture, enabling real-time data flow across systems.</li> <li>Docker makes setup easy, allowing you to spin up Kafka locally for development and testing.</li> <li>Kafka CLI tools help you explore topics, produce messages, and consume events interactively.</li> <li>Spring Boot integration simplifies Kafka usage with built-in support for producers and consumers.</li> <li>Real-world use cases span industries like banking, insurance, semiconductor, and automation.</li> </ul> <h2> 8. Conclusion </h2> <p>Apache Kafka empowers developers to build reactive, event-driven systems with ease. Whether you're streaming financial transactions, processing insurance claims, or monitoring factory equipment, Kafka provides the backbone for scalable, real-time communication.</p> <p>With Docker and Spring Boot, you can get started in minutes—no complex setup required. This quickstart gives you everything you need to explore Kafka hands-on and begin building production-grade event pipelines.</p> <p>Ready to go deeper? Try explore its design/implementation, stream processing, or Kafka Connect integrations next.</p> kafka docker springboot Redis Sentinel Made Simple: Hands-On High Availability Arata Sun, 24 Aug 2025 11:56:02 +0000 https://forem.com/aratax/redis-sentinel-made-simple-hands-on-high-availability-25e8 https://forem.com/aratax/redis-sentinel-made-simple-hands-on-high-availability-25e8 <p>High availability is no longer a luxury — it’s a survival kit for modern applications. Databases crash, servers die, containers get killed (sometimes by accident, sometimes by design). In the world of Redis, <strong>Sentinel</strong> is the quiet guardian that keeps your cache cluster alive when chaos happens. </p> <p>In this article, I’ll walk you through Redis Sentinel step by step, with a runnable Docker demo and a Spring Boot integration example. By the end, you’ll see failover happening live — and how your application can recover without manual intervention. </p> <h2> 1. Introduction </h2> <h3> Why does Redis Sentinel matter? </h3> <p>Picture this: you’ve got Redis set up with one master and a couple of replicas. Everything’s smooth… until the master suddenly crashes. Now what? Who decides which replica should take over? Who makes sure your clients know where to connect?<br> 👉 That’s exactly the job Sentinel handles for you.</p> <ul> <li> <strong>Monitors</strong> your Redis instances. </li> <li> <strong>Notifies</strong> you when something goes wrong. </li> <li> <strong>Automatically promotes</strong> a replica to master. </li> <li> <strong>Redirects clients</strong> to the new master. </li> </ul> <p>Sentinel is the difference between a cache outage and a smooth failover. </p> <h2> 2. What is Redis Sentinel? </h2> <p>At its core, Redis Sentinel is a distributed system that provides: </p> <ul> <li> Monitoring – constantly checking whether your master and replicas are alive. </li> <li> Notification – alerting operators (or systems) when something goes wrong. </li> <li> Automatic Failover – promoting a replica when the master is unavailable. </li> <li> Client Redirection – letting apps connect to the new master automatically. </li> </ul> <h2> 3 . Sentinel Architecture </h2> <p>A Sentinel deployment usually includes multiple Sentinel nodes plus your Redis master and replicas. Sentinels work together, reaching <strong>quorum</strong> before deciding a master is truly dead. </p> <p>Key concepts: </p> <ul> <li> <strong>SDOWN (Subjectively Down):</strong> One Sentinel thinks the master is down. </li> <li> <strong>ODOWN (Objectively Down):</strong> Enough Sentinels agree the master is down. </li> <li> <strong>Replica Priority:</strong> Determines which replica should be promoted first. </li> </ul> <h3> Deployment Diagram </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>+-------------------+ +-------------------+ | Sentinel #1 | | Sentinel #2 | +-------------------+ +-------------------+ \ / \ / \ Quorum Vote / \ / +-------------------+ | Sentinel #3 | +-------------------+ | v +-------------------+ | Redis Master | +-------------------+ / \ v v +----------------+ +----------------+ | Redis Replica1 | | Redis Replica2 | +----------------+ +----------------+ </code></pre> </div> <h2> 4. Setting Up Redis Sentinel </h2> <p>We use Docker Compose with one master, two replicas, and three Sentinels. </p> <h3> Redis Sentinel Config </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>sentinel announce-ip "127.0.0.1" sentinel announce-port 26379 # sentinel with version above 6.2 can resolve host names, but this is not enabled by default. sentinel resolve-hostnames yes # Monitor master named "mymaster" at 127.0.0.1(or domain name):6379 with quorum of 2 sentinel monitor mymaster 127.0.0.1 6379 2 # Master is considered down after 5 seconds of no response sentinel down-after-milliseconds mymaster 5000 # Failover timeout 18 seconds sentinel failover-timeout mymaster 18000 ##Below line 'Generated by CONFIG REWRITE 'controlled by Redis Sentinel(Config file should be writable) # Generated by CONFIG REWRITE </code></pre> </div> <h3> Ways to Run Sentinel: </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>redis-sentinel /etc/redis/sentinel.conf # or redis-server /etc/redis/sentinel.conf --sentinel </code></pre> </div> <h3> Redis CLI Useful commands: </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>#Start Sentinel's monitoring. SENTINEL MONITOR &lt;master name&gt; #Stop Sentinel's monitoring. SENTINEL REMOVE &lt;master name&gt; #Set Sentinel's monitoring configuration. SENTINEL SET &lt;master name&gt; &lt;option&gt; &lt;value&gt; #(&gt;= 5.0) Show a list of replicas for this master, and their state. SENTINEL REPLICAS &lt;master name&gt; #Show a list of sentinel instances for this master, and their state. SENTINEL SENTINELS &lt;master name&gt; #Force a failover as if the master was not reachable, and without asking for agreement to other Sentinels #(however a new version of the configuration will be published so that the other Sentinels will update their configurations. #That's called 'Configuration propagation' SENTINEL FAILOVER &lt;master name&gt; #Display information by Role. INFO </code></pre> </div> <h3> Docker Compse : </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> redis-sentinel-1: image: bitnami/redis-sentinel:8.0.3 container_name: redis-sentinel-1 ports: # Sentinel, Docker, NAT, and possible issues. Set port-mapping 1:1 - "26379:26379" environment: - ALLOW_EMPTY_PASSWORD=yes volumes: # Use with caution regarding permissions. - redis-sentinel-1-data:/bitnami/redis-sentinel - ./redis-sentinel-1:/usr/local/etc/redis-sentinel # Sentinel, Docker, NAT, and possible issues. Use host for maximum compatibility. network_mode: host depends_on: - redis-master - redis-replica-1 - redis-replica-2 restart: unless-stopped command: ["redis-sentinel", "/usr/local/etc/redis-sentinel/sentinel.conf"] </code></pre> </div> <h2> 5. Redis Docker Demo </h2> <p>Clone the demo project:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>git clone https://github.com/arata-x/redis-ha.git </code></pre> </div> <p>Docker Setup/Run<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>cd redis-ha/docker/redis/sentinel docker-compose up </code></pre> </div> <p>Simulate master crash:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker <span class="nb">kill </span>redis-master </code></pre> </div> <p>The Sentinels will detect the failure and promote a replica to do the Failover. </p> <h2> 6. Spring Boot Integration </h2> <p>Spring Boot supports Sentinel natively via <code>spring-boot-starter-data-redis</code>. Here’s how to configure it.</p> <h3> pom.xml </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>&lt;dependency&gt; &lt;groupId&gt;org.springframework.boot&lt;/groupId&gt; &lt;artifactId&gt;spring-boot-starter-data-redis-reactive&lt;/artifactId&gt; &lt;/dependency&gt; </code></pre> </div> <h3> application.yml </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spring: data: redis: sentinel: master: localhost nodes: - redis-sentinel-1:26379 - redis-sentinel-2:26379 - redis-sentinel-3:26379 </code></pre> </div> <h3> Spring Boot Config for Pub/Sub messages(Optional) </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> @Bean(destroyMethod = "shutdown") public RedisClient sentinelClient() { return RedisClient.create("redis://127.0.0.1:26379"); } @Bean(destroyMethod = "close") public StatefulRedisPubSubConnection&lt;String, String&gt; sentinelPubSub(RedisClient client) { var conn = client.connectPubSub(); conn.addListener(new RedisPubSubAdapter&lt;&gt;() { @Override public void message(String channel, String message) { log.info("Sentinel event [{}] {}", channel, message); } }); // subscribe to key Sentinel events (or use psubscribe("*") to get all) conn.sync().subscribe( "+switch-master", // master changed "+sdown", "-sdown", // subjective down / cleared "+odown", "-odown", // objective down / cleared (masters only) "+try-failover", "+failover-state-*" ); return conn; } </code></pre> </div> <p>This way, clients automatically reconnect after failover. And log Sentinel events.</p> <h2> 7. Testing Failover &amp; Logs </h2> <h3> Failover Timeline </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>t0: Master alive t1: Master killed -&gt; SDOWN t2: Quorum reached -&gt; ODOWN t3: Leader elected -&gt; VOTE t4: Master elected -&gt; PROMOTE t5: New master active -&gt; CLIENTS REDIRECT t6: Replica detcted -&gt; SLAVE t7: Old master back -&gt; SLAVE </code></pre> </div> <h3> Docker logs: </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>redis-sentinel-1 | 1:X 24 Aug 2025 01:29:56.652 * Sentinel ID is 45f2090cc345fd2a0a9afad89d45d3c212816390 redis-sentinel-3 | 1:X 24 Aug 2025 01:29:56.670 * Sentinel ID is 72098a7942ff006106511dbb0db3044b00fa5473 redis-sentinel-2 | 1:X 24 Aug 2025 01:29:56.690 * Sentinel ID is b87c2be6edf6192e03783f1ed1647af7fa2b51f6 # Simulate the master down via command 'docker container kill redis-master' and the Failover will start. redis-sentinel-1 | 1:X 24 Aug 2025 01:30:32.047 # +sdown master mymaster redis-master 6379 redis-sentinel-2 | 1:X 24 Aug 2025 01:30:32.067 # +sdown master mymaster redis-master 6379 redis-sentinel-3 | 1:X 24 Aug 2025 01:30:32.107 # +sdown master mymaster redis-master 6379 redis-sentinel-2 | 1:X 24 Aug 2025 01:30:32.144 # +odown master mymaster redis-master 6379 #quorum 2/2 redis-sentinel-2 | 1:X 24 Aug 2025 01:30:32.144 # +try-failover master mymaster redis-master 6379 redis-sentinel-2 | 1:X 24 Aug 2025 01:30:32.151 # +vote-for-leader b87c2be6edf6192e03783f1ed1647af7fa2b51f6 1 redis-sentinel-3 | 1:X 24 Aug 2025 01:30:32.166 # +vote-for-leader b87c2be6edf6192e03783f1ed1647af7fa2b51f6 1 redis-sentinel-1 | 1:X 24 Aug 2025 01:30:32.167 # +vote-for-leader b87c2be6edf6192e03783f1ed1647af7fa2b51f6 1 redis-sentinel-2 | 1:X 24 Aug 2025 01:30:33.215 # +promoted-slave slave 127.0.0.1:6381 127.0.0.1 6381 @ mymaster redis-master 6379 redis-sentinel-2 | 1:X 24 Aug 2025 01:30:32.244 # +elected-leader master mymaster redis-master 6379 redis-sentinel-2 | 1:X 24 Aug 2025 01:30:32.244 # +failover-state-select-slave master mymaster redis-master 6379 redis-sentinel-2 | 1:X 24 Aug 2025 01:30:32.299 # +selected-slave slave 127.0.0.1:6381 127.0.0.1 6381 @ mymaster redis-master 6379 redis-sentinel-2 | 1:X 24 Aug 2025 01:30:32.299 * +failover-state-send-slaveof-noone slave 127.0.0.1:6381 127.0.0.1 6381 @ mymaster redis-master 6379 redis-sentinel-3 | 1:X 24 Aug 2025 01:30:33.263 # +switch-master mymaster redis-master 6379 127.0.0.1 6381 redis-sentinel-3 | 1:X 24 Aug 2025 01:30:33.264 * +slave slave redis-master:6379 redis-master 6379 @ mymaster 127.0.0.1 6381 # Restore master via command 'docker container start redis-master' and master will be the replica. redis-sentinel-2 | 1:X 24 Aug 2025 01:30:34.096 # -sdown slave 127.0.0.1:6379 127.0.0.1 6379 @ mymaster 127.0.0.1 6380 redis-master | 1:S 24 Aug 2025 01:30:34.236 * Before turning into a replica, using my own master parameters to synthesize a cached master: I may be able to synchronize with the new master with just a partial transfer. redis-master | 1:S 24 Aug 2025 01:30:34.236 * Connecting to MASTER 127.0.0.1:6380 redis-sentinel-1 | 1:X 24 Aug 2025 01:30:34.236 * +convert-to-slave slave 127.0.0.1:6379 127.0.0.1 6379 @ mymaster 127.0.0.1 6380 redis-replica-1 | 1:M 24 Aug 2025 01:30:34.447 * Synchronization with replica 127.0.0.1:6379 succeeded redis-master | 1:S 24 Aug 2025 01:30:34.447 * MASTER &lt;-&gt; REPLICA sync: Successfully streamed replication buffer into the db (0 bytes in total) </code></pre> </div> <h3> Redis Event List </h3> <ul> <li>+slave -- A new replica was detected and attached.</li> <li>+sdown -- The specified instance is now in Subjectively Down state.</li> <li>+odown -- The specified instance is now in Objectively Down state.</li> <li>+try-failover -- New failover in progress, waiting to be elected by the majority.</li> <li>+elected-leader -- Won the election for the specified epoch, can do the failover.</li> <li>+failover-state-select-slave -- New failover state is select-slave: we are trying to find a suitable replica for promotion.</li> </ul> <h3> Spring Boot log by Redis pub/sub: </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>2025-08-24T01:34:46.946+08:00 INFO 44256 --- [redis-reactive-demo] [ioEventLoop-7-1] d.a.redis.config.RedisConfigSentinel : Sentinel event [+sdown] master mymaster 127.0.0.1 6379 2025-08-24T01:34:48.055+08:00 INFO 44256 --- [redis-reactive-demo] [ioEventLoop-7-1] d.a.redis.config.RedisConfigSentinel : Sentinel event [+odown] master mymaster 127.0.0.1 6379 #quorum 3/2 2025-08-24T01:34:48.176+08:00 INFO 44256 --- [redis-reactive-demo] [ioEventLoop-7-1] d.a.redis.config.RedisConfigSentinel : Sentinel event [+switch-master] mymaster 127.0.0.1 6379 127.0.0.1 6381 </code></pre> </div> <h2> 8. Best Practices </h2> <ul> <li>Run <strong>at least 3 Sentinels</strong>. </li> <li>Distribute Sentinels across nodes for resilience. </li> <li>Tune <code>failover-timeout</code> and <code>down-after-milliseconds</code>. </li> </ul> <h2> 10. Final Thoughts </h2> <p>🚦 Think of Redis Sentinel as your system’s insurance policy.<br> Most of the time, you’ll never notice it quietly standing guard in the background. But the moment your master node takes a dive, Sentinel steps in to keep traffic flowing — and you’ll be very glad it was there all along.</p> <p>👉 Use Sentinel when you want simple, lightweight high availability.<br> It doesn’t complicate your setup and gets the job done for most HA needs.</p> <p>⚡ But if your workload demands both horizontal scaling (sharding) and HA, that’s where Redis Cluster shines. Sentinel won’t replace Cluster — they solve different problems.</p> <h2> 🔗Demo project: <a href="https://github.com/arata-x/redis-ha" rel="noopener noreferrer">Redis Sentinel</a> </h2> redis springboot Redis Replication Made Simple: With Spring Boot Integration Arata Sat, 09 Aug 2025 15:54:45 +0000 https://forem.com/aratax/redis-replication-made-simple-with-spring-boot-integration-18mi https://forem.com/aratax/redis-replication-made-simple-with-spring-boot-integration-18mi <p>Imagine it’s 3 AM. Your Redis server—yes, the one holding all your app’s session data—just crashed. Your team’s phones are buzzing. Users are locked out, and panic is rising. </p> <p>What if I told you this nightmare could be avoided with a simple feature built right into Redis? Enter <strong>Redis replication</strong>—your built-in safeguard for data availability, read scaling, and peace of mind.</p> <h2> 🔑 What Is Redis Replication? </h2> <p>At its core, <strong>Redis replication</strong> enables a single Redis instance (the <strong>primary</strong>) to automatically copy its data to one or more <strong>replicas</strong>.</p> <ul> <li>The <strong>primary</strong> handles all write operations. </li> <li> <strong>Replicas</strong> stay in sync and serve read requests, reducing the load on the primary. </li> <li>If the primary fails, replicas can quickly take over.</li> </ul> <p>This fundamental setup lays the groundwork for high availability and scaling in Redis environments.</p> <h2> ⚙️ How Does It Work? </h2> <p>Redis replication works in three key stages:</p> <ol> <li> <strong>Initial Sync:</strong> A replica requests a full snapshot (RDB) from the primary, loads it, and applies any updates. </li> <li> <strong>Command Streaming:</strong> Once synced, the replica continuously receives write commands from the primary to stay current. </li> <li> <strong>Partial Resync (PSYNC2):</strong> If a replica temporarily disconnects, it resumes from where it left off using Redis’s backlog buffer—avoiding a full resync.</li> </ol> <p>This process is <strong>asynchronous</strong>, which means replicas may lag slightly but offer high throughput.</p> <h2> 🖥 Setting Up Replication (Primary + Two Replicas) </h2> <p>Here’s how to launch a simple master-replica setup locally:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Start Primary</span> redis-server <span class="nt">--port</span> 6379 <span class="c"># Start Replica 1</span> redis-server <span class="nt">--port</span> 6380 <span class="nt">--replicaof</span> 127.0.0.1 6379 <span class="c"># Start Replica 2</span> redis-server <span class="nt">--port</span> 6381 <span class="nt">--replicaof</span> 127.0.0.1 6379 </code></pre> </div> <p>At this point, reads can be routed to replicas while writes continue to flow to the primary.</p> <h2> 🆕 Chained Replication (Replica of a Replica) </h2> <p>Beyond basic replication, Redis supports <strong>chained replication</strong>, where a replica can act as a source for another replica.</p> <h3> Why Use It? </h3> <ul> <li> <strong>Reduce primary load:</strong> Only one replica pulls directly from the primary. </li> <li> <strong>Regional optimization:</strong> Place replicas closer to users while syncing through a nearer node. </li> <li> <strong>Better bandwidth usage:</strong> Ideal for distributed or high-latency networks.</li> </ul> <p>Example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Primary</span> redis-server <span class="nt">--port</span> 6379 <span class="c"># Replica 1 (syncs from primary)</span> redis-server <span class="nt">--port</span> 6380 <span class="nt">--replicaof</span> 127.0.0.1 6379 <span class="c"># Replica 2 (syncs from Replica 1)</span> redis-server <span class="nt">--port</span> 6381 <span class="nt">--replicaof</span> 127.0.0.1 6380 </code></pre> </div> <h2> ✒Deployment Diagram </h2> <p>This diagram shows a primary node with two direct replicas and one chained replica.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> +--------+ | Server | +---+----+ | WRITE v +--------+ | Master | +---+----+ / \ SYNC/ \SYNC v v +-------+--+ +----+------+ | Replica | | Replica | +----+-----+ +-----+-----+ | CHAINED SYNC v +----+-----+ | Replica | +----------+ </code></pre> </div> <h2> ⚡ Diskless Replication </h2> <p>To further speed up initial synchronization, enable <strong>diskless replication</strong>, which streams snapshots directly to replicas:</p> <p>redis.conf (master)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight conf"><code><span class="n">repl</span>-<span class="n">diskless</span>-<span class="n">sync</span> <span class="n">yes</span> <span class="n">repl</span>-<span class="n">diskless</span>-<span class="n">sync</span>-<span class="n">delay</span> <span class="m">5</span> </code></pre> </div> <p>redis.conf (replica)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight conf"><code><span class="n">replicaof</span> <span class="n">redis</span>-<span class="n">master</span> <span class="m">6379</span> <span class="n">replica</span>-<span class="n">read</span>-<span class="n">only</span> <span class="n">yes</span> <span class="n">repl</span>-<span class="n">diskless</span>-<span class="n">load</span> <span class="n">on</span>-<span class="n">empty</span>-<span class="n">db</span> </code></pre> </div> <p>This avoids writing intermediate files to disk and is ideal for large datasets or high-performance environments.</p> <h2> 🔧 Spring Boot with Redis Replicas </h2> <p>Let’s integrate this into a Spring Boot project for practical use.</p> <h3> Dependency: </h3> <div class="highlight js-code-highlight"> <pre class="highlight xml"><code><span class="nt">&lt;dependency&gt;</span> <span class="nt">&lt;groupId&gt;</span>org.springframework.boot<span class="nt">&lt;/groupId&gt;</span> <span class="nt">&lt;artifactId&gt;</span>spring-boot-starter-data-redis<span class="nt">&lt;/artifactId&gt;</span> <span class="nt">&lt;/dependency&gt;</span> </code></pre> </div> <h3> Configuration: </h3> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="nd">@Bean</span> <span class="kd">public</span> <span class="nc">LettuceConnectionFactory</span> <span class="nf">redisConnectionFactory</span><span class="o">()</span> <span class="o">{</span> <span class="nc">RedisStaticMasterReplicaConfiguration</span> <span class="n">masterReplicaConfig</span> <span class="o">=</span> <span class="k">new</span> <span class="nf">RedisStaticMasterReplicaConfiguration</span><span class="o">(</span><span class="s">"127.0.0.1"</span><span class="o">,</span> <span class="mi">6379</span><span class="o">);</span> <span class="n">masterReplicaConfig</span><span class="o">.</span><span class="na">addNode</span><span class="o">(</span><span class="s">"127.0.0.1"</span><span class="o">,</span> <span class="mi">6380</span><span class="o">);</span> <span class="n">masterReplicaConfig</span><span class="o">.</span><span class="na">addNode</span><span class="o">(</span><span class="s">"127.0.0.1"</span><span class="o">,</span> <span class="mi">6381</span><span class="o">);</span> <span class="n">masterReplicaConfig</span><span class="o">.</span><span class="na">setPassword</span><span class="o">(</span><span class="nc">RedisPassword</span><span class="o">.</span><span class="na">of</span><span class="o">(</span><span class="s">"myRedisPass"</span><span class="o">));</span> <span class="nc">LettuceClientConfiguration</span> <span class="n">clientConfig</span> <span class="o">=</span> <span class="nc">LettuceClientConfiguration</span><span class="o">.</span><span class="na">builder</span><span class="o">()</span> <span class="o">.</span><span class="na">readFrom</span><span class="o">(</span><span class="nc">ReadFrom</span><span class="o">.</span><span class="na">ANY_REPLICA</span><span class="o">)</span> <span class="o">.</span><span class="na">build</span><span class="o">();</span> <span class="k">return</span> <span class="k">new</span> <span class="nf">LettuceConnectionFactory</span><span class="o">(</span><span class="n">masterReplicaConfig</span><span class="o">,</span> <span class="n">clientConfig</span><span class="o">);</span> <span class="o">}</span> </code></pre> </div> <p>This configuration connects Spring Boot to a primary and its replicas, preferring replica reads automatically.</p> <h2> 🛠 Verifying Reads Are Hitting Replicas </h2> <p>To confirm that reads hit replicas rather than the primary:</p> <h3> 1️⃣ Monitor Replica Activity </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>redis-cli <span class="nt">-p</span> 6380 MONITOR </code></pre> </div> <p>Execute a read query and see it logged on the replica.</p> <h3> 2️⃣ In Spring Boot </h3> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="nd">@Autowired</span> <span class="kd">private</span> <span class="nc">RedisTemplate</span><span class="o">&lt;</span><span class="nc">String</span><span class="o">,</span> <span class="nc">Object</span><span class="o">&gt;</span> <span class="n">redisTemplate</span><span class="o">;</span> <span class="nd">@Bean</span> <span class="kd">public</span> <span class="nc">CommandLineRunner</span> <span class="nf">testRedis</span><span class="o">()</span> <span class="o">{</span> <span class="k">return</span> <span class="n">args</span> <span class="o">-&gt;</span> <span class="o">{</span> <span class="nc">ValueOperations</span><span class="o">&lt;</span><span class="nc">String</span><span class="o">,</span> <span class="nc">Object</span><span class="o">&gt;</span> <span class="n">ops</span> <span class="o">=</span> <span class="n">redisTemplate</span><span class="o">.</span><span class="na">opsForValue</span><span class="o">();</span> <span class="n">ops</span><span class="o">.</span><span class="na">set</span><span class="o">(</span><span class="s">"user:1"</span><span class="o">,</span> <span class="s">"Alice"</span><span class="o">);</span> <span class="c1">// Write -&gt; Master</span> <span class="nc">String</span> <span class="n">value</span> <span class="o">=</span> <span class="n">ops</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="s">"user:1"</span><span class="o">);</span> <span class="c1">// Read -&gt; Replica</span> <span class="nc">System</span><span class="o">.</span><span class="na">out</span><span class="o">.</span><span class="na">println</span><span class="o">(</span><span class="s">"Read value (replica preferred): "</span> <span class="o">+</span> <span class="n">value</span><span class="o">);</span> <span class="o">};</span> <span class="o">}</span> </code></pre> </div> <h2> ⚠️ Limitations of Replicas Alone </h2> <p>However, while replication improves resilience, it doesn’t guarantee full HA on its own.</p> <ul> <li> <strong>No automatic failover:</strong> Promotion must be done manually without Sentinel or Cluster. </li> <li> <strong>Asynchronous replication:</strong> Recent writes might be lost if the primary fails before syncing. </li> <li> <strong>Single control point:</strong> The primary remains the bottleneck for writes.</li> </ul> <p>These gaps highlight why replication is essential but insufficient for full HA in production environments.</p> <h2> ✅ Final Thoughts </h2> <p>Redis replication is a <strong>simple yet powerful</strong> way to protect against single points of failure, scale reads, and prepare for failover. Its nature—one primary continuously mirrored by one or more replicas—ensures that your data is <strong>redundant, accessible, and performance-optimized</strong>.</p> <p><strong>Why use replicas?</strong></p> <ul> <li>Keep a live backup ready for emergencies.</li> <li>Reduce read load on the primary.</li> <li>Improve latency with geographically placed replicas.</li> </ul> <p><strong>Key takeaway</strong>: Replication is your <strong>first step</strong> toward high availability. Pair it with <strong>Sentinel</strong> for automatic failover or <strong>Cluster</strong> for sharding to achieve a <strong>production-grade, fault-tolerant Redis deployment</strong>.</p> <h2> 🛠 Demo Project for Readers </h2> <p>I have created a <strong>demo project</strong> that showcases practical usage of Redis replica.</p> <h3> Project Includes: </h3> <ul> <li> <strong>Docker</strong>: Pre-configured Redis master &amp; replicas using <code>docker-compose</code>.</li> <li> <strong>Spring Boot</strong>: Example backend service demonstrating Redis read/write splitting.</li> </ul> <h3> 🔗 Access the Project </h3> <p>You can clone or explore the project from my repository :<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>git clone https://github.com/arata-x/redis-ha.git cd redis-ha </code></pre> </div> <h2> Additional Resources </h2> <ul> <li><p><a href="https://redis.io/docs/latest/operate/oss_and_stack/management/replication/" rel="noopener noreferrer">Official Replication Documentation</a></p></li> <li><p><a href="https://docs.spring.io/spring-data/redis/docs/current/reference/html/" rel="noopener noreferrer">Spring Data Redis Reference Guide</a></p></li> </ul> redis springboot database replication