Strimzi is a Kubernetes operator that automates the deployment, management, and lifecycle of Apache Kafka clusters on Kubernetes or OpenShift. It uses custom resource definitions and declarative YAML configuration to define Kafka cluster topology, broker placement, and security settings, with operator-based controllers that reconcile the desired state with the actual cluster state.
The operator handles rolling updates during cluster upgrades or configuration changes to maintain availability and data integrity, and supports rack-aware broker scheduling across Kubernetes nodes and availability zones for fault tolerance. It also includes an HTTP bridge that translates the Kafka binary protocol to HTTP requests and responses, enabling non-JVM applications to produce and consume messages without native Kafka client libraries.
Strimzi provides tools for managing Kafka topics, users, connectors, and MirrorMaker through standard kubectl commands and custom resources. It secures Kafka communication with TLS, SCRAM-SHA, or OAuth authentication, automates TLS certificate generation and renewal, and verifies container image signatures using cosign before deployment to ensure supply chain integrity.
