Apache Kafka® running on Kubernetes
Strimzi provides a way to run an Apache Kafka® cluster on
Kubernetes or OpenShift in various deployment configurations.
See our website for more details about the project.
To get up and running quickly, check our Quick Start for Minikube, OKD (OpenShift Origin) and Kubernetes Kind.
Documentation for the current main branch as well as all releases can be found on our website.
The roadmap of the Strimzi Operator project is maintained as GitHub Project.
If you encounter any issues while using Strimzi, you can get help using:
You can join our regular community meetings:
Resources:
You can contribute by:
All bugs, tasks or enhancements are tracked as GitHub issues. Issues which
might be a good start for new contributors are marked with “good-start”
label.
The Dev guide describes how to build Strimzi.
Before submitting a patch, please make sure to understand, how to test your changes before opening a PR Test guide.
The Documentation Contributor Guide describes how to contribute to Strimzi documentation.
If you want to get in touch with us first before contributing, you can use:
Strimzi is licensed under the Apache License, Version 2.0
From the 0.38.0 release, Strimzi containers are signed using the cosign
tool.
Strimzi currently does not use the keyless signing and the transparency log.
To verify the container, you can copy the following public key into a file:
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAET3OleLR7h0JqatY2KkECXhA9ZAkC
TRnbE23Wb5AzJPnpevvQ1QUEQQ5h/I4GobB7/jkGfqYkt6Ct5WOU2cc6HQ==
-----END PUBLIC KEY-----
And use it to verify the signature:
cosign verify --key strimzi.pub quay.io/strimzi/operator:latest --insecure-ignore-tlog=true
From the 0.38.0 release, Strimzi publishes the software bill of materials (SBOM) of our containers.
The SBOMs are published as an archive with SPDX-JSON
and Syft-Table
formats signed using cosign.
For releases, they are also pushed into the container registry.
To verify the SBOM signatures, please use the Strimzi public key:
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAET3OleLR7h0JqatY2KkECXhA9ZAkC
TRnbE23Wb5AzJPnpevvQ1QUEQQ5h/I4GobB7/jkGfqYkt6Ct5WOU2cc6HQ==
-----END PUBLIC KEY-----
You can use it to verify the signature of the SBOM files with the following command:
cosign verify-blob --key cosign.pub --bundle <SBOM-file>.bundle --insecure-ignore-tlog=true <SBOM-file>
Strimzi is a Cloud Native Computing Foundation incubating project.