This repository contains example configurations and docker-compose files demonstrating various features of Kong Event Gateway (Kiburi).
- Docker and Docker Compose
- kafkactl (optional, for testing)
Basic setup demonstrating Kafka proxy functionality:
- Simple proxy configuration
- Anonymous authentication
- Direct pass-through of Kafka operations
- Ideal for development environments and testing
Shows how to configure topic name aliasing using CEL expressions:
- Dynamic topic name transformation
- Bidirectional name mapping
- Predefined name aliases
- Transparent operation for clients
- Ideal for standardizing naming conventions
Shows how to configure automatic topic name filtering:
- Automatic topic name prefixing
- Prefix-based topic filtering
- Transparent operation for clients
- Ideal for multi-tenant environments and namespace isolation
Demonstrates JWT authentication configuration with two clusters:
- Anonymous authentication cluster (port 19092)
- JWT-authenticated cluster (port 29092)
- Separate authentication methods per virtual cluster
- Perfect for mixed security requirements and gradual security implementation
Showcases message-level encryption/decryption capabilities:
- Automatic encryption of produced messages
- Automatic decryption of consumed messages
- Uses symmetric key encryption (128-bit)
- Includes key generation scripts (generate_key.sh)
- Messages encrypted at rest in Kafka
Example of schema validation configuration:
- Message schema validation
- Integration with Schema Registry
- Validation before message production
- Error handling for invalid messages
- Ideal for ensuring data quality and contract-first development
- Confluent Cloud Integration (examples/A1-confluent-cloud)- Secure connection to Confluent Cloud
- SASL/PLAIN authentication
- TLS encryption
- SNI-based routing
- Secrets management for credentials
 
Each example directory contains:
- config.yaml: Kong Event Gateway configuration
- docker-compose.yaml: Required services configuration
- README.md: Detailed documentation and usage instructions
To run any example:
cd examples/[example-directory]
docker-compose up -dThe .kafkactl.yml configuration includes three contexts:
- default: Direct connection to Kafka (localhost:9092)
- virtual: Connection through basic proxy (localhost:19092)
- secured: Connection through authenticated proxy (localhost:29092)
Switch contexts using:
kafkactl config use-context [context-name]The main docker-compose file includes:
- Apache Kafka
- Schema Registry
- Kong Event Gateway (Kiburi)
- Kafka UI (available at http://localhost:8080)
Required environment variables for Kong Event Gateway:
- KONNECT_CP_HOST: Konnect Control Plane host
- KONNECT_PAT: Personal Access Token
- 
Development and Testing - Use the Basic Proxy example
- Anonymous authentication
- Direct pass-through functionality
 
- 
Multi-tenant Environments - Topic Filter example for namespace isolation
- Authentication Mediation for security
- Schema Validation for data governance
 
- 
Security Implementation - Authentication Mediation for access control
- Encryption for data protection
- Multiple authentication methods
 
- 
Data Quality - Schema Validation for message format enforcement
- Topic Filter for organizational standards
- Error handling and validation
 
- 
Cloud Integration - Confluent Cloud integration for managed Kafka
- Secure credential management
- TLS and SASL authentication
 
Common issues across examples:
- 
Connection Issues - Verify services are running (docker ps)
- Check port availability
- Confirm environment variables are set
 
- Verify services are running (
- 
Authentication Problems - Verify correct context in kafkactl
- Check JWT token validity
- Confirm proxy port usage
 
- 
Configuration - Validate config.yaml syntax
- Check service dependencies
- Verify network connectivity
 
This project is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.