Table of Contents
- Topic Architecture: Building Your Data Highway
- Delivery Guarantees: Never Lose, Never Duplicate
- Replication & ISR: Zero Downtime Architecture
Topic Architecture: Building Your Data Highway
π― The Foundation: Understanding Topics
Think of a Kafka topic as a multi-lane highway where your data travels. Just like how more lanes allow more cars to drive simultaneously, more partitions allow more messages to be processed in parallel.
Creating Your First Topic
/opt/kafka/bin/kafka-topics.sh --create \
--topic order-events \
--partitions 4 \
--replication-factor 3 \
--bootstrap-server localhost:9092
What just happened?
- β
Created a topic called
order-events - β Split it into 4 parallel lanes (partitions)
- β Made 3 copies of each partition (for safety)
π£οΈ Partitions: Your Performance Dial
Scenario: E-commerce Order Processing
You run an online store with these requirements:
- 5,000 orders per second during peak hours
- Each processing server handles 1,250 orders/second
Calculate partitions needed:
Partitions = Target Throughput Γ· Consumer Throughput
Partitions = 5,000 Γ· 1,250 = 4 partitions
The Highway Analogy Visualized
1 Partition Topic (Bottleneck):
[βββββββββββββββββββββββ] Single lane - all traffic stuck
4 Partition Topic (Optimal):
[βββββββββββββββββββββββ] Partition 0 β Consumer A
[βββββββββββββββββββββββ] Partition 1 β Consumer B
[βββββββββββββββββββββββ] Partition 2 β Consumer C
[βββββββββββββββββββββββ] Partition 3 β Consumer D
π Message Keys: The Secret to Ordering
The Problem
Without keys, messages for the same customer could process out of order, causing chaos!
β Without Keys (Random Distribution):
Customer #42 creates account β Partition 1
Customer #42 updates email β Partition 0 β Different partition!
Customer #42 adds phone β Partition 2 β Processed out of order!
β
With Keys (Guaranteed Order):
Key: "customer-42" β hash β Partition 2
Customer #42 creates account β Partition 2
Customer #42 updates email β Partition 2 β Same partition!
Customer #42 adds phone β Partition 2 β Perfect order!
Real-World Example: Social Media Feed
Scenario: Building an Instagram-like feed processor
When users create posts, you need to ensure each user's posts are processed in order, but different users can be processed in parallel.
Key Strategy:
User ID as Key β All posts from same user β Same partition β Guaranteed order
Result: All of Sarah's posts stay in order, but different users' posts can be processed in parallel across partitions!
Key Strategy Decision Tree
Do you need message ordering?
ββ NO β Use NO KEY (round-robin for max throughput)
β Perfect for: Metrics, logs, sensor data
β
ββ YES β Use MESSAGE KEY
ββ User activity? β key = user_id
ββ Order processing? β key = order_id
ββ IoT devices? β key = device_id
ββ Multi-tenant app? β key = tenant_id
π‘οΈ Replication: Your Safety Net
Scenario: Banking Application
You're building a payment processor. One question matters most:
"If a server crashes at 2 AM, do we lose transaction records?"
Answer depends on replication factor:
Replication Factor = 1 (β NEVER IN PRODUCTION)
Partition 0:
βββ Broker 1 (Leader) β Single point of failure
If Broker 1 crashes β DATA PERMANENTLY LOST
Replication Factor = 3 (β
Production Standard)
Partition 0:
βββ Broker 1 (Leader) β Handles all reads/writes
βββ Broker 2 (Follower) β Backup copy
βββ Broker 3 (Follower) β Another backup
Broker 1 crashes? β Broker 2 becomes leader β NO DATA LOSS β
Real Failure Scenario: Diwali Sale
Timeline of a broker failure:
11:59 PM - Diwali sale starts, 10,000 orders/second
12:03 AM - Broker 2 crashes (hardware failure)
12:03 AM - Controller detects failure (3 seconds)
12:03 AM - Broker 3 promoted to leader
12:03 AM - Orders continue processing
- Zero orders lost β
- 3-second interruption only
βοΈ Advanced Configuration: Retention & Durability
Configuration Example: Multi-Tier Data Strategy
Real-time Analytics Topic (High Volume, Short Retention)
/opt/kafka/bin/kafka-topics.sh --create \
--topic clickstream-events \
--partitions 16 \
--replication-factor 3 \
--config retention.ms=86400000 \ # 1 day
--config min.insync.replicas=1 # Lower durability for speed
Financial Transactions Topic (Critical, Long Retention)
/opt/kafka/bin/kafka-topics.sh --create \
--topic payment-transactions \
--partitions 6 \
--replication-factor 3 \
--config retention.ms=7776000000 \ # 90 days
--config min.insync.replicas=2 # High durability
Event Sourcing Topic (Forever, Maximum Safety)
/opt/kafka/bin/kafka-topics.sh --create \
--topic account-events \
--partitions 8 \
--replication-factor 5 \
--config retention.ms=-1 \ # Forever
--config min.insync.replicas=3 # Maximum durability
Delivery Guarantees: Never Lose, Never Duplicate
π The Central Dilemma
In distributed systems, failures are inevitable. The question is:
When your consumer crashes mid-processing, what happens to that message?
You have two choices, each with trade-offs:
π At Most Once: "Fire and Forget"
Definition: Process each message 0 or 1 times (never more than once)
Priority: Prevent duplicates at all costs, even if it means losing messages
The Coffee Shop Analogy
You order coffee:
1. Barista writes order β
2. β
MARKS YOUR ORDER COMPLETE (commits offset)
3. π₯ Power outage before making coffee!
4. Power returns
5. Order marked complete β You never get your coffee
Result: Order processed ZERO times (at most once)
How It Works: Automatic Offset Commit
Consumer Configuration:
enable.auto.commit=true
auto.commit.interval.ms=5000 # Commits every 5 seconds
Processing Flow:
1. Fetch message from Kafka
2. β
Auto-commit saves offset (marks as done)
3. Start processing message
4. If crash here β Message LOST
Timeline of Message Loss
10:00:00 - Fetch message "user_clicked_buy_button"
10:00:01 - Auto-commit saves offset 1001 β
10:00:02 - Start processing...
10:00:03 - π₯ APPLICATION CRASHES
10:00:04 - Restart
10:00:05 - Ask Kafka: "Where was I?"
10:00:05 - Kafka: "You were at offset 1001"
10:00:06 - Skip to offset 1001
- Message 1000 NEVER PROCESSED
π― At Least Once: "Never Lose Anything"
Definition: Process each message 1 or more times (never zero times)
Priority: Ensure every message is processed, even if it means processing some twice
The Coffee Shop Analogy (Revised)
You order coffee:
1. Barista makes your coffee β
2. Serves it to you β
3. π₯ Power outage before marking order complete!
4. Power returns
5. Order NOT marked complete β Makes coffee AGAIN
6. You get TWO coffees (one extra)
Result: Order processed TWICE (at least once)
How It Works: Manual Offset Commit
Consumer Configuration:
enable.auto.commit=false # Manual control
Processing Flow:
1. Fetch message from Kafka
2. Process message successfully β
3. Write to database β
4. Commit offset manually β
5. If crash before step 4 β Message REPROCESSED
Timeline of Duplicate Processing
10:00:00 - Fetch message "order_12345: charge $100"
10:00:01 - Process order successfully β
10:00:02 - Charge customer $100 β
10:00:03 - Write to database β
10:00:04 - π₯ APPLICATION CRASHES (before committing offset)
10:00:05 - Restart
10:00:06 - Ask Kafka: "Where was I?"
10:00:06 - Kafka: "You were at offset 1000"
10:00:07 - Fetch message 1000 AGAIN
10:00:08 - Process order AGAIN
10:00:09 - Charge customer $100 AGAIN β οΈ (DUPLICATE!)
10:00:10 - Write to database AGAIN
10:00:11 - Commit offset successfully
π Decision Matrix: Which Guarantee to Use?
START HERE
β
Can you afford to lose messages?
β β
YES NO
β β
AT MOST ONCE AT LEAST ONCE
β β
Use cases: Can you handle duplicates?
β’ Sensors β β
β’ Metrics YES NO
β’ Logs β β
Implement Add deduplication
idempotency β’ Transaction IDs
β’ Txn IDs β’ DB constraints
β’ DB keys β’ Processing log
Use Case Decision Table
| Scenario | Guarantee | Reasoning |
|---|---|---|
| Banking transactions | At Least Once | Cannot lose money transfers |
| User registrations | At Least Once | Cannot lose new users |
| E-commerce orders | At Least Once | Cannot lose customer orders |
| Stock trades | At Least Once | Cannot lose trade records |
| IoT sensor readings | At Most Once | Losing one reading is acceptable |
| Application logs | At Most Once | Missing one log entry is okay |
| Click analytics | At Most Once | Approximate counts are fine |
| System metrics | At Most Once | Slightly off counts acceptable |
βοΈ Configuration Comparison
At Most Once Configuration:
# Consumer config
enable.auto.commit=true
auto.commit.interval.ms=5000
At Least Once Configuration:
# Consumer config
enable.auto.commit=false # Manual control
Replication And ISR: Zero Downtime Architecture
ποΈ The Architecture: No Single Point of Failure
The Problem Visualized
Without Replication:
Topic: customer-orders
Partition 0 β Broker 1 β Single copy
π₯ Crashes
β
π¨ DATA LOST FOREVER
π¨ Service DOWN
With Replication:
Topic: customer-orders
Partition 0:
βββ Broker 1 (Leader) β Primary copy
βββ Broker 2 (Follower) β Backup copy
βββ Broker 3 (Follower) β Another backup
Broker 1 π₯ Crashes
β
Broker 2 becomes Leader (3 seconds)
β
β
NO DATA LOST
β
Service continues
π Leaders and Followers
How Replication Works
Every partition has ONE leader and multiple followers:
Partition 0 (Replication Factor = 3):
Producers write here
β
ββββββββββββββββββββββββββββββββ
β Broker 1 (LEADER) β
β [msg1][msg2][msg3][msg4] β
ββββββββββββββββββββββββββββββββ
β β
ββββββββββββββ ββββββββββββββ
β β
ββββββββββββββββββββ ββββββββββββββββββββ
β Broker 2 β β Broker 3 β
β (FOLLOWER) β β (FOLLOWER) β
β [msg1][msg2] β β [msg1][msg2] β
β [msg3][msg4] β β [msg3][msg4] β
ββββββββββββββββββββ ββββββββββββββββββββ
Actively Actively
replicating replicating
Key Rules:
- All writes go through the leader
- All reads go through the leader
- Followers continuously pull new data from leader
- Followers do NOT serve client requests
π― In-Sync Replicas (ISR): The Safety Net
ISR = A follower that is fully caught up and healthy
What Makes a Replica "In-Sync"?
β
IN-SYNC REPLICA:
β’ Has all committed messages
β’ Actively fetching from leader
β’ Not fallen behind (< replica.lag.time.max.milliseconds)
β’ Ready to become leader at any moment
β OUT-OF-SYNC REPLICA:
β’ Missing recent messages
β’ Stopped fetching (network issue, crashed)
β’ Fallen too far behind
β’ CANNOT become leader
Real-World Analogy: Emergency Contact List
You have 3 emergency contacts:
Contact 1 (Leader): Mom
β’ Always answers immediately
β’ Has all current information
Contact 2 (ISR): Dad
β’ Answers within seconds
β’ Fully updated on family matters
β’ Can step in if Mom unavailable β
Contact 3 (Out-of-Sync): Cousin
β’ Takes hours to respond
β’ Out of the loop
β’ Can't be relied on in emergency β
π Message Commitment: The Two-Phase Process
Phase 1: Leader Writes
Producer sends: "Transfer $500 from Alice to Bob"
β
Leader writes to local log
β
Message is "uncommitted" (not safe yet)
Phase 2: ISRs Acknowledge
Leader notifies followers:
β
Follower 1 (ISR) replicates β
β
Follower 2 (ISR) replicates β
β
Message now "committed" (safe!)
β
Producer receives ACK
Producer Configuration Impact
acks=1 (Fast but Risky):
Producer β Leader writes β ACK immediately
(Followers not yet replicated)
Leader crashes before replication?
β Message LOST π₯
acks=all (Slow but Safe):
Producer β Leader writes β Wait for ALL ISRs β ACK
Takes longer, but:
β Message GUARANTEED safe β
β Zero data loss
π¨ Failure Scenario: Leader Election
Real-World Example: Diwali Sale at 2 AM
Initial State:
Topic: flash-sale-orders
Partition 0:
βββ Broker 1 (Leader) β 50,000 orders/sec
β ISR: [1, 2, 3]
βββ Broker 2 (Follower) β In-Sync
βββ Broker 3 (Follower) β In-Sync
Failure Timeline:
02:00:00 - Broker 1 crashes (power supply failure)
02:00:01 - Producer attempts write β Connection refused
02:00:02 - Zookeeper detects missing heartbeat
02:00:03 - Controller initiates leader election
Candidates: Broker 2, Broker 3 (both ISR)
02:00:03 - Broker 2 elected as new leader
02:00:04 - Controller notifies all brokers
02:00:04 - Producer auto-discovers new leader
02:00:05 - Orders resume processing β
Total downtime: 5 seconds
Orders lost: ZERO (because acks=all)
Why Was Broker 2 Chosen?
- β Was in ISR (fully caught up)
- β Had all committed messages
- β First in preferred replica list
What If Broker 2 Was Out-of-Sync?
02:00:03 - Controller checks ISR: [1, 3]
02:00:03 - Broker 2 NOT in ISR β SKIPPED
02:00:03 - Broker 3 elected instead
βοΈ Configuration Deep Dive
1. Replication Factor (Topic Level)
# Development: Fast, no safety
/opt/kafka/bin/kafka-topics.sh --create \
--topic dev-logs \
--replication-factor 1 # β Never in production!
# Staging: Moderate safety
/opt/kafka/bin/kafka-topics.sh --create \
--topic staging-events \
--replication-factor 2
# Production: Standard safety
/opt/kafka/bin/kafka-topics.sh --create \
--topic production-orders \
--replication-factor 3 # β
Industry standard
# Mission-Critical: Maximum safety
/opt/kafka/bin/kafka-topics.sh --create \
--topic financial-transactions \
--replication-factor 5
2. Min In-Sync Replicas (Topic Level)
Works with acks=all on producer side:
# Weak durability (fast but risky)
--config min.insync.replicas=1
# Leader only needs to write
# If leader crashes before followers replicate β DATA LOST
# Strong durability (recommended)
--config min.insync.replicas=2
# Leader + at least 1 follower must acknowledge
# Can survive 1 broker failure
# Maximum durability (mission-critical)
--config min.insync.replicas=3
# Leader + at least 2 followers must acknowledge
# Can survive 2 broker failures
3. Replica Lag Time (Broker Level)
# In server.properties
replica.lag.time.max.milliseconds=10000 # 10 seconds
# If follower doesn't fetch within 10 seconds:
# β Removed from ISR
# β Cannot become leader
# β Logs warning
Top comments (0)