Kafka on SafetyWing Runbookshttps://runbooks.safetywing.dev/runbooks/kafka/Recent content in Kafka on SafetyWing RunbooksHugoen-usKafkaConsumerGroupLagHighhttps://runbooks.safetywing.dev/runbooks/kafka/kafkaconsumergrouplaghigh/Mon, 01 Jan 0001 00:00:00 +0000https://runbooks.safetywing.dev/runbooks/kafka/kafkaconsumergrouplaghigh/<h2 id="meaning">Meaning<a class="anchor" href="#meaning">#</a></h2> <p>A consumer group is falling behind the producers on a topic — the gap between the latest offset and the group&rsquo;s committed offset (lag) has exceeded the threshold. Messages are being produced faster than they are consumed, so processing is delayed. The <code>consumergroup</code> and <code>topic</code> labels identify exactly which consumer and topic are affected.</p> <p>Fires when: per-(consumergroup, topic) lag exceeds <code>&lt;threshold&gt;</code> for 15m. Severity <code>ticket</code>, tier <code>component</code>.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-promql" data-lang="promql"><span style="display:flex;"><span><span style="color:#66d9ef">max</span> <span style="color:#66d9ef">by</span> <span style="color:#f92672">(</span>consumergroup, topic<span style="color:#f92672">)</span> <span style="color:#f92672">(</span>kafka_consumergroup_lag{namespace<span style="color:#f92672">=</span>&#34;<span style="color:#e6db74">safetywing-&lt;env&gt;-infra</span>&#34;}<span style="color:#f92672">)</span> <span style="color:#f92672">&gt;</span> <span style="color:#f92672">&lt;</span>threshold<span style="color:#f92672">&gt;</span></span></span></code></pre></div><h2 id="impact">Impact<a class="anchor" href="#impact">#</a></h2> <ul> <li>Delayed processing for the affected consumer group → stale downstream data, late side effects, growing end-to-end latency.</li> <li>If lag keeps climbing, retention may expire un-consumed messages, causing permanent message loss.</li> <li>Brokers retain more unconsumed data, increasing disk usage.</li> </ul> <h2 id="diagnosis">Diagnosis<a class="anchor" href="#diagnosis">#</a></h2> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl config use-context hetzner </span></span><span style="display:flex;"><span>kubectl get kafka,kafkanodepool -n safetywing-&lt;env&gt;-infra </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Describe the lagging group: per-partition LAG, CURRENT-OFFSET, LOG-END-OFFSET, CONSUMER-ID</span> </span></span><span style="display:flex;"><span>kubectl exec -n safetywing-&lt;env&gt;-infra &lt;broker-pod&gt; -- <span style="color:#ae81ff">\ </span></span></span><span style="display:flex;"><span> bin/kafka-consumer-groups.sh --bootstrap-server localhost:9092 <span style="color:#ae81ff">\ </span></span></span><span style="display:flex;"><span> --describe --group &lt;consumergroup&gt; </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Are there active members, or is the group empty / rebalancing?</span> </span></span><span style="display:flex;"><span>kubectl exec -n safetywing-&lt;env&gt;-infra &lt;broker-pod&gt; -- <span style="color:#ae81ff">\ </span></span></span><span style="display:flex;"><span> bin/kafka-consumer-groups.sh --bootstrap-server localhost:9092 <span style="color:#ae81ff">\ </span></span></span><span style="display:flex;"><span> --describe --group &lt;consumergroup&gt; --members --verbose </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Inspect the consuming application workload</span> </span></span><span style="display:flex;"><span>kubectl get pods -A | grep &lt;consumer-app&gt; </span></span><span style="display:flex;"><span>kubectl logs -n &lt;consumer-ns&gt; &lt;consumer-pod&gt; --tail<span style="color:#f92672">=</span><span style="color:#ae81ff">200</span></span></span></code></pre></div><p>Confirm trend and scope in Prometheus (<code>prom-ep.hetzner.safetywing.dev</code>):</p>KafkaNoActiveControllerhttps://runbooks.safetywing.dev/runbooks/kafka/kafkanoactivecontroller/Mon, 01 Jan 0001 00:00:00 +0000https://runbooks.safetywing.dev/runbooks/kafka/kafkanoactivecontroller/<h2 id="meaning">Meaning<a class="anchor" href="#meaning">#</a></h2> <p>In KRaft mode exactly one controller node should be active (the metadata quorum leader). This alert means the cluster sees zero active controllers (no quorum leader) or more than one (split brain). Either state puts cluster metadata — topic, partition, ISR, and config state — at risk and blocks administrative operations.</p> <p>Fires when: the summed active controller count across the namespace is not exactly 1 for 5m. Severity <code>page</code>, tier <code>component</code>.</p>KafkaOfflinePartitionshttps://runbooks.safetywing.dev/runbooks/kafka/kafkaofflinepartitions/Mon, 01 Jan 0001 00:00:00 +0000https://runbooks.safetywing.dev/runbooks/kafka/kafkaofflinepartitions/<h2 id="meaning">Meaning<a class="anchor" href="#meaning">#</a></h2> <p>One or more partitions have no leader, so they cannot serve reads or writes. Any producer or consumer touching an offline partition is blocked, which usually means data loss risk and stalled traffic across affected topics.</p> <p>Fires when: any broker reports a non-zero offline partition count for 5m. Severity <code>page</code>, tier <code>component</code>.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-promql" data-lang="promql"><span style="display:flex;"><span><span style="color:#66d9ef">max</span><span style="color:#f92672">(</span>kafka_controller_kafkacontroller_offlinepartitionscount{namespace<span style="color:#f92672">=</span>&#34;<span style="color:#e6db74">safetywing-&lt;env&gt;-infra</span>&#34;}<span style="color:#f92672">)</span> <span style="color:#f92672">&gt;</span> <span style="color:#ae81ff">0</span></span></span></code></pre></div><h2 id="impact">Impact<a class="anchor" href="#impact">#</a></h2> <ul> <li>Produce and consume requests to offline partitions fail or hang.</li> <li>Consumer groups stall on the affected partitions; lag grows.</li> <li>Topics with offline partitions are effectively partially unavailable.</li> <li>Often a symptom of multiple broker failures or unavailable replicas.</li> </ul> <h2 id="diagnosis">Diagnosis<a class="anchor" href="#diagnosis">#</a></h2> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl config use-context hetzner </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Strimzi CRs and broker pods</span> </span></span><span style="display:flex;"><span>kubectl get kafka,kafkanodepool -n safetywing-&lt;env&gt;-infra </span></span><span style="display:flex;"><span>kubectl get pods -n safetywing-&lt;env&gt;-infra -l strimzi.io/cluster </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Which brokers are not Ready</span> </span></span><span style="display:flex;"><span>kubectl get pods -n safetywing-&lt;env&gt;-infra -o wide | grep -v Running </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Broker / controller logs (look for leader election, ISR, disk errors)</span> </span></span><span style="display:flex;"><span>kubectl logs -n safetywing-&lt;env&gt;-infra &lt;broker-pod&gt; --tail<span style="color:#f92672">=</span><span style="color:#ae81ff">200</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Cluster + topic state from inside a broker</span> </span></span><span style="display:flex;"><span>kubectl exec -n safetywing-&lt;env&gt;-infra &lt;broker-pod&gt; -- <span style="color:#ae81ff">\ </span></span></span><span style="display:flex;"><span> bin/kafka-topics.sh --bootstrap-server localhost:9092 <span style="color:#ae81ff">\ </span></span></span><span style="display:flex;"><span> --describe --under-min-isr-partitions </span></span><span style="display:flex;"><span>kubectl exec -n safetywing-&lt;env&gt;-infra &lt;broker-pod&gt; -- <span style="color:#ae81ff">\ </span></span></span><span style="display:flex;"><span> bin/kafka-topics.sh --bootstrap-server localhost:9092 <span style="color:#ae81ff">\ </span></span></span><span style="display:flex;"><span> --describe --unavailable-partitions</span></span></code></pre></div><p>Confirm scope in Prometheus (<code>prom-ep.hetzner.safetywing.dev</code>):</p>KafkaUnderReplicatedPartitionshttps://runbooks.safetywing.dev/runbooks/kafka/kafkaunderreplicatedpartitions/Mon, 01 Jan 0001 00:00:00 +0000https://runbooks.safetywing.dev/runbooks/kafka/kafkaunderreplicatedpartitions/<h2 id="meaning">Meaning<a class="anchor" href="#meaning">#</a></h2> <p>Partitions have fewer in-sync replicas than their configured replication factor. The cluster is still serving traffic, but durability is reduced — losing one more broker could take partitions offline or lose data. Usually a broker is down, restarting, or lagging behind on replication.</p> <p>Fires when: any broker reports a non-zero under-replicated partition count for 10m. Severity <code>ticket</code>, tier <code>component</code>.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-promql" data-lang="promql"><span style="display:flex;"><span><span style="color:#66d9ef">max</span><span style="color:#f92672">(</span>kafka_server_replicamanager_underreplicatedpartitions{namespace<span style="color:#f92672">=</span>&#34;<span style="color:#e6db74">safetywing-&lt;env&gt;-infra</span>&#34;}<span style="color:#f92672">)</span> <span style="color:#f92672">&gt;</span> <span style="color:#ae81ff">0</span></span></span></code></pre></div><h2 id="impact">Impact<a class="anchor" href="#impact">#</a></h2> <ul> <li>Reduced fault tolerance: a single additional broker failure may cause offline partitions or data loss.</li> <li>Producers using <code>acks=all</code> may slow down or block if the ISR drops below <code>min.insync.replicas</code>.</li> <li>Sustained under-replication often precedes an <code>OfflinePartitions</code> page.</li> </ul> <h2 id="diagnosis">Diagnosis<a class="anchor" href="#diagnosis">#</a></h2> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl config use-context hetzner </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Strimzi CRs and broker pods</span> </span></span><span style="display:flex;"><span>kubectl get kafka,kafkanodepool -n safetywing-&lt;env&gt;-infra </span></span><span style="display:flex;"><span>kubectl get pods -n safetywing-&lt;env&gt;-infra -l strimzi.io/cluster -o wide </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Any broker not Ready / restarting?</span> </span></span><span style="display:flex;"><span>kubectl get pods -n safetywing-&lt;env&gt;-infra | grep -vE <span style="color:#e6db74">&#34;Running|Completed&#34;</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Which partitions are under-replicated / below min ISR</span> </span></span><span style="display:flex;"><span>kubectl exec -n safetywing-&lt;env&gt;-infra &lt;broker-pod&gt; -- <span style="color:#ae81ff">\ </span></span></span><span style="display:flex;"><span> bin/kafka-topics.sh --bootstrap-server localhost:9092 <span style="color:#ae81ff">\ </span></span></span><span style="display:flex;"><span> --describe --under-replicated-partitions </span></span><span style="display:flex;"><span>kubectl exec -n safetywing-&lt;env&gt;-infra &lt;broker-pod&gt; -- <span style="color:#ae81ff">\ </span></span></span><span style="display:flex;"><span> bin/kafka-topics.sh --bootstrap-server localhost:9092 <span style="color:#ae81ff">\ </span></span></span><span style="display:flex;"><span> --describe --under-min-isr-partitions </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Broker logs: replica fetcher, ISR shrink/expand, disk</span> </span></span><span style="display:flex;"><span>kubectl logs -n safetywing-&lt;env&gt;-infra &lt;broker-pod&gt; --tail<span style="color:#f92672">=</span><span style="color:#ae81ff">200</span> | grep -iE <span style="color:#e6db74">&#34;ISR|replica|fetch&#34;</span></span></span></code></pre></div><p>Confirm scope in Prometheus (<code>prom-ep.hetzner.safetywing.dev</code>):</p>