confluent, profile picture
Uploaded byconfluent
71 views

Strumenti e Strategie di Stream Governance con Confluent Platform

The document discusses stream governance and technical features of the Confluent platform, including schema management, data contracts, and the importance of schema adherence to prevent data quality issues. It outlines a roadmap for future developments such as data cataloging and encryption, emphasizing the need for reliable data processing and security measures. The content emphasizes the significance of enforcing data contracts to enhance data trustworthiness and reduce operational complexities.

Embed presentation

Download to read offline
Strumenti e Strategie di Stream Governance con Confluent Platform Federico Alberton Customer Success Technical Architects, Confluent Italy Paolo Venturini Customer Success Technical Architects, Confluent Italy
11:00 - 11:20 11:20 - 11:40 11:20 - 11:40 11:40 - 11:50 12:00 Stream Governance & Technical features: - Schema, Schema Registry, Data Contracts Sessione di Demo Roadmap & next steps: - Stream Catalog, Data Portal, Stream Lineage, Client Side Field Level Encryption Q&A Session Chiusura Lavori Agenda
Confluent and Confluent Platform
Confluent Data Streaming Platform All your data continuously streamed, processed, governed and shared as a product, making it instantly valuable, usable, and trustworthy everywhere. CONNECT PROCESS GOVERN STREAM Accounts Customer Profile Purchases Shipments Claims Orders Clickstreams From Data Mess To Data Products To Instant Value Everywhere CONNECT Data Systems Inventory Replenishment Forecasting … Custom Apps & Microservices Personalization Recommendation Fraud …
Confluent Platform 5 https://www.confluent.io/whitepaper/confluent-enterprise-reference-architecture/ Application Sticky Load Balancer REST Proxy Proxy Kafka Brokers Broker + Rebalancer Quorum Nodes (ZooKeeper or KRaft) Q Q Q Proxy Broker + Rebalancer Broker + Rebalancer Broker + Rebalancer Schema Registry Leader Follower Q Q Confluent Control Center Application Clients KStreams pp Streams Kafka Connect Worker + Connectors or Replicator Microservice Worker + Connectors or Replicator ksqlDB ksqlDB Server ksqlDB Server
Data contracts
Data producer/owner - Produce high quality data - Evolve data safely - Make data contextualized and discoverable - Share data Data platform team - Design and offer a self-serve data streaming platform - Facilitate the onboarding of developers and other data users Data consumer - Search and discover data - Understand data - Trust data - Consume and build on high quality data Remove friction at scale without centralization
produces Kafka without Schema No structure can cause many problems Producer Consumer consume Consumer Consumers
produces Kafka without Schema Who is encoding and decoding? Producer Consumer consume Consumer Consumers Serializer Deserializer
Major problems without the schema Breaking changes Low quality data Security challenges Data producers and consumers evolve independently. Changes to the data schema (e.g., adding a new field, changing data types) can break consumers if not managed properly. Without a central mechanism to enforce schema adherence, producers may send malformed or incompatible data, leading to data quality issues downstream (Missing data, Incorrect data, etc ) Sensitive data cannot be protected properly and can be accessed by wrong users / applications
{ "type": "record", "name": "Membership", "fields": [ {"name": "start_date", "type": {"type": "int", "logicalType": "date"}}, {"name": "end_date", "type": {"type": "int", "logicalType": "date"}}, {"name": "email", "type": "string"}, {"name": "ssn", "type": "string"} ] } Example Avro Schema
{ "type": "record", "name": "Membership", "fields": [ {"name": "start_date", "type": {"type": "int", "logicalType": "date"}}, {"name": "end_date", "type": {"type": "int", "logicalType": "date"}}, {"name": "email", "type": "string"}, {"name": "ssn", "type": "string"}, {"name": "full_name", "type": ["null", "string"]} ] } Change in Structure Can be disruptive
Structure Ignored Unpredictable outcomes SCHEMA "start_date", "int" "end_date", "int" "email", "string" "ssn", "string" { "start_date": 19358, "end_date": 19722, "email": 100 } // 2023-01-01 // 2023-12-31 INCORRECT DATA TYPE MISSING SSN FIELD
OUT OF ORDER { "start_date": 19358, "end_date": 0, "email": "john.doe", "ssn": "fizzbuzz" } // 2023-01-01 Domain integrity ignored Garbage in, garbage out SCHEMA "start_date", "int" "end_date", "int" "email", "string" "ssn", "string" INVALID EMAIL INVALID SSN
{ "start_date": 19358, "end_date": 19722, "email": "john.doe@example.com", "ssn": "856-45-6789" } Example of a high quality data Proper structure and semantics // 2023-01-01 // 2023-12-31 SCHEMA "start_date", "int" "end_date", "int" "email", "string" "ssn", "string"
CLEAR TEXT { "start_date": 19358, "end_date": 19722, "email": "john.doe@example.com", "ssn": "856-45-6789" } Data security gaps No Data Privacy // 2023-01-01 // 2023-12-31 SCHEMA "start_date", "int" "end_date", "int" "email", "string" "ssn", "string"
promises trust produces Data contract structure Producer Consumer consume Consumer Consumers Business Logic Business Logic semantics rules Data Contracts is the answer Adding structure, meaning, and policies
promises trust produces Data Contracts Schema Registry as the foundation Producer Schema Registry Confluent Kafka Consumer consume Consumer Consumers
Confluent Schema Registry Schema Repository and more! 1 2 3 1 2 2 1
promises trust produces Data contract First step: Define the structure Structure is the foundation of the contract Producer Consumer consume Consumer Consumers structure
{ "type": "record", "name": "Membership", "fields": [ {"name": "start_date", "type": {"type": "int", "logicalType": "date"}}, {"name": "end_date", "type": {"type": "int", "logicalType": "date"}}, {"name": "email", "type": "string"}, {"name": "ssn", "type": "string"} ] } Example Avro Schema
{ "type": "record", "name": "Membership", "fields": [ {"name": "start_date", "type": {"type": "int", "logicalType": "date"}}, {"name": "end_date", "type": {"type": "int", "logicalType": "date"}}, {"name": "email", "type": "string"}, {"name": "ssn", "type": "string"}, {"name": "full_name", "type": ["null", "string"]} ] } Constant Change How do we know if this is allowed?
Set Compatibility for Schema Evolution Compatibility enables predictable changes COMPATIBILITY TYPE ALLOWED CHANGES COMPARED TO UPGRADE FIRST BACKWARD - Delete fields - Add optional fields Latest version Consumers BACKWARD_TRANSITIVE - Delete fields - Add optional fields All previous versions Consumers FORWARD - Add fields - Delete optional fields Latest version Producers FORWARD_TRANSITIVE - Add fields - Delete optional fields All previous versions Producers FULL - Add optional fields - Delete optional fields Latest version Either FULL_TRANSITIVE - Add optional fields - Delete optional fields All previous versions Either NONE - Any change allowed Not compared Depends
{ "schema": "...", "metadata": { "properties": { "owner": "Carol Smith", "email": "csmith@acme.com", "gdpr_sensitive": "True", "retention_period": "24" } } } Adding Metadata
promises trust produces Data contract structure Proper semantics for data Enables proper flow of data Producer Consumer consume Consumer Consumers Business Logic Business Logic semantics rules
Use Data Contract Rules Data Quality Constrains the values of fields and customize follow-up actions on incompatible messages. Data Encryption Identifies and Encrypts the value of a field based on a tag added to the field. Data Transformation Change the value of a specific field or an entire message based on a condition. Schema Migration A Transform rule and allows otherwise breaking changes to be performed on a schema by adding upgrade and downgrade rules.
// 2023-01-01 // 2023-12-31 { "start_date": 19358, "end_date": 19722, "email": "john.doe@example.com", "ssn": "856-45-6789" } Domain Integrity Ensuring proper values SCHEMA "start_date", "int" "end_date", "int" "email", "string" "ssn", "string"
Data Quality Rule { "schema": "...", "schemaType": "AVRO", "ruleSet": { "domainRules": [{ "name": "validateEmail", "kind": "CONDITION", "mode": "WRITE", "type": "CEL", "doc": "Rule checks email is well formatted and sends record to a DLQ if not.", "expr": "Membership.email.matches(r".+@.+..+")", "onFailure": "DLQ", "params": { "dlq.topic": "bad_members" } }] } }
// 2023-01-01 // 2023-12-31 { "start_date": 19358, "end_date": 19722, "email": "for.mat@preserved.enc", "ssn": "XXX-XX-6789" } Data Privacy Protecting Sensitive Data SCHEMA "start_date", "int" "end_date", "int" "email", "string" "ssn", "string"
Data Encryption Rule { "schema": "...", "schemaType": "AVRO", "metadata": { "tags": { "Membership.email": ["PII"] } }, "ruleSet": { "domainRules": [{ "name": "encryptPII", "type": "ENCRYPT", "doc": "Rule encrypts every field tagged as PII. ", "tags": ["PII"], "params": { "encrypt.kek.name": "ce581594-3115-486e-b391-5ea874371e73", "encrypt.kms.type": "aws-kms", "encrypt.kms.key.id": "arn:aws:kms:us-east-1:586051073099:key/ce58..." } }] } } On Roadmap
Data Transformation Rule { "schema": "...", "schemaType": "AVRO", "ruleSet": { "domainRules": [{ "name": "populateDefaultSSN", "kind": "TRANSFORM", "type": "CEL_FIELD", "doc": "Rule checks if ssn is empty and replaces it with 'unspecified' if it is.", "mode": "WRITE", "expr": "name == 'ssn' ; value == '' ? 'unspecified' : value" }] } }
Schema Migration Rule { "schema": "...", "schemaType": "AVRO", "ruleSet": { "migrationRules": [{ "name": "changeSsnToSocialSecurityNumber", "kind": "TRANSFORM", "type": "JSONATA", "doc": "Consumer is on new major version and gets socialSecurityNumber while producer sends ssn.", "mode": "UPGRADE", "expr": "$merge([$sift($, function($v, $k) {$k != 'ssn'}), {'socialSecurityNumber': $.'ssn'}])" }, { "name": "changeSocialSecurityNumberToSsn", "kind": "TRANSFORM", "type": "JSONATA", "doc": "Consumer is on old major version and gets ssn while producer sends socialSecurityNumber.", "mode": "DOWNGRADE", "expr": "$merge([$sift($, function($v, $k) {$k != 'socialSecurityNumber'}), {'ssn': $.'socialSecurityNumber'}])" }] }
contract validation trust Data Contracts Shift-left and ensure high quality data Producer Schema Registry Confluent Kafka Consumer Consumer Consumers Serializer content validation consume prevented
promises provides Data Contracts High quality data for processing Producer Schema Registry Confluent Kafka Consumer Consumer Consumers Deserializer content validation prevented contract validation
Solution overview Breaking changes Low quality data Security challenges Utilize validation and transformation rules Take advantage of metadata capabilities like tagging, business metadata, etc Protect sensitive data using Confluent Security and Governance capabilities Use schema registry and define schemas Evolve them as needed Use schema validation
Demo
Roadmap
● Provide hybrid monitoring, governance and management in a unified, secure architecture: ✓ Data Portal Sync ✓ Data Policies ✓ Observability - Metrics and Alerting ✓ Cluster Linking & Mirrored Topics Hybrid Connected Cloud Extend Data Streaming Platform capabilities to self-managed clusters On Roadmap for 2025
Data Discovery
An Example from Amazon Discoverable Owner Accessible Contextualized Standardized Secure Trustworthy Self Describing Metadata
Search and discover data using Data Portal On Roadmap for 2025
Understand the data lineage On Roadmap for 2025
Stream Catalog On Roadmap for 2025
Q&A Session
falberton@confluent.io pventurini@confluent.io Grazie!
Strumenti e Strategie di Stream Governance con Confluent Platform

More Related Content

PDF
Citi Tech Talk: Data Governance for streaming and real time data
byconfluent
 
PPTX
Data-Variety-Schema-Evolution-and-Metadata-Management.pptx
bySidneyHodieb1
 
PDF
Testing Strategies for Data Lake Hosted on Hadoop
byCitiusTech
 
PPTX
MVP Cloud OS Week: 9 Sept, Track 1 Data Liberty
bycsmyth501
 
PPTX
MVP Cloud OS Week Track 1 9 Sept: Data liberty
bycsmyth501
 
PPTX
BlueVenn: Creating and Using the 'Golden Customer Record'
byDaniel Williams
 
PDF
Data Modeling, Normalization, and Denormalisation | PostgreSQL Conference Eur...
byCitus Data
 
PDF
The Economics of SQL on Hadoop
byDatameer
 
Citi Tech Talk: Data Governance for streaming and real time data
byconfluent
 
Data-Variety-Schema-Evolution-and-Metadata-Management.pptx
bySidneyHodieb1
 
Testing Strategies for Data Lake Hosted on Hadoop
byCitiusTech
 
MVP Cloud OS Week: 9 Sept, Track 1 Data Liberty
bycsmyth501
 
MVP Cloud OS Week Track 1 9 Sept: Data liberty
bycsmyth501
 
BlueVenn: Creating and Using the 'Golden Customer Record'
byDaniel Williams
 
Data Modeling, Normalization, and Denormalisation | PostgreSQL Conference Eur...
byCitus Data
 
The Economics of SQL on Hadoop
byDatameer
 

Similar to Strumenti e Strategie di Stream Governance con Confluent Platform

PDF
20241115 - EB- D ata _Products.pdf data base
byalex883655
 
PDF
Martin Kleppmann-Designing Data-Intensive Applications_ The Big Ideas Behind ...
bySamir P.
 
PPTX
Data Engineering Efficiency @ Netflix - Strata 2017
byMichelle Ufford
 
PPTX
Database-Management-Systems-Foundations-to-Advanced-Concepts.pptx
byHistoryScienceWorld
 
PPTX
Database-Management-Systems-Foundations-to-Advanced-Concepts.pptx
byHistoryScienceWorld
 
PDF
Telstra Presentation GraphSummit Melbourne: Optimising Business Outcomes with...
byNeo4j
 
PDF
Delta Architecture
byPaulo Gutierrez
 
PDF
Building Enterprise Data Strategy - Data Lake
byTogi Nababan
 
PDF
The delta architecture
byPrakash Chockalingam
 
PPTX
Migrating data: How to reduce risk
byETLSolutions
 
PDF
Stardog Linked Data Catalog
byClark & Parsia LLC
 
PDF
Stardog Linked Data Catalog
bykendallclark
 
PDF
Achieving High Throughput With Reliability In Transactional Systems
byVMware Tanzu
 
PDF
Groovy Architectural Flexibility
byDavid Dawson
 
PDF
Mind Your Business. And Its Logic
byVladik Khononov
 
PDF
Relational Database Stockholm Syndrome (Neal Murray, 6 Point 6) London 2019 C...
byconfluent
 
PPTX
Big data
byYazan Abu Al Failat
 
PDF
Open Source Reliability for Data Lake with Apache Spark by Michael Armbrust
byData Con LA
 
PDF
Big Data Pushes Enterprises into Data-Driven Mode, Makes Demands for More App...
byDana Gardner
 
PDF
Schema Evolution Patterns - Texas Scalability Summit 2019
byAlex Rasmussen
 
20241115 - EB- D ata _Products.pdf data base
byalex883655
 
Martin Kleppmann-Designing Data-Intensive Applications_ The Big Ideas Behind ...
bySamir P.
 
Data Engineering Efficiency @ Netflix - Strata 2017
byMichelle Ufford
 
Database-Management-Systems-Foundations-to-Advanced-Concepts.pptx
byHistoryScienceWorld
 
Database-Management-Systems-Foundations-to-Advanced-Concepts.pptx
byHistoryScienceWorld
 
Telstra Presentation GraphSummit Melbourne: Optimising Business Outcomes with...
byNeo4j
 
Delta Architecture
byPaulo Gutierrez
 
Building Enterprise Data Strategy - Data Lake
byTogi Nababan
 
The delta architecture
byPrakash Chockalingam
 
Migrating data: How to reduce risk
byETLSolutions
 
Stardog Linked Data Catalog
byClark & Parsia LLC
 
Stardog Linked Data Catalog
bykendallclark
 
Achieving High Throughput With Reliability In Transactional Systems
byVMware Tanzu
 
Groovy Architectural Flexibility
byDavid Dawson
 
Mind Your Business. And Its Logic
byVladik Khononov
 
Relational Database Stockholm Syndrome (Neal Murray, 6 Point 6) London 2019 C...
byconfluent
 
Big data
byYazan Abu Al Failat
 
Open Source Reliability for Data Lake with Apache Spark by Michael Armbrust
byData Con LA
 
Big Data Pushes Enterprises into Data-Driven Mode, Makes Demands for More App...
byDana Gardner
 
Schema Evolution Patterns - Texas Scalability Summit 2019
byAlex Rasmussen
 

More from confluent

PDF
Evolving Data Governance for the Real-time Streaming and AI Era
byconfluent
 
PDF
Il Data Streaming per un’AI real-time di nuova generazione
byconfluent
 
PDF
From Stream to Screen: Real-Time Data Streaming to Web Frontends with Conflue...
byconfluent
 
PDF
Data in Motion Tour Seoul 2024 - Roadmap Demo
byconfluent
 
PDF
Data in Motion Tour 2024 Riyadh, Saudi Arabia
byconfluent
 
PDF
Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...
byconfluent
 
PDF
Five Things You Need to Know About Data Streaming in 2025
byconfluent
 
PDF
Unlocking value with event-driven architecture by Confluent
byconfluent
 
PDF
Compose Gen-AI Apps With Real-Time Data - In Minutes, Not Weeks
byconfluent
 
PDF
Speed Wins: From Kafka to APIs in Minutes
byconfluent
 
PDF
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
byconfluent
 
PDF
Confluent per il settore FSI: Accelerare l'Innovazione con il Data Streaming...
byconfluent
 
PDF
Building Real-Time Gen AI Applications with SingleStore and Confluent
byconfluent
 
PDF
Break data silos with real-time connectivity using Confluent Cloud Connectors
byconfluent
 
PDF
Build a Real-Time Decision Support Application for Financial Market Traders w...
byconfluent
 
PPTX
Webinar Think Right - Shift Left - 19-03-2025.pptx
byconfluent
 
PDF
Stream Processing Handson Workshop - Flink SQL Hands-on Workshop (Korean)
byconfluent
 
PDF
Migration, backup and restore made easy using Kannika
byconfluent
 
PDF
Data in Motion Tour Seoul 2024 - Keynote
byconfluent
 
PDF
Building API data products on top of your real-time data infrastructure
byconfluent
 
Evolving Data Governance for the Real-time Streaming and AI Era
byconfluent
 
Il Data Streaming per un’AI real-time di nuova generazione
byconfluent
 
From Stream to Screen: Real-Time Data Streaming to Web Frontends with Conflue...
byconfluent
 
Data in Motion Tour Seoul 2024 - Roadmap Demo
byconfluent
 
Data in Motion Tour 2024 Riyadh, Saudi Arabia
byconfluent
 
Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...
byconfluent
 
Five Things You Need to Know About Data Streaming in 2025
byconfluent
 
Unlocking value with event-driven architecture by Confluent
byconfluent
 
Compose Gen-AI Apps With Real-Time Data - In Minutes, Not Weeks
byconfluent
 
Speed Wins: From Kafka to APIs in Minutes
byconfluent
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
byconfluent
 
Confluent per il settore FSI: Accelerare l'Innovazione con il Data Streaming...
byconfluent
 
Building Real-Time Gen AI Applications with SingleStore and Confluent
byconfluent
 
Break data silos with real-time connectivity using Confluent Cloud Connectors
byconfluent
 
Build a Real-Time Decision Support Application for Financial Market Traders w...
byconfluent
 
Webinar Think Right - Shift Left - 19-03-2025.pptx
byconfluent
 
Stream Processing Handson Workshop - Flink SQL Hands-on Workshop (Korean)
byconfluent
 
Migration, backup and restore made easy using Kannika
byconfluent
 
Data in Motion Tour Seoul 2024 - Keynote
byconfluent
 
Building API data products on top of your real-time data infrastructure
byconfluent
 

Recently uploaded

PPTX
Why Your Business Needs Snowflake Consulting_ From Data Silos to AI-Ready Cloud
byChetu
 
PDF
Intelligent CRM for Insurance Brokers: Managing Clients with Precision
byInsurance Tech Services
 
PPTX
Modern Claims Automation Solutions for Operational Agility
byInsurance Tech Services
 
PDF
IT Estate Modernization: Transform Your Infrastructure for the Future .pdf
byAstuteBusiness
 
PDF
What Is A Woman (WIAW) Token – Smart Contract Security Audit Report by EtherA...
byEtherAuthority
 
PDF
Here’s the case study that shows how companies lose ₹2–6 Cr annually due to m...
bysiddhantdazzlo
 
PPTX
Magnet-AXIOM_overview_tool_cyber_tool.pptx
byashishtjoseph
 
PDF
Advanced Prompt Engineering: The Art and Science
byMaxim Salnikov
 
PPTX
Binance Smart Chain Development Guide.pptx
bylakshubadai
 
PDF
Constraints First - Why Our On-Prem Ticketing System Starts With Limits, Not ...
bySpirit Face
 
PPTX
GDS Integration Solution | GDS Integration Service
byyugababu033
 
PDF
Red Hat Summit 2025 - Triton GPU Kernel programming.pdf
bySanjeev Rampal
 
PPTX
NSF Converter Software to Convert NSF to PST, EML, MSG
byNSF Converter Software
 
PPTX
Week 7 Introduction to HTML PowerPoint Notes.pptx
bylesandawelgens
 
PDF
Design and Analysis of Algorithms(DAA): Unit-II Asymptotic Notations and Basi...
byKuvempu University
 
PPTX
Deep Dive into Durable Functions, presented at Cloudbrew 2025
byJoonas Westlin
 
PDF
Operating System (OS) :UNIT-I Introduction to Operating System BCA SEP SEM-II...
byKuvempu University
 
PPTX
AI Agent Overview - Why we need AI Agent
byAlokGope
 
PDF
Database Management Systems(DBMS):UNIT-II Relational Data Model BCA SEP SEM ...
byKuvempu University
 
PDF
Combinatorial Interview Problems with Backtracking Solutions - From Imperativ...
byPhilip Schwarz
 
Why Your Business Needs Snowflake Consulting_ From Data Silos to AI-Ready Cloud
byChetu
 
Intelligent CRM for Insurance Brokers: Managing Clients with Precision
byInsurance Tech Services
 
Modern Claims Automation Solutions for Operational Agility
byInsurance Tech Services
 
IT Estate Modernization: Transform Your Infrastructure for the Future .pdf
byAstuteBusiness
 
What Is A Woman (WIAW) Token – Smart Contract Security Audit Report by EtherA...
byEtherAuthority
 
Here’s the case study that shows how companies lose ₹2–6 Cr annually due to m...
bysiddhantdazzlo
 
Magnet-AXIOM_overview_tool_cyber_tool.pptx
byashishtjoseph
 
Advanced Prompt Engineering: The Art and Science
byMaxim Salnikov
 
Binance Smart Chain Development Guide.pptx
bylakshubadai
 
Constraints First - Why Our On-Prem Ticketing System Starts With Limits, Not ...
bySpirit Face
 
GDS Integration Solution | GDS Integration Service
byyugababu033
 
Red Hat Summit 2025 - Triton GPU Kernel programming.pdf
bySanjeev Rampal
 
NSF Converter Software to Convert NSF to PST, EML, MSG
byNSF Converter Software
 
Week 7 Introduction to HTML PowerPoint Notes.pptx
bylesandawelgens
 
Design and Analysis of Algorithms(DAA): Unit-II Asymptotic Notations and Basi...
byKuvempu University
 
Deep Dive into Durable Functions, presented at Cloudbrew 2025
byJoonas Westlin
 
Operating System (OS) :UNIT-I Introduction to Operating System BCA SEP SEM-II...
byKuvempu University
 
AI Agent Overview - Why we need AI Agent
byAlokGope
 
Database Management Systems(DBMS):UNIT-II Relational Data Model BCA SEP SEM ...
byKuvempu University
 
Combinatorial Interview Problems with Backtracking Solutions - From Imperativ...
byPhilip Schwarz
 

Strumenti e Strategie di Stream Governance con Confluent Platform

  • 1.
    Strumenti e Strategiedi Stream Governance con Confluent Platform Federico Alberton Customer Success Technical Architects, Confluent Italy Paolo Venturini Customer Success Technical Architects, Confluent Italy
  • 2.
    11:00 - 11:20 11:20- 11:40 11:20 - 11:40 11:40 - 11:50 12:00 Stream Governance & Technical features: - Schema, Schema Registry, Data Contracts Sessione di Demo Roadmap & next steps: - Stream Catalog, Data Portal, Stream Lineage, Client Side Field Level Encryption Q&A Session Chiusura Lavori Agenda
  • 3.
  • 4.
    Confluent Data Streaming Platform Allyour data continuously streamed, processed, governed and shared as a product, making it instantly valuable, usable, and trustworthy everywhere. CONNECT PROCESS GOVERN STREAM Accounts Customer Profile Purchases Shipments Claims Orders Clickstreams From Data Mess To Data Products To Instant Value Everywhere CONNECT Data Systems Inventory Replenishment Forecasting … Custom Apps & Microservices Personalization Recommendation Fraud …
  • 5.
    Confluent Platform 5 https://www.confluent.io/whitepaper/confluent-enterprise-reference-architecture/ Application Sticky LoadBalancer REST Proxy Proxy Kafka Brokers Broker + Rebalancer Quorum Nodes (ZooKeeper or KRaft) Q Q Q Proxy Broker + Rebalancer Broker + Rebalancer Broker + Rebalancer Schema Registry Leader Follower Q Q Confluent Control Center Application Clients KStreams pp Streams Kafka Connect Worker + Connectors or Replicator Microservice Worker + Connectors or Replicator ksqlDB ksqlDB Server ksqlDB Server
  • 6.
  • 7.
    Data producer/owner - Producehigh quality data - Evolve data safely - Make data contextualized and discoverable - Share data Data platform team - Design and offer a self-serve data streaming platform - Facilitate the onboarding of developers and other data users Data consumer - Search and discover data - Understand data - Trust data - Consume and build on high quality data Remove friction at scale without centralization
  • 8.
    produces Kafka without Schema Nostructure can cause many problems Producer Consumer consume Consumer Consumers
  • 9.
    produces Kafka without Schema Whois encoding and decoding? Producer Consumer consume Consumer Consumers Serializer Deserializer
  • 10.
    Major problems withoutthe schema Breaking changes Low quality data Security challenges Data producers and consumers evolve independently. Changes to the data schema (e.g., adding a new field, changing data types) can break consumers if not managed properly. Without a central mechanism to enforce schema adherence, producers may send malformed or incompatible data, leading to data quality issues downstream (Missing data, Incorrect data, etc ) Sensitive data cannot be protected properly and can be accessed by wrong users / applications
  • 11.
    { "type": "record", "name": "Membership", "fields":[ {"name": "start_date", "type": {"type": "int", "logicalType": "date"}}, {"name": "end_date", "type": {"type": "int", "logicalType": "date"}}, {"name": "email", "type": "string"}, {"name": "ssn", "type": "string"} ] } Example Avro Schema
  • 12.
    { "type": "record", "name": "Membership", "fields":[ {"name": "start_date", "type": {"type": "int", "logicalType": "date"}}, {"name": "end_date", "type": {"type": "int", "logicalType": "date"}}, {"name": "email", "type": "string"}, {"name": "ssn", "type": "string"}, {"name": "full_name", "type": ["null", "string"]} ] } Change in Structure Can be disruptive
  • 13.
    Structure Ignored Unpredictable outcomesSCHEMA "start_date", "int" "end_date", "int" "email", "string" "ssn", "string" { "start_date": 19358, "end_date": 19722, "email": 100 } // 2023-01-01 // 2023-12-31 INCORRECT DATA TYPE MISSING SSN FIELD
  • 14.
    OUT OF ORDER { "start_date":19358, "end_date": 0, "email": "john.doe", "ssn": "fizzbuzz" } // 2023-01-01 Domain integrity ignored Garbage in, garbage out SCHEMA "start_date", "int" "end_date", "int" "email", "string" "ssn", "string" INVALID EMAIL INVALID SSN
  • 15.
    { "start_date": 19358, "end_date": 19722, "email":"john.doe@example.com", "ssn": "856-45-6789" } Example of a high quality data Proper structure and semantics // 2023-01-01 // 2023-12-31 SCHEMA "start_date", "int" "end_date", "int" "email", "string" "ssn", "string"
  • 16.
    CLEAR TEXT { "start_date": 19358, "end_date":19722, "email": "john.doe@example.com", "ssn": "856-45-6789" } Data security gaps No Data Privacy // 2023-01-01 // 2023-12-31 SCHEMA "start_date", "int" "end_date", "int" "email", "string" "ssn", "string"
  • 17.
  • 18.
    promises trust produces Data Contracts SchemaRegistry as the foundation Producer Schema Registry Confluent Kafka Consumer consume Consumer Consumers
  • 19.
    Confluent Schema Registry SchemaRepository and more! 1 2 3 1 2 2 1
  • 20.
    promises trust produces Data contract Firststep: Define the structure Structure is the foundation of the contract Producer Consumer consume Consumer Consumers structure
  • 21.
    { "type": "record", "name": "Membership", "fields":[ {"name": "start_date", "type": {"type": "int", "logicalType": "date"}}, {"name": "end_date", "type": {"type": "int", "logicalType": "date"}}, {"name": "email", "type": "string"}, {"name": "ssn", "type": "string"} ] } Example Avro Schema
  • 22.
    { "type": "record", "name": "Membership", "fields":[ {"name": "start_date", "type": {"type": "int", "logicalType": "date"}}, {"name": "end_date", "type": {"type": "int", "logicalType": "date"}}, {"name": "email", "type": "string"}, {"name": "ssn", "type": "string"}, {"name": "full_name", "type": ["null", "string"]} ] } Constant Change How do we know if this is allowed?
  • 23.
    Set Compatibility forSchema Evolution Compatibility enables predictable changes COMPATIBILITY TYPE ALLOWED CHANGES COMPARED TO UPGRADE FIRST BACKWARD - Delete fields - Add optional fields Latest version Consumers BACKWARD_TRANSITIVE - Delete fields - Add optional fields All previous versions Consumers FORWARD - Add fields - Delete optional fields Latest version Producers FORWARD_TRANSITIVE - Add fields - Delete optional fields All previous versions Producers FULL - Add optional fields - Delete optional fields Latest version Either FULL_TRANSITIVE - Add optional fields - Delete optional fields All previous versions Either NONE - Any change allowed Not compared Depends
  • 24.
    { "schema": "...", "metadata": { "properties":{ "owner": "Carol Smith", "email": "csmith@acme.com", "gdpr_sensitive": "True", "retention_period": "24" } } } Adding Metadata
  • 25.
    promises trust produces Data contract structure Propersemantics for data Enables proper flow of data Producer Consumer consume Consumer Consumers Business Logic Business Logic semantics rules
  • 26.
    Use Data ContractRules Data Quality Constrains the values of fields and customize follow-up actions on incompatible messages. Data Encryption Identifies and Encrypts the value of a field based on a tag added to the field. Data Transformation Change the value of a specific field or an entire message based on a condition. Schema Migration A Transform rule and allows otherwise breaking changes to be performed on a schema by adding upgrade and downgrade rules.
  • 27.
    // 2023-01-01 // 2023-12-31 { "start_date":19358, "end_date": 19722, "email": "john.doe@example.com", "ssn": "856-45-6789" } Domain Integrity Ensuring proper values SCHEMA "start_date", "int" "end_date", "int" "email", "string" "ssn", "string"
  • 28.
    Data Quality Rule { "schema":"...", "schemaType": "AVRO", "ruleSet": { "domainRules": [{ "name": "validateEmail", "kind": "CONDITION", "mode": "WRITE", "type": "CEL", "doc": "Rule checks email is well formatted and sends record to a DLQ if not.", "expr": "Membership.email.matches(r".+@.+..+")", "onFailure": "DLQ", "params": { "dlq.topic": "bad_members" } }] } }
  • 29.
    // 2023-01-01 // 2023-12-31 { "start_date":19358, "end_date": 19722, "email": "for.mat@preserved.enc", "ssn": "XXX-XX-6789" } Data Privacy Protecting Sensitive Data SCHEMA "start_date", "int" "end_date", "int" "email", "string" "ssn", "string"
  • 30.
    Data Encryption Rule { "schema":"...", "schemaType": "AVRO", "metadata": { "tags": { "Membership.email": ["PII"] } }, "ruleSet": { "domainRules": [{ "name": "encryptPII", "type": "ENCRYPT", "doc": "Rule encrypts every field tagged as PII. ", "tags": ["PII"], "params": { "encrypt.kek.name": "ce581594-3115-486e-b391-5ea874371e73", "encrypt.kms.type": "aws-kms", "encrypt.kms.key.id": "arn:aws:kms:us-east-1:586051073099:key/ce58..." } }] } } On Roadmap
  • 31.
    Data Transformation Rule { "schema":"...", "schemaType": "AVRO", "ruleSet": { "domainRules": [{ "name": "populateDefaultSSN", "kind": "TRANSFORM", "type": "CEL_FIELD", "doc": "Rule checks if ssn is empty and replaces it with 'unspecified' if it is.", "mode": "WRITE", "expr": "name == 'ssn' ; value == '' ? 'unspecified' : value" }] } }
  • 32.
    Schema Migration Rule { "schema":"...", "schemaType": "AVRO", "ruleSet": { "migrationRules": [{ "name": "changeSsnToSocialSecurityNumber", "kind": "TRANSFORM", "type": "JSONATA", "doc": "Consumer is on new major version and gets socialSecurityNumber while producer sends ssn.", "mode": "UPGRADE", "expr": "$merge([$sift($, function($v, $k) {$k != 'ssn'}), {'socialSecurityNumber': $.'ssn'}])" }, { "name": "changeSocialSecurityNumberToSsn", "kind": "TRANSFORM", "type": "JSONATA", "doc": "Consumer is on old major version and gets ssn while producer sends socialSecurityNumber.", "mode": "DOWNGRADE", "expr": "$merge([$sift($, function($v, $k) {$k != 'socialSecurityNumber'}), {'ssn': $.'socialSecurityNumber'}])" }] }
  • 33.
    contract validation trust Data Contracts Shift-left andensure high quality data Producer Schema Registry Confluent Kafka Consumer Consumer Consumers Serializer content validation consume prevented
  • 34.
    promises provides Data Contracts High qualitydata for processing Producer Schema Registry Confluent Kafka Consumer Consumer Consumers Deserializer content validation prevented contract validation
  • 35.
    Solution overview Breaking changesLow quality data Security challenges Utilize validation and transformation rules Take advantage of metadata capabilities like tagging, business metadata, etc Protect sensitive data using Confluent Security and Governance capabilities Use schema registry and define schemas Evolve them as needed Use schema validation
  • 36.
  • 37.
  • 38.
    ● Provide hybridmonitoring, governance and management in a unified, secure architecture: ✓ Data Portal Sync ✓ Data Policies ✓ Observability - Metrics and Alerting ✓ Cluster Linking & Mirrored Topics Hybrid Connected Cloud Extend Data Streaming Platform capabilities to self-managed clusters On Roadmap for 2025
  • 39.
  • 40.
    An Example fromAmazon Discoverable Owner Accessible Contextualized Standardized Secure Trustworthy Self Describing Metadata
  • 41.
    Search and discoverdata using Data Portal On Roadmap for 2025
  • 42.
    Understand the datalineage On Roadmap for 2025
  • 43.
  • 44.
  • 45.