DEV Community

DevOps Fundamentals profile image DevOps Fundamental
DevOps Fundamental for DevOps Fundamentals

Posted on

Kafka Fundamentals: kafka retention.ms

#kafka #messagequeue #streaming #kafkaretentionms

Kafka Retention.ms: A Deep Dive for Production Systems

1. Introduction

Imagine a financial trading platform built on Kafka. We need to reliably capture every trade event for auditing, risk analysis, and potential regulatory compliance. However, storing all trade data indefinitely is prohibitively expensive and introduces significant operational complexity. Furthermore, downstream systems like a real-time fraud detection service require access to recent trade history, but not necessarily years of archived data. This is where kafka retention.ms becomes critical. It’s not just about disk space; it’s about balancing data durability, cost, performance, and the specific needs of a complex, event-driven architecture composed of microservices, stream processing pipelines (Kafka Streams, Flink), and potentially distributed transaction patterns using technologies like Debezium. Properly configuring retention is fundamental to the operational correctness and scalability of such a system.

2. What is "kafka retention.ms" in Kafka Systems?

kafka retention.ms defines the maximum time a Kafka broker will retain messages in a topic partition. It’s a topic-level configuration, meaning each topic can have its own retention policy. From an architectural perspective, it operates at the broker level, influencing how log segments are managed. Kafka’s storage layer is append-only, organized into log segments. When a segment reaches its configured size or age (determined by retention.ms or retention.bytes), it’s eligible for deletion.

Introduced in Kafka 0.8, retention.ms (and its counterpart retention.bytes) replaced older retention policies. KIP-44 introduced more granular control. Key configuration flags include:

  • retention.ms: Retention period in milliseconds. Default: 604800000 (7 days).
  • retention.bytes: Maximum size of the log for a topic partition. Default: -1 (unlimited).
  • cleanup.policy: Determines how retention is handled. Options: delete (default), compact.
  • min.compaction.lag.ms: Minimum time a message must be retained before compaction is considered.

Behaviorally, retention.ms is a soft limit. Kafka attempts to delete segments exceeding the time, but deletion isn’t guaranteed to be immediate. Factors like replication and broker load can influence deletion timing.

3. Real-World Use Cases

  1. Log Aggregation & Monitoring: Retain logs for a short period (e.g., 24-72 hours) for real-time alerting and troubleshooting. Long-term logs are archived to a data lake (S3, GCS, Azure Blob Storage).
  2. CDC Replication: Capture database changes (using Debezium) and replicate them to downstream systems. Retention might be set to a few days to allow for replay in case of consumer failures or schema evolution issues.
  3. Event Sourcing: Store all state changes as events. Retention needs to be carefully considered based on audit requirements and the potential need to rebuild state from historical events. Compaction is often used in conjunction with retention to manage event log size.
  4. Real-time Analytics: A fraud detection system needs access to recent transactions (e.g., last hour). Retention is set to a short duration, and older data is archived.
  5. Out-of-Order Message Handling: Consumers might process messages out of order due to network delays or producer behavior. Sufficient retention allows consumers to buffer and reorder messages correctly.

4. Architecture & Internal Mechanics 

graph LR
    A[Producer] --> B(Kafka Broker 1);
    A --> C(Kafka Broker 2);
    A --> D(Kafka Broker 3);
    B --> E{Topic Partition};
    C --> E;
    D --> E;
    E --> F[Log Segment 1];
    E --> G[Log Segment 2];
    E --> H[Log Segment N];
    I[Consumer] --> E;
    J[Controller] --> B;
    J --> C;
    J --> D;
    subgraph Kafka Cluster
        B
        C
        D
        E
        F
        G
        H
        J
    end
    style E fill:#f9f,stroke:#333,stroke-width:2px
Enter fullscreen mode Exit fullscreen mode

The diagram illustrates a simplified Kafka topology. Messages are produced to a topic, which is partitioned across multiple brokers for scalability and fault tolerance. Each partition is a sequence of log segments. The controller (using Raft in newer Kafka versions) manages partition leadership and ensures data replication. retention.ms is enforced by each broker independently for its assigned partitions. When a log segment’s age exceeds retention.ms, the broker marks it for deletion. Deletion happens asynchronously, and the segment is only physically removed when it’s no longer needed by any consumer and all replicas have acknowledged the deletion. ZooKeeper (in older versions) or Kafka Raft (KRaft) manages broker metadata and cluster state. Schema Registry ensures data contract compatibility.

5. Configuration & Deployment Details

server.properties (Broker Configuration):

log.retention.hours=168 # Default 7 days

log.retention.check.interval.ms=300000 # Check every 5 minutes

log.cleanup.policy=delete
Enter fullscreen mode Exit fullscreen mode

Topic Configuration (using kafka-topics.sh):

kafka-topics.sh --bootstrap-server localhost:9092 --alter --topic my-topic --config retention.ms=86400000 # 24 hours

kafka-topics.sh --bootstrap-server localhost:9092 --describe --topic my-topic
Enter fullscreen mode Exit fullscreen mode

Consumer Configuration (consumer.properties):

enable.auto.commit=true
auto.offset.reset=earliest # Important for handling retention-related issues

max.poll.records=500
Enter fullscreen mode Exit fullscreen mode

6. Failure Modes & Recovery

  • Broker Failure: If a broker fails, retention checks are paused for its partitions. Upon recovery, the broker resumes retention enforcement. Replication ensures data isn’t lost.
  • Rebalance: During a consumer group rebalance, consumers might temporarily fall behind. Sufficient retention allows them to catch up.
  • Message Loss: Retention doesn’t prevent message loss due to producer errors or network issues. Idempotent producers and transactional guarantees are crucial for ensuring data durability.
  • ISR Shrinkage: If the number of in-sync replicas (ISR) falls below the configured min.insync.replicas, writes are blocked. Retention isn’t directly affected, but data loss is possible if the cluster can’t maintain sufficient replicas.

Recovery Strategies:

  • Idempotent Producers: Ensure exactly-once semantics.
  • Transactional Producers: Group messages into atomic transactions.
  • Offset Tracking: Consumers must reliably track their offsets to avoid reprocessing or skipping messages.
  • Dead Letter Queues (DLQs): Route failed messages to a DLQ for investigation and potential reprocessing.

7. Performance Tuning

Retention impacts performance. Frequent segment deletion can increase disk I/O. Longer retention increases storage costs and potentially slows down reads.

  • Benchmark: Measure throughput (MB/s, events/s) with different retention settings.
  • linger.ms & batch.size: Optimize producer batching to reduce the number of requests.
  • compression.type: Use compression (e.g., gzip, snappy, lz4) to reduce storage space.
  • fetch.min.bytes & replica.fetch.max.bytes: Tune fetch sizes to balance latency and throughput.

A typical benchmark might show a 10-20% throughput reduction with very short retention (e.g., 1 hour) compared to longer retention (e.g., 7 days) due to increased segment deletion overhead.

8. Observability & Monitoring

  • Kafka JMX Metrics: Monitor kafka.server:type=BrokerTopicMetrics,name=MessagesInPerSec,topic=<topic> to track message ingestion rate.
  • Consumer Lag: Monitor consumer lag using kafka-consumer-groups.sh or a dedicated monitoring tool. Increasing lag can indicate retention issues or consumer performance problems.
  • Replication In-Sync Count: Monitor the number of in-sync replicas to ensure data durability.
  • Request/Response Time: Monitor broker request handling time to identify performance bottlenecks.

Prometheus & Grafana: Use a Kafka exporter to expose JMX metrics to Prometheus and visualize them in Grafana. Alert on:

  • Consumer lag exceeding a threshold.
  • ISR count falling below min.insync.replicas.
  • High broker CPU utilization.

9. Security and Access Control

Retention doesn’t directly introduce new security vulnerabilities, but it’s crucial to protect sensitive data stored in Kafka.

  • SASL/SSL: Use SASL/SSL for authentication and encryption in transit.
  • SCRAM: Use SCRAM for password-based authentication.
  • ACLs: Configure ACLs to restrict access to topics based on user roles.
  • Encryption at Rest: Consider encrypting data at rest on the broker’s storage devices.

10. Testing & CI/CD Integration

  • Testcontainers: Use Testcontainers to spin up temporary Kafka clusters for integration testing.
  • Embedded Kafka: Use an embedded Kafka broker for unit testing.
  • Consumer Mock Frameworks: Mock consumers to verify producer behavior and message delivery.

CI Pipeline:

  1. Deploy Kafka cluster.
  2. Create topics with specific retention configurations.
  3. Produce messages to the topics.
  4. Verify that messages are retained for the configured duration.
  5. Verify that messages are deleted after the retention period expires.
  6. Run schema compatibility checks.
  7. Run throughput tests.

11. Common Pitfalls & Misconceptions

  1. Incorrect Retention Configuration: Setting retention too short can lead to message loss.
    • Symptom: Consumers are unable to read historical data.
    • Fix: Increase retention.ms.
  2. Ignoring retention.bytes: Retention can be limited by both time and size.
    • Symptom: Segments are deleted prematurely even if retention.ms hasn’t expired.
    • Fix: Adjust retention.bytes.
  3. Assuming Immediate Deletion: Deletion is asynchronous.
    • Symptom: Old data persists longer than expected.
    • Fix: Understand the asynchronous nature of deletion.
  4. Not Monitoring Consumer Lag: High consumer lag can mask retention issues.
    • Symptom: Consumers are falling behind, but retention seems correct.
    • Fix: Investigate consumer performance and potential bottlenecks.
  5. Conflicting Retention Policies: Using compaction alongside retention requires careful configuration.
    • Symptom: Unexpected data retention behavior.
    • Fix: Understand the interaction between compaction and retention.

12. Enterprise Patterns & Best Practices

  • Shared vs. Dedicated Topics: Use dedicated topics for different applications or data streams to allow for independent retention policies.
  • Multi-Tenant Cluster Design: Implement resource quotas and access control to isolate tenants.
  • Retention vs. Compaction: Use compaction to remove redundant data and reduce storage costs. Combine with retention for long-term archiving.
  • Schema Evolution: Ensure schema compatibility to avoid breaking downstream consumers.
  • Streaming Microservice Boundaries: Define clear boundaries between microservices and use Kafka as the communication layer.

13. Conclusion

kafka retention.ms is a fundamental configuration parameter that directly impacts the reliability, scalability, and operational efficiency of Kafka-based platforms. Careful consideration of use cases, performance implications, and failure modes is essential for building robust and cost-effective event-driven systems. Next steps include implementing comprehensive observability, building internal tooling for managing retention policies, and refactoring topic structures to optimize data storage and access patterns.

Top comments (0)