STP Kafka Mission Control is a greenfield control-plane baseline for existing Confluent Kafka estates. This repo includes:
- A Spring Boot backend with cluster onboarding models, cached cluster/component health snapshots, external health APIs, service-account token auth, audit events, and native Kafka client integration scaffolding.
- A React frontend with a Lenses-inspired operational shell for fleet rollups, cluster health detail, and service-account token generation.
- Local development defaults for H2 plus a
docker-compose.ymlPostgres option for persistent runtime testing.
GET /api/external/v1/clusters/healthGET /api/external/v1/clusters/{id}/healthPOST /api/external/v1/clusters/{id}/health/refreshPOST /api/admin/service-accountsPOST /api/admin/service-accounts/{id}/tokensDELETE /api/admin/service-accounts/{id}/tokens/{tokenId}GET /api/admin/service-accountsGET /api/platform/clustersGET /api/platform/clusters/{id}/healthPOST /api/platform/clusters
The health engine supports:
- Kafka health via
org.apache.kafka:kafka-clientsAdminClient - mTLS and Kerberos auth profile modeling
- HTTP and TCP checks for ZooKeeper, Schema Registry, Control Center, and Prometheus
- Cached snapshots plus async force-refresh operations
- Machine-to-machine bearer tokens with hashed persistence and scope checks
For a Windows workstation, install these first:
- Java JDK 17
- Node.js 22 LTS
- Git
- Maven 3.9.12 recommended if you want to run Maven manually
Important Maven note:
- Spring Boot
3.3.5supports Maven3.6.3+ - This repo's Maven wrapper is pinned to Apache Maven
3.9.12 - If you install Maven manually on Windows, use
3.9.12so it matches the wrapper behavior exactly
Quick version checks in PowerShell:
java -version
node -v
npm -v
mvn -vcd /Users/rajeev/Documents/Project/LenseIQ/backend
./mvnw spring-boot:runDefault backend behavior:
- Runs on
http://localhost:8080 - Uses in-memory H2 by default
- Seeds two demo clusters and one demo service account record
- Uses development auth for platform/admin APIs via request headers or the built-in local admin fallback
- If Kafka is available on
localhost:9092and Schema Registry is available onhttp://localhost:8081, the app auto-seeds aLocal Kafka Devcluster and checks real health instead of demo-only placeholder health
Optional Postgres:
cd /Users/rajeev/Documents/Project/LenseIQ
docker compose up -d
cd /Users/rajeev/Documents/Project/LenseIQ/backend
DB_URL=jdbc:postgresql://localhost:5432/mission_control \
DB_USERNAME=mission_control \
DB_PASSWORD=mission_control \
./mvnw spring-boot:runUse the Maven wrapper on Windows like this:
cd C:\path\to\STPMC\backend
.\mvnw.cmd spring-boot:runIf you installed Maven manually instead of using the wrapper:
cd C:\path\to\STPMC\backend
mvn spring-boot:runOr from the repo root:
.\run-backend.batcd /Users/rajeev/Documents/Project/LenseIQ/frontend
npm install
npm run devThe Vite dev server runs on http://localhost:5173 and proxies /api to the backend.
cd C:\path\to\STPMC\frontend
npm install
npm run devOr from the repo root:
.\run-frontend.batCreate a service account and token in the UI, then call:
curl -H "Authorization: Bearer stpmc_<token>" \
http://localhost:8080/api/external/v1/clusters/health- The backend is production-oriented in domain shape, but still a v1 foundation. SAML/ADFS integration is represented in the architecture and security mode switch, while development mode is the default runnable profile in this repo.
- Payload decoding with Confluent Schema Registry SerDes is not wired yet.
- Topic list, ACL list, consumer describe, and topic dump task execution are planned but not yet implemented in this baseline.
- Mounted secret files are modeled and consumed for Kafka health checks; secret rotation/orchestration remains an infrastructure concern outside the app.
cd /Users/rajeev/Documents/Project/LenseIQ/backend && ./mvnw test
cd /Users/rajeev/Documents/Project/LenseIQ/frontend && npm run build