You are browsing a read-only backup copy of Wikitech. The live site can be found at

Event Platform/EventStreams/Administration

From Wikitech-static
< Event Platform‎ | EventStreams
Revision as of 00:30, 30 January 2021 by imported>Jforrester (Avoid redirect.)
Jump to navigation Jump to search

See EventStreams for an overview of the EventStreams service.

EventStreams is a service-template-node based service. It glues together KafkaSSE with common Wikimedia service features, like logging, error reporting, metrics, configuration and deployment.

Internally, EventStreams is available at eventstreams.svc.${::site}.wmnet. It is routed to by varnish and LVS from

EventStreams in production is configured and deployed using WMFs Deployment pipeline.


EventStreams is configured in the operations/deployment-charts repository. Configuration is spread between the defaults in charts/eventstreams and the production specific configuration in helmfile.d.

helmfile.d values.yaml files contain mapping of stream routes to composite topics in Kafka. (In the future, we'd like to get this mapping from EventStreamConfig.) Our event topics are prefixed by datacenter name. This is abstracted for EventStreams consumers via this mapping. Any combination of stream name -> composite topic list is possible, e.g.

        description: |-
          Mediawiki Revision create events.
          - eqiad.mediawiki.revision-create
          - codfw.mediawiki.revision-create


EventStreams is backed by the main Kafka clusters. As of 2018-08, EventStreams is multi-DC capable. EventStreams in eqiad consumes from the Kafka main-eqiad cluster, and EventStreams in codfw consumes from the Kafka main-codfw cluster. Kafka MirrorMaker is responsible for mirroring the topics from eqiad to codfw and vice versa.

NodeJS Kafka Client

KafkaSSE uses node-rdkafka (as do other production NodeJS services that use Kafka).


Repository Description
KafkaSSE (github) Generic Kafka Consumer -> SSE NodeJS library.
eventstreams (github) EventStreams implementation using KafkaSSE and service-template-node.
operations/deployment-charts Helm chart repository for all production Kubernetes based services, including EventStreams.


See: Deployments on kubernetes

Submitting changes

Change to KafkaSSE library

KafkaSSE is hosted in Github, so you must either submit a pull request or push a change there.

kafka-sse is an npm dependency of EventStreams.

If you update kafka-sse, you should bump the package version and publish to npm:

Change to mediawiki/services/eventstreams repository

EventStreams is hosted in gerrit. Use git review to submit patches. If you've modified the KafkaSSE repository, you should update the kafka-sse dependency version in package.json. Merged changes in this repository will result in a new Docker image being built.

Update operations/deployment-charts repository

Once a new Docker image has been made, you'll need to update the image_version in helmfile.d eventstreams values.yaml.


See: Deployments_on_kubernetes#Code_deployment/configuration_changes

ssh deployment.eqiad.wmnet # or deployment-tin.deployment-prep.eqiad.wmflabs cd /srv/deployment/eventstreams/deploy git pull && git submodule update scap deploy



Logs are sent to logstash. You can view them in Kibana.


Throughput limits

As of 2019-07, The public EventStreams endpoint is configured in varnish to only allow for 25 concurrent connections per varnish backend. There are 10 text varnishes in codfw and 8 in eqiad, so the varnish concurrent connection limit for EventStreams is 200 in eqiad and 250 in codfw for a total of 450 concurrent connections. We have had incidents where a rogue client spawns too many connections. EventStreams code has some primitive logic to try to reduce the number of concurrent connections from the same X-Client-IP, but this will not fully prevent the issue from happening. Check the total number of connections in if new connections receive a 502 error from varnish.


EventStreams is configured with a monitoring check that will check that the /v2/stream/recentchange URL has data on it. This check is done to the public endpoint. If this public check fails, then likely all backend service processes have the same issue.