Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up

Lakekeeper: A Rust native Iceberg REST Catalog

License

NotificationsYou must be signed in to change notification settings

munabedan/lakekeeper

 
 

Repository files navigation

WebsiteDiscordDocker on quayHelm ChartArtifact Hub

LicenseUnittestsSpark IntegrationPyiceberg IntegrationTrino IntegrationStarrocks Integration

Please visithttps://docs.lakekeeper.io for Documentation!

This is Lakekeeper: An Apache-Licensed,secure,fast andeasy to use implementation of theApache Iceberg REST Catalog specification based onapache/iceberg-rust. If you have questions, feature requests or just want a chat, we are hanging around inDiscord!

Quickstart

A Docker Container is available onquay.io.We have prepared a minimal docker-compose file to demonstrate how to use the Lakekeeper catalog with common query engines.

git clone https://github.com/lakekeeper/lakekeeper.gitcd lakekeeper/examples/minimaldocker compose up

Then open your browser and head to localhost:8888 to load the example Jupyter notebooks or head to localhost:8181 for the Lakekeeper UI.

For more information on deployment, please check theGetting Started Guide.

Scope and Features

The Iceberg Catalog REST interface has become the standard for catalogs in open Lakehouses. It natively enables multi-table commits, server-side deconflicting and much more. It is figuratively the (TIP) of the Iceberg.

  • Written in Rust: Single all-in-one binary - no JVM or Python env required.
  • Storage Access Management: Lakekeeper secures access to your data using Vended-Credentials and remote signing for S3. All major Hyperscalers (AWS, Azure, GCP) as well as on-premise deployments with S3 are supported.
  • Openid Provider Integration: Use your own identity provider for authentication, just setLAKEKEEPER__OPENID_PROVIDER_URI and you are good to go.
  • Native Kubernetes Integration: Use our helm chart to easily deploy high available setups and natively authenticate kubernetes service accounts with Lakekeeper. Kubernetes and OpenID authentication can be used simultaneously. AKubernetes Operator is currently in development.
  • Change Events: Built-in support to emit change events (CloudEvents), which enables you to react to any change that happen to your tables.
  • Change Approval: Changes can also be prohibited by external systems. This can be used to prohibit changes to tables that would invalidate Data Contracts, Quality SLOs etc. Simply integrate with your own change approval via ourContractVerification trait.
  • Multi-Tenant capable: A single deployment of Lakekeeper can serve multiple projects - all with a single entrypoint. Each project itself supports multiple Warehouses to which compute engines can connect.
  • Customizable: Lakekeeper is meant to be extended. We expose the Database implementation (Catalog),SecretsStore,Authorizer, Events (CloudEventBackend) andContractVerification as interfaces (Traits). This allows you to tap into any access management system of your company or stream change events to any system you like - simply by implementing a handful methods.
  • Well-Tested: Integration-tested withspark,pyiceberg,trino andstarrocks.
  • High Available & Horizontally Scalable: There is no local state - the catalog can be scaled horizontally easily.
  • Fine Grained Access (FGA): Lakekeeper's default Authorization system leveragesOpenFGA. If your company already has a different system in place, you can integrate with it by implementing a handful of methods in theAuthorizer trait.

If you are missing something, we would love to hear about it in aGithub Issue.

Status

Supported Operations - Iceberg-Rest

OperationStatusDescription
NamespacedoneAll operations implemented
TabledoneAll operations implemented - additional integration tests in development
ViewsdoneRemove unused files and log entries
MetricsopenEndpoint is available but doesn't store the metrics

Storage Profile Support

StorageStatusComment
S3 - AWSsemi-donevended-credentials & remote-signing, assume role missing
S3 - Customdonevended-credentials & remote-signing, tested against Minio
Azure ADLS Gen2done
Azure Blobopen
Microsoft OneLakeopen
Google Cloud Storagedone

Details on how to configure the storage profiles can be found in theDocs.

Supported Catalog Backends

BackendStatusComment
Postgresdone>=15
MongoDBopen

Supported Secret Stores

BackendStatusComment
Postgresdone
kv2 (hcp-vault)doneuserpass auth

Supported Event Stores

BackendStatusComment
Natsdone
KafkaopenAvailable in branch already, we are currently struggling with cross-compilation.

Supported Operations - Management API

OperationStatusDescription
Warehouse ManagementdoneCreate / Update / Delete a Warehouse
AuthZopenManage access to warehouses, namespaces and tables
More to come!open

Auth(N/Z) Handlers

OperationStatusDescription
OIDC (AuthN)doneSecure access to the catalog via OIDC
Custom (AuthZ)doneIf you are willing to implement a single rust Trait, theAuthZHandler can be implement to connect to your system
OpenFGA (AuthZ)openInternal Authorization management

License

Licensed under theApache License, Version 2.0

About

Lakekeeper: A Rust native Iceberg REST Catalog

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Rust92.1%
  • Python5.0%
  • Open Policy Agent1.3%
  • PLpgSQL0.7%
  • Shell0.5%
  • Dockerfile0.2%
  • Other0.2%
[8]ページ先頭
©2009-2025 Movatter.jp