ferrokinesis
A local AWS Kinesis mock server for testing, written in Rust.
Features
- Pure Rust implementation
- Fully in-memory storage using DashMap + per-stream
RwLockwith lock-free per-shard sequence generation - Implements all 39 Kinesis Data Streams API operations
- Supports both JSON and CBOR content types
- Health check endpoints (
/_health,/_health/ready,/_health/live) for Docker/K8s - TOML configuration file support (
--config) - Configurable AWS account ID, region, shard iterator TTL, and request body size limit
- Retention period enforcement with configurable TTL-based record trimming
- Graceful shutdown
- TLS support with built-in certificate generation
- 500+ tests (integration, property-based, unit) with multi-language SDK conformance tests (Go, Python, Node.js, Java v1/v2, KCL)
- Criterion benchmarks with CI regression gate (>10% threshold)
Installation
Binary
Download pre-built binaries from GitHub Releases:
# macOS (Apple Silicon)
# macOS (Intel)
# Linux (amd64)
Cargo
Docker
Quick Start
Start the server:
Example using aws CLI:
# Create a stream with 2 shards
# Publish a record
See the full example with get-records and cleanup: examples/aws-cli/quickstart.sh
More examples using Rust, Python, Node.js, Go, and Java are available in the examples/ directory.
Usage
$ ferrokinesis --help
A local AWS Kinesis mock server for testing
Usage: ferrokinesis [OPTIONS]
ferrokinesis <COMMAND>
Commands:
serve Start the mock Kinesis server (default when no subcommand is given)
health-check Run a health check against a running server (for Docker HEALTHCHECK)
help Print this message or the help of the given subcommand(s)
Options:
--config <CONFIG>
Path to a TOML configuration file [env: FERROKINESIS_CONFIG=]
--port <PORT>
The port to listen on [env: FERROKINESIS_PORT=]
--account-id <ACCOUNT_ID>
AWS account ID used in ARN generation (12-digit numeric) [env: AWS_ACCOUNT_ID=]
--region <REGION>
AWS region used in ARN generation and responses [env: AWS_REGION=]
--create-stream-ms <CREATE_STREAM_MS>
Amount of time streams stay in CREATING state (ms) [env: FERROKINESIS_CREATE_STREAM_MS=]
--delete-stream-ms <DELETE_STREAM_MS>
Amount of time streams stay in DELETING state (ms) [env: FERROKINESIS_DELETE_STREAM_MS=]
--update-stream-ms <UPDATE_STREAM_MS>
Amount of time streams stay in UPDATING state (ms) [env: FERROKINESIS_UPDATE_STREAM_MS=]
--shard-limit <SHARD_LIMIT>
Shard limit for error reporting [env: FERROKINESIS_SHARD_LIMIT=]
--iterator-ttl-seconds <ITERATOR_TTL_SECONDS>
Shard iterator time-to-live in seconds (minimum: 1, maximum: 86400)
[env: FERROKINESIS_ITERATOR_TTL_SECONDS=]
--max-request-body-mb <MAX_REQUEST_BODY_MB>
Maximum request body size in megabytes (minimum: 1, maximum: 4096)
[env: FERROKINESIS_MAX_REQUEST_BODY_MB=]
--retention-check-interval-secs <RETENTION_CHECK_INTERVAL_SECS>
Retention reaper interval in seconds (0 = disabled, maximum: 86400)
[env: FERROKINESIS_RETENTION_CHECK_INTERVAL_SECS=]
-h, --help
Print help
Health Check Endpoints
Three endpoints are available for container orchestration and monitoring:
| Endpoint | Purpose | Response |
|---|---|---|
GET /_health |
Aggregated health with component breakdown | {"status":"UP","components":{"store":{"status":"UP"}}} |
GET /_health/live |
Liveness probe — always 200 if the server is running | OK |
GET /_health/ready |
Readiness probe — checks store connectivity | OK or 503 Service Unavailable |
The built-in health-check subcommand can be used for Docker HEALTHCHECK:
HEALTHCHECK CMD ["ferrokinesis", "health-check"]
API & Test Coverage
| Operation | Status | Notes |
|---|---|---|
| Stream Management | ✅ | |
| CreateStream | ✅ | |
| DeleteStream | ✅ | |
| DescribeStream | ✅ | |
| DescribeStreamSummary | ✅ | |
| ListStreams | ✅ | |
| UpdateStreamMode | ✅ | PROVISIONED / ON_DEMAND |
| UpdateShardCount | ✅ | Uniform scaling |
| Data Operations | ✅ | |
| PutRecord | ✅ | |
| PutRecords | ✅ | |
| GetRecords | ✅ | |
| GetShardIterator | ✅ | All 5 iterator types |
| SubscribeToShard | ✅ | Event stream over HTTP/1.1 |
| Shard Management | ✅ | |
| ListShards | ✅ | |
| MergeShards | ✅ | |
| SplitShard | ✅ | |
| Retention | ✅ | |
| IncreaseStreamRetentionPeriod | ✅ | |
| DecreaseStreamRetentionPeriod | ✅ | |
| Enhanced Fan-Out (Consumers) | ✅ | |
| RegisterStreamConsumer | ✅ | |
| DeregisterStreamConsumer | ✅ | |
| DescribeStreamConsumer | ✅ | |
| ListStreamConsumers | ✅ | |
| Monitoring | ✅ | |
| EnableEnhancedMonitoring | ✅ | |
| DisableEnhancedMonitoring | ✅ | |
| DescribeLimits | ✅ | |
| DescribeAccountSettings | ✅ | |
| UpdateAccountSettings | ✅ | |
| Encryption | ✅ | |
| StartStreamEncryption | ✅ | |
| StopStreamEncryption | ✅ | |
| Tagging (Stream-name) | ✅ | |
| AddTagsToStream | ✅ | |
| RemoveTagsFromStream | ✅ | |
| ListTagsForStream | ✅ | |
| Tagging (ARN-based) | ✅ | |
| TagResource | ✅ | |
| UntagResource | ✅ | |
| ListTagsForResource | ✅ | |
| Resource Policies | ✅ | |
| PutResourcePolicy | ✅ | |
| GetResourcePolicy | ✅ | |
| DeleteResourcePolicy | ✅ | |
| Other | ✅ | |
| UpdateStreamWarmThroughput | ✅ | |
| UpdateMaxRecordSize | ✅ |
39/39 operations implemented (100%)
TLS / HTTPS
ferrokinesis supports TLS when built with the tls feature:
Install with TLS support
Generate a self-signed certificate
# Writes cert.pem and key.pem to the current directory
# Custom output paths and SANs:
Start the server with TLS
# Listening at https://0.0.0.0:4567
Connecting with SDK clients
Runnable TLS examples for each SDK are in the examples/ directory:
| SDK | Example |
|---|---|
| AWS CLI | examples/aws-cli/quickstart-tls.sh |
| Python (boto3) | examples/python/quickstart_tls.py |
| Node.js (v3) | examples/node/quickstart-tls.mjs |
| Go (v2) | examples/go/quickstart_tls.go |
| Java (v2) | examples/java/src/main/java/example/QuickstartTls.java |
Building
Testing
Benchmarking
See BENCHMARK.md for details on running micro-benchmarks and load tests.
Acknowledgements
Inspired by kinesalite by Michael Hart.
License
MIT