Managing namespaces in Hermes

  • Release version: Zurich
  • Updated July 31, 2025
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Managing namespaces in Hermes

    Namespaces in Hermes enable ServiceNow customers to group Kafka topics logically for simplified topic management and access control. Each Kafka topic in ServiceNow is linked to a namespace, which helps organize topics based on factors such as Kafka clusters or ServiceNow domains, especially in domain-separated instances. This organization facilitates clear assignment of topics to specific ServiceNow domains via their namespaces.

    Show full answer Show less

    Key Features

    • Namespace Records: Stored in the Kafka Namespaces [syskafkanamespace] table and created by administrators with the kafkanamespaceadmin role.
    • Topic Assignment: Topics are assigned to namespaces based on their name prefixes. A scheduled job detects new topics in Hermes, creates corresponding records, and links them to the appropriate namespace by matching prefixes.
    • Prefix Matching Rules: The namespace with the longest matching prefix is selected. If no specific prefix matches, the Default Namespace is used; if the Default Namespace is absent, no topic record is created.
    • Namespace Design: It is recommended to create one namespace per ServiceNow domain in domain-separated instances and use namespaces to separate topics by domain and Kafka installation.
    • Default Namespace Considerations: Retaining the Default Namespace can cause configuration issues, such as topics being assigned to the global domain incorrectly. Deleting or deactivating the Default Namespace enforces stricter topic creation and placement rules.

    Practical Guidance for ServiceNow Customers

    • Plan namespace organization carefully before creation, as namespaces cannot be deleted without deleting their associated topics.
    • Coordinate with Kafka administrators to align topic prefixes with namespace prefixes, ensuring proper topic assignment and domain segregation.
    • Consider removing the Default Namespace to prevent unintended topic assignments and enhance control over topic creation locations.
    • Use namespaces to clearly define access control and domain boundaries for Kafka topics within ServiceNow, improving security and manageability.

    Group Kafka topics together for simplified topic management and access control specification using namespaces.

    In ServiceNow, all Kafka topics link to a namespace. You can use namespaces to organize topics in logical ways. For example, you can group topics together based on their Kafka cluster. You can also use namespaces to configure which domains can access which topics on a domain-separated instance. You assign topics to ServiceNow domains using the topic's namespace.

    Namespace records

    Namespace records are stored in the Kafka Namespaces [sys_kafka_namespace] table. This table shows a list of namespace records with each namespace's related topic prefix. An administrator with the kafka_namespace_admin role creates namespace records in the Kafka Namespaces [sys_kafka_namespace] table.

    Namespaces and topic prefixes

    A topic is assigned to a namespace based on the topic name's prefix. A scheduled job regularly checks Hermes for new topics. When it finds one, it creates a ServiceNow topic record for the topic and links the topic to a namespace. The prefix assigned to the topic is the basis for its namespace assignment in ServiceNow.

    This image shows an example of using the Kafka cluster name prefix to organize topics into different namespaces in ServiceNow.

    Figure 1. Kafka prefixes and topic namespaces
    Overview of how topic prefixes in Kafka are related to namespaces in ServiceNow.

    In this example:

    1. An instance administrator with the kafka_namespace_admin role creates namespace records for the Log Analysis group, the Fulfillment group, and another subsidiary in the ServiceNow instance.
    2. The instance administrator works with the Kafka administrator to replicate topics to Hermes using the Kafka cluster name as the namespace prefix.
    3. The Kafka cluster for the fulfillment group has a topic named material_orders. The topic is replicated to Hermes using fulfillment as the namespace prefix. A new topic is created in Hermes called fulfillment.material_orders.
    4. A scheduled job finds the fulfillment.material_orders topic in Hermes, creates a topic record, and assigns the record to the Fulfillment namespace to match its prefix.

    Prefix matching rules

    Topic name prefixes are matched to namespaces according to the following rules.

    • The namespace is selected based on the longest matching namespace prefix. If there's a matching namespace, the topic record is assigned to that namespace and that namespace's domain.
    • If there isn't a longer namespace prefix that matches, the zero-length prefix of the Default Namespace will match. The topic record is assigned to the Default Namespace in the global domain.
    • If the Default Namespace has been deleted or modified, so there’s no matching namespace at all, then no topic record is created.

    Namespace design considerations

    Plan how want to organize your namespaces and topics before you start creating them. Once you add a topic to a namespace, you can't delete the namespace without deleting the topics that are associated with it.

    Have a namespace for each domain on a domain-separated instance
    Create one namespace per ServiceNow domain.
    Use namespaces to organize topics by domain and Kafka installation
    Use namespaces to separate both topics that belong in separate ServiceNow domains and topics from separate Kafka installations.
    After you've configured your namespaces, consider deleting or deactivating the Default Namespace
    Keeping the Default Namespace could lead to configuration issues, such as a mismatched topic prefix. This mismatch could result in a topic that should have been created in one domain being created in the global domain.

    You can enforce tighter constraints on where topics are created by deleting the Default Namespace. For example, if you decide that all topics must have a prefix that matches a namespace, deleting the Default Namespace ensures that topics without a matching prefix aren't created.

    For details on using domain separation with namespaces in Hermes, see Hermes Messaging Service domain separation.