Skip to content

Releases: strimzi/strimzi-kafka-operator

0.34.0

20 Mar 09:22
Compare
Choose a tag to compare

Main changes since 0.33

⚠️ Important: Strimzi 0.34.0 supports only Kubernetes 1.19 and newer! Kubernetes versions 1.16, 1.17 and 1.18 are not supported anymore since Strimzi 0.32.

⚠️ Important: Direct upgrade from Strimzi 0.22 or earlier is not supported anymore!

New features and improvements

  • Add support for Kafka 3.4.0 and remove support for Kafka 3.2.x
  • Stable Pod identities for Kafka Connect and MirrorMaker 2 (Feature Gate StableConnectIdentities)
  • Use JDK HTTP client in the Kubernetes client instead of the OkHttp client
  • Add TLS truststore configuration for HTTPS connections to OPA server
  • Add image digest support in Helm chart
  • Update Strimzi HTTP Bridge to 0.25.0 and strimzi Oauth to 0.12.0

All changes can be found under the 0.34.0 milestone.

Upgrading from Strimzi 0.33.0

See the documentation for upgrade instructions.

Upgrading from Strimzi 0.22 or earlier

Direct upgrade from Strimzi 0.22 or earlier is not supported anymore! You have to upgrade first to one of the previous versions of Strimzi. You will also need to convert the CRD resources. For more details, see the documentation.

Container images

The following container images are part of this release:

Name Image
Operators quay.io/strimzi/operator@sha256:f4ee3ca482a2dd19785f59634578a0850273444c1173a5699a99cf02f3a018fe
Apache Kafka 3.3.1 quay.io/strimzi/kafka@sha256:1da35fd7b36b113d1343e254fdc6efd97ca8660cc7977d8985aa3a3547d5ebb1
Apache Kafka 3.3.2 quay.io/strimzi/kafka@sha256:1ace2cc0db9653ac1b388477fa56c3c1cd97c7b3846eba3c7824dc58ea179476
Apache Kafka 3.4.0 quay.io/strimzi/kafka@sha256:37cf8d0fea1d2078511920190a72b49977ff4047b6ecbfed6b394c6f9e1e2ff0
Strimzi Bridge quay.io/strimzi/kafka-bridge@sha256:51babca0f7a328f4db005c6a16daa8ac4a4306c46fe3ca89382919134aa09179
JMX Trans quay.io/strimzi/jmxtrans@sha256:62272e8a03da2144340bd7267f7a824d1ed70f4f3e30dc7aadfba9ee1b9baf76
Kaniko executor quay.io/strimzi/kaniko-executor@sha256:dc27d8aeb851245c79fb7276febe98769cc098d678bea096b338caaaf111dd27
Maven Builder quay.io/strimzi/maven-builder@sha256:f781b6b857d437c2de62585462e97b9fae357912c9f6711c1df39f431278878d

0.34.0-rc1

15 Mar 22:44
Compare
Choose a tag to compare
0.34.0-rc1 Pre-release
Pre-release

Main changes since 0.33

⚠️ Important: Strimzi 0.34.0 supports only Kubernetes 1.19 and newer! Kubernetes versions 1.16, 1.17 and 1.18 are not supported anymore since Strimzi 0.32.

⚠️ Important: Direct upgrade from Strimzi 0.22 or earlier is not supported anymore!

New features and improvements

  • Add support for Kafka 3.4.0 and remove support for Kafka 3.2.x
  • Stable Pod identities for Kafka Connect and MirrorMaker 2 (Feature Gate StableConnectIdentities)
  • Use JDK HTTP client in the Kubernetes client instead of the OkHttp client
  • Add TLS truststore configuration for HTTPS connections to OPA server
  • Add image digest support in Helm chart
  • Update Strimzi HTTP Bridge to 0.25.0 and strimzi Oauth to 0.12.0

All changes can be found under the 0.34.0 milestone.

Maven artifacts

To test the Maven artifacts which are part of this release, use the staging repository by including the following in your pom.xml:

  <repositories>
    <repository>
      <id>staging</id>
      <url>https://oss.sonatype.org/content/repositories/iostrimzi-1177/</url>
    </repository>
  </repositories>

Upgrading from Strimzi 0.33.0

See the documentation for upgrade instructions.

Upgrading from Strimzi 0.22 or earlier

Direct upgrade from Strimzi 0.22 or earlier is not supported anymore! You have to upgrade first to one of the previous versions of Strimzi. You will also need to convert the CRD resources. For more details, see the documentation.

0.33.2

18 Feb 18:19
1fe1c43
Compare
Choose a tag to compare

Main changes since 0.33.1

⚠️ Important: Strimzi 0.33.2 supports only Kubernetes 1.19 and newer! Kubernetes versions 1.16, 1.17 and 1.18 are not supported anymore since Strimzi 0.32.

⚠️ Important: Direct upgrade from Strimzi 0.22 or earlier is not supported anymore!

Bug Fixes

  • Support for Kafka 3.4.0 which fixes CVE-2023-25194
  • Fix RBAC files in standalone User Operator installation files

0.33.2-rc1

16 Feb 16:27
1fe1c43
Compare
Choose a tag to compare
0.33.2-rc1 Pre-release
Pre-release

Main changes since 0.33.1

⚠️ Important: Strimzi 0.33.2 supports only Kubernetes 1.19 and newer! Kubernetes versions 1.16, 1.17 and 1.18 are not supported anymore since Strimzi 0.32.

⚠️ Important: Direct upgrade from Strimzi 0.22 or earlier is not supported anymore!

Bug Fixes

  • Support for Kafka 3.4.0 which fixes CVE-2023-25194
  • Fix RBAC files in standalone User OPerator installation files

0.33.1

07 Feb 22:23
Compare
Choose a tag to compare

Main changes since 0.33.0

⚠️ Important: Strimzi 0.33.1 supports only Kubernetes 1.19 and newer! Kubernetes versions 1.16, 1.17 and 1.18 are not supported anymore since Strimzi 0.32.

⚠️ Important: Direct upgrade from Strimzi 0.22 or earlier is not supported anymore!

Bug Fixes

  • Remove the Lease resource from installation files

0.33.1-rc1

05 Feb 23:55
Compare
Choose a tag to compare
0.33.1-rc1 Pre-release
Pre-release

Main changes since 0.33.0

⚠️ Important: Strimzi 0.33.1 supports only Kubernetes 1.19 and newer! Kubernetes versions 1.16, 1.17 and 1.18 are not supported anymore since Strimzi 0.32.

⚠️ Important: Direct upgrade from Strimzi 0.22 or earlier is not supported anymore!

Bug Fixes

  • Remove the Lease resource from installation files

Maven artifacts

To test the Maven artifacts which are part of this release, use the staging repository by including the following in your pom.xml:

  <repositories>
    <repository>
      <id>staging</id>
      <url>https://oss.sonatype.org/content/repositories/iostrimzi-1170/</url>
    </repository>
  </repositories>

0.33.0

25 Jan 11:12
Compare
Choose a tag to compare

Main changes since 0.32

⚠️ Important: Strimzi 0.33.0 supports only Kubernetes 1.19 and newer! Kubernetes versions 1.16, 1.17 and 1.18 are not supported anymore since Strimzi 0.32.

⚠️ Important: Direct upgrade from Strimzi 0.22 or earlier is not supported anymore!

New features and improvements

  • Add support for Kafka 3.3.2
  • Support loadBalancerClass attribute in listeners with type loadbalancer
  • Support for automatically restarting failed Connect or Mirror Maker 2 connectors
  • Redesign of Strimzi User Operator to improve its scalability
  • Use Java 17 as the runtime for all containers and language level for all modules except api, crd-generator, crd-annotations, and test
  • Improved FIPS (Federal Information Processing Standards) support
  • Moved from using the Jaeger exporter to OTLP exporter by default
  • Kafka Exporter support for Recreate deployment strategy
  • ImageStream validation for Kafka Connect builds on OpenShift
  • Support for configuring the metadata for the Role / RoleBinding of Entity Operator
  • Add liveness and readiness probes specifically for nodes running in KRaft combined mode
  • Upgrade HTTP bridge to latest 0.24.0 release

Known issues

  • The TLS passthrough feature of the Ingress-NGINX Controller for Kubernetes is not compatible with some TLS features supported by Java 17 such as the session tickets extension.
    If you use type: ingress listener with enabled mTLS authentication, we recommend you to test if your clients are affected or not.
    If needed, you can also disable the session ticket extension in the Kafka brokers in your Kafka custom resource by setting the jdk.tls.server.enableSessionTicketExtension Java system property to false:
    apiVersion: kafka.strimzi.io/v1beta2
    kind: Kafka
    metadata:
      # ...
    spec:
      # ...
      kafka:
        jvmOptions:
          javaSystemProperties:
            - name: jdk.tls.server.enableSessionTicketExtension
              value: "false"
      # ...
    For more details, see kubernetes/ingress-nginx#9540.

Notable changes, deprecations, and removals

  • The UseStrimziPodSet feature gate will move to GA in Strimzi 0.35. Support for StatefulSets will be removed from Strimzi right after the 0.34 release. Please use the Strimzi 0.33 release to test StrimziPodSets in your environment and report any major or blocking issues before the StatefulSet support is removed.
  • The default length of any new SCRAM-SHA-512 passwords will be 32 characters instead of 12 characters used in the previous Strimzi versions. Existing passwords will not be affected by this change until they are regenerated (for example because the user secret is deleted). If you want to keep using the original password length, you can set it using the STRIMZI_SCRAM_SHA_PASSWORD_LENGTH environment variable in .spec.entityOperator.template.userOperatorContainer.env in the Kafka custom resource or in the
    Deployment of the standalone User Operator.
    userOperatorContainer:
      env:
        - name: STRIMZI_SCRAM_SHA_PASSWORD_LENGTH
          value: "12"
  • In previous versions, the ssl.secure.random.implementation option in Kafka brokers was always set to SHA1PRNG. From Strimzi 0.33 on, it is using the default SecureRandom implementation from the Java Runtime. If you want to keep using SHA1PRNG as your SecureRandom, you can configure it in .spec.kafka.config in your Kafka custom resource.
  • Support for JmxTrans in Strimzi is deprecated. It is currently planned to be removed in Strimzi 0.35.0.
  • Support for type: jaeger tracing based on Jaeger clients and OpenTracing API was deprecated in the Strimzi 0.31 release. As the Jaeger clients are retired and the OpenTracing project is archived, we cannot guarantee their support for future versions. In Strimzi 0.32 and 0.33, we added support for OpenTelemetry tracing as a replacement. If possible, we will maintain the support for type: jaeger tracing until June 2023 and remove it afterward. Please migrate to OpenTelemetry as soon as possible.
  • When OpenTelemetry is enabled for tracing, starting from this release, the operator configures the OTLP exporter instead of the Jaeger one by default. The Jaeger exporter is even not included in the Kafka images anymore, so if you want to use it you have to add the binary by yourself. The OTEL_EXPORTER_OTLP_ENDPOINT environment variable has to be used instead of the OTEL_EXPORTER_JAEGER_ENDPOINT in order to specify the OTLP endpoint to send traces to. If you are using Jaeger as the backend system for tracing, you need to have 1.35 release at least which is the first one exposing an OTLP endpoint.

All changes can be found under the 0.33.0 milestone.

Upgrading from Strimzi 0.32.0

See the documentation for upgrade instructions.

Upgrading from Strimzi 0.22 or earlier

Direct upgrade from Strimzi 0.22 or earlier is not supported anymore! You have to upgrade first to one of the previous versions of Strimzi. You will also need to convert the CRD resources. For more details, see the documentation.

0.33.0-rc1

20 Jan 01:15
Compare
Choose a tag to compare
0.33.0-rc1 Pre-release
Pre-release

Main changes since 0.32

⚠️ Important: Strimzi 0.33.0 supports only Kubernetes 1.19 and newer! Kubernetes versions 1.16, 1.17 and 1.18 are not supported anymore since Strimzi 0.32.

⚠️ Important: Direct upgrade from Strimzi 0.22 or earlier is not supported anymore!

New features and improvements

  • Add support for Kafka 3.3.2
  • Support loadBalancerClass attribute in listeners with type loadbalancer
  • Support for automatically restarting failed Connect or Mirror Maker 2 connectors
  • Redesign of Strimzi User Operator to improve its scalability
  • Use Java 17 as the runtime for all containers and language level for all modules except api, crd-generator, crd-annotations, and test
  • Improved FIPS (Federal Information Processing Standards) support
  • Moved from using the Jaeger exporter to OTLP exporter by default
  • Kafka Exporter support for Recreate deployment strategy
  • ImageStream validation for Kafka Connect builds on OpenShift
  • Support for configuring the metadata for the Role / RoleBinding of Entity Operator
  • Add liveness and readiness probes specifically for nodes running in KRaft combined mode
  • Upgrade HTTP bridge to latest 0.24.0 release

Notable changes, deprecations, and removals

  • The UseStrimziPodSet feature gate will move to GA in Strimzi 0.35. Support for StatefulSets will be removed from Strimzi right after the 0.34 release. Please use the Strimzi 0.33 release to test StrimziPodSets in your environment and report any major or blocking issues before the StatefulSet support is removed.
  • The default length of any new SCRAM-SHA-512 passwords will be 32 characters instead of 12 characters used in the previous Strimzi versions. Existing passwords will not be affected by this change until they are regenerated (for example because the user secret is deleted). If you want to keep using the original password length, you can set it using the STRIMZI_SCRAM_SHA_PASSWORD_LENGTH environment variable in .spec.entityOperator.template.userOperatorContainer.env in the Kafka custom resource or in the
    Deployment of the standalone User Operator.
    userOperatorContainer:
      env:
        - name: STRIMZI_SCRAM_SHA_PASSWORD_LENGTH
          value: "12"
  • In previous versions, the ssl.secure.random.implementation option in Kafka brokers was always set to SHA1PRNG. From Strimzi 0.33 on, it is using the default SecureRandom implementation from the Java Runtime. If you want to keep using SHA1PRNG as your SecureRandom, you can configure it in .spec.kafka.config in your Kafka custom resource.
  • Support for JmxTrans in Strimzi is deprecated. It is currently planned to be removed in Strimzi 0.35.0.
  • Support for type: jaeger tracing based on Jaeger clients and OpenTracing API was deprecated in the Strimzi 0.31 release. As the Jaeger clients are retired and the OpenTracing project is archived, we cannot guarantee their support for future versions. In Strimzi 0.32 and 0.33, we added support for OpenTelemetry tracing as a replacement. If possible, we will maintain the support for type: jaeger tracing until June 2023 and remove it afterward. Please migrate to OpenTelemetry as soon as possible.
  • When OpenTelemetry is enabled for tracing, starting from this release, the operator configures the OTLP exporter instead of the Jaeger one by default. The Jaeger exporter is even not included in the Kafka images anymore, so if you want to use it you have to add the binary by yourself. The OTEL_EXPORTER_OTLP_ENDPOINT environment variable has to be used instead of the OTEL_EXPORTER_JAEGER_ENDPOINT in order to specify the OTLP endpoint to send traces to. If you are using Jaeger as the backend system for tracing, you need to have 1.35 release at least which is the first one exposing an OLTP endpoint.

All changes can be found under the 0.33.0 milestone.

Maven artifacts

To test the Maven artifacts which are part of this release, use the staging repository by including the following in your pom.xml:

  <repositories>
    <repository>
      <id>staging</id>
      <url>https://oss.sonatype.org/content/repositories/iostrimzi-1169/</url>
    </repository>
  </repositories>

Upgrading from Strimzi 0.32.0

See the documentation for upgrade instructions.

Upgrading from Strimzi 0.22 or earlier

Direct upgrade from Strimzi 0.22 or earlier is not supported anymore! You have to upgrade first to one of the previous versions of Strimzi. You will also need to convert the CRD resources. For more details, see the documentation.

0.32.0

03 Nov 14:42
Compare
Choose a tag to compare

Main changes since 0.31

⚠️ Important: From Strimzi 0.32.0, Strimzi supports only Kubernetes 1.19 and newer! Kubernetes versions 1.16, 1.17 and 1.18 are not supported anymore.

⚠️ Important: Direct upgrade from Strimzi 0.22 or earlier is not supported anymore!

  • Add support for Kafka 3.3.1 and remove support for Kafka 3.1.0, 3.1.1, and 3.1.2
  • Update KafkaConnector CR status so the 'NotReady' condition is added if the connector or any tasks are reporting a 'FAILED' state.
  • Add auto-approval mechanism on KafkaRebalance resource when an optimization proposal is ready
  • The ControlPlaneListener feature gate moves to GA
  • Add client rack-awareness support to Strimzi Bridge pods
  • Add support for OpenTelemetry for distributed tracing
  • ZookeeperRoller considers unready pods
  • Support multiple operations per ACLRule
  • Add new listener type "cluster-ip" which is using per-broker services instead of the pod DNS names
  • Update Strimzi OAuth library to 0.11.0

All changes can be found under the 0.32.0 milestone.

⚠️ Important: Strimzi OpenTelemetry support moving from Jaeger to OLTP exporter

This release has OpenTelemetry support by using the Jaeger exporter by default.
This exporter needs a Jaeger endpoint to send traces to.
OpenTelemetry project encourages use of the OLTP exporter and will deprecate and remove the Jaeger exporter in the future.
For this reason, the Strimzi project is going to move from the Jaeger exporter to the OTLP exporter for the next releases.
In order to use it, the minimum version of the Jaeger backend has to be 1.35 because it's the first version exposing an OLTP endpoint for getting traces from such an OLTP exporter.
When the migration is done, Strimzi users can still use the Jaeger exporter if they want by building their own image with the opentelemetry-exporter-jaeger library and setting OTEL_TRACES_EXPORTER=jaeger environment variable.

Upgrading from Strimzi 0.31.0

See the documentation for upgrade instructions.

Upgrading from Strimzi 0.22 or earlier

Direct upgrade from Strimzi 0.22 or earlier is not supported anymore! You have to upgrade first to one of the previous versions of Strimzi. You will also need to convert the CRD resources. For more details, see the documentation.

0.32.0-rc1

29 Oct 19:01
Compare
Choose a tag to compare
0.32.0-rc1 Pre-release
Pre-release

Main changes since 0.31

Important: From Strimzi 0.32.0, Strimzi supports only Kubernetes 1.19 and newer! Kubernetes versions 1.16, 1.17 and 1.18 are not supported anymore.

Important: Direct upgrade from Strimzi 0.22 or earlier is not supported anymore!

  • Add support for Kafka 3.3.1 and remove support for Kafka 3.1.0, 3.1.1, and 3.1.2
  • Update KafkaConnector CR status so the 'NotReady' condition is added if the connector or any tasks are reporting a 'FAILED' state.
  • Add auto-approval mechanism on KafkaRebalance resource when an optimization proposal is ready
  • The ControlPlaneListener feature gate moves to GA
  • Add client rack-awareness support to Strimzi Bridge pods
  • Add support for OpenTelemetry for distributed tracing
  • ZookeeperRoller considers unready pods
  • Support multiple operations per ACLRule
  • Add new listener type "cluster-ip" which is using per-broker services instead of the pod DNS names
  • Update Strimzi OAuth library to 0.11.0

All changes can be found under the 0.32.0 milestone.

Maven artifacts

To test the Maven artifacts which are part of this release, use the staging repository by including following in your pom.xml:

  <repositories>
    <repository>
      <id>staging</id>
      <url>https://oss.sonatype.org/content/repositories/iostrimzi-1204</url>
    </repository>
  </repositories>

Upgrading from Strimzi 0.31.0

See the documentation for upgrade instructions.

Upgrading from Strimzi 0.22 or earlier

Direct upgrade from Strimzi 0.22 or earlier is not supported anymore! You have to upgrade first to one of the previous versions of Strimzi. You will also need to convert the CRD resources. For more details, see the documentation.