Cloudera Docs

Release notes

Learn about the new features, improvements, known and fixed issues, limitations, unsupported features, as well as deprecations and removals in this release of Cloudera Streams Messaging - Kubernetes Operator.

What's New

Learn about the new features and notable changes in this release.

Cloudera Surveyor for Apache Kafka

Cloudera Surveyor is a standalone application that allows you to efficiently monitor and manage your Kafka clusters through a graphical user interface. It offers insights into cluster health and performance, enabling you to oversee brokers, topics, and consumer groups. Additionally, it supports essential Kafka management actions, streamlining cluster administration.

Cloudera Surveyor is a new component within the Cloudera ecosystem. Unlike other components in Cloudera Streams Messaging - Kubernetes Operator, which are based on open source projects, Cloudera Surveyor is proprietary software developed by Cloudera.

It is compatible with any Kafka distribution that provides an API compatible with Apache Kafka 2.4.1 or higher. This includes Kafka clusters deployed with the Strimzi Cluster Operator in Cloudera Streams Messaging - Kubernetes Operator, Kafka clusters running in Cloudera on premises and Cloudera on cloud, as well as third-party Kafka distributions.

Learn more:

Configurable allow list of URLs for OAuth and LDAP authentication

Two new environment variables are introduced for Kafka that enable you to specify an allow list of URLs for OAuth and LDAP authentication mechanisms. This gives you stricter control over which URLs can be accessed by Kafka. The new environment variables are as follows.

  • OAuthorg.apache.kafka.sasl.oauthbearer.allowed.urls

  • LDAPcom.cloudera.kafka.ldap.allowed.urls

If these variables are left empty (default), connection to any URL is allowed. When configured, Kafka is only allowed to connect to the specified URLs. Configure these variables in your KafkaNodePool resource using spec.jvmOptions.javaSystemProperties.

#...
kind: KafkaNodePool
spec:
  jvmOptions:
    javaSystemProperties:
      - name: com.cloudera.kafka.ldap.allowed.urls
        value: http://www.ldap-example-1.com,http://www.ldap-example-2.com
      - name: org.apache.kafka.sasl.oauthbearer.allowed.urls
        value: http://www.oauth-example-1.com,http://www.oauth-example-2.com

Fixed Issues

There are no fixed issues in this release.

Known Issues

Learn about the known issues in this release.

CSMDS-334: ZooKeeper pods are running but Kafka pods are not created
Under certain circumstances, ZooKeeper pods might not be able to form a quorum. In a case like this, the creation of the Kafka cluster gets stuck in a state where ZooKeeper pods are running, but Kafka pods are not created.
If you encounter this issue, at least one of the ZooKeeper pods logs a WARN entry similar to the following: 
2024-02-23 18:45:00,311 WARN Unexpected exception (org.apache.zookeeper.server.quorum.QuorumPeer) [QuorumPeer[myid=3](plain=127.0.0.1:12181)(secure=[0:0:0:0:0:0:0:0]:2181)]
java.lang.InterruptedException: Timeout while waiting for epoch from quorum
	at org.apache.zookeeper.server.quorum.Leader.getEpochToPropose(Leader.java:1443)
	at org.apache.zookeeper.server.quorum.Leader.lead(Leader.java:606)
	at org.apache.zookeeper.server.quorum.QuorumPeer.run(QuorumPeer.java:1552)

This is caused by a race condition issue in ZooKeeper. ZooKeeper is unable to recover from this state automatically.

Delete the ZooKeeper pods that are unable to form a quorum.
kubectl delete pod [***ZOOKEEPER POD***] -n [***NAMESPACE***]

The Strimzi Cluster Operator automatically recreates the ZooKeeper pods that are deleted. The newly created ZooKeeper pods are less likely to encounter the issue.

CSMDS-953: Kafka and ZooKeeper might experience downtime during upgrades
Under certain circumstances, ZooKeeper pods might not be able to form a quorum during an upgrade. This results in both ZooKeeper and Kafka becoming unavailable for several minutes during an upgrade.

After a certain amount of time, failed ZooKeeper pods are automatically recreated by the Strimzi Cluster Operator, and the upgrade succeeds.

If you encounter this issue, at least one of the ZooKeeper pods will log the following error:
java.net.BindException: Cannot assign requested address

This issue affects ZooKeeper-based deployments only.

Unsupported features

Learn what features are unsupported in this release.

Unsupported Strimzi features
  • Kafka MirrorMaker
  • Kafka MirrorMaker 2
  • Kafka Bridge
  • Kafka cluster creation without using KafkaNodePool resources
Unsupported Cloudera Surveyor features
  • REST API

    Calling the REST API directly using any kind of tooling or using it programmatically is unsupported. At this time, the API is evolving and is subject to major, backward incompatible changes.

Deprecations and removals

Learn what is deprecated or removed in this release.

Deprecations

ZooKeeper
ZooKeeper is deprecated. Deploying new or using existing Kafka clusters running in ZooKeeper mode is deprecated. ZooKeeper will be removed in a future release. When deploying new Kafka clusters, deploy them in KRaft mode. Cloudera encourages you to migrate existing clusters to KRaft.

Removals

There are no removals in this release.