Ansible Playbooks for Confluent Platform Release Notes

Ansible Playbooks for Confluent Platform (Confluent Ansible) offers a simplified way to configure and deploy Confluent Platform.

The following sections summarize the technical details of the Confluent Ansible 8.0 releases.

Ansible Playbooks for Confluent Platform 8.0.3 Release Notes

Ansible Playbooks for Confluent Platform (Confluent Ansible) 8.0.3 allows you to deploy Confluent Platform version 8.0.3.

This release supports Ansible versions 9.x to 11.x and Python versions 3.10+. The recommended Ansible versions are 11.x.

Notable fixes

• Enhanced security by masking potentially exposed sensitive secrets.

• Fixed idempotency on configuration files when using the secrets protection feature.

• Added ability to override a list of loggers using the update_log4j task in the common role.

• Made retries and delays in health checks configurable for users.

• Introduced indexing and default rollover strategy for Log4j 2 file.

• Fixed the failures in rolling deployments of connectors when mTLS was enabled and a key store and trust store were provided.

• ZooKeeper-based Kafka cluster on Just a Bunch of Disks (JBOD) can use the migration playbook to move to KRaft.

• Replaced the deprecated apt-key add command with modern APT key management commands.

• For the list of security and vulnerability issues fixed in this release, see Security Advisories and Security Release Notes.

Ansible Playbooks for Confluent Platform 8.0.2 Release Notes

Ansible Playbooks for Confluent Platform (Confluent Ansible) 8.0.2 allows you to deploy Confluent Platform version 8.0.2.

This release supports Ansible versions 9.x to 11.x and Python versions 3.10+. The recommended Ansible versions are 11.x.

Notable fixes

• For the list of security and vulnerability issues fixed in this release, see Security Advisories and Security Release Notes.

Ansible Playbooks for Confluent Platform 8.0.1 Release Notes

Ansible Playbooks for Confluent Platform (Confluent Ansible) 8.0.1 allows you to deploy Confluent Platform version 8.0.1.

This release supports Ansible versions 9.x to 11.x and Python versions 3.10+. The recommended Ansible versions are 11.x.

Notable enhancements

• Added configurations to enable Jolokia Access Control.

  See Jolokia access control.

Notable fixes

• Removed Confluent Metrics Reporter configuration from the Kafka broker and KRaft controller.

• Fixed the Prometheus/Alertmanager health checks for Control Center.

• Fixed an issue when enabling the systemd service for Control Center archive installations.

• For the list of security and vulnerability issues fixed in this release, see Security Advisories and Security Release Notes.

Ansible Playbooks for Confluent Platform 8.0.0 Release Notes

Ansible Playbooks for Confluent Platform (Confluent Ansible) 8.0.0 allows you to deploy Confluent Platform version 8.0.0.

This release supports Ansible versions 9.x to 11.x and Python versions 3.10+. The recommended Ansible versions are 11.x.

New features and enhancements

Confluent Ansible follows an independent release cycle

Starting from version 8.0.0, Confluent Ansible follows an independent release cycle. The Confluent Ansible version number does not necessarily map to the Confluent Platform version. While it coincidentally aligns at 8.0.0 for both Confluent Platform and Confluent Ansible, future versions may diverge.

For the supported Confluent Platform version for a specific version of Confluent Ansible, refer to the version mapping table.

Zookeeper deprecation and removal

Starting with Confluent Platform version 8.0, ZooKeeper has been deprecated and is no longer included in Confluent Platform 8.0 and later.

Migrate your Confluent Platform 7.x deployment to KRaft, first, and then upgrade Confluent Ansible and Confluent Platform to 8.0 to use KRaft.

For details, see Upgrade ZooKeeper-based Confluent Platform deployment.

Confluent Control Center 2.2 support

This version of Confluent Ansible is compatible with Confluent Control Center 2.2.0.

Control Center can be deployed on machines on an IPv6 network, an IPv4 network, or dual-stack with both IPv4 and IPv6.

mTLS with RBAC brownfield support

Brownfield deployment for using mTLS identities with RBAC authorization is now generally available. You can use Confluent Ansible to migrate Confluent Platform to enable RBAC with mTLS.

See Role-based access control using mTLS.

Passwordless OAuth/OIDC authentication

Support for OpenID Connect (OIDC) authentication and Open Authorization (OAuth) 2.0 authorization has been enhanced with client assertion for Kafka, KRaft, MDS, and Schema Registry. This feature uses a pre-signed assertion rather than a static client credential for passwordless authentication.

See Configure Authentication for Confluent Platform with Ansible Playbooks.

Internet protocol version 6 (IPv6) support

Full IPv6 support is now available across all Confluent Platform components, including Control Center.

Log4j 2 support

Confluent Platform 8.0 supports Log4j 2 for log redactor and other log features.

For configuring Log Redactor using Confluent Ansible and Log4j 2, see Configure Log Redactor for Confluent Platform with Ansible Playbooks.

SNI validation

Due to the Jetty 12 upgrade, SNI validation is enabled by default in Confluent Platform for encryption. For disabling SNI validation, see Configure Encryption for Confluent Platform with Ansible Playbooks.

Upgrade consideration

There are a number of breaking changes and other major upgrades in Confluent Platform 8.0.0 that Ansible Playbooks for Confluent Platform 8.0.0 supports.

• ZooKeeper removal in Confluent Platform

  See Upgrade ZooKeeper-based Confluent Platform deployment.

• Log4j removal and Log4j 2 support

  See Upgrade Confluent Platform with Ansible Playbooks.

• Confluent Control Center (Legacy) removal and Confluent Control Center support

  For the notes about upgrading Confluent Control Center (Legacy) to Control Center, see Upgrade Confluent Platform with Ansible Playbooks.