Ansible Playbooks for Confluent Platform Release Notes

Ansible Playbooks for Confluent Platform (Confluent Ansible) offers a simplified way to configure and deploy Confluent Platform.

The following sections summarize the technical details of the Confluent Ansible 8.0 releases.

Ansible Playbooks for Confluent Platform 8.0.0 Release Notes

Ansible Playbooks for Confluent Platform (Confluent Ansible) 8.0.0 allows you to deploy Confluent Platform version 8.0.0.

This release supports Ansible versions 9.x to 11.x and Python versions 3.10+. The recommended Ansible versions are 11.x.

New features and enhancements

Confluent Ansible follows an independent release cycle

Starting from version 8.0.0, Confluent Ansible follows an independent release cycle. The Confluent Ansible version number does not necessarily map to the Confluent Platform version. While it coincidentally aligns at 8.0.0 for both Confluent Platform and Confluent Ansible, future versions may diverge.

For the supported Confluent Platform version for a specific version of Confluent Ansible, refer to the version mapping table.

Zookeeper deprecation and removal

Starting with Confluent Platform version 8.0, ZooKeeper has been deprecated and is no longer included in Confluent Platform 8.0 and later.

Migrate your Confluent Platform 7.x deployment to KRaft, first, and then upgrade Confluent Ansible and Confluent Platform to 8.0 to use KRaft.

For details, see Upgrade ZooKeeper-based Confluent Platform deployment.

Confluent Control Center 2.2 support

This version of Confluent Ansible is compatible with Confluent Control Center 2.2.0.

Control Center can be deployed on machines on an IPv6 network, an IPv4 network, or dual-stack with both IPv4 and IPv6.

mTLS with RBAC brownfield support

Brownfield deployment for using mTLS identities with RBAC authorization is now generally available. You can use Confluent Ansible to migrate Confluent Platform to enable RBAC with mTLS.

See Role-based access control using mTLS.

Passwordless OAuth/OIDC authentication

Support for OpenID Connect (OIDC) authentication and Open Authorization (OAuth) 2.0 authorization has been enhanced with client assertion for Kafka, KRaft, MDS, and Schema Registry. This feature uses a pre-signed assertion rather than a static client credential for passwordless authentication.

See Configure Authentication for Confluent Platform with Ansible Playbooks.

Internet protocol version 6 (IPv6) support
Full IPv6 support is now available across all Confluent Platform components, including Control Center.
Log4j 2 support

Confluent Platform 8.0 supports Log4j 2 for log redactor and other log features.

For configuring Log Redactor using Confluent Ansible and Log4j 2, see Configure Log Redactor for Confluent Platform with Ansible Playbooks.

SNI validation
Due to the Jetty 12 upgrade, SNI validation is enabled by default in Confluent Platform for encryption. For disabling SNI validation, see Configure Encryption for Confluent Platform with Ansible Playbooks.

Upgrade consideration

There are a number of breaking changes and other major upgrades in Confluent Platform 8.0.0 that Ansible Playbooks for Confluent Platform 8.0.0 supports.