Ansible Playbooks for Confluent Platform Release Notes¶
Ansible Playbooks for Confluent Platform (Confluent Ansible) offers a simplified way to configure and deploy Confluent Platform.
The following sections summarize the technical details of the Confluent Ansible 8.0 releases.
Ansible Playbooks for Confluent Platform 8.0.0 Release Notes¶
Ansible Playbooks for Confluent Platform (Confluent Ansible) 8.0.0 allows you to deploy Confluent Platform version 8.0.0.
This release supports Ansible versions 9.x to 11.x and Python versions 3.10+. The recommended Ansible versions are 11.x.
New features and enhancements¶
- Confluent Ansible follows an independent release cycle
Starting from version 8.0.0, Confluent Ansible follows an independent release cycle. The Confluent Ansible version number does not necessarily map to the Confluent Platform version. While it coincidentally aligns at 8.0.0 for both Confluent Platform and Confluent Ansible, future versions may diverge.
For the supported Confluent Platform version for a specific version of Confluent Ansible, refer to the version mapping table.
- Zookeeper deprecation and removal
Starting with Confluent Platform version 8.0, ZooKeeper has been deprecated and is no longer included in Confluent Platform 8.0 and later.
Migrate your Confluent Platform 7.x deployment to KRaft, first, and then upgrade Confluent Ansible and Confluent Platform to 8.0 to use KRaft.
For details, see Upgrade ZooKeeper-based Confluent Platform deployment.
- Confluent Control Center 2.2 support
This version of Confluent Ansible is compatible with Confluent Control Center 2.2.0.
Control Center can be deployed on machines on an IPv6 network, an IPv4 network, or dual-stack with both IPv4 and IPv6.
- mTLS with RBAC brownfield support
Brownfield deployment for using mTLS identities with RBAC authorization is now generally available. You can use Confluent Ansible to migrate Confluent Platform to enable RBAC with mTLS.
- Passwordless OAuth/OIDC authentication
Support for OpenID Connect (OIDC) authentication and Open Authorization (OAuth) 2.0 authorization has been enhanced with client assertion for Kafka, KRaft, MDS, and Schema Registry. This feature uses a pre-signed assertion rather than a static client credential for passwordless authentication.
See Configure Authentication for Confluent Platform with Ansible Playbooks.
- Internet protocol version 6 (IPv6) support
- Full IPv6 support is now available across all Confluent Platform components, including Control Center.
- Log4j 2 support
Confluent Platform 8.0 supports Log4j 2 for log redactor and other log features.
For configuring Log Redactor using Confluent Ansible and Log4j 2, see Configure Log Redactor for Confluent Platform with Ansible Playbooks.
- SNI validation
- Due to the Jetty 12 upgrade, SNI validation is enabled by default in Confluent Platform for encryption. For disabling SNI validation, see Configure Encryption for Confluent Platform with Ansible Playbooks.
Upgrade consideration¶
There are a number of breaking changes and other major upgrades in Confluent Platform 8.0.0 that Ansible Playbooks for Confluent Platform 8.0.0 supports.
ZooKeeper removal in Confluent Platform
Log4j removal and Log4j 2 support
Confluent Control Center (Legacy) removal and Confluent Control Center support
For the notes about upgrading Confluent Control Center (Legacy) to Control Center, see Upgrade Confluent Platform with Ansible Playbooks.