- Adding and removing volumes in Jbod Storage
- Log at the warn level when a custom resource uses deprecated or unknown properties
- Reduce the number of images needed to run Strimzi to just two:
kafkaandoperator. - Add support for unprivileged users to install the operator with Helm
- Support for Kafka 2.2.0
- Support off-cluster access using Kubernetes Nginx Ingress
- Add ability to configure Image Pull Secrets for all pods in Cluster Operator
- Support for SASL PLAIN mechanism in Kafka Connect and Mirror Maker (for use with non-Strimzi Kafka cluster)
- Add resizing of persistent volumes
- Allow to specify different storage class for every broker
- Add support for JBOD storage for Kafka brokers
- Allow users to configure the default ImagePullPolicy
- Add Prometheus alerting
- Resources for alert manager deployment and configuration
- Alerting rules with alert examples from Kafka and Zookeeper metrics
- Enrich configuration options for off cluster access
- Support for watching all namespaces
- Operator Lifecycle Manager integration
- Support for Kafka 2.1.0
- Support for Kafka upgrades
- Add healthchecks to TLS sidecars
- Add support for new fields in the Pod template: terminationGracePeriod, securityContext and imagePullSecrets
- Rename annotations to use the
strimzi.iodomain consistently (The old annotations are deprecated, but still functional):cluster.operator.strimzi.io/delete-claim→strimzi.io/delete-claimoperator.strimzi.io/manual-rolling-update→strimzi.io/manual-rolling-updateoperator.strimzi.io/delete-pod-and-pvc→strimzi.io/delete-pod-and-pvcoperator.strimzi.io/generation→strimzi.io/generation
- Add support for mounting Secrets and Config Maps into Kafka Connect and Kafka Connect S2I
- Add support for NetworkPolicy peers in listener configurations
- Make sure the TLS sidecar pods shutdown only after the main container
- Add support for Pod Disruption Budgets
- Add possibility to label and annotate different resources (#1039)
- Add support for TransactionalID in KafkaUser resource
- Update to Kafka 2.0.1
- Add maintenance time windows support for allowing CA certificates renewal rolling update started only in specific times (#1117)
- Add support for upgrading between Kafka versions (#1103). This removes support for
STRIMZI_DEFAULT_KAFKA_IMAGEenvironment variable in the Cluster Operator, replacing it withSTRIMZI_KAFKA_IMAGES.
- Run images under group 0 to avoid storage issues
- Fix certificate renewal issues
- Support for unencrypted connections on LoadBalancers and NodePorts.
- Better support for TLS hostname verification for external connections
- Certificate renewal / expiration
- Mirror Maker operator
- Triggering rolling update / pod deletion manually
- Exposing Kafka to the outside using:
- OpenShift Routes
- LoadBalancers
- NodePorts
- Use less wide RBAC permissions (
ClusterRoleBindingswhere converted toRoleBindingswhere possible) - Support for SASL authentication using the SCRAM-SHA-512 mechanism added to Kafka Connect and Kafka Connect with S2I support
- Network policies for managing access to Zookeeper ports and Kafka replication ports
- Use OwnerReference and Kubernetes garbage collection feature to delete resources and to track the ownership
- Helm chart for Strimzi Cluster Operator
- Topic Operator moving to Custom Resources instead of Config Maps
- Make it possible to enabled and disable:
- Listeners
- Authorization
- Authentication
- Configure Kafka super users (
super.usersfield in Kafka configuration) - User Operator
- Managing users and their ACL rights
- Added new Entity Operator for deploying:
- User Operator
- Topic Operator
- Deploying the Topic Operator outside of the new Entity Operator is now deprecated
- Kafka 2.0.0
- Kafka Connect:
- Added TLS support for connecting to the Kafka cluster
- Added TLS client authentication when connecting to the Kafka cluster
- The Cluster Operator now manages RBAC resource for managed resources:
ServiceAccountandClusterRoleBindingsfor Kafka podsServiceAccountandRoleBindingsfor the Topic Operator pods
- Renaming of Kubernetes services (Backwards incompatible!)
- Kubernetes services for Kafka, Kafka Connect and Zookeeper have been renamed to better correspond to their purpose
xxx-kafka->xxx-kafka-bootstrapxxx-kafka-headless->xxx-kafka-brokersxxx-zookeeper->xxx-zookeeper-clientxxx-zookeeper-headless->xxx-zookeeper-nodesxxx-connect->xxx-connect-api
- Cluster Operator moving to Custom Resources instead of Config Maps
- TLS support has been added to Kafka, Zookeeper and Topic Operator. The following channels are now encrypted:
- Zookeeper cluster communication
- Kafka cluster commbunication
- Communication between Kafka and Zookeeper
- Communication between Topic Operator and Kafka / Zookeeper
- Logging configuration for Kafka, Kafka Connect and Zookeeper
- Add support for Pod Affinity and Anti-Affinity
- Add support for Tolerations
- Configuring different JVM options
- Support for broker rack in Kafka
- Better configurability of Kafka, Kafka Connect, Zookeeper
- Support for Kubernetes request and limits
- Support for JVM memory configuration of all components
- Controllers renamed to operators
- Improved log verbosity of Cluster Operator
- Update to Kafka 1.1.0