From ca13920bed1c3eb1e8e08951f06936968413f576 Mon Sep 17 00:00:00 2001
From: Jakub Scholz <www@scholzj.com>
Date: Thu, 10 Feb 2022 19:02:18 +0100
Subject: [PATCH] Prepare for 0.28.0 (RC1)
Signed-off-by: Jakub Scholz <www@scholzj.com>
---
.checksums | 6 +-
api/pom.xml | 2 +-
certificate-manager/pom.xml | 2 +-
cluster-operator/pom.xml | 2 +-
config-model-generator/pom.xml | 2 +-
config-model/pom.xml | 2 +-
crd-annotations/pom.xml | 2 +-
crd-generator/pom.xml | 2 +-
examples/connect/kafka-connect.yaml | 2 +-
.../cruise-control/kafka-cruise-control.yaml | 4 +-
examples/kafka/kafka-ephemeral-single.yaml | 4 +-
examples/kafka/kafka-ephemeral.yaml | 4 +-
examples/kafka/kafka-jbod.yaml | 4 +-
examples/kafka/kafka-persistent-single.yaml | 4 +-
examples/kafka/kafka-persistent.yaml | 4 +-
examples/metrics/jmxtrans/jmxtrans.yaml | 4 +-
examples/metrics/kafka-connect-metrics.yaml | 2 +-
.../metrics/kafka-cruise-control-metrics.yaml | 4 +-
examples/metrics/kafka-metrics.yaml | 4 +-
.../metrics/kafka-mirror-maker-2-metrics.yaml | 2 +-
...ror-maker-2-custom-replication-policy.yaml | 6 +-
.../kafka-mirror-maker-2-sync-groups.yaml | 2 +-
.../kafka-mirror-maker-2-tls.yaml | 2 +-
.../mirror-maker/kafka-mirror-maker-2.yaml | 2 +-
.../mirror-maker/kafka-mirror-maker-tls.yaml | 2 +-
examples/mirror-maker/kafka-mirror-maker.yaml | 2 +-
examples/mirror-maker/kafka-source.yaml | 4 +-
examples/mirror-maker/kafka-target.yaml | 4 +-
.../security/keycloak-authorization/README.md | 4 +-
...ephemeral-oauth-single-keycloak-authz.yaml | 4 +-
.../security/scram-sha-512-auth/connect.yaml | 2 +-
.../security/scram-sha-512-auth/kafka.yaml | 4 +-
examples/security/tls-auth/connect.yaml | 2 +-
examples/security/tls-auth/kafka.yaml | 4 +-
.../helm3/strimzi-kafka-operator/README.md | 4 +-
.../crds/040-Crd-kafka.yaml | 96 +++++++++++-
.../crds/041-Crd-kafkaconnect.yaml | 6 +
.../crds/045-Crd-kafkamirrormaker.yaml | 12 ++
.../crds/046-Crd-kafkabridge.yaml | 6 +
.../crds/048-Crd-kafkamirrormaker2.yaml | 6 +
.../crds/049-Crd-kafkarebalance.yaml | 5 +-
.../templates/NOTES.txt | 2 +-
.../templates/_kafka_image_map.tpl | 20 +--
.../helm3/strimzi-kafka-operator/values.yaml | 6 +-
install/cluster-operator/040-Crd-kafka.yaml | 142 ++++++++++++++++--
.../041-Crd-kafkaconnect.yaml | 9 ++
.../045-Crd-kafkamirrormaker.yaml | 20 +++
.../cluster-operator/046-Crd-kafkabridge.yaml | 9 ++
.../048-Crd-kafkamirrormaker2.yaml | 10 ++
.../049-Crd-kafkarebalance.yaml | 8 +-
...0-Deployment-strimzi-cluster-operator.yaml | 44 +++---
.../05-Deployment-strimzi-topic-operator.yaml | 2 +-
.../05-Deployment-strimzi-user-operator.yaml | 2 +-
kafka-agent/pom.xml | 2 +-
kafka-init/pom.xml | 2 +-
mirror-maker-agent/pom.xml | 2 +-
mockkube/pom.xml | 2 +-
operator-common/pom.xml | 2 +-
.../security/keycloak-authorization/README.md | 4 +-
.../helm3/strimzi-kafka-operator/README.md | 2 +-
.../helm3/strimzi-kafka-operator/values.yaml | 2 +-
packaging/helm-charts/index.yaml | 30 +++-
...0-Deployment-strimzi-cluster-operator.yaml | 38 ++---
.../05-Deployment-strimzi-topic-operator.yaml | 2 +-
.../05-Deployment-strimzi-user-operator.yaml | 2 +-
pom.xml | 2 +-
release.version | 2 +-
systemtest/pom.xml | 2 +-
test/pom.xml | 2 +-
topic-operator/pom.xml | 2 +-
tracing-agent/pom.xml | 2 +-
user-operator/pom.xml | 2 +-
72 files changed, 465 insertions(+), 154 deletions(-)
diff --git a/.checksums b/.checksums
index e37441245a0..8c8b47d18f9 100644
--- a/.checksums
+++ b/.checksums
@@ -6,7 +6,7 @@
# if this checksum has changed as part of any non-release specific changes, please apply your changes to the
# development version of the helm charts in ./packaging/helm-charts
### IMPORTANT ###
-HELM_CHART_CHECKSUM="f066257a990aa1673bac17d810f239d6ee526810 -"
+HELM_CHART_CHECKSUM="1b849c733d16236b0fe8b9fd8dfec036f2eb5ffd -"
### IMPORTANT ###
# if the below line has changed, this means the ./install directory has changed
@@ -14,7 +14,7 @@ HELM_CHART_CHECKSUM="f066257a990aa1673bac17d810f239d6ee526810 -"
# if this checksum has changed as part of any non-release specific changes, please apply your changes to the
# development version of the helm charts in ./packaging/install
### IMPORTANT ###
-INSTALL_CHECKSUM="4991501728a9a725b9637b082d98219f91f1cadc -"
+INSTALL_CHECKSUM="bf8702e013e395e058995517a422dbf2acd47fb4 -"
### IMPORTANT ###
# if the below line has changed, this means the ./examples directory has changed
@@ -22,4 +22,4 @@ INSTALL_CHECKSUM="4991501728a9a725b9637b082d98219f91f1cadc -"
# if this checksum has changed as part of any non-release specific changes, please apply your changes to the
# development version of the helm charts in ./packaging/examples
### IMPORTANT ###
-EXAMPLES_CHECKSUM="77a02d9a6f64a0a24d90843eec733e6f0c2b812c -"
+EXAMPLES_CHECKSUM="d4862b639539f19403a79b3fd31058be182a9cc8 -"
diff --git a/api/pom.xml b/api/pom.xml
index e7415a8ee03..da22b2d6fd1 100644
--- a/api/pom.xml
+++ b/api/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>io.strimzi</groupId>
<artifactId>strimzi</artifactId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>api</artifactId>
diff --git a/certificate-manager/pom.xml b/certificate-manager/pom.xml
index 3c48cd2fdb3..9f9f45c5e71 100644
--- a/certificate-manager/pom.xml
+++ b/certificate-manager/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>strimzi</artifactId>
<groupId>io.strimzi</groupId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>certificate-manager</artifactId>
diff --git a/cluster-operator/pom.xml b/cluster-operator/pom.xml
index 245e6299945..8ff8986ecf2 100644
--- a/cluster-operator/pom.xml
+++ b/cluster-operator/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>io.strimzi</groupId>
<artifactId>strimzi</artifactId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>cluster-operator</artifactId>
diff --git a/config-model-generator/pom.xml b/config-model-generator/pom.xml
index 7a11b9568fa..0501ea5d27a 100644
--- a/config-model-generator/pom.xml
+++ b/config-model-generator/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>strimzi</artifactId>
<groupId>io.strimzi</groupId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/config-model/pom.xml b/config-model/pom.xml
index 1da49139b52..d662ffe0c01 100644
--- a/config-model/pom.xml
+++ b/config-model/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>strimzi</artifactId>
<groupId>io.strimzi</groupId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/crd-annotations/pom.xml b/crd-annotations/pom.xml
index eb191b65e6d..0580e7a6df2 100644
--- a/crd-annotations/pom.xml
+++ b/crd-annotations/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>strimzi</artifactId>
<groupId>io.strimzi</groupId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/crd-generator/pom.xml b/crd-generator/pom.xml
index 3a07f2169f7..003c819a392 100644
--- a/crd-generator/pom.xml
+++ b/crd-generator/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>strimzi</artifactId>
<groupId>io.strimzi</groupId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>crd-generator</artifactId>
diff --git a/examples/connect/kafka-connect.yaml b/examples/connect/kafka-connect.yaml
index 1b7c8fa8e0e..14f54b4b60d 100644
--- a/examples/connect/kafka-connect.yaml
+++ b/examples/connect/kafka-connect.yaml
@@ -8,7 +8,7 @@ metadata:
# # needing to call the Connect REST API directly
# strimzi.io/use-connector-resources: "true"
spec:
- version: 3.0.0
+ version: 3.1.0
replicas: 1
bootstrapServers: my-cluster-kafka-bootstrap:9093
tls:
diff --git a/examples/cruise-control/kafka-cruise-control.yaml b/examples/cruise-control/kafka-cruise-control.yaml
index 9d9f0fa7b72..b72e0b94eea 100644
--- a/examples/cruise-control/kafka-cruise-control.yaml
+++ b/examples/cruise-control/kafka-cruise-control.yaml
@@ -4,7 +4,7 @@ metadata:
name: my-cluster
spec:
kafka:
- version: 3.0.0
+ version: 3.1.0
replicas: 3
listeners:
- name: plain
@@ -21,7 +21,7 @@ spec:
transaction.state.log.min.isr: 2
default.replication.factor: 3
min.insync.replicas: 2
- inter.broker.protocol.version: "3.0"
+ inter.broker.protocol.version: "3.1"
storage:
type: ephemeral
zookeeper:
diff --git a/examples/kafka/kafka-ephemeral-single.yaml b/examples/kafka/kafka-ephemeral-single.yaml
index 0b775df4798..61ceaba6804 100644
--- a/examples/kafka/kafka-ephemeral-single.yaml
+++ b/examples/kafka/kafka-ephemeral-single.yaml
@@ -4,7 +4,7 @@ metadata:
name: my-cluster
spec:
kafka:
- version: 3.0.0
+ version: 3.1.0
replicas: 1
listeners:
- name: plain
@@ -21,7 +21,7 @@ spec:
transaction.state.log.min.isr: 1
default.replication.factor: 1
min.insync.replicas: 1
- inter.broker.protocol.version: "3.0"
+ inter.broker.protocol.version: "3.1"
storage:
type: ephemeral
zookeeper:
diff --git a/examples/kafka/kafka-ephemeral.yaml b/examples/kafka/kafka-ephemeral.yaml
index 6d25112fff0..21172a9460c 100644
--- a/examples/kafka/kafka-ephemeral.yaml
+++ b/examples/kafka/kafka-ephemeral.yaml
@@ -4,7 +4,7 @@ metadata:
name: my-cluster
spec:
kafka:
- version: 3.0.0
+ version: 3.1.0
replicas: 3
listeners:
- name: plain
@@ -21,7 +21,7 @@ spec:
transaction.state.log.min.isr: 2
default.replication.factor: 3
min.insync.replicas: 2
- inter.broker.protocol.version: "3.0"
+ inter.broker.protocol.version: "3.1"
storage:
type: ephemeral
zookeeper:
diff --git a/examples/kafka/kafka-jbod.yaml b/examples/kafka/kafka-jbod.yaml
index 785a52613bf..30db3ae86d3 100644
--- a/examples/kafka/kafka-jbod.yaml
+++ b/examples/kafka/kafka-jbod.yaml
@@ -4,7 +4,7 @@ metadata:
name: my-cluster
spec:
kafka:
- version: 3.0.0
+ version: 3.1.0
replicas: 3
listeners:
- name: plain
@@ -21,7 +21,7 @@ spec:
transaction.state.log.min.isr: 2
default.replication.factor: 3
min.insync.replicas: 2
- inter.broker.protocol.version: "3.0"
+ inter.broker.protocol.version: "3.1"
storage:
type: jbod
volumes:
diff --git a/examples/kafka/kafka-persistent-single.yaml b/examples/kafka/kafka-persistent-single.yaml
index 875a06f2dcf..36f38f074a2 100644
--- a/examples/kafka/kafka-persistent-single.yaml
+++ b/examples/kafka/kafka-persistent-single.yaml
@@ -4,7 +4,7 @@ metadata:
name: my-cluster
spec:
kafka:
- version: 3.0.0
+ version: 3.1.0
replicas: 1
listeners:
- name: plain
@@ -21,7 +21,7 @@ spec:
transaction.state.log.min.isr: 1
default.replication.factor: 1
min.insync.replicas: 1
- inter.broker.protocol.version: "3.0"
+ inter.broker.protocol.version: "3.1"
storage:
type: jbod
volumes:
diff --git a/examples/kafka/kafka-persistent.yaml b/examples/kafka/kafka-persistent.yaml
index b18559efde6..7e71f75d04f 100644
--- a/examples/kafka/kafka-persistent.yaml
+++ b/examples/kafka/kafka-persistent.yaml
@@ -4,7 +4,7 @@ metadata:
name: my-cluster
spec:
kafka:
- version: 3.0.0
+ version: 3.1.0
replicas: 3
listeners:
- name: plain
@@ -21,7 +21,7 @@ spec:
transaction.state.log.min.isr: 2
default.replication.factor: 3
min.insync.replicas: 2
- inter.broker.protocol.version: "3.0"
+ inter.broker.protocol.version: "3.1"
storage:
type: jbod
volumes:
diff --git a/examples/metrics/jmxtrans/jmxtrans.yaml b/examples/metrics/jmxtrans/jmxtrans.yaml
index 82b7fbdcb5b..970bf648dcc 100644
--- a/examples/metrics/jmxtrans/jmxtrans.yaml
+++ b/examples/metrics/jmxtrans/jmxtrans.yaml
@@ -4,7 +4,7 @@ metadata:
name: my-cluster
spec:
kafka:
- version: 3.0.0
+ version: 3.1.0
replicas: 2
listeners:
- name: plain
@@ -21,7 +21,7 @@ spec:
transaction.state.log.min.isr: 1
default.replication.factor: 1
min.insync.replicas: 1
- inter.broker.protocol.version: "3.0"
+ inter.broker.protocol.version: "3.1"
storage:
type: ephemeral
jmxOptions:
diff --git a/examples/metrics/kafka-connect-metrics.yaml b/examples/metrics/kafka-connect-metrics.yaml
index 1e3c349ba1f..782394c480b 100644
--- a/examples/metrics/kafka-connect-metrics.yaml
+++ b/examples/metrics/kafka-connect-metrics.yaml
@@ -5,7 +5,7 @@ metadata:
labels:
app: my-connect-cluster
spec:
- version: 3.0.0
+ version: 3.1.0
replicas: 1
bootstrapServers: my-cluster-kafka-bootstrap:9092
metricsConfig:
diff --git a/examples/metrics/kafka-cruise-control-metrics.yaml b/examples/metrics/kafka-cruise-control-metrics.yaml
index 3b020dcbb50..d396b36e65d 100644
--- a/examples/metrics/kafka-cruise-control-metrics.yaml
+++ b/examples/metrics/kafka-cruise-control-metrics.yaml
@@ -4,7 +4,7 @@ metadata:
name: my-cluster
spec:
kafka:
- version: 3.0.0
+ version: 3.1.0
replicas: 3
listeners:
- name: plain
@@ -19,7 +19,7 @@ spec:
offsets.topic.replication.factor: 3
transaction.state.log.replication.factor: 3
transaction.state.log.min.isr: 2
- inter.broker.protocol.version: "3.0"
+ inter.broker.protocol.version: "3.1"
storage:
type: ephemeral
zookeeper:
diff --git a/examples/metrics/kafka-metrics.yaml b/examples/metrics/kafka-metrics.yaml
index 01071f4c3a6..049c348376d 100644
--- a/examples/metrics/kafka-metrics.yaml
+++ b/examples/metrics/kafka-metrics.yaml
@@ -4,7 +4,7 @@ metadata:
name: my-cluster
spec:
kafka:
- version: 3.0.0
+ version: 3.1.0
replicas: 3
listeners:
- name: plain
@@ -27,7 +27,7 @@ spec:
transaction.state.log.min.isr: 2
default.replication.factor: 3
min.insync.replicas: 2
- inter.broker.protocol.version: "3.0"
+ inter.broker.protocol.version: "3.1"
storage:
type: jbod
volumes:
diff --git a/examples/metrics/kafka-mirror-maker-2-metrics.yaml b/examples/metrics/kafka-mirror-maker-2-metrics.yaml
index 22d33dd8eaa..61cbdc80616 100644
--- a/examples/metrics/kafka-mirror-maker-2-metrics.yaml
+++ b/examples/metrics/kafka-mirror-maker-2-metrics.yaml
@@ -5,7 +5,7 @@ metadata:
labels:
app: my-mm2-cluster
spec:
- version: 3.0.0
+ version: 3.1.0
replicas: 1
connectCluster: "my-cluster-target"
clusters:
diff --git a/examples/mirror-maker/kafka-mirror-maker-2-custom-replication-policy.yaml b/examples/mirror-maker/kafka-mirror-maker-2-custom-replication-policy.yaml
index 3287adcb744..53abddffd57 100644
--- a/examples/mirror-maker/kafka-mirror-maker-2-custom-replication-policy.yaml
+++ b/examples/mirror-maker/kafka-mirror-maker-2-custom-replication-policy.yaml
@@ -3,7 +3,7 @@ kind: KafkaMirrorMaker2
metadata:
name: my-mirror-maker-2
spec:
- version: 3.0.0
+ version: 3.1.0
replicas: 1
connectCluster: "my-target-cluster"
clusters:
@@ -25,7 +25,7 @@ spec:
offset-syncs.topic.replication.factor: 1
sync.topic.acls.enabled: "false"
replication.policy.separator: ""
- replication.policy.class: "io.strimzi.kafka.connect.mirror.IdentityReplicationPolicy"
+ replication.policy.class: "org.apache.kafka.connect.mirror.IdentityReplicationPolicy"
heartbeatConnector:
config:
heartbeats.topic.replication.factor: 1
@@ -33,6 +33,6 @@ spec:
config:
checkpoints.topic.replication.factor: 1
replication.policy.separator: ""
- replication.policy.class: "io.strimzi.kafka.connect.mirror.IdentityReplicationPolicy"
+ replication.policy.class: "org.apache.kafka.connect.mirror.IdentityReplicationPolicy"
topicsPattern: ".*"
groupsPattern: ".*"
diff --git a/examples/mirror-maker/kafka-mirror-maker-2-sync-groups.yaml b/examples/mirror-maker/kafka-mirror-maker-2-sync-groups.yaml
index 9a11f454ba8..bf4c46bd514 100644
--- a/examples/mirror-maker/kafka-mirror-maker-2-sync-groups.yaml
+++ b/examples/mirror-maker/kafka-mirror-maker-2-sync-groups.yaml
@@ -3,7 +3,7 @@ kind: KafkaMirrorMaker2
metadata:
name: my-mirror-maker-2
spec:
- version: 3.0.0
+ version: 3.1.0
replicas: 1
connectCluster: "my-target-cluster"
clusters:
diff --git a/examples/mirror-maker/kafka-mirror-maker-2-tls.yaml b/examples/mirror-maker/kafka-mirror-maker-2-tls.yaml
index 921247a0d7b..98adaf033f3 100644
--- a/examples/mirror-maker/kafka-mirror-maker-2-tls.yaml
+++ b/examples/mirror-maker/kafka-mirror-maker-2-tls.yaml
@@ -3,7 +3,7 @@ kind: KafkaMirrorMaker2
metadata:
name: my-mirror-maker-2
spec:
- version: 3.0.0
+ version: 3.1.0
replicas: 1
connectCluster: "my-target-cluster"
clusters:
diff --git a/examples/mirror-maker/kafka-mirror-maker-2.yaml b/examples/mirror-maker/kafka-mirror-maker-2.yaml
index 4e67537acc3..2378f71036a 100644
--- a/examples/mirror-maker/kafka-mirror-maker-2.yaml
+++ b/examples/mirror-maker/kafka-mirror-maker-2.yaml
@@ -3,7 +3,7 @@ kind: KafkaMirrorMaker2
metadata:
name: my-mirror-maker-2
spec:
- version: 3.0.0
+ version: 3.1.0
replicas: 1
connectCluster: "my-target-cluster"
clusters:
diff --git a/examples/mirror-maker/kafka-mirror-maker-tls.yaml b/examples/mirror-maker/kafka-mirror-maker-tls.yaml
index b43dae6f5b0..7ed0dae2abb 100644
--- a/examples/mirror-maker/kafka-mirror-maker-tls.yaml
+++ b/examples/mirror-maker/kafka-mirror-maker-tls.yaml
@@ -3,7 +3,7 @@ kind: KafkaMirrorMaker
metadata:
name: my-mirror-maker
spec:
- version: 3.0.0
+ version: 3.1.0
replicas: 1
consumer:
bootstrapServers: my-source-cluster-kafka-bootstrap:9093
diff --git a/examples/mirror-maker/kafka-mirror-maker.yaml b/examples/mirror-maker/kafka-mirror-maker.yaml
index 6ba0c80a7d8..c67432c9dd5 100644
--- a/examples/mirror-maker/kafka-mirror-maker.yaml
+++ b/examples/mirror-maker/kafka-mirror-maker.yaml
@@ -3,7 +3,7 @@ kind: KafkaMirrorMaker
metadata:
name: my-mirror-maker
spec:
- version: 3.0.0
+ version: 3.1.0
replicas: 1
consumer:
bootstrapServers: my-source-cluster-kafka-bootstrap:9092
diff --git a/examples/mirror-maker/kafka-source.yaml b/examples/mirror-maker/kafka-source.yaml
index e586eadd9ce..336732dc305 100644
--- a/examples/mirror-maker/kafka-source.yaml
+++ b/examples/mirror-maker/kafka-source.yaml
@@ -4,7 +4,7 @@ metadata:
name: my-source-cluster
spec:
kafka:
- version: 3.0.0
+ version: 3.1.0
replicas: 1
listeners:
- name: plain
@@ -21,7 +21,7 @@ spec:
transaction.state.log.min.isr: 1
default.replication.factor: 1
min.insync.replicas: 1
- inter.broker.protocol.version: "3.0"
+ inter.broker.protocol.version: "3.1"
storage:
type: jbod
volumes:
diff --git a/examples/mirror-maker/kafka-target.yaml b/examples/mirror-maker/kafka-target.yaml
index 8a0920bffbb..f5850bf89ab 100644
--- a/examples/mirror-maker/kafka-target.yaml
+++ b/examples/mirror-maker/kafka-target.yaml
@@ -4,7 +4,7 @@ metadata:
name: my-target-cluster
spec:
kafka:
- version: 3.0.0
+ version: 3.1.0
replicas: 1
listeners:
- name: plain
@@ -21,7 +21,7 @@ spec:
transaction.state.log.min.isr: 1
default.replication.factor: 1
min.insync.replicas: 1
- inter.broker.protocol.version: "3.0"
+ inter.broker.protocol.version: "3.1"
storage:
type: jbod
volumes:
diff --git a/examples/security/keycloak-authorization/README.md b/examples/security/keycloak-authorization/README.md
index 5d7e62f52ed..d7f777b5539 100644
--- a/examples/security/keycloak-authorization/README.md
+++ b/examples/security/keycloak-authorization/README.md
@@ -5,10 +5,10 @@ This folder contains an example `Kafka` custom resource configured for OAuth 2.0
- the corresponding `oauth` authentication
The folder also contains a Keycloak realm export to import into your Keycloak instance to support the example.
-Full instructions for the example are available in the [Strimzi Documentation](https://strimzi.io/docs/operators/0.27.1/using.html#con-oauth-authorization-keycloak-example).
+Full instructions for the example are available in the [Strimzi Documentation](https://strimzi.io/docs/operators/0.28.0/using.html#con-oauth-authorization-keycloak-example).
* [kafka-authz-realm.json](./kafka-authz-realm.json)
* The Keycloak realm export file
* [kafka-ephemeral-oauth-single-keycloak-authz.yaml](./kafka-ephemeral-oauth-single-keycloak-authz.yaml)
* The Kafka CR that defines a single-node Kafka cluster with `oauth` authentication and `keycloak` authorization,
- using the `kafka-authz` realm. See [full example instructions](https://strimzi.io/docs/operators/0.27.1/using.html#con-oauth-authorization-keycloak-example) for proper preparation and deployment.
+ using the `kafka-authz` realm. See [full example instructions](https://strimzi.io/docs/operators/0.28.0/using.html#con-oauth-authorization-keycloak-example) for proper preparation and deployment.
diff --git a/examples/security/keycloak-authorization/kafka-ephemeral-oauth-single-keycloak-authz.yaml b/examples/security/keycloak-authorization/kafka-ephemeral-oauth-single-keycloak-authz.yaml
index 332d26088f4..fda5eb0284a 100644
--- a/examples/security/keycloak-authorization/kafka-ephemeral-oauth-single-keycloak-authz.yaml
+++ b/examples/security/keycloak-authorization/kafka-ephemeral-oauth-single-keycloak-authz.yaml
@@ -4,7 +4,7 @@ metadata:
name: my-cluster
spec:
kafka:
- version: 3.0.0
+ version: 3.1.0
replicas: 1
listeners:
- name: tls
@@ -40,7 +40,7 @@ spec:
offsets.topic.replication.factor: 1
transaction.state.log.replication.factor: 1
transaction.state.log.min.isr: 1
- inter.broker.protocol.version: "3.0"
+ inter.broker.protocol.version: "3.1"
storage:
type: ephemeral
zookeeper:
diff --git a/examples/security/scram-sha-512-auth/connect.yaml b/examples/security/scram-sha-512-auth/connect.yaml
index 1059d404a3e..4c04d6d31d3 100644
--- a/examples/security/scram-sha-512-auth/connect.yaml
+++ b/examples/security/scram-sha-512-auth/connect.yaml
@@ -96,7 +96,7 @@ metadata:
# # needing to call the Connect REST API directly
# strimzi.io/use-connector-resources: "true"
spec:
- version: 3.0.0
+ version: 3.1.0
replicas: 1
bootstrapServers: my-cluster-kafka-bootstrap:9093
tls:
diff --git a/examples/security/scram-sha-512-auth/kafka.yaml b/examples/security/scram-sha-512-auth/kafka.yaml
index 60bcb06a7de..e2920fdac8a 100644
--- a/examples/security/scram-sha-512-auth/kafka.yaml
+++ b/examples/security/scram-sha-512-auth/kafka.yaml
@@ -4,7 +4,7 @@ metadata:
name: my-cluster
spec:
kafka:
- version: 3.0.0
+ version: 3.1.0
replicas: 3
listeners:
- name: tls
@@ -21,7 +21,7 @@ spec:
transaction.state.log.min.isr: 2
default.replication.factor: 3
min.insync.replicas: 2
- inter.broker.protocol.version: "3.0"
+ inter.broker.protocol.version: "3.1"
storage:
type: jbod
volumes:
diff --git a/examples/security/tls-auth/connect.yaml b/examples/security/tls-auth/connect.yaml
index 2b0610cb621..21b409f9a44 100644
--- a/examples/security/tls-auth/connect.yaml
+++ b/examples/security/tls-auth/connect.yaml
@@ -96,7 +96,7 @@ metadata:
# # needing to call the Connect REST API directly
# strimzi.io/use-connector-resources: "true"
spec:
- version: 3.0.0
+ version: 3.1.0
replicas: 1
bootstrapServers: my-cluster-kafka-bootstrap:9093
tls:
diff --git a/examples/security/tls-auth/kafka.yaml b/examples/security/tls-auth/kafka.yaml
index 5c949d55803..1f3b0dcb3f9 100644
--- a/examples/security/tls-auth/kafka.yaml
+++ b/examples/security/tls-auth/kafka.yaml
@@ -4,7 +4,7 @@ metadata:
name: my-cluster
spec:
kafka:
- version: 3.0.0
+ version: 3.1.0
replicas: 3
listeners:
- name: tls
@@ -21,7 +21,7 @@ spec:
transaction.state.log.min.isr: 2
default.replication.factor: 3
min.insync.replicas: 2
- inter.broker.protocol.version: "3.0"
+ inter.broker.protocol.version: "3.1"
storage:
type: jbod
volumes:
diff --git a/helm-charts/helm3/strimzi-kafka-operator/README.md b/helm-charts/helm3/strimzi-kafka-operator/README.md
index 14dcb142622..a6732694a74 100644
--- a/helm-charts/helm3/strimzi-kafka-operator/README.md
+++ b/helm-charts/helm3/strimzi-kafka-operator/README.md
@@ -98,7 +98,7 @@ the documentation for more details.
| `watchAnyNamespace` | Watch the whole Kubernetes cluster (all namespaces) | `false` |
| `defaultImageRegistry` | Default image registry for all the images | `quay.io` |
| `defaultImageRepository` | Default image registry for all the images | `strimzi` |
-| `defaultImageTag` | Default image tag for all the images except Kafka Bridge | `0.27.1` |
+| `defaultImageTag` | Default image tag for all the images except Kafka Bridge | `0.28.0` |
| `image.registry` | Override default Cluster Operator image registry | `nil` |
| `image.repository` | Override default Cluster Operator image repository | `nil` |
| `image.name` | Cluster Operator image name | `cluster-operator` |
@@ -159,7 +159,7 @@ the documentation for more details.
| `kafkaBridge.image.registry` | Override default Kafka Bridge image registry | `quay.io` |
| `kafkaBridge.image.repository` | Override default Kafka Bridge image repository | `strimzi` |
| `kafkaBridge.image.name` | Kafka Bridge image name | `kafka-bridge` |
-| `kafkaBridge.image.tag` | Override default Kafka Bridge image tag | `0.21.3` |
+| `kafkaBridge.image.tag` | Override default Kafka Bridge image tag | `0.21.4` |
| `kanikoExecutor.image.registry` | Override default Kaniko Executor image registry | `nil` |
| `kanikoExecutor.image.repository` | Override default Kaniko Executor image repository | `nil` |
| `kanikoExecutor.image.name` | Kaniko Executor image name | `kaniko-executor` |
diff --git a/helm-charts/helm3/strimzi-kafka-operator/crds/040-Crd-kafka.yaml b/helm-charts/helm3/strimzi-kafka-operator/crds/040-Crd-kafka.yaml
index 91de5b484bf..07d89756ffd 100644
--- a/helm-charts/helm3/strimzi-kafka-operator/crds/040-Crd-kafka.yaml
+++ b/helm-charts/helm3/strimzi-kafka-operator/crds/040-Crd-kafka.yaml
@@ -126,6 +126,9 @@ spec:
- key
- secretName
description: Link to Kubernetes Secret containing the OAuth client secret which the Kafka broker can use to authenticate against the authorization server and use the introspect endpoint URI.
+ connectTimeoutSeconds:
+ type: integer
+ description: The connect timeout in seconds when connecting to authorization server. If not set, the effective connect timeout is 60 seconds.
customClaimCheck:
type: string
description: JsonPath filter query to be applied to the JWT token or to the response of the introspection endpoint for additional token validation. Not set by default.
@@ -147,6 +150,12 @@ spec:
fallbackUserNamePrefix:
type: string
description: The prefix to use with the value of `fallbackUserNameClaim` to construct the user id. This only takes effect if `fallbackUserNameClaim` is true, and the value is present for the claim. Mapping usernames and client ids into the same user id space is useful in preventing name collisions.
+ groupsClaim:
+ type: string
+ description: JsonPath query used to extract groups for the user during authentication. Extracted groups can be used by a custom authorizer. By default no groups are extracted.
+ groupsClaimDelimiter:
+ type: string
+ description: A delimiter used to parse groups when they are extracted as a single String value rather than a JSON array. Default value is ',' (comma).
introspectionEndpointUri:
type: string
description: URI of the token introspection endpoint which can be used to validate opaque non-JWT tokens.
@@ -165,9 +174,34 @@ spec:
type: integer
minimum: 1
description: Configures how often are the JWKS certificates refreshed. The refresh interval has to be at least 60 seconds shorter then the expiry interval specified in `jwksExpirySeconds`. Defaults to 300 seconds.
+ listenerConfig:
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ description: Configuration to be used for a specific listener. All values are prefixed with listener.name._<listener_name>_.
maxSecondsWithoutReauthentication:
type: integer
description: Maximum number of seconds the authenticated session remains valid without re-authentication. This enables Apache Kafka re-authentication feature, and causes sessions to expire when the access token expires. If the access token expires before max time or if max time is reached, the client has to re-authenticate, otherwise the server will drop the connection. Not set by default - the authenticated session does not expire when the access token expires. This option only applies to SASL_OAUTHBEARER authentication mechanism (when `enableOauthBearer` is `true`).
+ readTimeoutSeconds:
+ type: integer
+ description: The read timeout in seconds when connecting to authorization server. If not set, the effective read timeout is 60 seconds.
+ sasl:
+ type: boolean
+ description: Enable or disable SASL on this listener.
+ secrets:
+ type: array
+ items:
+ type: object
+ properties:
+ key:
+ type: string
+ description: The key under which the secret value is stored in the Kubernetes Secret.
+ secretName:
+ type: string
+ description: The name of the Kubernetes Secret containing the secret value.
+ required:
+ - key
+ - secretName
+ description: Secrets to be mounted to /opt/kafka/custom-authn-secrets/custom-listener-_<listener_name>-<port>_/_<secret_name>_.
tlsTrustedCertificates:
type: array
items:
@@ -192,7 +226,8 @@ spec:
- tls
- scram-sha-512
- oauth
- description: Authentication type. `oauth` type uses SASL OAUTHBEARER Authentication. `scram-sha-512` type uses SASL SCRAM-SHA-512 Authentication. `tls` type uses TLS Client Authentication. `tls` type is supported only on TLS listeners.
+ - custom
+ description: Authentication type. `oauth` type uses SASL OAUTHBEARER Authentication. `scram-sha-512` type uses SASL SCRAM-SHA-512 Authentication. `tls` type uses TLS Client Authentication. `tls` type is supported only on TLS listeners.`custom` type allows for any authentication type to be used.
userInfoEndpointUri:
type: string
description: 'URI of the User Info Endpoint to use as a fallback to obtaining the user id when the Introspection Endpoint does not return information that can be used for the user id. '
@@ -314,6 +349,9 @@ spec:
- IPv4
- IPv6
description: Specifies the IP Families used by the service. Available options are `IPv4` and `IPv6. If unspecified, Kubernetes will choose the default value based on the `ipFamilyPolicy` setting. Available on Kubernetes 1.20 and newer.
+ createBootstrapService:
+ type: boolean
+ description: Whether to create the bootstrap service or not. The bootstrap service is created by default (if not specified differently). This field can be used with the `loadBalancer` type listener.
class:
type: string
description: Configures the `Ingress` class that defines which `Ingress` controller will be used. This field can be used only with `ingress` type listener. If not specified, the default Ingress controller will be used.
@@ -412,7 +450,7 @@ spec:
config:
x-kubernetes-preserve-unknown-fields: true
type: object
- description: 'Kafka broker config properties with the following prefixes cannot be set: listeners, advertised., broker., listener., host.name, port, inter.broker.listener.name, sasl., ssl., security., password., principal.builder.class, log.dir, zookeeper.connect, zookeeper.set.acl, zookeeper.ssl, zookeeper.clientCnxnSocket, authorizer., super.user, cruise.control.metrics.topic, cruise.control.metrics.reporter.bootstrap.servers (with the exception of: zookeeper.connection.timeout.ms, ssl.cipher.suites, ssl.protocol, ssl.enabled.protocols,cruise.control.metrics.topic.num.partitions, cruise.control.metrics.topic.replication.factor, cruise.control.metrics.topic.retention.ms,cruise.control.metrics.topic.auto.create.retries, cruise.control.metrics.topic.auto.create.timeout.ms,cruise.control.metrics.topic.min.insync.replicas).'
+ description: 'Kafka broker config properties with the following prefixes cannot be set: listeners, advertised., broker., listener., host.name, port, inter.broker.listener.name, sasl., ssl., security., password., log.dir, zookeeper.connect, zookeeper.set.acl, zookeeper.ssl, zookeeper.clientCnxnSocket, authorizer., super.user, cruise.control.metrics.topic, cruise.control.metrics.reporter.bootstrap.servers (with the exception of: zookeeper.connection.timeout.ms, ssl.cipher.suites, ssl.protocol, ssl.enabled.protocols,cruise.control.metrics.topic.num.partitions, cruise.control.metrics.topic.replication.factor, cruise.control.metrics.topic.retention.ms,cruise.control.metrics.topic.auto.create.retries, cruise.control.metrics.topic.auto.create.timeout.ms,cruise.control.metrics.topic.min.insync.replicas).'
storage:
type: object
properties:
@@ -518,12 +556,19 @@ spec:
clientId:
type: string
description: OAuth Client ID which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI.
+ connectTimeoutSeconds:
+ type: integer
+ minimum: 1
+ description: The connect timeout in seconds when connecting to authorization server. If not set, the effective connect timeout is 60 seconds.
delegateToKafkaAcls:
type: boolean
description: Whether authorization decision should be delegated to the 'Simple' authorizer if DENIED by Keycloak Authorization Services policies. Default value is `false`.
disableTlsHostnameVerification:
type: boolean
description: Enable or disable TLS hostname verification. Default value is `false`.
+ enableMetrics:
+ type: boolean
+ description: Defines whether the Open Policy Agent authorizer plugin should provide metrics. Defaults to `false`.
expireAfterMs:
type: integer
description: The expiration of the records kept in the local cache to avoid querying the Open Policy Agent for every request. Defines how often the cached authorization decisions are reloaded from the Open Policy Agent server. In milliseconds. Defaults to `3600000`.
@@ -541,6 +586,10 @@ spec:
maximumCacheSize:
type: integer
description: Maximum capacity of the local cache used by the authorizer to avoid querying the Open Policy Agent for every request. Defaults to `50000`.
+ readTimeoutSeconds:
+ type: integer
+ minimum: 1
+ description: The read timeout in seconds when connecting to authorization server. If not set, the effective read timeout is 60 seconds.
superUsers:
type: array
items:
@@ -1631,6 +1680,22 @@ spec:
description: Annotations added to the resource template. Can be applied to different resources such as `StatefulSets`, `Deployments`, `Pods`, and `Services`.
description: Metadata applied to the resource.
description: Template for the Kafka ClusterRoleBinding.
+ podSet:
+ type: object
+ properties:
+ metadata:
+ type: object
+ properties:
+ labels:
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ description: Labels added to the resource template. Can be applied to different resources such as `StatefulSets`, `Deployments`, `Pods`, and `Services`.
+ annotations:
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ description: Annotations added to the resource template. Can be applied to different resources such as `StatefulSets`, `Deployments`, `Pods`, and `Services`.
+ description: Metadata applied to the resource.
+ description: Template for Kafka `StrimziPodSet` resource.
description: Template for Kafka cluster resources. The template allows users to specify how are the `StatefulSet`, `Pods` and `Services` generated.
required:
- replicas
@@ -2530,6 +2595,22 @@ spec:
description: Annotations added to the resource template. Can be applied to different resources such as `StatefulSets`, `Deployments`, `Pods`, and `Services`.
description: Metadata applied to the resource.
description: Template for Secret of the Zookeeper Cluster JMX authentication.
+ podSet:
+ type: object
+ properties:
+ metadata:
+ type: object
+ properties:
+ labels:
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ description: Labels added to the resource template. Can be applied to different resources such as `StatefulSets`, `Deployments`, `Pods`, and `Services`.
+ annotations:
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ description: Annotations added to the resource template. Can be applied to different resources such as `StatefulSets`, `Deployments`, `Pods`, and `Services`.
+ description: Metadata applied to the resource.
+ description: Template for ZooKeeper `StrimziPodSet` resource.
description: Template for ZooKeeper cluster resources. The template allows users to specify how are the `StatefulSet`, `Pods` and `Services` generated.
required:
- replicas
@@ -4560,7 +4641,7 @@ spec:
disk:
type: string
pattern: ^[0-9]+([.][0-9]*)?([KMGTPE]i?|e[0-9]+)?$
- description: Broker capacity for disk in bytes, for example, 100Gi.
+ description: Broker capacity for disk in bytes. Use a number value with either standard Kubernetes byte units (K, M, G, or T), their bibyte (power of two) equivalents (Ki, Mi, Gi, or Ti), or a byte value with or without E notation. For example, 100000M, 100000Mi, 104857600000, or 1e+11.
cpuUtilization:
type: integer
minimum: 0
@@ -4569,11 +4650,11 @@ spec:
inboundNetwork:
type: string
pattern: ^[0-9]+([KMG]i?)?B/s$
- description: Broker capacity for inbound network throughput in bytes per second, for example, 10000KB/s.
+ description: Broker capacity for inbound network throughput in bytes per second. Use an integer value with standard Kubernetes byte units (K, M, G) or their bibyte (power of two) equivalents (Ki, Mi, Gi) per second. For example, 10000KiB/s.
outboundNetwork:
type: string
pattern: ^[0-9]+([KMG]i?)?B/s$
- description: Broker capacity for outbound network throughput in bytes per second, for example 10000KB/s.
+ description: Broker capacity for outbound network throughput in bytes per second. Use an integer value with standard Kubernetes byte units (K, M, G) or their bibyte (power of two) equivalents (Ki, Mi, Gi) per second. For example, 10000KiB/s.
description: The Cruise Control `brokerCapacity` configuration.
config:
x-kubernetes-preserve-unknown-fields: true
@@ -5927,7 +6008,10 @@ spec:
properties:
type:
type: string
- description: 'The type of the listener. Can be one of the following three types: `plain`, `tls`, and `external`.'
+ description: '*The `type` property has been deprecated, and should now be configured using `name`.* The name of the listener.'
+ name:
+ type: string
+ description: The name of the listener.
addresses:
type: array
items:
diff --git a/helm-charts/helm3/strimzi-kafka-operator/crds/041-Crd-kafkaconnect.yaml b/helm-charts/helm3/strimzi-kafka-operator/crds/041-Crd-kafkaconnect.yaml
index 0ca716b5284..360416104f2 100644
--- a/helm-charts/helm3/strimzi-kafka-operator/crds/041-Crd-kafkaconnect.yaml
+++ b/helm-charts/helm3/strimzi-kafka-operator/crds/041-Crd-kafkaconnect.yaml
@@ -132,6 +132,9 @@ spec:
- key
- secretName
description: Link to Kubernetes Secret containing the OAuth client secret which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI.
+ connectTimeoutSeconds:
+ type: integer
+ description: The connect timeout in seconds when connecting to authorization server. If not set, the effective connect timeout is 60 seconds.
disableTlsHostnameVerification:
type: boolean
description: Enable or disable TLS hostname verification. Default value is `false`.
@@ -151,6 +154,9 @@ spec:
- password
- secretName
description: Reference to the `Secret` which holds the password.
+ readTimeoutSeconds:
+ type: integer
+ description: The read timeout in seconds when connecting to authorization server. If not set, the effective read timeout is 60 seconds.
refreshToken:
type: object
properties:
diff --git a/helm-charts/helm3/strimzi-kafka-operator/crds/045-Crd-kafkamirrormaker.yaml b/helm-charts/helm3/strimzi-kafka-operator/crds/045-Crd-kafkamirrormaker.yaml
index 3d878db70d4..645352261e0 100644
--- a/helm-charts/helm3/strimzi-kafka-operator/crds/045-Crd-kafkamirrormaker.yaml
+++ b/helm-charts/helm3/strimzi-kafka-operator/crds/045-Crd-kafkamirrormaker.yaml
@@ -137,6 +137,9 @@ spec:
- key
- secretName
description: Link to Kubernetes Secret containing the OAuth client secret which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI.
+ connectTimeoutSeconds:
+ type: integer
+ description: The connect timeout in seconds when connecting to authorization server. If not set, the effective connect timeout is 60 seconds.
disableTlsHostnameVerification:
type: boolean
description: Enable or disable TLS hostname verification. Default value is `false`.
@@ -156,6 +159,9 @@ spec:
- password
- secretName
description: Reference to the `Secret` which holds the password.
+ readTimeoutSeconds:
+ type: integer
+ description: The read timeout in seconds when connecting to authorization server. If not set, the effective read timeout is 60 seconds.
refreshToken:
type: object
properties:
@@ -296,6 +302,9 @@ spec:
- key
- secretName
description: Link to Kubernetes Secret containing the OAuth client secret which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI.
+ connectTimeoutSeconds:
+ type: integer
+ description: The connect timeout in seconds when connecting to authorization server. If not set, the effective connect timeout is 60 seconds.
disableTlsHostnameVerification:
type: boolean
description: Enable or disable TLS hostname verification. Default value is `false`.
@@ -315,6 +324,9 @@ spec:
- password
- secretName
description: Reference to the `Secret` which holds the password.
+ readTimeoutSeconds:
+ type: integer
+ description: The read timeout in seconds when connecting to authorization server. If not set, the effective read timeout is 60 seconds.
refreshToken:
type: object
properties:
diff --git a/helm-charts/helm3/strimzi-kafka-operator/crds/046-Crd-kafkabridge.yaml b/helm-charts/helm3/strimzi-kafka-operator/crds/046-Crd-kafkabridge.yaml
index e0374e3e701..92a4fdd1f48 100644
--- a/helm-charts/helm3/strimzi-kafka-operator/crds/046-Crd-kafkabridge.yaml
+++ b/helm-charts/helm3/strimzi-kafka-operator/crds/046-Crd-kafkabridge.yaml
@@ -135,6 +135,9 @@ spec:
- key
- secretName
description: Link to Kubernetes Secret containing the OAuth client secret which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI.
+ connectTimeoutSeconds:
+ type: integer
+ description: The connect timeout in seconds when connecting to authorization server. If not set, the effective connect timeout is 60 seconds.
disableTlsHostnameVerification:
type: boolean
description: Enable or disable TLS hostname verification. Default value is `false`.
@@ -154,6 +157,9 @@ spec:
- password
- secretName
description: Reference to the `Secret` which holds the password.
+ readTimeoutSeconds:
+ type: integer
+ description: The read timeout in seconds when connecting to authorization server. If not set, the effective read timeout is 60 seconds.
refreshToken:
type: object
properties:
diff --git a/helm-charts/helm3/strimzi-kafka-operator/crds/048-Crd-kafkamirrormaker2.yaml b/helm-charts/helm3/strimzi-kafka-operator/crds/048-Crd-kafkamirrormaker2.yaml
index c9e39119f16..8cfb7bf1199 100644
--- a/helm-charts/helm3/strimzi-kafka-operator/crds/048-Crd-kafkamirrormaker2.yaml
+++ b/helm-charts/helm3/strimzi-kafka-operator/crds/048-Crd-kafkamirrormaker2.yaml
@@ -144,6 +144,9 @@ spec:
- key
- secretName
description: Link to Kubernetes Secret containing the OAuth client secret which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI.
+ connectTimeoutSeconds:
+ type: integer
+ description: The connect timeout in seconds when connecting to authorization server. If not set, the effective connect timeout is 60 seconds.
disableTlsHostnameVerification:
type: boolean
description: Enable or disable TLS hostname verification. Default value is `false`.
@@ -163,6 +166,9 @@ spec:
- password
- secretName
description: Reference to the `Secret` which holds the password.
+ readTimeoutSeconds:
+ type: integer
+ description: The read timeout in seconds when connecting to authorization server. If not set, the effective read timeout is 60 seconds.
refreshToken:
type: object
properties:
diff --git a/helm-charts/helm3/strimzi-kafka-operator/crds/049-Crd-kafkarebalance.yaml b/helm-charts/helm3/strimzi-kafka-operator/crds/049-Crd-kafkarebalance.yaml
index 617bf5f451b..80befc7d16d 100644
--- a/helm-charts/helm3/strimzi-kafka-operator/crds/049-Crd-kafkarebalance.yaml
+++ b/helm-charts/helm3/strimzi-kafka-operator/crds/049-Crd-kafkarebalance.yaml
@@ -46,9 +46,12 @@ spec:
skipHardGoalCheck:
type: boolean
description: Whether to allow the hard goals specified in the Kafka CR to be skipped in optimization proposal generation. This can be useful when some of those hard goals are preventing a balance solution being found. Default is false.
+ rebalanceDisk:
+ type: boolean
+ description: Enables intra-broker disk balancing, which balances disk space utilization between disks on the same broker. Only applies to Kafka deployments that use JBOD storage with multiple disks. When enabled, inter-broker balancing is disabled. Default is false.
excludedTopics:
type: string
- description: A regular expression where any matching topics will be excluded from the calculation of optimization proposals. This expression will be parsed by the java.util.regex.Pattern class; for more information on the supported formar consult the documentation for that class.
+ description: A regular expression where any matching topics will be excluded from the calculation of optimization proposals. This expression will be parsed by the java.util.regex.Pattern class; for more information on the supported format consult the documentation for that class.
concurrentPartitionMovementsPerBroker:
type: integer
minimum: 0
diff --git a/helm-charts/helm3/strimzi-kafka-operator/templates/NOTES.txt b/helm-charts/helm3/strimzi-kafka-operator/templates/NOTES.txt
index fec183edc3d..9b067e533e1 100644
--- a/helm-charts/helm3/strimzi-kafka-operator/templates/NOTES.txt
+++ b/helm-charts/helm3/strimzi-kafka-operator/templates/NOTES.txt
@@ -2,4 +2,4 @@ Thank you for installing {{ .Chart.Name }}-{{ .Chart.Version }}
To create a Kafka cluster refer to the following documentation.
-https://strimzi.io/docs/operators/latest/using.html#deploying-cluster-operator-helm-chart-str
+https://strimzi.io/docs/operators/latest/deploying.html#deploying-cluster-operator-helm-chart-str
diff --git a/helm-charts/helm3/strimzi-kafka-operator/templates/_kafka_image_map.tpl b/helm-charts/helm3/strimzi-kafka-operator/templates/_kafka_image_map.tpl
index 74d2e7a7f16..8159ea5540b 100644
--- a/helm-charts/helm3/strimzi-kafka-operator/templates/_kafka_image_map.tpl
+++ b/helm-charts/helm3/strimzi-kafka-operator/templates/_kafka_image_map.tpl
@@ -6,31 +6,27 @@
{{/* Generate the kafka image map */}}
{{- define "strimzi.kafka.image.map" }}
- name: STRIMZI_DEFAULT_TLS_SIDECAR_ENTITY_OPERATOR_IMAGE
- value: {{ default .Values.defaultImageRegistry .Values.tlsSidecarEntityOperator.image.registry }}/{{ default .Values.defaultImageRepository .Values.tlsSidecarEntityOperator.image.repository }}/{{ .Values.tlsSidecarEntityOperator.image.name }}:{{ default .Values.defaultImageTag .Values.tlsSidecarEntityOperator.image.tagPrefix }}-kafka-3.0.0
+ value: {{ default .Values.defaultImageRegistry .Values.tlsSidecarEntityOperator.image.registry }}/{{ default .Values.defaultImageRepository .Values.tlsSidecarEntityOperator.image.repository }}/{{ .Values.tlsSidecarEntityOperator.image.name }}:{{ default .Values.defaultImageTag .Values.tlsSidecarEntityOperator.image.tagPrefix }}-kafka-3.1.0
- name: STRIMZI_DEFAULT_KAFKA_EXPORTER_IMAGE
- value: {{ default .Values.defaultImageRegistry .Values.kafkaExporter.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafkaExporter.image.repository }}/{{ .Values.kafkaExporter.image.name }}:{{ default .Values.defaultImageTag .Values.kafkaExporter.image.tagPrefix }}-kafka-3.0.0
+ value: {{ default .Values.defaultImageRegistry .Values.kafkaExporter.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafkaExporter.image.repository }}/{{ .Values.kafkaExporter.image.name }}:{{ default .Values.defaultImageTag .Values.kafkaExporter.image.tagPrefix }}-kafka-3.1.0
- name: STRIMZI_DEFAULT_CRUISE_CONTROL_IMAGE
- value: {{ default .Values.defaultImageRegistry .Values.cruiseControl.image.registry }}/{{ default .Values.defaultImageRepository .Values.cruiseControl.image.repository }}/{{ .Values.cruiseControl.image.name }}:{{ default .Values.defaultImageTag .Values.cruiseControl.image.tagPrefix }}-kafka-3.0.0
+ value: {{ default .Values.defaultImageRegistry .Values.cruiseControl.image.registry }}/{{ default .Values.defaultImageRepository .Values.cruiseControl.image.repository }}/{{ .Values.cruiseControl.image.name }}:{{ default .Values.defaultImageTag .Values.cruiseControl.image.tagPrefix }}-kafka-3.1.0
- name: STRIMZI_DEFAULT_TLS_SIDECAR_CRUISE_CONTROL_IMAGE
- value: {{ default .Values.defaultImageRegistry .Values.tlsSidecarCruiseControl.image.registry }}/{{ default .Values.defaultImageRepository .Values.tlsSidecarCruiseControl.image.repository }}/{{ .Values.tlsSidecarCruiseControl.image.name }}:{{ default .Values.defaultImageTag .Values.tlsSidecarCruiseControl.image.tagPrefix }}-kafka-3.0.0
+ value: {{ default .Values.defaultImageRegistry .Values.tlsSidecarCruiseControl.image.registry }}/{{ default .Values.defaultImageRepository .Values.tlsSidecarCruiseControl.image.repository }}/{{ .Values.tlsSidecarCruiseControl.image.name }}:{{ default .Values.defaultImageTag .Values.tlsSidecarCruiseControl.image.tagPrefix }}-kafka-3.1.0
- name: STRIMZI_KAFKA_IMAGES
value: |
- 2.8.0={{ default .Values.defaultImageRegistry .Values.kafka.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafka.image.repository }}/{{ .Values.kafka.image.name }}:{{ default .Values.defaultImageTag .Values.kafka.image.tagPrefix }}-kafka-2.8.0
- 2.8.1={{ default .Values.defaultImageRegistry .Values.kafka.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafka.image.repository }}/{{ .Values.kafka.image.name }}:{{ default .Values.defaultImageTag .Values.kafka.image.tagPrefix }}-kafka-2.8.1
3.0.0={{ default .Values.defaultImageRegistry .Values.kafka.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafka.image.repository }}/{{ .Values.kafka.image.name }}:{{ default .Values.defaultImageTag .Values.kafka.image.tagPrefix }}-kafka-3.0.0
+ 3.1.0={{ default .Values.defaultImageRegistry .Values.kafka.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafka.image.repository }}/{{ .Values.kafka.image.name }}:{{ default .Values.defaultImageTag .Values.kafka.image.tagPrefix }}-kafka-3.1.0
- name: STRIMZI_KAFKA_CONNECT_IMAGES
value: |
- 2.8.0={{ default .Values.defaultImageRegistry .Values.kafkaConnect.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafkaConnect.image.repository }}/{{ .Values.kafkaConnect.image.name }}:{{ default .Values.defaultImageTag .Values.kafkaConnect.image.tagPrefix }}-kafka-2.8.0
- 2.8.1={{ default .Values.defaultImageRegistry .Values.kafkaConnect.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafkaConnect.image.repository }}/{{ .Values.kafkaConnect.image.name }}:{{ default .Values.defaultImageTag .Values.kafkaConnect.image.tagPrefix }}-kafka-2.8.1
3.0.0={{ default .Values.defaultImageRegistry .Values.kafkaConnect.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafkaConnect.image.repository }}/{{ .Values.kafkaConnect.image.name }}:{{ default .Values.defaultImageTag .Values.kafkaConnect.image.tagPrefix }}-kafka-3.0.0
+ 3.1.0={{ default .Values.defaultImageRegistry .Values.kafkaConnect.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafkaConnect.image.repository }}/{{ .Values.kafkaConnect.image.name }}:{{ default .Values.defaultImageTag .Values.kafkaConnect.image.tagPrefix }}-kafka-3.1.0
- name: STRIMZI_KAFKA_MIRROR_MAKER_IMAGES
value: |
- 2.8.0={{ default .Values.defaultImageRegistry .Values.kafkaMirrorMaker.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafkaMirrorMaker.image.repository }}/{{ .Values.kafkaMirrorMaker.image.name }}:{{ default .Values.defaultImageTag .Values.kafkaMirrorMaker.image.tagPrefix }}-kafka-2.8.0
- 2.8.1={{ default .Values.defaultImageRegistry .Values.kafkaMirrorMaker.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafkaMirrorMaker.image.repository }}/{{ .Values.kafkaMirrorMaker.image.name }}:{{ default .Values.defaultImageTag .Values.kafkaMirrorMaker.image.tagPrefix }}-kafka-2.8.1
3.0.0={{ default .Values.defaultImageRegistry .Values.kafkaMirrorMaker.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafkaMirrorMaker.image.repository }}/{{ .Values.kafkaMirrorMaker.image.name }}:{{ default .Values.defaultImageTag .Values.kafkaMirrorMaker.image.tagPrefix }}-kafka-3.0.0
+ 3.1.0={{ default .Values.defaultImageRegistry .Values.kafkaMirrorMaker.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafkaMirrorMaker.image.repository }}/{{ .Values.kafkaMirrorMaker.image.name }}:{{ default .Values.defaultImageTag .Values.kafkaMirrorMaker.image.tagPrefix }}-kafka-3.1.0
- name: STRIMZI_KAFKA_MIRROR_MAKER_2_IMAGES
value: |
- 2.8.0={{ default .Values.defaultImageRegistry .Values.kafkaMirrorMaker2.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafkaMirrorMaker2.image.repository }}/{{ .Values.kafkaMirrorMaker2.image.name }}:{{ default .Values.defaultImageTag .Values.kafkaMirrorMaker2.image.tagPrefix }}-kafka-2.8.0
- 2.8.1={{ default .Values.defaultImageRegistry .Values.kafkaMirrorMaker2.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafkaMirrorMaker2.image.repository }}/{{ .Values.kafkaMirrorMaker2.image.name }}:{{ default .Values.defaultImageTag .Values.kafkaMirrorMaker2.image.tagPrefix }}-kafka-2.8.1
3.0.0={{ default .Values.defaultImageRegistry .Values.kafkaMirrorMaker2.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafkaMirrorMaker2.image.repository }}/{{ .Values.kafkaMirrorMaker2.image.name }}:{{ default .Values.defaultImageTag .Values.kafkaMirrorMaker2.image.tagPrefix }}-kafka-3.0.0
+ 3.1.0={{ default .Values.defaultImageRegistry .Values.kafkaMirrorMaker2.image.registry }}/{{ default .Values.defaultImageRepository .Values.kafkaMirrorMaker2.image.repository }}/{{ .Values.kafkaMirrorMaker2.image.name }}:{{ default .Values.defaultImageTag .Values.kafkaMirrorMaker2.image.tagPrefix }}-kafka-3.1.0
{{- end -}}
diff --git a/helm-charts/helm3/strimzi-kafka-operator/values.yaml b/helm-charts/helm3/strimzi-kafka-operator/values.yaml
index 919de2cdea3..f005b947ba3 100644
--- a/helm-charts/helm3/strimzi-kafka-operator/values.yaml
+++ b/helm-charts/helm3/strimzi-kafka-operator/values.yaml
@@ -7,7 +7,7 @@ watchAnyNamespace: false
defaultImageRegistry: quay.io
defaultImageRepository: strimzi
-defaultImageTag: 0.27.1
+defaultImageTag: 0.28.0
image:
registry: ""
@@ -26,7 +26,7 @@ tmpDirSizeLimit: 1Mi
# Example on how to configure extraEnvs
# extraEnvs:
# - name: JAVA_OPTS
-# value: "-Xms=256m -Xmx=256m"
+# value: "-Xms256m -Xmx256m"
extraEnvs: []
@@ -96,7 +96,7 @@ kafkaBridge:
registry: ""
repository:
name: kafka-bridge
- tag: 0.21.3
+ tag: 0.21.4
kafkaExporter:
image:
registry: ""
diff --git a/install/cluster-operator/040-Crd-kafka.yaml b/install/cluster-operator/040-Crd-kafka.yaml
index b8cbd1ba4dd..df2d58753c4 100644
--- a/install/cluster-operator/040-Crd-kafka.yaml
+++ b/install/cluster-operator/040-Crd-kafka.yaml
@@ -174,6 +174,11 @@ spec:
OAuth client secret which the Kafka broker can use
to authenticate against the authorization server and
use the introspect endpoint URI.
+ connectTimeoutSeconds:
+ type: integer
+ description: The connect timeout in seconds when connecting
+ to authorization server. If not set, the effective
+ connect timeout is 60 seconds.
customClaimCheck:
type: string
description: JsonPath filter query to be applied to
@@ -215,6 +220,17 @@ spec:
present for the claim. Mapping usernames and client
ids into the same user id space is useful in preventing
name collisions.
+ groupsClaim:
+ type: string
+ description: JsonPath query used to extract groups for
+ the user during authentication. Extracted groups can
+ be used by a custom authorizer. By default no groups
+ are extracted.
+ groupsClaimDelimiter:
+ type: string
+ description: A delimiter used to parse groups when they
+ are extracted as a single String value rather than
+ a JSON array. Default value is ',' (comma).
introspectionEndpointUri:
type: string
description: URI of the token introspection endpoint
@@ -245,6 +261,11 @@ spec:
refreshed. The refresh interval has to be at least
60 seconds shorter then the expiry interval specified
in `jwksExpirySeconds`. Defaults to 300 seconds.
+ listenerConfig:
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ description: Configuration to be used for a specific
+ listener. All values are prefixed with listener.name._<listener_name>_.
maxSecondsWithoutReauthentication:
type: integer
description: Maximum number of seconds the authenticated
@@ -258,6 +279,31 @@ spec:
expire when the access token expires. This option
only applies to SASL_OAUTHBEARER authentication mechanism
(when `enableOauthBearer` is `true`).
+ readTimeoutSeconds:
+ type: integer
+ description: The read timeout in seconds when connecting
+ to authorization server. If not set, the effective
+ read timeout is 60 seconds.
+ sasl:
+ type: boolean
+ description: Enable or disable SASL on this listener.
+ secrets:
+ type: array
+ items:
+ type: object
+ properties:
+ key:
+ type: string
+ description: The key under which the secret value
+ is stored in the Kubernetes Secret.
+ secretName:
+ type: string
+ description: The name of the Kubernetes Secret
+ containing the secret value.
+ required:
+ - key
+ - secretName
+ description: Secrets to be mounted to /opt/kafka/custom-authn-secrets/custom-listener-_<listener_name>-<port>_/_<secret_name>_.
tlsTrustedCertificates:
type: array
items:
@@ -295,11 +341,13 @@ spec:
- tls
- scram-sha-512
- oauth
+ - custom
description: Authentication type. `oauth` type uses
SASL OAUTHBEARER Authentication. `scram-sha-512` type
uses SASL SCRAM-SHA-512 Authentication. `tls` type
uses TLS Client Authentication. `tls` type is supported
- only on TLS listeners.
+ only on TLS listeners.`custom` type allows for any
+ authentication type to be used.
userInfoEndpointUri:
type: string
description: 'URI of the User Info Endpoint to use as
@@ -515,6 +563,12 @@ spec:
Kubernetes will choose the default value based on
the `ipFamilyPolicy` setting. Available on Kubernetes
1.20 and newer.
+ createBootstrapService:
+ type: boolean
+ description: Whether to create the bootstrap service
+ or not. The bootstrap service is created by default
+ (if not specified differently). This field can be
+ used with the `loadBalancer` type listener.
class:
type: string
description: Configures the `Ingress` class that defines
@@ -643,10 +697,10 @@ spec:
description: 'Kafka broker config properties with the following
prefixes cannot be set: listeners, advertised., broker., listener.,
host.name, port, inter.broker.listener.name, sasl., ssl., security.,
- password., principal.builder.class, log.dir, zookeeper.connect,
- zookeeper.set.acl, zookeeper.ssl, zookeeper.clientCnxnSocket,
- authorizer., super.user, cruise.control.metrics.topic, cruise.control.metrics.reporter.bootstrap.servers
- (with the exception of: zookeeper.connection.timeout.ms, ssl.cipher.suites,
+ password., log.dir, zookeeper.connect, zookeeper.set.acl, zookeeper.ssl,
+ zookeeper.clientCnxnSocket, authorizer., super.user, cruise.control.metrics.topic,
+ cruise.control.metrics.reporter.bootstrap.servers (with the
+ exception of: zookeeper.connection.timeout.ms, ssl.cipher.suites,
ssl.protocol, ssl.enabled.protocols,cruise.control.metrics.topic.num.partitions,
cruise.control.metrics.topic.replication.factor, cruise.control.metrics.topic.retention.ms,cruise.control.metrics.topic.auto.create.retries,
cruise.control.metrics.topic.auto.create.timeout.ms,cruise.control.metrics.topic.min.insync.replicas).'
@@ -789,6 +843,12 @@ spec:
description: OAuth Client ID which the Kafka client can use
to authenticate against the OAuth server and use the token
endpoint URI.
+ connectTimeoutSeconds:
+ type: integer
+ minimum: 1
+ description: The connect timeout in seconds when connecting
+ to authorization server. If not set, the effective connect
+ timeout is 60 seconds.
delegateToKafkaAcls:
type: boolean
description: Whether authorization decision should be delegated
@@ -798,6 +858,10 @@ spec:
type: boolean
description: Enable or disable TLS hostname verification.
Default value is `false`.
+ enableMetrics:
+ type: boolean
+ description: Defines whether the Open Policy Agent authorizer
+ plugin should provide metrics. Defaults to `false`.
expireAfterMs:
type: integer
description: The expiration of the records kept in the local
@@ -828,6 +892,12 @@ spec:
description: Maximum capacity of the local cache used by the
authorizer to avoid querying the Open Policy Agent for every
request. Defaults to `50000`.
+ readTimeoutSeconds:
+ type: integer
+ minimum: 1
+ description: The read timeout in seconds when connecting to
+ authorization server. If not set, the effective read timeout
+ is 60 seconds.
superUsers:
type: array
items:
@@ -2091,6 +2161,26 @@ spec:
`Deployments`, `Pods`, and `Services`.
description: Metadata applied to the resource.
description: Template for the Kafka ClusterRoleBinding.
+ podSet:
+ type: object
+ properties:
+ metadata:
+ type: object
+ properties:
+ labels:
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ description: Labels added to the resource template.
+ Can be applied to different resources such as `StatefulSets`,
+ `Deployments`, `Pods`, and `Services`.
+ annotations:
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ description: Annotations added to the resource template.
+ Can be applied to different resources such as `StatefulSets`,
+ `Deployments`, `Pods`, and `Services`.
+ description: Metadata applied to the resource.
+ description: Template for Kafka `StrimziPodSet` resource.
description: Template for Kafka cluster resources. The template
allows users to specify how are the `StatefulSet`, `Pods` and
`Services` generated.
@@ -3128,6 +3218,26 @@ spec:
description: Metadata applied to the resource.
description: Template for Secret of the Zookeeper Cluster
JMX authentication.
+ podSet:
+ type: object
+ properties:
+ metadata:
+ type: object
+ properties:
+ labels:
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ description: Labels added to the resource template.
+ Can be applied to different resources such as `StatefulSets`,
+ `Deployments`, `Pods`, and `Services`.
+ annotations:
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ description: Annotations added to the resource template.
+ Can be applied to different resources such as `StatefulSets`,
+ `Deployments`, `Pods`, and `Services`.
+ description: Metadata applied to the resource.
+ description: Template for ZooKeeper `StrimziPodSet` resource.
description: Template for ZooKeeper cluster resources. The template
allows users to specify how are the `StatefulSet`, `Pods` and
`Services` generated.
@@ -5407,8 +5517,11 @@ spec:
disk:
type: string
pattern: ^[0-9]+([.][0-9]*)?([KMGTPE]i?|e[0-9]+)?$
- description: Broker capacity for disk in bytes, for example,
- 100Gi.
+ description: Broker capacity for disk in bytes. Use a number
+ value with either standard Kubernetes byte units (K, M,
+ G, or T), their bibyte (power of two) equivalents (Ki, Mi,
+ Gi, or Ti), or a byte value with or without E notation.
+ For example, 100000M, 100000Mi, 104857600000, or 1e+11.
cpuUtilization:
type: integer
minimum: 0
@@ -5419,12 +5532,16 @@ spec:
type: string
pattern: ^[0-9]+([KMG]i?)?B/s$
description: Broker capacity for inbound network throughput
- in bytes per second, for example, 10000KB/s.
+ in bytes per second. Use an integer value with standard
+ Kubernetes byte units (K, M, G) or their bibyte (power of
+ two) equivalents (Ki, Mi, Gi) per second. For example, 10000KiB/s.
outboundNetwork:
type: string
pattern: ^[0-9]+([KMG]i?)?B/s$
description: Broker capacity for outbound network throughput
- in bytes per second, for example 10000KB/s.
+ in bytes per second. Use an integer value with standard
+ Kubernetes byte units (K, M, G) or their bibyte (power of
+ two) equivalents (Ki, Mi, Gi) per second. For example, 10000KiB/s.
description: The Cruise Control `brokerCapacity` configuration.
config:
x-kubernetes-preserve-unknown-fields: true
@@ -6931,8 +7048,11 @@ spec:
properties:
type:
type: string
- description: 'The type of the listener. Can be one of the following
- three types: `plain`, `tls`, and `external`.'
+ description: '*The `type` property has been deprecated, and
+ should now be configured using `name`.* The name of the listener.'
+ name:
+ type: string
+ description: The name of the listener.
addresses:
type: array
items:
diff --git a/install/cluster-operator/041-Crd-kafkaconnect.yaml b/install/cluster-operator/041-Crd-kafkaconnect.yaml
index 20adbcb1ea4..275d1a33c23 100644
--- a/install/cluster-operator/041-Crd-kafkaconnect.yaml
+++ b/install/cluster-operator/041-Crd-kafkaconnect.yaml
@@ -150,6 +150,11 @@ spec:
description: Link to Kubernetes Secret containing the OAuth client
secret which the Kafka client can use to authenticate against
the OAuth server and use the token endpoint URI.
+ connectTimeoutSeconds:
+ type: integer
+ description: The connect timeout in seconds when connecting to
+ authorization server. If not set, the effective connect timeout
+ is 60 seconds.
disableTlsHostnameVerification:
type: boolean
description: Enable or disable TLS hostname verification. Default
@@ -173,6 +178,10 @@ spec:
- password
- secretName
description: Reference to the `Secret` which holds the password.
+ readTimeoutSeconds:
+ type: integer
+ description: The read timeout in seconds when connecting to authorization
+ server. If not set, the effective read timeout is 60 seconds.
refreshToken:
type: object
properties:
diff --git a/install/cluster-operator/045-Crd-kafkamirrormaker.yaml b/install/cluster-operator/045-Crd-kafkamirrormaker.yaml
index df62942c084..fc083456a58 100644
--- a/install/cluster-operator/045-Crd-kafkamirrormaker.yaml
+++ b/install/cluster-operator/045-Crd-kafkamirrormaker.yaml
@@ -159,6 +159,11 @@ spec:
description: Link to Kubernetes Secret containing the OAuth
client secret which the Kafka client can use to authenticate
against the OAuth server and use the token endpoint URI.
+ connectTimeoutSeconds:
+ type: integer
+ description: The connect timeout in seconds when connecting
+ to authorization server. If not set, the effective connect
+ timeout is 60 seconds.
disableTlsHostnameVerification:
type: boolean
description: Enable or disable TLS hostname verification.
@@ -182,6 +187,11 @@ spec:
- password
- secretName
description: Reference to the `Secret` which holds the password.
+ readTimeoutSeconds:
+ type: integer
+ description: The read timeout in seconds when connecting to
+ authorization server. If not set, the effective read timeout
+ is 60 seconds.
refreshToken:
type: object
properties:
@@ -365,6 +375,11 @@ spec:
description: Link to Kubernetes Secret containing the OAuth
client secret which the Kafka client can use to authenticate
against the OAuth server and use the token endpoint URI.
+ connectTimeoutSeconds:
+ type: integer
+ description: The connect timeout in seconds when connecting
+ to authorization server. If not set, the effective connect
+ timeout is 60 seconds.
disableTlsHostnameVerification:
type: boolean
description: Enable or disable TLS hostname verification.
@@ -388,6 +403,11 @@ spec:
- password
- secretName
description: Reference to the `Secret` which holds the password.
+ readTimeoutSeconds:
+ type: integer
+ description: The read timeout in seconds when connecting to
+ authorization server. If not set, the effective read timeout
+ is 60 seconds.
refreshToken:
type: object
properties:
diff --git a/install/cluster-operator/046-Crd-kafkabridge.yaml b/install/cluster-operator/046-Crd-kafkabridge.yaml
index 69912553131..aa679a83289 100644
--- a/install/cluster-operator/046-Crd-kafkabridge.yaml
+++ b/install/cluster-operator/046-Crd-kafkabridge.yaml
@@ -152,6 +152,11 @@ spec:
description: Link to Kubernetes Secret containing the OAuth client
secret which the Kafka client can use to authenticate against
the OAuth server and use the token endpoint URI.
+ connectTimeoutSeconds:
+ type: integer
+ description: The connect timeout in seconds when connecting to
+ authorization server. If not set, the effective connect timeout
+ is 60 seconds.
disableTlsHostnameVerification:
type: boolean
description: Enable or disable TLS hostname verification. Default
@@ -175,6 +180,10 @@ spec:
- password
- secretName
description: Reference to the `Secret` which holds the password.
+ readTimeoutSeconds:
+ type: integer
+ description: The read timeout in seconds when connecting to authorization
+ server. If not set, the effective read timeout is 60 seconds.
refreshToken:
type: object
properties:
diff --git a/install/cluster-operator/048-Crd-kafkamirrormaker2.yaml b/install/cluster-operator/048-Crd-kafkamirrormaker2.yaml
index 86fe3460e27..633b24179bb 100644
--- a/install/cluster-operator/048-Crd-kafkamirrormaker2.yaml
+++ b/install/cluster-operator/048-Crd-kafkamirrormaker2.yaml
@@ -168,6 +168,11 @@ spec:
description: Link to Kubernetes Secret containing the OAuth
client secret which the Kafka client can use to authenticate
against the OAuth server and use the token endpoint URI.
+ connectTimeoutSeconds:
+ type: integer
+ description: The connect timeout in seconds when connecting
+ to authorization server. If not set, the effective connect
+ timeout is 60 seconds.
disableTlsHostnameVerification:
type: boolean
description: Enable or disable TLS hostname verification.
@@ -191,6 +196,11 @@ spec:
- password
- secretName
description: Reference to the `Secret` which holds the password.
+ readTimeoutSeconds:
+ type: integer
+ description: The read timeout in seconds when connecting
+ to authorization server. If not set, the effective read
+ timeout is 60 seconds.
refreshToken:
type: object
properties:
diff --git a/install/cluster-operator/049-Crd-kafkarebalance.yaml b/install/cluster-operator/049-Crd-kafkarebalance.yaml
index 7b706eac8e0..c847722d991 100644
--- a/install/cluster-operator/049-Crd-kafkarebalance.yaml
+++ b/install/cluster-operator/049-Crd-kafkarebalance.yaml
@@ -52,12 +52,18 @@ spec:
CR to be skipped in optimization proposal generation. This can be
useful when some of those hard goals are preventing a balance solution
being found. Default is false.
+ rebalanceDisk:
+ type: boolean
+ description: Enables intra-broker disk balancing, which balances disk
+ space utilization between disks on the same broker. Only applies
+ to Kafka deployments that use JBOD storage with multiple disks.
+ When enabled, inter-broker balancing is disabled. Default is false.
excludedTopics:
type: string
description: A regular expression where any matching topics will be
excluded from the calculation of optimization proposals. This expression
will be parsed by the java.util.regex.Pattern class; for more information
- on the supported formar consult the documentation for that class.
+ on the supported format consult the documentation for that class.
concurrentPartitionMovementsPerBroker:
type: integer
minimum: 0
diff --git a/install/cluster-operator/060-Deployment-strimzi-cluster-operator.yaml b/install/cluster-operator/060-Deployment-strimzi-cluster-operator.yaml
index feb7c66fe15..35504589c7c 100644
--- a/install/cluster-operator/060-Deployment-strimzi-cluster-operator.yaml
+++ b/install/cluster-operator/060-Deployment-strimzi-cluster-operator.yaml
@@ -27,7 +27,7 @@ spec:
name: strimzi-cluster-operator
containers:
- name: strimzi-cluster-operator
- image: quay.io/strimzi/operator:0.27.1
+ image: quay.io/strimzi/operator:0.28.0
ports:
- containerPort: 8080
name: http
@@ -48,47 +48,43 @@ spec:
- name: STRIMZI_OPERATION_TIMEOUT_MS
value: "300000"
- name: STRIMZI_DEFAULT_TLS_SIDECAR_ENTITY_OPERATOR_IMAGE
- value: quay.io/strimzi/kafka:0.27.1-kafka-3.0.0
+ value: quay.io/strimzi/kafka:0.28.0-kafka-3.1.0
- name: STRIMZI_DEFAULT_KAFKA_EXPORTER_IMAGE
- value: quay.io/strimzi/kafka:0.27.1-kafka-3.0.0
+ value: quay.io/strimzi/kafka:0.28.0-kafka-3.1.0
- name: STRIMZI_DEFAULT_CRUISE_CONTROL_IMAGE
- value: quay.io/strimzi/kafka:0.27.1-kafka-3.0.0
+ value: quay.io/strimzi/kafka:0.28.0-kafka-3.1.0
- name: STRIMZI_DEFAULT_TLS_SIDECAR_CRUISE_CONTROL_IMAGE
- value: quay.io/strimzi/kafka:0.27.1-kafka-3.0.0
+ value: quay.io/strimzi/kafka:0.28.0-kafka-3.1.0
- name: STRIMZI_KAFKA_IMAGES
value: |
- 2.8.0=quay.io/strimzi/kafka:0.27.1-kafka-2.8.0
- 2.8.1=quay.io/strimzi/kafka:0.27.1-kafka-2.8.1
- 3.0.0=quay.io/strimzi/kafka:0.27.1-kafka-3.0.0
+ 3.0.0=quay.io/strimzi/kafka:0.28.0-kafka-3.0.0
+ 3.1.0=quay.io/strimzi/kafka:0.28.0-kafka-3.1.0
- name: STRIMZI_KAFKA_CONNECT_IMAGES
value: |
- 2.8.0=quay.io/strimzi/kafka:0.27.1-kafka-2.8.0
- 2.8.1=quay.io/strimzi/kafka:0.27.1-kafka-2.8.1
- 3.0.0=quay.io/strimzi/kafka:0.27.1-kafka-3.0.0
+ 3.0.0=quay.io/strimzi/kafka:0.28.0-kafka-3.0.0
+ 3.1.0=quay.io/strimzi/kafka:0.28.0-kafka-3.1.0
- name: STRIMZI_KAFKA_MIRROR_MAKER_IMAGES
value: |
- 2.8.0=quay.io/strimzi/kafka:0.27.1-kafka-2.8.0
- 2.8.1=quay.io/strimzi/kafka:0.27.1-kafka-2.8.1
- 3.0.0=quay.io/strimzi/kafka:0.27.1-kafka-3.0.0
+ 3.0.0=quay.io/strimzi/kafka:0.28.0-kafka-3.0.0
+ 3.1.0=quay.io/strimzi/kafka:0.28.0-kafka-3.1.0
- name: STRIMZI_KAFKA_MIRROR_MAKER_2_IMAGES
value: |
- 2.8.0=quay.io/strimzi/kafka:0.27.1-kafka-2.8.0
- 2.8.1=quay.io/strimzi/kafka:0.27.1-kafka-2.8.1
- 3.0.0=quay.io/strimzi/kafka:0.27.1-kafka-3.0.0
+ 3.0.0=quay.io/strimzi/kafka:0.28.0-kafka-3.0.0
+ 3.1.0=quay.io/strimzi/kafka:0.28.0-kafka-3.1.0
- name: STRIMZI_DEFAULT_TOPIC_OPERATOR_IMAGE
- value: quay.io/strimzi/operator:0.27.1
+ value: quay.io/strimzi/operator:0.28.0
- name: STRIMZI_DEFAULT_USER_OPERATOR_IMAGE
- value: quay.io/strimzi/operator:0.27.1
+ value: quay.io/strimzi/operator:0.28.0
- name: STRIMZI_DEFAULT_KAFKA_INIT_IMAGE
- value: quay.io/strimzi/operator:0.27.1
+ value: quay.io/strimzi/operator:0.28.0
- name: STRIMZI_DEFAULT_KAFKA_BRIDGE_IMAGE
- value: quay.io/strimzi/kafka-bridge:0.21.3
+ value: quay.io/strimzi/kafka-bridge:0.21.4
- name: STRIMZI_DEFAULT_JMXTRANS_IMAGE
- value: quay.io/strimzi/jmxtrans:0.27.1
+ value: quay.io/strimzi/jmxtrans:0.28.0
- name: STRIMZI_DEFAULT_KANIKO_EXECUTOR_IMAGE
- value: quay.io/strimzi/kaniko-executor:0.27.1
+ value: quay.io/strimzi/kaniko-executor:0.28.0
- name: STRIMZI_DEFAULT_MAVEN_BUILDER
- value: quay.io/strimzi/maven-builder:0.27.1
+ value: quay.io/strimzi/maven-builder:0.28.0
- name: STRIMZI_OPERATOR_NAMESPACE
valueFrom:
fieldRef:
diff --git a/install/topic-operator/05-Deployment-strimzi-topic-operator.yaml b/install/topic-operator/05-Deployment-strimzi-topic-operator.yaml
index 8cc5b1f2a89..bfd580f6f6b 100644
--- a/install/topic-operator/05-Deployment-strimzi-topic-operator.yaml
+++ b/install/topic-operator/05-Deployment-strimzi-topic-operator.yaml
@@ -17,7 +17,7 @@ spec:
serviceAccountName: strimzi-topic-operator
containers:
- name: strimzi-topic-operator
- image: quay.io/strimzi/operator:0.27.1
+ image: quay.io/strimzi/operator:0.28.0
args:
- /opt/strimzi/bin/topic_operator_run.sh
env:
diff --git a/install/user-operator/05-Deployment-strimzi-user-operator.yaml b/install/user-operator/05-Deployment-strimzi-user-operator.yaml
index 793be7c4177..357d0197d44 100644
--- a/install/user-operator/05-Deployment-strimzi-user-operator.yaml
+++ b/install/user-operator/05-Deployment-strimzi-user-operator.yaml
@@ -17,7 +17,7 @@ spec:
serviceAccountName: strimzi-user-operator
containers:
- name: strimzi-user-operator
- image: quay.io/strimzi/operator:0.27.1
+ image: quay.io/strimzi/operator:0.28.0
args:
- /opt/strimzi/bin/user_operator_run.sh
env:
diff --git a/kafka-agent/pom.xml b/kafka-agent/pom.xml
index 1276c5b7b37..97072029e97 100644
--- a/kafka-agent/pom.xml
+++ b/kafka-agent/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>strimzi</artifactId>
<groupId>io.strimzi</groupId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/kafka-init/pom.xml b/kafka-init/pom.xml
index b59db702973..132a9e3ded7 100644
--- a/kafka-init/pom.xml
+++ b/kafka-init/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>strimzi</artifactId>
<groupId>io.strimzi</groupId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>kafka-init</artifactId>
diff --git a/mirror-maker-agent/pom.xml b/mirror-maker-agent/pom.xml
index 1141ed8bf0e..bc109fdd00d 100644
--- a/mirror-maker-agent/pom.xml
+++ b/mirror-maker-agent/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>strimzi</artifactId>
<groupId>io.strimzi</groupId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/mockkube/pom.xml b/mockkube/pom.xml
index 31192fa3e3f..e1da11e1ab9 100644
--- a/mockkube/pom.xml
+++ b/mockkube/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>strimzi</artifactId>
<groupId>io.strimzi</groupId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/operator-common/pom.xml b/operator-common/pom.xml
index 735176cd403..58e29aa6f31 100644
--- a/operator-common/pom.xml
+++ b/operator-common/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>io.strimzi</groupId>
<artifactId>strimzi</artifactId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>operator-common</artifactId>
diff --git a/packaging/examples/security/keycloak-authorization/README.md b/packaging/examples/security/keycloak-authorization/README.md
index 70d49c93052..d7f777b5539 100644
--- a/packaging/examples/security/keycloak-authorization/README.md
+++ b/packaging/examples/security/keycloak-authorization/README.md
@@ -5,10 +5,10 @@ This folder contains an example `Kafka` custom resource configured for OAuth 2.0
- the corresponding `oauth` authentication
The folder also contains a Keycloak realm export to import into your Keycloak instance to support the example.
-Full instructions for the example are available in the [Strimzi Documentation](https://strimzi.io/docs/operators/in-development/using.html#con-oauth-authorization-keycloak-example).
+Full instructions for the example are available in the [Strimzi Documentation](https://strimzi.io/docs/operators/0.28.0/using.html#con-oauth-authorization-keycloak-example).
* [kafka-authz-realm.json](./kafka-authz-realm.json)
* The Keycloak realm export file
* [kafka-ephemeral-oauth-single-keycloak-authz.yaml](./kafka-ephemeral-oauth-single-keycloak-authz.yaml)
* The Kafka CR that defines a single-node Kafka cluster with `oauth` authentication and `keycloak` authorization,
- using the `kafka-authz` realm. See [full example instructions](https://strimzi.io/docs/operators/in-development/using.html#con-oauth-authorization-keycloak-example) for proper preparation and deployment.
+ using the `kafka-authz` realm. See [full example instructions](https://strimzi.io/docs/operators/0.28.0/using.html#con-oauth-authorization-keycloak-example) for proper preparation and deployment.
diff --git a/packaging/helm-charts/helm3/strimzi-kafka-operator/README.md b/packaging/helm-charts/helm3/strimzi-kafka-operator/README.md
index 02d8c38da0e..a6732694a74 100644
--- a/packaging/helm-charts/helm3/strimzi-kafka-operator/README.md
+++ b/packaging/helm-charts/helm3/strimzi-kafka-operator/README.md
@@ -98,7 +98,7 @@ the documentation for more details.
| `watchAnyNamespace` | Watch the whole Kubernetes cluster (all namespaces) | `false` |
| `defaultImageRegistry` | Default image registry for all the images | `quay.io` |
| `defaultImageRepository` | Default image registry for all the images | `strimzi` |
-| `defaultImageTag` | Default image tag for all the images except Kafka Bridge | `latest` |
+| `defaultImageTag` | Default image tag for all the images except Kafka Bridge | `0.28.0` |
| `image.registry` | Override default Cluster Operator image registry | `nil` |
| `image.repository` | Override default Cluster Operator image repository | `nil` |
| `image.name` | Cluster Operator image name | `cluster-operator` |
diff --git a/packaging/helm-charts/helm3/strimzi-kafka-operator/values.yaml b/packaging/helm-charts/helm3/strimzi-kafka-operator/values.yaml
index dfee6557370..f005b947ba3 100644
--- a/packaging/helm-charts/helm3/strimzi-kafka-operator/values.yaml
+++ b/packaging/helm-charts/helm3/strimzi-kafka-operator/values.yaml
@@ -7,7 +7,7 @@ watchAnyNamespace: false
defaultImageRegistry: quay.io
defaultImageRepository: strimzi
-defaultImageTag: latest
+defaultImageTag: 0.28.0
image:
registry: ""
diff --git a/packaging/helm-charts/index.yaml b/packaging/helm-charts/index.yaml
index 9b86a566146..a121a598c53 100644
--- a/packaging/helm-charts/index.yaml
+++ b/packaging/helm-charts/index.yaml
@@ -1,6 +1,34 @@
apiVersion: v1
entries:
strimzi-kafka-operator:
+ - apiVersion: v2
+ appVersion: 0.28.0
+ created: "2022-02-10T18:56:27.752061+01:00"
+ description: 'Strimzi: Apache Kafka running on Kubernetes'
+ digest: b7cba4cd064faa51b60fd0912ee22b731bba378041bc377995aa27ae965c0bf4
+ home: https://strimzi.io/
+ icon: https://raw.githubusercontent.com/strimzi/strimzi-kafka-operator/main/documentation/logo/strimzi_logo.png
+ keywords:
+ - kafka
+ - queue
+ - stream
+ - event
+ - messaging
+ - datastore
+ - topic
+ maintainers:
+ - name: Frawless
+ - name: ppatierno
+ - name: samuel-hawker
+ - name: scholzj
+ - name: tombentley
+ - name: sknot-rh
+ name: strimzi-kafka-operator
+ sources:
+ - https://github.com/strimzi/strimzi-kafka-operator
+ urls:
+ - https://github.com/strimzi/strimzi-kafka-operator/releases/download/0.28.0/strimzi-kafka-operator-helm-3-chart-0.28.0.tgz
+ version: 0.28.0
- apiVersion: v2
appVersion: 0.27.1
created: "2022-01-14T13:00:57.185551+01:00"
@@ -965,4 +993,4 @@ entries:
urls:
- https://github.com/strimzi/strimzi-kafka-operator/releases/download/0.6.0/strimzi-kafka-operator-0.6.0.tgz
version: 0.6.0
-generated: "2022-01-14T13:00:57.180281+01:00"
+generated: "2022-02-10T18:56:27.743563+01:00"
diff --git a/packaging/install/cluster-operator/060-Deployment-strimzi-cluster-operator.yaml b/packaging/install/cluster-operator/060-Deployment-strimzi-cluster-operator.yaml
index db36f00185c..35504589c7c 100644
--- a/packaging/install/cluster-operator/060-Deployment-strimzi-cluster-operator.yaml
+++ b/packaging/install/cluster-operator/060-Deployment-strimzi-cluster-operator.yaml
@@ -27,7 +27,7 @@ spec:
name: strimzi-cluster-operator
containers:
- name: strimzi-cluster-operator
- image: quay.io/strimzi/operator:latest
+ image: quay.io/strimzi/operator:0.28.0
ports:
- containerPort: 8080
name: http
@@ -48,43 +48,43 @@ spec:
- name: STRIMZI_OPERATION_TIMEOUT_MS
value: "300000"
- name: STRIMZI_DEFAULT_TLS_SIDECAR_ENTITY_OPERATOR_IMAGE
- value: quay.io/strimzi/kafka:latest-kafka-3.1.0
+ value: quay.io/strimzi/kafka:0.28.0-kafka-3.1.0
- name: STRIMZI_DEFAULT_KAFKA_EXPORTER_IMAGE
- value: quay.io/strimzi/kafka:latest-kafka-3.1.0
+ value: quay.io/strimzi/kafka:0.28.0-kafka-3.1.0
- name: STRIMZI_DEFAULT_CRUISE_CONTROL_IMAGE
- value: quay.io/strimzi/kafka:latest-kafka-3.1.0
+ value: quay.io/strimzi/kafka:0.28.0-kafka-3.1.0
- name: STRIMZI_DEFAULT_TLS_SIDECAR_CRUISE_CONTROL_IMAGE
- value: quay.io/strimzi/kafka:latest-kafka-3.1.0
+ value: quay.io/strimzi/kafka:0.28.0-kafka-3.1.0
- name: STRIMZI_KAFKA_IMAGES
value: |
- 3.0.0=quay.io/strimzi/kafka:latest-kafka-3.0.0
- 3.1.0=quay.io/strimzi/kafka:latest-kafka-3.1.0
+ 3.0.0=quay.io/strimzi/kafka:0.28.0-kafka-3.0.0
+ 3.1.0=quay.io/strimzi/kafka:0.28.0-kafka-3.1.0
- name: STRIMZI_KAFKA_CONNECT_IMAGES
value: |
- 3.0.0=quay.io/strimzi/kafka:latest-kafka-3.0.0
- 3.1.0=quay.io/strimzi/kafka:latest-kafka-3.1.0
+ 3.0.0=quay.io/strimzi/kafka:0.28.0-kafka-3.0.0
+ 3.1.0=quay.io/strimzi/kafka:0.28.0-kafka-3.1.0
- name: STRIMZI_KAFKA_MIRROR_MAKER_IMAGES
value: |
- 3.0.0=quay.io/strimzi/kafka:latest-kafka-3.0.0
- 3.1.0=quay.io/strimzi/kafka:latest-kafka-3.1.0
+ 3.0.0=quay.io/strimzi/kafka:0.28.0-kafka-3.0.0
+ 3.1.0=quay.io/strimzi/kafka:0.28.0-kafka-3.1.0
- name: STRIMZI_KAFKA_MIRROR_MAKER_2_IMAGES
value: |
- 3.0.0=quay.io/strimzi/kafka:latest-kafka-3.0.0
- 3.1.0=quay.io/strimzi/kafka:latest-kafka-3.1.0
+ 3.0.0=quay.io/strimzi/kafka:0.28.0-kafka-3.0.0
+ 3.1.0=quay.io/strimzi/kafka:0.28.0-kafka-3.1.0
- name: STRIMZI_DEFAULT_TOPIC_OPERATOR_IMAGE
- value: quay.io/strimzi/operator:latest
+ value: quay.io/strimzi/operator:0.28.0
- name: STRIMZI_DEFAULT_USER_OPERATOR_IMAGE
- value: quay.io/strimzi/operator:latest
+ value: quay.io/strimzi/operator:0.28.0
- name: STRIMZI_DEFAULT_KAFKA_INIT_IMAGE
- value: quay.io/strimzi/operator:latest
+ value: quay.io/strimzi/operator:0.28.0
- name: STRIMZI_DEFAULT_KAFKA_BRIDGE_IMAGE
value: quay.io/strimzi/kafka-bridge:0.21.4
- name: STRIMZI_DEFAULT_JMXTRANS_IMAGE
- value: quay.io/strimzi/jmxtrans:latest
+ value: quay.io/strimzi/jmxtrans:0.28.0
- name: STRIMZI_DEFAULT_KANIKO_EXECUTOR_IMAGE
- value: quay.io/strimzi/kaniko-executor:latest
+ value: quay.io/strimzi/kaniko-executor:0.28.0
- name: STRIMZI_DEFAULT_MAVEN_BUILDER
- value: quay.io/strimzi/maven-builder:latest
+ value: quay.io/strimzi/maven-builder:0.28.0
- name: STRIMZI_OPERATOR_NAMESPACE
valueFrom:
fieldRef:
diff --git a/packaging/install/topic-operator/05-Deployment-strimzi-topic-operator.yaml b/packaging/install/topic-operator/05-Deployment-strimzi-topic-operator.yaml
index 2d2d28239d3..bfd580f6f6b 100644
--- a/packaging/install/topic-operator/05-Deployment-strimzi-topic-operator.yaml
+++ b/packaging/install/topic-operator/05-Deployment-strimzi-topic-operator.yaml
@@ -17,7 +17,7 @@ spec:
serviceAccountName: strimzi-topic-operator
containers:
- name: strimzi-topic-operator
- image: quay.io/strimzi/operator:latest
+ image: quay.io/strimzi/operator:0.28.0
args:
- /opt/strimzi/bin/topic_operator_run.sh
env:
diff --git a/packaging/install/user-operator/05-Deployment-strimzi-user-operator.yaml b/packaging/install/user-operator/05-Deployment-strimzi-user-operator.yaml
index c3c216b241a..357d0197d44 100644
--- a/packaging/install/user-operator/05-Deployment-strimzi-user-operator.yaml
+++ b/packaging/install/user-operator/05-Deployment-strimzi-user-operator.yaml
@@ -17,7 +17,7 @@ spec:
serviceAccountName: strimzi-user-operator
containers:
- name: strimzi-user-operator
- image: quay.io/strimzi/operator:latest
+ image: quay.io/strimzi/operator:0.28.0
args:
- /opt/strimzi/bin/user_operator_run.sh
env:
diff --git a/pom.xml b/pom.xml
index 628d3c1299c..6f2cd34c00a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
<groupId>io.strimzi</groupId>
<artifactId>strimzi</artifactId>
<packaging>pom</packaging>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
<licenses>
<license>
diff --git a/release.version b/release.version
index c55fc9b3d30..697f087f376 100644
--- a/release.version
+++ b/release.version
@@ -1 +1 @@
-0.28.0-SNAPSHOT
+0.28.0
diff --git a/systemtest/pom.xml b/systemtest/pom.xml
index ce1f46da87d..394db5231ba 100644
--- a/systemtest/pom.xml
+++ b/systemtest/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>strimzi</artifactId>
<groupId>io.strimzi</groupId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>systemtest</artifactId>
diff --git a/test/pom.xml b/test/pom.xml
index 5940cee6848..bf567ae0f19 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>strimzi</artifactId>
<groupId>io.strimzi</groupId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/topic-operator/pom.xml b/topic-operator/pom.xml
index 8afd221aca0..f57d2211f1d 100644
--- a/topic-operator/pom.xml
+++ b/topic-operator/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>io.strimzi</groupId>
<artifactId>strimzi</artifactId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>topic-operator</artifactId>
diff --git a/tracing-agent/pom.xml b/tracing-agent/pom.xml
index 4b4ef1b5720..f911dc6e3ad 100644
--- a/tracing-agent/pom.xml
+++ b/tracing-agent/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>strimzi</artifactId>
<groupId>io.strimzi</groupId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/user-operator/pom.xml b/user-operator/pom.xml
index 996f8ce3547..3e4eccc03a7 100644
--- a/user-operator/pom.xml
+++ b/user-operator/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>io.strimzi</groupId>
<artifactId>strimzi</artifactId>
- <version>0.28.0-SNAPSHOT</version>
+ <version>0.28.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>user-operator</artifactId>