Chapter 2. Enhancements

The following table lists the enhancements in AMQ Streams 1.1.0.

User authorization

Simple Authorization now supports Transactional IDs when specifying resource types.

See Simple Authorization

TLS sidecar health checks

TLS sidecar, used to encrypt and decrypt all communication between the AMQ Streams components and Zookeeper, now supports the following configuration options:

  • readinessProbe defines when a container can start accepting traffic
  • livenessProbe defines when to restart a container

See Healthcheck configurations

Enriched configuration options for off-cluster access

An external listener may be used to connect to a Kafka cluster outside an OpenShift environment.

AMQ Streams supports three types of external listeners:

  1. route
  2. loadbalancer
  3. nodeport

With external listeners, you can:

  • Override host names and ports
  • Add DNS names for the bootstrap service
  • Specify target OpenShift routes
  • Configure NodePort numbers

See External listener

Sample Prometheus alerts
Example Prometheus alerting rules are provided for Kafka and Zookeeper metrics. The examples may be used when configuring Prometheus Alertmanager.
Annotations refactoring

A new Annotations class holds a constant for the strimzi.io domain. Current uses of annotations have been refactored to use the new standardized class. Old annotations are deprecated, but still functional.

  • cluster.operator.strimzi.io/delete-claimstrimzi.io/delete-claim
  • operator.strimzi.io/manual-rolling-updatestrimzi.io/manual-rolling-update
  • operator.strimzi.io/delete-pod-and-pvcstrimzi.io/delete-pod-and-pvc
  • operator.strimzi.io/generationstrimzi.io/generation
Kafka and Zookeeper shutdown handling
TLS sidecar now shuts down after the main pods so that connections to Zookeeper are maintained for a clean shutdown.
Certificate validity
Changes to the number of days a security certificate should be valid through renewalDays are now propagated to UserOperator to override the (365 day) default validity.