Cloudera Docs

What's New in Apache Kafka

Learn about the new features of Apache Kafka in Cloudera Runtime 7.3.1, its service packs and cumulative hotfixes.

Cloudera Runtime 7.3.1.500 SP3:

The LdapLoingModule is blocked by default
The LdapLoginModule (com.sun.security.auth.module.LdapLoginModule) class is blocked by default and can not be used in SASL JAAS configurations. Use the PlainLoginModule (org.apache.kafka.common.security.plain.PlainLoginModule) class for LDAP authentication.
Configurable allow list of URLs for OAuth authentication
A new Java option, org.apache.kafka.sasl.oauthbearer.allowed.urls, is introduced for Kafka brokers and Kafka Connect that enable you to specify an allow list of URLs for the OAuth authentication mechanism. This gives you stricter control over which URLs can be accessed by Kafka for authentication.

By default the option is empty, which means that a connection to any URL is allowed. The configuration property you use in Cloudera Manager to set the option is different for Kafka brokers and Kafka Connect. Use the following configuration properties for Kafka brokers and Kafka Connect:

  • For Kafka brokers, configure the option by adding it to the Additional Broker Java Options Kafka broker property in Cloudera Manager. For example:
    -Dorg.apache.kafka.sasl.oauthbearer.allowed.urls=http://www.oauth-example-1.com,http://www.oauth-example-2.com
  • For Kafka Connect, configure the option by adding it to the EXTRA_ARGS environment variable. The EXTRA_ARGS environment variable is configured by adding it to the Kafka Connect Environment Advanced Configuration Snippet (Safety Valve) property in Cloudera Manager. For example: 
    EXTRA_ARGS=-Dorg.apache.kafka.sasl.oauthbearer.allowed.urls="http://www.oauth-example-1.com,http://www.oauth-example-2.com"

Cloudera Runtime 7.3.1.400 SP2:

There are no new features in this release.

Cloudera Runtime 7.3.1.300 SP1 CHF 1:

There are no new features in this release.

Cloudera Runtime 7.3.1.200 SP1:

There are no new features in this release.

Cloudera Runtime 7.3.1.100 CHF 1:

There are no new features in this release.

Cloudera Runtime 7.3.1:

Kafka Rolling Restart check—all partitions fully replicated
A new broker rolling restart check option, all partitions fully replicated has been introduced. Selecting this option ensures that all partitions are in a fully synchronized state when a broker is stopped. For more information, see Rolling restart checks.