What’s New

This topic includes new content added in version 24.2. For a complete list of all product updates, see the Redpanda release notes. See also:

Declarative user and ACL management in Kubernetes

Starting with Redpanda Operator version v2.2.2-24.2.4, you can now manage users and access control lists (ACLs) with the new User resource. This feature allows you to:

  • Create and manage Redpanda users and their authentication settings.

  • Define and manage ACLs to control access to Redpanda resources.

  • Automatically reconcile changes to users and ACLs using the Redpanda Operator.

To learn more, see the User resource documentation.

FIPS compliance

Redpanda now provides a FIPS 140-compliant binary to support running Redpanda in environments requiring FIPS-compliant software and to meet certain requirements for organizations undergoing certification through government compliance programs, such as FedRAMP. When using the FIPS binary, both Redpanda and rpk leverage FIPS-compliant OpenSSL libraries and ciphers for all encryption activity inside Redpanda, including encryption of data in transit. Install the redpanda-fips package to run Redpanda in FIPS-compliance mode.

Schema Registry support for JSON

Redpanda’s Schema Registry now supports JSON serialization format, in addition to Avro and Protobuf. You can use a JSON Schema format to validate messages and ensure compatibility between schema versions.

Schema Registry read-only mode

You can now put individual subjects or the entire Schema Registry into read-only or read-write mode with the Schema Registry API /mode endpoint or with rpk registry mode set. You can use the READONLY mode in an active/passive disaster recovery configuration.

TLS enhancements

  • Minimum TLS version: For enhanced security, Redpanda now has a cluster configuration property to control the minimum TLS version to use for encryption. By default, tls_min_version is set to v1.2, which prevents client applications from using older TLS versions to connect to your clusters.

  • Certificate revocation lists: When enabling TLS encryption for the Kafka, Admin, HTTP Proxy or Schema Registry APIs, you can now add a certificate revocation list (CRL) to your configuration. Redpanda uses the CRL to check and reject connections from entities using certificates already revoked by a certificate authority.

Data transforms enhancements

Redpanda has a new JavaScript SDK that you can use to build and deploy data transforms in Redpanda. To get started, see Data Transforms Quickstarts.

You can now deploy data transform functions that reprocess existing records from an input topic. Processing existing records can be useful, for example, to process historical data into a different format for a new consumer, to re-create lost data from an accidentally-deleted topic, or to resolve issues with a previous version of a transform that processed data incorrectly.

The docs now also include an expanded guide designed to help you master the creation, deployment, and management of data transforms in Redpanda.

Enhanced cache trimming

Redpanda has two new properties that provide finer control over cache management. These settings allow you to define specific thresholds for triggering cache trimming based on cache size and the number of objects, helping to optimize performance and prevent slow reads.

Client throughput management

Redpanda now includes rpk and Redpanda Console support for managing client throughput limits. You can set client throughput quotas using rpk for an individual client based on client ID, as well as for a group of clients based on ID prefix matching. New metrics are available for insights on client throughput utilization.

Client throughput quotas, previously applied on a per-shard basis, now apply on a per-broker basis. Cluster configuration properties for managing client quotas are deprecated, including target_quota_byte_rate which is disabled by default with the value 0.

Self-test enhancements

New tests are added to the Redpanda self-test suite:

  • Cloud storage tests to validate Tiered Storage configuration.

  • 16K block size disk tests to better assess block storage performance, particularly in response to I/O depth changes.

  • 4K block size disk test with dsync off to assess the impact of fdatasync on the storage layer.

See the rpk self test reference for usage and output examples.

Intra-broker partition balancing: beta

Intra-broker partition balancing is a new topic-aware partition balancer that balances partitions across cores within a Redpanda broker. This balancer considers core count changes as well as partition movement to rebalance partition replicas and improve performance.

This is a beta feature for v24.2 and is not recommended for use for production clusters.

Doc enhancements

The Redpanda Docs home page has been redesigned, so you can stay within the context of Redpanda Self-Managed, Redpanda Cloud, or Redpanda Connect docs. We hope that our docs help and inspire our users. Please share your feedback with the links at the bottom of any doc page.