Kpow v90.4 introduces a new Bulk Actions feature that allows you to take action on multiple resources in one click.
This release also resolves performance issues related to materialization and internal scheduled tasks, freshens up our UI with new icons, fixes a long-standing Jetty JAAS expired-session login bug, open-sources a couple of cool Clojure libraries, and bundles a number of smaller fixes and improvements.
Thanks to all our users who raised issues or requested features that are highlighted in this release. We hope you all have a restful holiday period and we'll see you in 2023!
Bulk Actions
Bulk actions allow a user to invoke a single mutation against multiple resources.
This can be particularly useful for tasks such as deleting large numbers of items in one go, like the example of deleting 300 topics in a single request.
See the Bulk Actions documentation for a guide to configuring permissions for your users, and an explanation of how Bulk Action processing works.
In a future release we will expand on this feature, allowing mixed and scheduled bulk actions.
Eventually this function will be available programtically via an API for CI/CD and other purposes.
This feature is not available in the Community Edition of Kpow.
Materialization and Scheduling Performance Improvements
We recently received a performance report from a customer with the following installation and our Helm chart resource defaults (1CPU / 4GB heap)
- Single Kpow Installation
- 12 Kafka Clusters
- 6 Connect Clusters
- 6 Schema Registries
With their assistance we were able to isolate a bug in our internal scheduled task manager responsible for performing observation and materialization of the data we use to provide the Kpow UI. We also improved the performance of materialization by about 50%, significantly dropping CPU resource requirements.
Accompanying these improvements we have adjusted the default Helm resource requests to 2 CPU and 8 GB heap. Those defaults now represent the upper limit we expect you might need when running Kpow with 12 Cluster, 12 Connect, 12 Schema.
You should experiment and adjust your memory and CPU allocation, as it is likely for single cluster installs you may use significantly less than those defaults.
Authentication Improvements
We have been working over the previous months to open-source the Clojure network layer that we use to interact with Jetty (the Java networking framework).
That work is now complete and Slipway is available in Github and Clojars, as is Kpow Secure.
As a part of that work we updated our Jetty dependencies to latest, squashed a long-standing bug where a user might observe an internal error page when re-authenticating an expired session, and introduced the ability to secure your 'javax.net.ssl.trustStorePassword' when specifying custom SSL certificates to use with LDAPS.
Using Kpow Secure with trustStorePassword
Use the standard approach for encrypting configuration, see our secure-config guide for full details.
Example configuration with encrypted javax.net.ssl.trustStorePassword:
java -Djava.security.auth.login.config=dev-resources/jaas/ldaps-jaas.conf \
-Djavax.net.ssl.trustStore=dev-resources/jaas/ldaps/local-client.jks \
-Djavax.net.ssl.trustStoreType=JKS
-Djavax.net.ssl.trustStorePassword=AES:ARClD4Hz3A2VpdCGqZArl/OglnIawMHRzW0cVjraODxIeg== \
-jar -Xmx4G ./kpow.jar
UX Improvements
We have removed the 'Multiple Kpow Detected' warning page and replaced it with a notification that appears in the top-right alerts.
This release also bumps Kpow's icon set up to HeroIcons v2.0 - we think they look great!
Community Improvements
The community edition wizard has been improved to support configuration of MSK Connect (along with existin support for Confluent/Kafka Connect).
As always you can simply run CE from environment variables if you prefer, see our Community Edition docs for more.