Skip to content

Add blog post for Kroxylicious 0.18.0 #210

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
SamBarker merged 6 commits into from
Dec 3, 2025
Merged

Add blog post for Kroxylicious 0.18.0 #210

Changes from 4 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
205a02e
Add blog post for Kroxylicious 0.18.0
k-wall Nov 28, 2025
afc0b4a
Update 2025-11-28-release-0_18_0.md
k-wall Nov 28, 2025
1c0b58a
Add links to design proposals.
SamBarker Dec 3, 2025
2ea4343
remove operator tag/category
SamBarker Dec 3, 2025
79c11c0
PR feedback simplify wording.
SamBarker Dec 3, 2025
a8b28d7
Merge branch 'main' into k-wall-patch-6
SamBarker Dec 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 44 additions & 0 deletions _posts/2025-11-28-release-0_18_0.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
---
layout: post
title: "Kroxylicious release 0.18.0"
date: 2025-11-28 00:00:00 +0000
author: "Keith Wall"
author_url: "https://github.com/k-wall"
# noinspection YAMLSchemaValidation
categories: blog kroxylicious-proxy releases
tags: [ "releases", "kroxylicious-proxy" ]
---

The Kroxylicious project is very pleased to announce the release
of [Kroxylicious 0.18.0](https://github.com/kroxylicious/kroxylicious/releases/tag/v0.18.0). See
the [Changelog](https://github.com/kroxylicious/kroxylicious/blob/main/CHANGELOG.md#0180) for a list of changes and
summary of Deprecations, Changes and Removals.

The main highlights of this release are:

### Filter API Improvements

* Filters now have a convenient mechanism to convert from topic
ids [KIP-516](https://cwiki.apache.org/confluence/display/KAFKA/KIP-516%3A+Topic+Identifiers) to topic names. This is
based
on [design proposal#008](https://github.com/kroxylicious/design/blob/main/proposals/008-topic-name-lookup-facility.md)
* For authenticated use-cases, filters now have access to a Subject API that provides convenient access to the authenticated principals established by the channel. This is a building block
for filters that need to enforce authorization checks or want to write an audit trail of Kafka actions. Full context
on where our thinking goes and what could/should be possible is outlined
in [design proposal#009](https://github.com/kroxylicious/design/blob/main/proposals/009-authorizer.md)

@gracegrimwood gracegrimwood Dec 3, 2025

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A couple nits on this:

  1. Extra spaces and line breaks (the latter makes it a little harder to read the raw markdown, and also to tell whether Jekyll will format it correctly).
  2. "to topic names. This is based on" <- This can be one sentence.
  3. I don't think specifying "For authenticated use-cases" is necessary (it's mostly re-stated later in the sentence anyway) and it reads a little awkwardly.
  4. "Full context on where our thinking goes and what could/should be possible is outlined in ..." <- Don't need to have so many words here. I think something like "For further context, see ..." works a bit better.
Suggested change
* Filters now have a convenient mechanism to convert from topic
ids [KIP-516](https://cwiki.apache.org/confluence/display/KAFKA/KIP-516%3A+Topic+Identifiers) to topic names. This is
based
on [design proposal#008](https://github.com/kroxylicious/design/blob/main/proposals/008-topic-name-lookup-facility.md)
* For authenticated use-cases, filters now have access to a Subject API that provides convenient access to the authenticated principals established by the channel. This is a building block
for filters that need to enforce authorization checks or want to write an audit trail of Kafka actions. Full context
on where our thinking goes and what could/should be possible is outlined
in [design proposal#009](https://github.com/kroxylicious/design/blob/main/proposals/009-authorizer.md)
* Filters now have a convenient mechanism to convert from topic ids [KIP-516](https://cwiki.apache.org/confluence/display/KAFKA/KIP-516%3A+Topic+Identifiers) to topic names, based on [design proposal#008](https://github.com/kroxylicious/design/blob/main/proposals/008-topic-name-lookup-facility.md)
* Filters now have access to a Subject API that provides convenient access to the authenticated principals established by the channel. This is a building block for filters that need to enforce authorization checks or want to write an audit trail of Kafka actions. For further context, see [design proposal#009](https://github.com/kroxylicious/design/blob/main/proposals/009-authorizer.md)


### Authorizer Filter

We've added a new Authorizer Filter that can authorize Topic operations using the same semantics as Kafka own
Authorization API. This allows you to enforce authorizations rules at the proxy.

### Azure KMS integration for Record Encryption

With this release, Record Encryption now has the capability to use Azure Vault for storage of the key material used to encrypt Kafka records.

### Feedback

Please let us know if you find the project interesting or helpful, and especially if
you have deployed it in production.
You can reach us through [Slack](https://kroxylicious.slack.com), [GitHub](https://github.com/kroxylicious/kroxylicious/issues) or
even [bsky](https://bsky.app/profile/kroxylicious.io)).