2026¶

April 10, 2026
2 min read

Confluent 3.15.1 release

3.15.1 has been released with the following changes:

Security hardening for profile private data

If someone modifies service.cfg to open confluent directly to external access, then authenticated nodes could have exploited a path traversal weakness to read files on the management node outside of the profile. This has been addressed.

Support for Nokia SRLinux

Switches running SRLinux have enhanced capabilities. hardwaremanagement.method set to srlinux will enable a number of commands. See Confluent configuration notes for Nokia Ethernet switches for more detail.

`nodeapply` can now request execution of ansible plays

The profile ansible plays were previously only invoked by confluent during deployment, without a recourse to have confluent execute. By request, nodeapply can request the confluent runner to kick off ansible plays similar to how it can kick off postscripts. `nodeapply -A' is the new argument.

Fix for variation seen in ansible

Some versions/distributions of ansible fouled confluent's autodetection, a broader set of ansible versions work. Particularly the ansible likely to be put in EL10 now works.

Fix for misdetection of EL8.10

EL8.10 import was broken due to misidentification, this has been fixed.

Improve behavior with missing volumegroup map for multi-disk cloning image

An inscrutible error appeared for users trying to deploy multi-disk clones, this has been improved. It still requires explicit work in pre.d to generate the mapping as an advanced usage scenario.

Fix ssh environment for recent EL10 diskless boot

EL10 had changes to move away from setgid ssh keysign to setuid keysign, and accompanying refusal to start with group readable keys. This has been detected and adapted.

Quorum state is pushed on member deletion

If a collective is one system shy of quorum and a member is deleted to bring quorum back, the leader failed to notify members of restoration of quorum. This has been addressd.

Other fixes and enhancements

Some documentation tweaks and a situation that could leak filehandles with bad certificates is addressed.

February 12, 2026
2 min read

Confluent 3.15.0 release

3.15.0 has been released with the following changes:

Note on EPEL pysnmp issue for EL9

EPEL contains a broken vintage of python3-snmp, and this is reflected in the confluent rpm requirements, which may manifest as rpm conflicts. To resolve if the newer pysnmp is already installed:

# dnf --disablerepo=epel downgrade python3-pysnmp

To address ongoing dnf upgrades, filter the problematic version:

# dnf versionlock exclude python3-pysnmp-0:7.1.16-2.el9.noarch

ARM node enhancements

Management node repositories are now provided for ARM management nodes, improvements for ARM diskless images.

Fixed and enhanced support for ThinkSystem N1380 chassis

Support is improved for N1380 chassis and associated systems

Discovery support for more MegaRAC based systems

A variety of systems using MegaRAC can now do zero power discovery

Cisco NX-OS fix for discovery

A bug in the NX-OS switch support prevented successful discovery when using that platform, this has been remedied.

Diskless image changes

Untethered diskless images are now placed into zram on boot rather than on demand, making such environments more straightforward. This improves performance and reduces overall memory usage over time. Reduce cache pressure for tethered diskless to reduce cache usage for disk operation. A new 'uncompressed' method is also added, which has maximum memory impact for a modest bump in performance and more deterministic memory footprint.