ansible-middleware
diff --git a/‎.github/workflows/ci.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/ci.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎molecule/amq_streams_kraft/converge.yml‎
Lines changed: 78 additions & 0 deletions b/‎molecule/amq_streams_kraft/converge.yml‎
Lines changed: 78 additions & 0 deletions
diff --git a/‎molecule/amq_streams_kraft/molecule.yml‎
Lines changed: 43 additions & 0 deletions b/‎molecule/amq_streams_kraft/molecule.yml‎
Lines changed: 43 additions & 0 deletions
diff --git a/‎molecule/amq_streams_kraft/roles‎
Lines changed: 1 addition & 0 deletions b/‎molecule/amq_streams_kraft/roles‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎molecule/amq_streams_kraft/vars.yml‎
Lines changed: 21 additions & 0 deletions b/‎molecule/amq_streams_kraft/vars.yml‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎molecule/amq_streams_kraft/verify.yml‎
Lines changed: 19 additions & 0 deletions b/‎molecule/amq_streams_kraft/verify.yml‎
Lines changed: 19 additions & 0 deletions
diff --git a/‎roles/amq_streams_broker/templates/server.properties.j2‎
Lines changed: 59 additions & 12 deletions b/‎roles/amq_streams_broker/templates/server.properties.j2‎
Lines changed: 59 additions & 12 deletions
diff --git a/‎roles/amq_streams_common/tasks/systemd.yml‎
Lines changed: 41 additions & 7 deletions b/‎roles/amq_streams_common/tasks/systemd.yml‎
Lines changed: 41 additions & 7 deletions
@@ -3,7 +3,7 @@ name: CI
 on:
   push:
     branches:
-      - main
+      - AMW-162
   pull_request:
   schedule:
     - cron: '0 6 * * *'
@@ -16,4 +16,4 @@ jobs:
       fqcn: 'middleware_automation/amq_streams'
       root_permission_varname: 'amq_streams_install_requires_become'
       molecule_tests: >-
-        [ "default" ]
+        [ "default", "amq_streams_kraft" ]
@@ -0,0 +1,78 @@
+---
+- name: "Automate AMQ Streams KRaft install"
+  hosts: all
+  vars:
+    # Topic Management
+    amq_streams_broker_topics:
+      - name: sampleTopic
+        partitions: 2
+        replication_factor: 1
+      - name: otherTopic
+        partitions: 4
+        replication_factor: 1
+  vars_files:
+    - vars.yml
+  roles:
+    - role: amq_streams_common
+    - role: amq_streams_kraft
+  tasks:
+    - name: "Ensure AMQ Streams Broker is running and available."
+      ansible.builtin.include_role:
+        name: amq_streams_broker
+      vars:
+        amq_streams_common_skip_download: true
+
+    - name: "Ensure AMQ Streams Connect is running and available."
+      ansible.builtin.include_role:
+        name: amq_streams_connect
+      vars:
+        connectors:
+          - { name: "file", path: "connectors/file.yml" }
+
+    - name: "Validate that KRaft deployment is functional."
+      ansible.builtin.include_role:
+        name: amq_streams_kraft
+        tasks_from: validate.yml
+
+    - name: "Validate that Broker deployment is functional."
+      ansible.builtin.include_role:
+        name: amq_streams_broker
+        tasks_from: validate.yml
+
+    - name: "Validate that Connect deployment is functional."
+      ansible.builtin.include_role:
+        name: amq_streams_connect
+        tasks_from: validate.yml
+
+  post_tasks:
+    - name: "Ensures topics exist."
+      ansible.builtin.include_role:
+        name: amq_streams_broker
+        tasks_from: topic/create.yml
+      loop: "{{ amq_streams_broker_topics }}"
+      loop_control:
+        loop_var: topic
+      vars:
+        topic_name: "{{ topic.name }}"
+        topic_partitions: "{{ topic.partitions }}"
+        topic_replication_factor: "{{ topic.replication_factor }}"
+
+    - name: "Describe created topics."
+      ansible.builtin.include_role:
+        name: amq_streams_broker
+        tasks_from: topic/describe.yml
+      loop: "{{ amq_streams_broker_topics }}"
+      loop_control:
+        loop_var: topic
+      vars:
+        topic_name: "{{ topic.name }}"
+
+    - name: "Delete topics"
+      ansible.builtin.include_role:
+        name: amq_streams_broker
+        tasks_from: topic/delete.yml
+      loop: "{{ amq_streams_broker_topics }}"
+      loop_control:
+        loop_var: topic
+      vars:
+        topic_name: "{{ topic.name }}"
@@ -0,0 +1,43 @@
+---
+driver:
+  name: docker
+platforms:
+  - name: instance
+    image: registry.access.redhat.com/ubi9/ubi-init:latest
+    command: "/usr/sbin/init"
+    pre_build_image: true
+    privileged: true
+    groups:
+     - brokers
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      interpreter_python: auto_silent
+    ssh_connection:
+      pipelining: false
+  playbooks:
+    prepare: ../prepare.yml
+    converge: converge.yml
+    verify: verify.yml
+  inventory:
+    host_vars:
+      localhost:
+        ansible_python_interpreter: "{{ ansible_playbook_python }}"
+  env:
+    ANSIBLE_FORCE_COLOR: "true"
+verifier:
+  name: ansible
+scenario:
+  test_sequence:
+    - cleanup
+    - destroy
+    - syntax
+    - create
+    - prepare
+    - converge
+    - idempotence
+    - side_effect
+    - verify
+    - cleanup
+    - destroy
@@ -0,0 +1 @@
+../../roles
@@ -0,0 +1,21 @@
+---
+amq_streams_common_escalade_privilege_group_create: "{{ amq_streams_install_requires_become | default(true) }}"
+amq_streams_common_escalade_privilege_user_create: "{{ amq_streams_install_requires_become | default(true) }}"
+amq_streams_common_archive_extraction_requires_privilege_escalation: "{{ amq_streams_install_requires_become | default(true) }}"
+amq_streams_common_dependencies_require_priv: "{{ amq_streams_install_requires_become | default(true) }}"
+amq_streams_zookeeper_data_require_priv_escalation: "{{ amq_streams_install_requires_become | default(true) }}"
+amq_streams_zookeeper_restart_requires_priv_escalation: "{{ amq_streams_install_requires_become | default(true) }}"
+amq_streams_broker_tls_truststore_client_require_priv_escalation: "{{ amq_streams_install_requires_become | default(true) }}"
+amq_streams_broker_config_files_requires_privilege_escalation: "{{ amq_streams_install_requires_become | default(true) }}"
+amq_streams_cruise_control_path_to_capacity_file_require_priv_escalation: "{{ amq_streams_install_requires_become | default(true) }}"
+amq_streams_cruise_control_logfiles_requires_priv_escalation: "{{ amq_streams_install_requires_become | default(true) }}"
+amq_streams_connect_source_file_require_priv_escalation: "{{ amq_streams_install_requires_become | default(true) }}"
+amq_streams_kraft_priv_escalation: "{{ amq_streams_install_requires_become | default(true) }}"
+amq_streams_common_product_version: 4.1.1
+# Run the Systemd Service as root
+amq_streams_broker_user: root
+amq_streams_broker_group: root
+
+# Run KRaft tasks as root
+amq_streams_kraft_user: root
+amq_streams_kraft_group: root
@@ -0,0 +1,19 @@
+---
+- name: Verify
+  hosts: all
+  tasks:
+
+    - name: Populate service facts
+      ansible.builtin.service_facts:
+
+    - name: Check broker service
+      assert:
+        that:
+          - ansible_facts.services["amq_streams_broker.service"]["state"] == "running"
+          - ansible_facts.services["amq_streams_broker.service"]["status"] == "enabled"
+
+    - name: Check controller service
+      assert:
+        that:
+          - ansible_facts.services["amq_streams_controller.service"]["state"] == "running"
+          - ansible_facts.services["amq_streams_controller.service"]["status"] == "enabled"
@@ -20,10 +20,35 @@
 # See kafka.server.KafkaConfig for additional details and defaults
 #
 
+# -----------------------------------------------------------------------------
+# MODE DETERMINATION (Added for Kafka 4.0+ KRaft Support)
+# -----------------------------------------------------------------------------
+{% set enable_kraft = amq_streams_enable_kraft | default(amq_streams_common_product_version is version('4.0.0', '>=')) | bool %}
+
 ############################# Server Basics #############################
 
 # The id of the broker. This must be set to a unique integer for each broker.
+{% if enable_kraft %}
+# KRaft uses node.id instead of broker.id
+node.id={{ amq_streams_kraft_node_id | default(1) }}
+{% else %}
 broker.id={{ amq_streams_broker_broker_id | default(amq_streams_broker_inventory_group.index(inventory_hostname)) }}
+{% endif %}
+
+############################# KRaft Settings (Kafka 4.0+) #############################
+{% if enable_kraft %}
+# The roles of this process. broker, controller, or both.
+process.roles={{ amq_streams_kraft_process_roles | default('broker,controller') }}
+
+# The connect string for the controller quorum
+controller.quorum.voters={{ amq_streams_kraft_controller_quorum_voters }}
+
+# Listener name used for the controller
+controller.listener.names={{ amq_streams_kraft_controller_listener_names | default('CONTROLLER') }}
+
+# Listener name used for inter-broker communication
+inter.broker.listener.name={{ amq_streams_kraft_inter_broker_listener_name | default('PLAINTEXT') }}
+{% endif %}
 
 ############################# Socket Server Settings #############################
 
@@ -33,40 +58,57 @@ broker.id={{ amq_streams_broker_broker_id | default(amq_streams_broker_inventory
 #     listeners = listener_name://host_name:port
 #   EXAMPLE:
 #     listeners = PLAINTEXT://your.host.name:9092
-{% if amq_streams_broker_listeners is defined %}
+{% if enable_kraft %}
+# KRaft Mode Listeners (Requires Broker + Controller ports)
+listeners={{ amq_streams_kraft_listeners | join(",") }}
+{% else %}
+# Legacy ZK Mode Listeners
+    {% if amq_streams_broker_listeners is defined %}
 listeners={{ amq_streams_broker_listeners | join(",") }}
-{% elif amq_streams_broker_listener_port is defined %}
+    {% elif amq_streams_broker_listener_port is defined %}
 listeners=PLAINTEXT://:{{ amq_streams_broker_listener_port }}
-{% else %}
+    {% else %}
 #listeners=PLAINTEXT://:9092
+    {% endif %}
 {% endif %}
 
-{% if amq_streams_broker_inter_broker_listener is defined %}
-# Name of listener used for communication between brokers
+{% if amq_streams_broker_inter_broker_listener is defined and not enable_kraft %}
+# Name of listener used for communication between brokers (Legacy ZK only)
 inter.broker.listener.name={{ amq_streams_broker_inter_broker_listener }}
 {% endif %}
 
 # Listener name, hostname and port the broker will advertise to clients.
 # If not set, it uses the value for "listeners".
-{% if amq_streams_broker_advertised_listeners is defined %}
-advertised.listeners={{ amq_streams_broker_advertised_listeners | join(",") }}
+{% if enable_kraft %}
+# KRaft Mode Advertised Listeners (Broker port only)
+advertised.listeners={{ amq_streams_kraft_advertised_listeners | join(",") }}
 {% else %}
+# Legacy ZK Mode Advertised Listeners
+    {% if amq_streams_broker_advertised_listeners is defined %}
+advertised.listeners={{ amq_streams_broker_advertised_listeners | join(",") }}
+    {% else %}
 #advertised.listeners=PLAINTEXT://your.host.name:9092
+    {% endif %}
 {% endif %}
 
-{% if amq_streams_broker_auth_enabled and amq_streams_broker_auth_listeners is defined %}
+{% if enable_kraft %}
+# KRaft Mode Security Map (Must include Controller)
+listener.security.protocol.map=PLAINTEXT:PLAINTEXT,CONTROLLER:PLAINTEXT,SSL:SSL,SASL_PLAINTEXT:SASL_PLAINTEXT,SASL_SSL:SASL_SSL
+{% else %}
+    {% if amq_streams_broker_auth_enabled and amq_streams_broker_auth_listeners is defined %}
 # Maps listener names to security protocols, the default is for them to be the same. See the config documentation for more details
 listener.security.protocol.map={{ amq_streams_broker_auth_listeners | join(",") }}
 
 # The list of SASL mechanisms enabled in the Kafka server
 sasl.enabled.mechanisms={{ amq_streams_broker_auth_sasl_mechanisms | join(",") }}
-{% if amq_streams_broker_inter_broker_auth_sasl_mechanisms is defined %}
+        {% if amq_streams_broker_inter_broker_auth_sasl_mechanisms is defined %}
 # SASL mechanism used for inter-broker communication
 sasl.mechanism.inter.broker.protocol={{ amq_streams_broker_inter_broker_auth_sasl_mechanisms }}
-{% endif %}
-{% else %}
+        {% endif %}
+    {% else %}
 # Maps listener names to security protocols, the default is for them to be the same. See the config documentation for more details
 #listener.security.protocol.map=PLAINTEXT:PLAINTEXT,SSL:SSL,SASL_PLAINTEXT:SASL_PLAINTEXT,SASL_SSL:SASL_SSL
+    {% endif %}
 {% endif %}
 
 {% if amq_streams_broker_inter_broker_listener_auth is defined %}
@@ -105,7 +147,11 @@ socket.request.max.bytes={{ amq_streams_broker_socket_request_max_bytes }}
 ############################# Log Basics #############################
 
 # A comma separated list of directories under which to store log files
+{% if enable_kraft %}
+log.dirs={{ amq_streams_kraft_log_dirs }}
+{% else %}
 log.dirs={{ amq_streams_broker_data_dir }}
+{% endif %}
 
 # The default number of log partitions per topic. More partitions allow greater
 # parallelism for consumption, but this will also result in more files across
@@ -162,7 +208,7 @@ log.retention.hours={{ amq_streams_broker_log_retention_hours }}
 log.retention.check.interval.ms={{ amq_streams_broker_log_retention_check_interval_ms }}
 
 ############################# Zookeeper #############################
-
+{% if not enable_kraft %}
 # Zookeeper connection string (see zookeeper docs for details).
 # This is a comma separated host:port pairs, each corresponding to a zk
 # server. e.g. "127.0.0.1:3000,127.0.0.1:3001,127.0.0.1:3002".
@@ -173,6 +219,7 @@ zookeeper.connect={{ amq_streams_broker_zookeeper_host }}:{{ amq_streams_broker_
 # Timeout in ms for connecting to zookeeper
 zookeeper.connection.timeout.ms={{ amq_streams_broker_zookeeper_connection_timeout_ms }}
 zookeeper.session.timeout.ms={{ amq_streams_broker_zookeeper_session_timeout_ms }}
+{% endif %}
 
 ############################# Group Coordinator Settings #############################
 
 
@@ -69,10 +69,44 @@
         enabled: yes
         state: started
 
-    - name: "Wait for service port {{ server_port }} to be available - (if provided)"
-      ansible.builtin.wait_for:
-        port: "{{ server_port }}"
-        delay: "{{ delay_before_server_port_check | default(omit) }}"
-      when:
-        - skip_wait_for_server_port is defined and not skip_wait_for_server_port
-        - server_port is defined and server_port != ''
+    # --- CHANGED SECTION START ---
+    # Replaced simple wait_for with block/rescue to capture crash logs
+    - name: "Wait for service port {{ server_port }} (with crash log capture)"
+      block:
+        - name: "Wait for service port {{ server_port }} to be available"
+          ansible.builtin.wait_for:
+            port: "{{ server_port }}"
+            # If listeners bind to 0.0.0.0, check localhost. Otherwise check specific IP.
+            host: "127.0.0.1" 
+            delay: "{{ delay_before_server_port_check | default(5) }}"
+            timeout: 60 # Fail fast (1 min) to see logs quicker
+          when:
+            - skip_wait_for_server_port is defined and not skip_wait_for_server_port
+            - server_port is defined and server_port != ''
+
+      rescue:
+        - name: "FATAL: Service failed to start. Fetching systemd logs..."
+          ansible.builtin.shell: "journalctl -u {{ server_name }} -xe --no-pager | tail -n 50"
+          register: systemd_logs
+          changed_when: false
+          ignore_errors: true
+
+        - name: "FATAL: Fetching Kafka server logs..."
+          # CHANGE: Use 'amq_streams_common_home' instead of 'amq_streams_kafka_home'
+          ansible.builtin.shell: "cat {{ amq_streams_common_home }}/logs/server.log | tail -n 50"
+          register: kafka_logs
+          changed_when: false
+          ignore_errors: true
+
+        - name: "PRINT SYSTEMD CRASH LOGS"
+          ansible.builtin.debug:
+            msg: "{{ systemd_logs.stdout_lines }}"
+
+        - name: "PRINT KAFKA SERVER LOGS"
+          ansible.builtin.debug:
+            msg: "{{ kafka_logs.stdout_lines }}"
+        
+        - name: "Fail the playbook explicitly"
+          ansible.builtin.fail:
+            msg: "The Kafka service crashed immediately. Review the Java exceptions printed above."
+    # --- CHANGED SECTION END ---