KAFKA-18364 migrating from zk to kraft document

docs/upgrade.html

@@ -28,6 +28,12 @@ <h5><a id="upgrade_400_notable" href="#upgrade_400_notable">Notable changes in 4
             taken when it comes to kafka clients that are not part of Apache Kafka, please see
             <a href="https://cwiki.apache.org/confluence/display/KAFKA/KIP-896%3A+Remove+old+client+protocol+API+versions+in+Kafka+4.0">KIP-896</a> for the details.
         </li>
+        <li>
+            Before updating your Kafka cluster which build on Zookeeper to Kafka 4.0, you must understand what the updates and changes 
+            are between Zookeeper mode and Kraft mode. See the following page to learn about some of the significant changes in 
+            latest Kafka releases.
+            <a href="zk2kraft.html">Zookeeper migrate Kraft</a>
+        </li>
         <li>A number of deprecated classes, methods, configurations and tools have been removed.
             <ul>
                 <li><b>Common</b>

docs/zk2kraft.html

@@ -0,0 +1,126 @@
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements.  See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License.  You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<script><!--#include virtual="js/templateData.js" --></script>
+
+<h3 class="anchor-heading">Significant Changes in Kafka 4.0 Release</h3>
+<p>The following are some of the updates in Kafka 4.0 release:</p>
+<h4 class="anchor-heading">Removal Zookeeper configs</h4>
+<ul>
+    <li>
+        <p>
+            The password encoder-related configurations have been removed. These configurations were used in ZooKeeper
+            mode to define the key and backup key for encrypting sensitive data (e.g., passwords), specify the algorithm
+            and key generation method for password encryption (e.g., AES, RSA), and control the key length and encryption
+            strength.
+        </p>
+        <ul>
+            <li><code>password.encoder.secret</code></li>
+            <li><code>password.encoder.old.secret</code></li>
+            <li><code>password.encoder.keyfactory.algorithm</code></li>
+            <li><code>password.encoder.cipher.algorithm</code></li>
+            <li><code>password.encoder.key.length</code></li>
+            <li><code>password.encoder.iterations</code></li>
+        </ul>
+        <p>
+            In Kraft mode, Kafka adopts standardized security configurations. Most sensitive data encryption is handled
+            by the security framework (e.g., SASL, SSL), making the password encoder-related configurations obsolete.
+            Sensitive data can now be encrypted in two ways: SASL and SSL/TLS.
+        </p>
+        <p>
+            Using <b>SASL/SCRAM</b>, you can encrypt communication between clients and brokers with mechanisms such as
+            SCRAM or GSSAPI. To configure SASL. Use the following parameters to specify the desired SASL mechanism.
+
+        <ul>
+            <li><code>sasl.enabled.mechanisms</code></li>
+            <li><code>sasl.mechanism.inter.broker.protocol</code></li>
+        </ul>
+        <p>
+            Using <b>SSL/TLS</b>, you can encrypt communication between clients and brokers by specifying the SSL keystore
+            and truststore configurations. Use the following parameters:
+        </p>
+        <ul>
+            <li><code>ssl.keystore.location</code></li>
+            <li><code>ssl.keystore.password</code></li>
+            <li><code>ssl.key.password</code></li>
+            <li><code>ssl.truststore.location</code></li>
+            <li><code>ssl.truststore.password</code></li>
+        </ul>
+    </li>
+    <li>
+        <p>
+            Removed <code>control.plane.listener.name</code>. Kafka relies on ZooKeeper to manage metadata, but some
+            internal operations (e.g., communication between controllers (a.k.a.,  broker controller) and brokers) still require
+            Kafka’s internal control plane for coordination.
+        </p>
+        <p>
+            In KRaft mode, Kafka eliminates its dependency on ZooKeeper, and the control plane functionality is fully
+            integrated into Kafka itself. The process roles are clearly separated: brokers handle data-related requests,
+            while the controllers (a.k.a.,  quorum controller) manages metadata-related requests. The controllers use the Raft
+            protocol for internal communication, which operates differently from the ZooKeeper model. Use the following
+            parameters to configure the control plane listener:
+        </p>
+        <ul>
+            <li><code>controller.listener.names</code></li>
+            <li><code>listeners</code></li>
+            <li><code>listener.security.protocol.map</code></li>
+        </ul>
+    </li>
+    <li>
+        <p>
+            Remove the broker id generation-related configurations. These configurations were used in ZooKeeper mode to
+            define the broker id, specify the broker id auto generation, and control the broker id generation process.
+        </p>
+        <ul>
+            <li><code>reserved.broker.max.id</code></li>
+            <li><code>broker.id.generation.enable</code></li>
+            <li><code>broker.id</code></li>
+        </ul>
+        <p>
+            Kafka use the node id in Kraft mode to identify servers.
+        </p>
+        <ul>
+            <li><code>node.id</code></li>
+        </ul>
+    </li>
+    <li>
+        <p>
+            Removed Zookeeper related configurations.
+        </p>
+        <ul>
+            <li><code>zookeeper.connect</code></li>
+            <li><code>zookeeper.session.timeout.ms</code></li>
+            <li><code>zookeeper.connection.timeout.ms</code></li>
+            <li><code>zookeeper.set.acl</code></li>
+            <li><code>zookeeper.max.in.flight.requests</code></li>
+            <li><code>zookeeper.ssl.client.enable</code></li>
+            <li><code>zookeeper.clientCnxnSocket</code></li>
+            <li><code>zookeeper.ssl.keystore.location</code></li>
+            <li><code>zookeeper.ssl.keystore.password</code></li>
+            <li><code>zookeeper.ssl.keystore.type</code></li>
+            <li><code>zookeeper.ssl.truststore.location</code></li>
+            <li><code>zookeeper.ssl.truststore.password</code></li>
+            <li><code>zookeeper.ssl.truststore.type</code></li>
+            <li><code>zookeeper.ssl.protocol</code></li>
+            <li><code>zookeeper.ssl.enabled.protocols</code></li>
+            <li><code>zookeeper.ssl.cipher.suites</code></li>
+            <li><code>zookeeper.ssl.endpoint.identification.algorithm</code></li>
+            <li><code>zookeeper.ssl.crl.enable</code></li>
+            <li><code>zookeeper.ssl.ocsp.enable</code></li>
+        </ul>
+    </li>
+</ul>