diff --git a/modules/ROOT/nav.adoc b/modules/ROOT/nav.adoc index 96ff79daf..975de24c5 100644 --- a/modules/ROOT/nav.adoc +++ b/modules/ROOT/nav.adoc @@ -10,11 +10,12 @@ *** xref:console:quickstart.adoc[Redpanda Console] ** xref:get-started:licensing/index.adoc[Redpanda Licensing] *** xref:get-started:licensing/overview.adoc[Editions and Enterprise Features] -*** xref:get-started:licensing/add-license-redpanda/index.adoc[Add an Enterprise License] +*** xref:get-started:licensing/add-license-redpanda/index.adoc[Add License] **** xref:get-started:licensing/add-license-redpanda/linux.adoc[Linux] **** xref:get-started:licensing/add-license-redpanda/kubernetes.adoc[Kubernetes] **** xref:console:ui/add-license.adoc[Redpanda Console] -*** xref:get-started:licensing/monitor-license-status.adoc[Monitor Enterprise Licenses] +*** xref:get-started:licensing/monitor-license-status.adoc[Check Status] +*** xref:get-started:licensing/disable-enterprise-features.adoc[Disable Enterprise Features] ** xref:get-started:rpk/index.adoc[Redpanda CLI] *** xref:get-started:intro-to-rpk.adoc[Introduction to rpk] *** xref:get-started:rpk-install.adoc[] diff --git a/modules/console/pages/config/enterprise-license.adoc b/modules/console/pages/config/enterprise-license.adoc index c327dafe0..d2dca6c15 100644 --- a/modules/console/pages/config/enterprise-license.adoc +++ b/modules/console/pages/config/enterprise-license.adoc @@ -7,7 +7,7 @@ TIP: Redpanda Console can also load the license key from a connected Redpanda cl == Prerequisites -You must have an Enterprise Edition license. If you don't have a license yet, https://www.redpanda.com/contact[request one^]. +You must have an Enterprise Edition license. To get a trial license key or extend your trial period, https://redpanda.com/try-enterprise[generate a new trial license key^]. To purchase a license, contact https://redpanda.com/upgrade[Redpanda Sales^]. If Redpanda Console has enterprise features enabled and cannot find a valid license locally or in the connected Redpanda cluster, it shuts down. See xref:get-started:licensing/overview.adoc[]. diff --git a/modules/develop/pages/produce-data/leader-pinning.adoc b/modules/develop/pages/produce-data/leader-pinning.adoc index a855009e8..06dd7ebbd 100644 --- a/modules/develop/pages/produce-data/leader-pinning.adoc +++ b/modules/develop/pages/produce-data/leader-pinning.adoc @@ -1,44 +1,45 @@ = Leader Pinning // tag::single-source[] -:description: Learn about leader pinning and how to configure a preferred partition leader location based on cloud availability zones or regions. - -Produce requests that write data to Redpanda topics go through the topic partition leader, which syncs messages across its follower replicas. For a Redpanda cluster deployed across multiple availability zones (AZs), leader pinning ensures that a topic's partition leaders are geographically closer to clients, which helps decrease networking costs and guarantees lower latency. - -If consumers are located in the same preferred region or AZ for leader pinning, and you have not set up xref:develop:consume-data/follower-fetching.adoc[follower fetching], leader pinning can also help reduce networking costs on consume requests. - -== Prerequisites +:description: Learn about Leader Pinning and how to configure a preferred partition leader location based on cloud availability zones or regions. [NOTE] ==== include::shared:partial$enterprise-license.adoc[] ==== -Before you can enable leader pinning, you must xref:manage:rack-awareness.adoc#configure-rack-awareness[configure rack awareness] on the cluster. If the config_ref:enable_rack_awareness,true,properties/cluster-properties[] cluster configuration property is set to `false`, leader pinning is disabled across the cluster. +Produce requests that write data to Redpanda topics go through the topic partition leader, which syncs messages across its follower replicas. For a Redpanda cluster deployed across multiple availability zones (AZs), Leader Pinning ensures that a topic's partition leaders are geographically closer to clients, which helps decrease networking costs and guarantees lower latency. + +If consumers are located in the same preferred region or AZ for Leader Pinning, and you have not set up xref:develop:consume-data/follower-fetching.adoc[follower fetching], Leader Pinning can also help reduce networking costs on consume requests. + +== Prerequisites + +Before you can enable Leader Pinning, you must xref:manage:rack-awareness.adoc#configure-rack-awareness[configure rack awareness] on the cluster. If the config_ref:enable_rack_awareness,true,properties/cluster-properties[] cluster configuration property is set to `false`, Leader Pinning is disabled across the cluster. + +== Configure Leader Pinning -== Configure leader pinning +You can use both a topic configuration property and a cluster configuration property to configure Leader Pinning. -You can use both a topic configuration property and a cluster configuration property to configure leader pinning. +You can set the topic configuration property for individual topics only, or set the cluster-wide configuration property that will enable Leader Pinning by default for all topics. You can also use a combination in which a default setting applies across the cluster, and you toggle the setting on or off for specific topics. -You can set the topic configuration property for individual topics only, or set the cluster-wide configuration property that will enable leader pinning by default for all topics. You can also use a combination in which a default setting applies across the cluster, and you toggle the setting on or off for specific topics. This configuration is based on the following scenario: you have Redpanda deployed in a multi-AZ or multi-region cluster, and you have configured each broker so that the config_ref:rack,true,properties/broker-properties[] configuration property contains rack IDs corresponding to the AZ IDs: * Set the topic configuration property xref:reference:properties/topic-properties.adoc#redpandaleaderspreference[`redpanda.leaders.preference`]. The property accepts the following string values: + -- -** `none`: Opt out the topic from leader pinning. +** `none`: Opt out the topic from Leader Pinning. ** `racks:[,,...]`: Specify the preferred location (rack) of all topic partition leaders. The list can contain one or more rack IDs, and you can list the IDs in any order. Spaces in the list are ignored, for example: `racks:rack1,rack2` and `racks: rack1, rack2` are equivalent. You cannot specify empty rack IDs, for example: `racks: rack1,,rack2`. If you specify multiple IDs, Redpanda tries to distribute the partition leader locations equally across brokers in these racks. -- + This property inherits the default value from the cluster property `default_leaders_preference`. -* Set the cluster configuration property config_ref:default_leaders_preference,true,properties/cluster-properties[], which specifies the default leader pinning configuration for all topics that don’t have `redpanda.leaders.preference` explicitly set. It accepts values in the same format as `redpanda.leaders.preference`. Default: `none` +* Set the cluster configuration property config_ref:default_leaders_preference,true,properties/cluster-properties[], which specifies the default Leader Pinning configuration for all topics that don’t have `redpanda.leaders.preference` explicitly set. It accepts values in the same format as `redpanda.leaders.preference`. Default: `none` + This property also affects internal topics, such as `__consumer_offsets` and transaction coordinators. All offset tracking and transaction coordination requests get placed within the preferred regions or AZs for all clients, so you see end-to-end latency and networking cost benefits. -If there is more than one broker in the preferred AZ (or AZs), leader pinning distributes partition leaders uniformly across brokers in the AZ. +If there is more than one broker in the preferred AZ (or AZs), Leader Pinning distributes partition leaders uniformly across brokers in the AZ. -== Leader pinning failover across availability zones +== Leader Pinning failover across availability zones If there are three AZs: A, B, and C, and A becomes unavailable, the failover behavior is as follows: diff --git a/modules/get-started/pages/licensing/add-license-redpanda/kubernetes.adoc b/modules/get-started/pages/licensing/add-license-redpanda/kubernetes.adoc index f64dee904..6ec1546b8 100644 --- a/modules/get-started/pages/licensing/add-license-redpanda/kubernetes.adoc +++ b/modules/get-started/pages/licensing/add-license-redpanda/kubernetes.adoc @@ -6,7 +6,7 @@ To enable xref:get-started:licensing/overview.adoc[enterprise features for Redpa == Prerequisites -You must have an Enterprise Edition license. https://www.redpanda.com/contact[Request a license^] if you don't have one already. +You must have an Enterprise Edition license. To get a trial license key or extend your trial period, https://redpanda.com/try-enterprise[generate a new trial license key^]. To purchase a license, contact https://redpanda.com/upgrade[Redpanda Sales^]. == Add a new license diff --git a/modules/get-started/pages/licensing/add-license-redpanda/linux.adoc b/modules/get-started/pages/licensing/add-license-redpanda/linux.adoc index bd5d51b8d..936929208 100644 --- a/modules/get-started/pages/licensing/add-license-redpanda/linux.adoc +++ b/modules/get-started/pages/licensing/add-license-redpanda/linux.adoc @@ -7,7 +7,7 @@ To enable xref:get-started:licensing/overview.adoc[enterprise features for Redpa - You must have xref:get-started:rpk-install.adoc[`rpk` installed] and configured to connect to your Redpanda cluster. -- You must have an Enterprise Edition license. https://www.redpanda.com/contact[Request a license^] if you don't have one already. +- You must have an Enterprise Edition license. To get a trial license key or extend your trial period, https://redpanda.com/try-enterprise[generate a new trial license key^]. To purchase a license, contact https://redpanda.com/upgrade[Redpanda Sales^]. == Add a new license diff --git a/modules/get-started/pages/licensing/disable-enterprise-features.adoc b/modules/get-started/pages/licensing/disable-enterprise-features.adoc new file mode 100644 index 000000000..863e76d7c --- /dev/null +++ b/modules/get-started/pages/licensing/disable-enterprise-features.adoc @@ -0,0 +1,163 @@ += Disable Enterprise Features in Redpanda +:description: Disable specific enterprise features in Redpanda to ensure your cluster operates within the scope of the Community Edition without enterprise features. + +Enterprise features in Redpanda are available only in the Enterprise Edition and require a valid license. If your cluster has enterprise features enabled without a valid license, it is essential to either upload a valid license or disable these features to maintain compliance with Redpanda licensing terms. + +== Prerequisites + +Before you begin, consider the following: + +- Take a backup of your current configuration to allow rollback if needed. + +- Disabling enterprise features may affect cluster performance, security, or functionality. Test these changes in a staging environment before applying them to production. + +- If you need enterprise features, consider purchasing a valid license to continue using them. To get a trial license key or extend your trial period, https://redpanda.com/try-enterprise[generate a new trial license key^]. To purchase a license, contact https://redpanda.com/upgrade[Redpanda Sales^]. + +== Check for enterprise features in violation + +To check the status of your license, use the `rpk cluster license info` command. This command provides a detailed overview of your Redpanda license, including whether your cluster has enterprise features enabled without a valid license. + +[NOTE] +==== +This command reports license violations only if enterprise features in Redpanda are enabled without a valid license. It does not report license violations for enterprise features in xref:get-started:licensing/overview.adoc#connect[Redpanda Connect] or xref:get-started:licensing/overview.adoc#console[Redpanda Console]. +==== + +. Ensure that xref:get-started:rpk-install.adoc[`rpk` is installed] and configured to connect to your cluster's Admin API endpoint. + +. Get the details about your cluster's license: ++ +[,bash] +---- +rpk cluster license info +---- ++ +If the `license violation` status is `true`, you must either obtain a valid license or disable the enterprise features in use to ensure compliance. + +== Disable enterprise features + +To disable specific enterprise features, refer to the following table: + +[NOTE] +==== +These instructions apply to bare-metal deployments on Linux. If you are running Redpanda in a different environment, such as Kubernetes or Docker, the way you disable features may vary. +==== + +[cols="1a,1a"] +|=== +| Feature | Action to Disable + +| xref:manage:audit-logging.adoc[Audit Logging] +| +Set the cluster config `audit_enabled` to `false`: + +[,bash] +---- +rpk cluster config set audit_enabled false +---- + +| xref:manage:cluster-maintenance/continuous-data-balancing.adoc[Continuous Data Balancing] +| +Set the cluster config `partition_autobalancing_mode` to `node_add`: + +[,bash] +---- +rpk cluster config set partition_autobalancing_mode node_add +---- + +| xref:manage:cluster-maintenance/cluster-balancing.adoc#intra-broker-partition-balancing[Continuous Intra-Broker Partition Balancing] +(`core_balancing_continuous`) +| +Set the cluster config `core_balancing_continuous` to `false`: + +[,bash] +---- +rpk cluster config set core_balancing_continuous false +---- + +| xref:manage:security/fips-compliance.adoc[FIPS Compliance] +| +Set the node config `fips_mode` to `disabled`: + +[,bash] +---- +rpk node config set fips_mode disabled +---- + +| xref:manage:security/authentication.adoc#kerberos[Kerberos authentication] +| +Remove `GSSAPI` from the cluster config `sasl_mechanisms`: + +[,bash] +---- +rpk cluster config set sasl_mechanisms +---- + +| xref:manage:security/authentication.adoc#kerberos[Leader Pinning] +| +Set `default_leaders_preference` to `none`: + +[,bash] +---- +rpk cluster config set default_leaders_preference none +---- + +| xref:manage:security/authentication.adoc#oidc[OAUTHBEARER/OIDC authentication] +| +Remove `OIDC` from the cluster config `sasl_mechanisms` and `http_authentication`: +[,bash] +---- +rpk cluster config set sasl_mechanisms +rpk cluster config set http_authentication +---- + +| xref:manage:remote-read-replicas.adoc[Remote Read Replicas] +| +Set the cluster config `cloud_storage_enable_remote_read` to `false`: + +[,bash] +---- +rpk cluster config set cloud_storage_enable_remote_read false +---- + +| xref:manage:security/authorization/rbac.adoc[Role-Based Access Control (RBAC)] +| +Use `rpk security role delete` to delete all configured roles: + +[,bash] +---- +rpk security role list +rpk security role delete +---- + +| xref:manage:schema-reg/schema-id-validation.adoc[Server-Side Schema ID Validation] +| +Set the cluster config `enable_schema_id_validation` to `false`: + +[,bash] +---- +rpk cluster config set enable_schema_id_validation false +---- + +| xref:manage:tiered-storage.adoc[Tiered Storage] +| +Set the cluster config `cloud_storage_enabled` to `false`: + +[,bash] +---- +rpk cluster config set cloud_storage_enabled false +---- + +|=== + +== Verify the license status + +When all required changes are made, confirm that the `license violation` status is now `false`. + +[,bash] +---- +rpk cluster license info +---- + +== Suggested reading + +For more information about licensing, see xref:get-started:licensing/overview.adoc[]. diff --git a/modules/get-started/pages/licensing/monitor-license-status.adoc b/modules/get-started/pages/licensing/monitor-license-status.adoc index d0dfa6d0e..db3ac04af 100644 --- a/modules/get-started/pages/licensing/monitor-license-status.adoc +++ b/modules/get-started/pages/licensing/monitor-license-status.adoc @@ -1,12 +1,14 @@ -= Monitor the Status of an Enterprise Edition License += Check the Status of an Enterprise Edition License :description: pass:q[Learn how to monitor the status of your Redpanda Enterprise Edition license using `rpk`, the Redpanda Console, the Admin API, and observability tools such as logs and metrics.] -To track license expiration and ensure compliance with xref:get-started:licensing/overview.adoc[Redpanda licensing], you can monitor the status of your Enterprise Edition license using <>, the <>, <>, and observability tools such as <> and <>. +To track license expiration and ensure compliance with xref:get-started:licensing/overview.adoc[Redpanda licensing], you can monitor the status of your Enterprise Edition license using <>, <>, and observability tools such as <> and <>. [[rpk]] -== Check the status of a license with `rpk` +== Use `rpk` to check license status and feature usage -To check the status of your current license and information about in-use enterprise features, use the `rpk cluster license info` command. You can choose different output formats depending on your use case. +To check the status of your license, use the `rpk cluster license info` command. This command provides a detailed overview of your Redpanda license, including its status, expiration, and enterprise features currently in use. + +NOTE: Enterprise features in use are specific to Redpanda. They do not include enterprise features for xref:get-started:licensing/overview.adoc#connect[Redpanda Connect] or xref:get-started:licensing/overview.adoc#console[Redpanda Console]. . Make sure that xref:get-started:rpk-install.adoc[`rpk` is installed] and configured to connect to your cluster's Admin API endpoint. @@ -16,94 +18,135 @@ To check the status of your current license and information about in-use enterpr rpk cluster license info ``` + -The command displays the license information in a user-friendly format. The output includes: -+ --- -- *Organization*: The organization for which the license was issued. -- *Type*: The type of license (for example, enterprise or trial). -- *Expires*: The license expiration date. -- *Version*: The schema version of the license. -- *Enterprise features in use*: A list of enabled enterprise features. --- -+ -If the license is within 30 days of expiration, a warning is logged: +The command displays the license information in a user-friendly format. The output depends on the license status. It can include the following: + ----- -warning: your license will expire soon ----- +[cols="1,2a"] +|=== +|Field |Description -=== Change the output format +|License status +| +Indicates the current state of the license. Possible values include: -Different output formats can be useful depending on your scenario. The available formats include JSON, YAML, text, and wide (expanded). For example, if you are writing scripts or automating license monitoring, you may prefer the JSON format, as it's easily parsed by tools like `jq` or integrated into monitoring systems. +* `valid`: The license is active and valid. +* `expired`: The license has expired, and restrictions may apply to enterprise features. +* `not_present`: No license is currently applied. -To get the license information in another format, use the `--format` flag: +|License violation +| +A boolean value that indicates whether enterprise features are being used in violation of the licensing terms: -```bash -rpk cluster license info --format -``` +* `true`: Enterprise features are enabled without a valid license. +* `false`: No violations are detected. -Replace `` with one of the available formats. See xref:reference:rpk/rpk-cluster/rpk-cluster-license-info.adoc[]. +[NOTE] +==== +If the `license violation` status is `true`, you must either obtain a valid license or disable the enterprise features in use to ensure compliance. +For instructions, see xref:get-started:licensing/disable-enterprise-features.adoc[]. +==== + +|Organization +| +The organization for which the license was issued. Typically corresponds to the organization that purchased or activated the license. -For more details, including the SHA-256 checksum and Unix timestamp for expiration, use the `wide` format. This format is useful when you need a deeper level of detail about the license for troubleshooting or verification. For example: +|Type +| +The type of license applied to the cluster: +* `enterprise`: A full-featured enterprise license. +* `trial`: A time-limited trial license. + +|Expires +| +The expiration date of the current license. After this date, the license status changes to `expired`. + +|Enterprise features in use +| +A list of enabled enterprise features in the cluster, such as `tiered_storage`, `audit_logging`, and `partition_auto_balancing_continuous`. +|=== + +If the license is within 30 days of expiration, a warning is logged. `rpk` displays warnings when you execute `rpk` commands that use the Admin API in the following scenarios: + +- *License violation*: When enterprise features are enabled without a valid license. + +- *Trial expiration*: When enterprise features are enabled and a trial license expires in less than 15 days. + +- *Enterprise expiration*: When enterprise features are enabled and an Enterprise license is expired. + +=== Examples + +This section provides examples of what `rpk` reports depending on the license status. + +Valid license: + +[.no-copy] ---- LICENSE INFORMATION -Organization: Your Organization -Type: enterprise -Expires: Jan 1 2025 -License Expired: false -Checksum: 3d2e5b4d07d294534d9b7e90d8f73e91d34f7b4a62c45b6dc1c1e6f9d0a12bcf -ExpiresUnix: 1735689600 +=================== +License status: valid +License violation: false +Enterprise features in use: [partition_auto_balancing_continuous] +Organization: Devex +Type: enterprise +Expires: Oct 11 2025 ---- -[[admin]] -== Check the status of a license with the Admin API - -You can retrieve the license status and information about in-use enterprise features using the Redpanda Admin API. This API provides JSON-formatted responses and is useful for programmatic access to the license details and feature status. +Without a valid license: -To get the license status and features in use, make a `GET` request to the `/v1/features/enterprise` endpoint. For example: - -[,bash] +[.no-copy] ---- -curl -X GET http://:/v1/features/enterprise +LICENSE INFORMATION +=================== +License status: not_present +License violation: false +Enterprise features in use: [partition_auto_balancing_continuous] ---- -Example response: +Expired license: -[,json] +[.no-copy] ---- -{ - "license_status": "valid", - "violation": false, - "features": [ - { - "name": "audit_logging", - "enabled": true - }, - { - "name": "tiered_storage", - "enabled": false - } - ] -} +WARNING: The following enterprise features are being used in your Redpanda cluster: [partition_auto_balancing_continuous]. These features require a license. +LICENSE INFORMATION +=================== +License status: expired +License violation: true +Enterprise features in use: [partition_auto_balancing_continuous] ---- -- `license_status`: The status of the license. Possible values are: -** `valid`: The license is valid. -** `expired`: The license has expired. -** `not_present`: No license is present. +=== Change the output format + +Different output formats can be useful depending on your scenario. For example, if you are writing scripts or automating license monitoring, you may prefer the JSON format, as it's easily parsed by tools like `jq` or integrated into monitoring systems. -- `violation`: A boolean value that indicates whether there is a violation. For example, the license is not valid and one or more enterprise features are enabled. +To get the license information in another format, use the `--format` flag: -- `features`: An array of enterprise features that lists each feature by name and whether it is enabled (`true`) or not (`false`). +```bash +rpk cluster license info --format +``` -NOTE: The returned enterprise features are specific to Redpanda Enterprise Edition. They do not include xref:get-started:licensing/overview.adoc#connect[enterprise features for Redpanda Connect] or xref:get-started:licensing/overview.adoc#console[enterprise features in Redpanda Console]. +Replace `` with one of the available formats. See xref:reference:rpk/rpk-cluster/rpk-cluster-license-info.adoc[]. [[console]] -== Check the status of a license in Redpanda Console +== Use Redpanda Console to check license status You can also check the status of your license in the Redpanda Console UI. See xref:console:ui/add-license.adoc[]. +If Redpanda Console cannot find a valid license either locally or in the connected Redpanda cluster, it shuts down. Redpanda Console tries to load a valid license at startup in the following order: + +. From the local configuration file or environment variables. +. From the connected Redpanda cluster (if available). + +Redpanda Console displays warnings in the following scenarios: + +- *Upcoming license expiration*: Redpanda Console checks the license status at startup. If the license expires within 30 days, a warning is displayed in the UI. Redpanda Console also logs the license details at startup, including the expiration date. For example: ++ +[,json] +---- +{"level":"info","msg":"successfully loaded Redpanda Enterprise license","license_org":"redpanda","license_type":"enterprise","expires_at":"Oct 12 2024"} +---- + +- *Redpanda Self-Managed enterprise features are in use without a valid license*: If the Redpanda cluster is using enterprise features without a valid license, Redpanda Console displays a warning specifying the features in use without proper licensing. + [[logs]] == Monitor a license in the logs @@ -113,3 +156,8 @@ Logs are emitted on Redpanda brokers to help you understand how the license is b == Monitor a license using metrics The xref:reference:public-metrics-reference.adoc#redpanda_cluster_features_enterprise_license_expiry_sec[`redpanda_cluster_features_enterprise_license_expiry_sec`] metric tells you how many seconds remain until the license expires. Use this metric to set up alerts or dashboards to track the license expiration status and ensure timely renewal. + +== Next steps + +- xref:get-started:licensing/disable-enterprise-features.adoc[] + diff --git a/modules/get-started/pages/licensing/overview.adoc b/modules/get-started/pages/licensing/overview.adoc index 5aa89ea99..5667c9bdc 100644 --- a/modules/get-started/pages/licensing/overview.adoc +++ b/modules/get-started/pages/licensing/overview.adoc @@ -1,11 +1,11 @@ -= Redpanda Licenses, Editions, and Enterprise Features -:description: Learn about Redpanda licensing for Self-Managed, Console, and Connect, available in both Community and Enterprise editions. Understand licensing requirements and how to access enterprise features with a valid license key. += Redpanda Licenses and Enterprise Features +:description: Learn about Redpanda licensing for Redpanda, Redpanda Console, and Redpanda Connect, available in both Community and Enterprise editions. Understand licensing requirements and how to access enterprise features with a valid license key. :page-aliases: introduction:licenses.adoc, get-started:licenses.adoc -Redpanda Self-Managed, Redpanda Console, and Redpanda Connect are available in community and enterprise editions. Each product has a single binary that supports both editions. +Redpanda, Redpanda Console, and Redpanda Connect are available in community and enterprise editions. Each product has a single binary that supports both editions. * Redpanda Community Edition is free and source-available on GitHub: -** https://github.com/redpanda-data/redpanda[Redpanda Self-Managed^] +** https://github.com/redpanda-data/redpanda[Redpanda^] ** https://github.com/redpanda-data/console[Redpanda Console^] ** https://github.com/redpanda-data/connect[Redpanda Connect^] * Redpanda Enterprise Edition requires a license key and includes additional features. @@ -19,11 +19,10 @@ Redpanda Cloud is a managed deployment of Redpanda Enterprise Edition. To learn The Community Edition is licensed with the Redpanda https://github.com/redpanda-data/redpanda/blob/dev/licenses/bsl.md[Business Source License^] (BSL). These core features are free and source-available. -[NOTE] -==== +=== Restrictions and licensing terms + * Users cannot provide Redpanda as a commercial streaming or queuing service to others. * The BSL code converts to Apache 2.0 licensing four years after each code merge. -==== == Enterprise Edition @@ -31,49 +30,95 @@ The Enterprise Edition is licensed with the https://github.com/redpanda-data/red === License keys -Enterprise features require an Enterprise Edition license key, sometimes referred to as Enterprise license, license key, or license. You can evaluate enterprise features with a free 30-day trial. To request a trial license key, to extend your trial period, or to purchase a license, contact https://redpanda.com/try-redpanda?section=enterprise-trial[Redpanda Sales^]. +Enterprise features require an Enterprise Edition license key, sometimes referred to as Enterprise license, license key, or license. + +Starting with version 24.3, new Redpanda clusters automatically receive a trial license that's valid for 30 days, allowing unrestricted use of enterprise features. This evaluation period begins when the cluster is created for the first time. After this period expires, inactive enterprise features are disabled, and active features enter a restricted state. + +To get a trial license key or extend your trial period, https://redpanda.com/try-enterprise[generate a new trial license key]. + +To purchase a license, contact https://redpanda.com/upgrade[Redpanda Sales^]. + +[NOTE] +==== +include::get-started:partial$licensing/block-upgrades-note.adoc[] +==== [[self-managed]] -=== Enterprise features in Redpanda Self-Managed +=== Enterprise features in Redpanda -The following enterprise features for Redpanda Self-Managed are activated with a valid Enterprise Edition license key: +The following table lists the available Enterprise features for Redpanda, along with the restrictions applied if the Enterprise license is invalid or has expired. -include::get-started:partial$licensing/enterprise-features.adoc[tag=self-managed] +[cols="1a,2a,2a"] +|=== +| Feature | Description | Restrictions Without Valid License -[[console]] -=== Enterprise features in Redpanda Console +| xref:manage:audit-logging.adoc[Audit Logging] +| Records detailed logs of cluster activities for compliance and monitoring. +| Read access to the audit log topic is denied, but logging continues. -The following enterprise features for Redpanda Console are activated with a valid Enterprise Edition license key: +| xref:manage:cluster-maintenance/continuous-data-balancing.adoc[Continuous Data Balancing] +| Automatically balances partitions across a cluster to optimize resource use and performance. +| Continuous balancing is disabled, reverting to the default `node_add` setting that balances partitions only after a broker is added to the cluster. -include::get-started:partial$licensing/enterprise-features.adoc[tag=console] +| xref:manage:cluster-maintenance/cluster-balancing.adoc#intra-broker-partition-balancing[Continuous Intra-Broker Partition Balancing] +(`core_balancing_continuous`) +| Balances partition replicas across CPU cores in an individual broker to optimize disk space usage. +| Continuous Intra-Broker Partition Balancing is disabled. -[[connect]] -=== Enterprise features in Redpanda Connect +| xref:manage:security/fips-compliance.adoc[FIPS Compliance] +| Enables compliance with FIPS security standards for cryptography. +| None + +| xref:manage:security/authentication.adoc#kerberos[Kerberos authentication] +| Provides secure Kerberos-based authentication. +| None + +| xref:manage:security/authentication.adoc#kerberos[Leader Pinning] +| Specifies the set of availability zones where the leaders of partitions of a given topic should be located. +| Leader Pinning is disabled on all topics. + +| xref:manage:security/authentication.adoc#oidc[OAUTHBEARER/OIDC authentication] +| Allows for OAUTHBEARER and OpenID Connect (OIDC) authentication. +| None + +| xref:manage:remote-read-replicas.adoc[Remote Read Replicas] +| Enables remote clusters to read data stored in object storage for disaster recovery. +| Remote Read Replica topics cannot be created or modified. + +| xref:manage:security/authorization/rbac.adoc[Role-Based Access Control (RBAC)] +| Manages user roles and permissions within the cluster. +| Roles and ACLs associated with roles cannot be created or modified. Role deletion is allowed. +| xref:manage:schema-reg/schema-id-validation.adoc[Server-Side Schema ID Validation] +| Validates schema IDs server-side to ensure schema compatibility. With schema ID validation, records associated with unregistered schemas are detected and dropped by a broker rather than a consumer. +| Topics with schema validation settings cannot be created or modified. -include::get-started:partial$licensing/enterprise-features.adoc[tag=connect] +| xref:manage:tiered-storage.adoc[Tiered Storage] +| Enables storage of data in cloud object storage for long-term retention and retrieval. +| Topics cannot be created or modified to enable Tiered Storage features. Additional partitions cannot be added to topics that have any Tiered Storage properties enabled. -== How Redpanda Console handles licenses +|=== -If Redpanda Console cannot find a valid license either locally or in the connected Redpanda cluster, it shuts down. Redpanda Console tries to load a valid license at startup in the following order: +[[console]] +=== Enterprise features in Redpanda Console + +The following enterprise features for Redpanda Console are activated with a valid Enterprise Edition license key: -. From the local configuration file or environment variables. -. From the connected Redpanda cluster (if available). +* xref:console:config/security/authentication.adoc[Redpanda Console Authentication] +* xref:console:config/security/authorization.adoc[Redpanda Console Authorization (RBAC)] + +[[connect]] +=== Enterprise features in Redpanda Connect -Redpanda Console displays warnings in the following scenarios: +The Enterprise Edition of Redpanda Connect includes additional connectors. For a list of all available connectors, see xref:redpanda-connect:components:catalog.adoc[]. -- *Upcoming license expiration*: Redpanda Console checks the license status at startup. If the license expires within 30 days, a warning is displayed in the UI. Redpanda Console also logs the license details at startup, including the expiration date. For example: -+ -[,json] ----- -{"level":"info","msg":"successfully loaded Redpanda Enterprise license","license_org":"redpanda","license_type":"enterprise","expires_at":"Oct 12 2024"} ----- +== Manage licenses for Redpanda -- *Redpanda Self-Managed enterprise features are in use without a valid license*: If the Redpanda cluster is using enterprise features without a valid license, Redpanda Console displays a warning specifying the features in use without proper licensing. +Redpanda offers multiple ways to manage your license depending on your deployment method. Proper license management ensures access to advanced enterprise features and avoids restrictions when licenses are invalid or expired. -- *Redpanda Console enterprise features in use without a valid license*: If you configure enterprise features in Redpanda Console without a valid license, Redpanda Console shuts down and logs a warning. +See xref:get-started:licensing/add-license-redpanda/index.adoc[]. -=== Ways to manage licenses for Redpanda Console +== Manage licenses for Redpanda Console Redpanda Console offers two methods for applying or updating a license, depending on your setup: diff --git a/modules/get-started/pages/whats-new.adoc b/modules/get-started/pages/whats-new.adoc index 0724b3b63..4d18818c2 100644 --- a/modules/get-started/pages/whats-new.adoc +++ b/modules/get-started/pages/whats-new.adoc @@ -47,7 +47,7 @@ This release includes several updates to xref:get-started:licensing/overview.ado - *Unified license management in Redpanda Console*: You can now upload and apply a single license key for both Redpanda Console and the connected Redpanda cluster through the Redpanda Console UI. Any existing license key is overridden by the new one. -- *30 day trial Enterprise license*: Starting with version 24.3, new Redpanda clusters automatically receive a trial license that's valid for 30 days, allowing unrestricted use of Enterprise features. This evaluation period begins when the cluster is created for the first time. After this period expires, inactive Enterprise features are disabled, and active features enter a restricted state. +- *30-day trial Enterprise license*: Starting with version 24.3, new Redpanda clusters automatically receive a trial license that's valid for 30 days, allowing unrestricted use of Enterprise features. This evaluation period begins when the cluster is created for the first time. After this period expires, inactive Enterprise features are disabled, and active features enter a restricted state. == Declarative user and ACL management in Kubernetes diff --git a/modules/get-started/partials/licensing/block-upgrades-note.adoc b/modules/get-started/partials/licensing/block-upgrades-note.adoc new file mode 100644 index 000000000..6e49f06c5 --- /dev/null +++ b/modules/get-started/partials/licensing/block-upgrades-note.adoc @@ -0,0 +1 @@ +Redpanda blocks upgrades to new feature releases if enterprise features are active without a valid license. Ensure compliance by obtaining a license to maintain access to the latest features and updates. \ No newline at end of file diff --git a/modules/get-started/partials/licensing/check-license.adoc b/modules/get-started/partials/licensing/check-license.adoc index b87377337..fae76197a 100644 --- a/modules/get-started/partials/licensing/check-license.adoc +++ b/modules/get-started/partials/licensing/check-license.adoc @@ -12,7 +12,7 @@ rpk cluster license info ---- endif::[] -This command will display the current license details, including the expiration date. For example: +This command will display the current license details, including the expiration date and whether any enterprise features are active. For example: ---- LICENSE INFORMATION @@ -21,3 +21,8 @@ Organization: redpanda Type: enterprise Expires: Oct 24 2027 ---- + +[NOTE] +==== +include::get-started:partial$licensing/block-upgrades-note.adoc[] +==== diff --git a/modules/get-started/partials/licensing/enterprise-features.adoc b/modules/get-started/partials/licensing/enterprise-features.adoc deleted file mode 100644 index 80529f170..000000000 --- a/modules/get-started/partials/licensing/enterprise-features.adoc +++ /dev/null @@ -1,19 +0,0 @@ -// tag::self-managed[] -* xref:manage:tiered-storage.adoc[Tiered Storage] -* xref:manage:cluster-maintenance/continuous-data-balancing.adoc[Continuous Data Balancing] -* xref:manage:cluster-maintenance/cluster-balancing.adoc#intra-broker-partition-balancing[Intra-broker partition balancing (`core_balancing_continuous`)] -* xref:manage:remote-read-replicas.adoc[Remote Read Replicas] -* xref:manage:audit-logging.adoc[Audit Logging] -* xref:manage:security/fips-compliance.adoc[FIPS Compliance] -* xref:manage:schema-reg/schema-id-validation.adoc[Server-side Schema ID Validation] -* xref:manage:security/authentication.adoc#kerberos[Kerberos Authentication] -* xref:manage:security/authentication.adoc#oidc [OAUTHBEARER/OIDC Authentication] -* xref:manage:security/authorization/rbac.adoc[Redpanda Role-Based Access Control (RBAC)] -// end::self-managed[] -// tag::console[] -* xref:console:config/security/authorization.adoc[Redpanda Console Authorization (RBAC)] -* xref:console:config/security/authentication.adoc[Redpanda Console Authentication] -// end::console[] -// tag::connect[] -The Enterprise Edition of Redpanda Connect includes additional connectors. For a list of all available connectors, see xref:redpanda-connect:components:catalog.adoc[]. -// end::connect[] \ No newline at end of file diff --git a/modules/manage/pages/cluster-maintenance/cluster-balancing.adoc b/modules/manage/pages/cluster-maintenance/cluster-balancing.adoc index 9b4289d1c..308fd750b 100644 --- a/modules/manage/pages/cluster-maintenance/cluster-balancing.adoc +++ b/modules/manage/pages/cluster-maintenance/cluster-balancing.adoc @@ -10,30 +10,31 @@ Cluster balancing is crucial for optimal performance. Unbalanced clusters can sa | Topic-aware data balancer |Description | <> -| This balancer transfers the leadership of a broker's partitions to other replicas to avoid topic leadership hotspots on one or a few specific brokers in your cluster. - + - + +| +This balancer transfers the leadership of a broker's partitions to other replicas to avoid topic leadership hotspots on one or a few specific brokers in your cluster. ++ The partition leader regularly sends heartbeats to its followers. If a follower does not receive a heartbeat within a timeout, it triggers a new leader election. Redpanda also provides leadership balancing when brokers are added or decommissioned. | <> -| This balancer moves partition replicas to avoid topic replica hotspots on one or a few specific brokers in your cluster. - + - + +| +This balancer moves partition replicas to avoid topic replica hotspots on one or a few specific brokers in your cluster. ++ Redpanda prioritizes balancing a topic's partition replica count evenly across all brokers while it's balancing the cluster's overall partition count. Because different topics in a cluster can have vastly different load profiles, this better distributes the workload evenly across brokers. - + - + - ++ Redpanda provides partition replica balancing when brokers are added or decommissioned. | <> -| This balancer moves partition replicas across CPU cores in an individual broker. Redpanda maintains balanced partition replica assignments between cores to avoid topic hotspots on one or a few specific cores within a broker. +| +This balancer moves partition replicas across CPU cores in an individual broker. Redpanda maintains balanced partition replica assignments between cores to avoid topic hotspots on one or a few specific cores within a broker. ++ +Continuous Intra-Broker Partition Balancing (`core_balancing_continuous`) requires an xref:get-started:licenses.adoc#redpanda-enterprise-edition[Enterprise license]. | xref:manage:cluster-maintenance/continuous-data-balancing.adoc[Continuous Data Balancing] -| This balancer monitors broker and rack availability, as well as disk usage, to avoid topic hotspots when moving data off brokers with fuller disks. Continuous Data Balancing enables self-healing clusters that dynamically balance partitions. It also ensures adherence to rack-aware replica placement policy and self-heals after rack (or availability zone) failure or replacement. This balancer does not keep the relative fullness of each broker within a defined range, it just prevents hitting the fullness threshold of each individual broker. - + - + +| +This balancer monitors broker and rack availability, as well as disk usage, to avoid topic hotspots when moving data off brokers with fuller disks. Continuous Data Balancing enables self-healing clusters that dynamically balance partitions. It also ensures adherence to rack-aware replica placement policy and self-heals after rack (or availability zone) failure or replacement. This balancer does not keep the relative fullness of each broker within a defined range, it just prevents hitting the fullness threshold of each individual broker. ++ Continuous Data Balancing requires an xref:get-started:licenses.adoc#redpanda-enterprise-edition[Enterprise license]. |=== diff --git a/modules/reference/pages/properties/topic-properties.adoc b/modules/reference/pages/properties/topic-properties.adoc index 320beb205..7276488f2 100644 --- a/modules/reference/pages/properties/topic-properties.adoc +++ b/modules/reference/pages/properties/topic-properties.adoc @@ -515,13 +515,13 @@ The preferred location (rack) for partition leaders of a topic. This property inherits the value from the config_ref:default_leaders_preference,true,properties/cluster-properties[] cluster configuration property. You may override the cluster-wide setting by specifying the value for individual topics. -If the cluster configuration property config_ref:enable_rack_awareness,true,properties/cluster-properties[] is set to `false`, leader pinning is disabled across the cluster. +If the cluster configuration property config_ref:enable_rack_awareness,true,properties/cluster-properties[] is set to `false`, Leader Pinning is disabled across the cluster. **Default**: `none` **Values**: -- `none`: Opt out the topic from leader pinning. +- `none`: Opt out the topic from Leader Pinning. - `racks:[,,...]`: Specify the preferred location (rack) of all topic partition leaders. The list can contain one or more rack IDs. If you specify multiple IDs, Redpanda tries to distribute the partition leader locations equally across brokers in these racks. **Related topics**: diff --git a/modules/shared/partials/enterprise-and-console.adoc b/modules/shared/partials/enterprise-and-console.adoc index f1698b5e9..222527ee8 100644 --- a/modules/shared/partials/enterprise-and-console.adoc +++ b/modules/shared/partials/enterprise-and-console.adoc @@ -1,3 +1,3 @@ -This section pertains to Redpanda Console in a self-managed deployment, and this feature requires an xref:get-started:licenses.adoc[Enterprise license]. To upgrade, contact https://redpanda.com/try-redpanda?section=enterprise-trial[Redpanda sales^]. +This feature requires an xref:get-started:licenses.adoc[Enterprise license]. To get a trial license key or extend your trial period, https://redpanda.com/try-enterprise[generate a new trial license key^]. To purchase a license, contact https://redpanda.com/upgrade[Redpanda Sales^]. If Redpanda Console has enterprise features enabled and it cannot find a valid license either in its xref:console:config/enterprise-license.adoc[local configuration] or in the xref:get-started:licensing/add-license-redpanda/index.adoc[connected Redpanda cluster], it shuts down. \ No newline at end of file diff --git a/modules/shared/partials/enterprise-license.adoc b/modules/shared/partials/enterprise-license.adoc index ceb0a8952..1921f9480 100644 --- a/modules/shared/partials/enterprise-license.adoc +++ b/modules/shared/partials/enterprise-license.adoc @@ -1 +1,3 @@ -This feature requires an xref:get-started:licenses.adoc[Enterprise license] for self-managed deployments. To upgrade, contact https://redpanda.com/try-redpanda?section=enterprise-trial[Redpanda sales^]. +This feature requires an xref:get-started:licenses.adoc[Enterprise license]. To get a trial license key or extend your trial period, https://redpanda.com/try-enterprise[generate a new trial license key^]. To purchase a license, contact https://redpanda.com/upgrade[Redpanda Sales^]. + +If Redpanda has enterprise features enabled and it cannot find a valid license, xref:get-started:licenses.adoc#self-managed[restrictions] apply. diff --git a/modules/troubleshoot/partials/errors-and-solutions.adoc b/modules/troubleshoot/partials/errors-and-solutions.adoc index 8bc74eb67..3a02f505c 100644 --- a/modules/troubleshoot/partials/errors-and-solutions.adoc +++ b/modules/troubleshoot/partials/errors-and-solutions.adoc @@ -453,9 +453,14 @@ endif::[] === A Redpanda Enterprise Edition license is required -During a Redpanda upgrade, if enterprise features are enabled and a valid Enterprise Edition license is missing, Redpanda logs a warning and aborts the upgrade process on the affected broker. This issue prevents a successful upgrade. +During a Redpanda upgrade, if enterprise features are enabled and a valid Enterprise Edition license is missing, Redpanda logs a warning and aborts the upgrade process on the first broker. This issue prevents a successful upgrade. -If you encounter this issue, follow these steps to recover: +[.no-copy] +---- +A Redpanda Enterprise Edition license is required to use the currently enabled features. To apply your license, downgrade this broker to the pre-upgrade version and provide a valid license key via rpk using 'rpk cluster license set ', or via Redpanda Console. To request an Enterprise license, please visit . To try Redpanda Enterprise for 30 days, visit . For more information, see . +---- + +If you encounter this message, follow these steps to recover: ifdef::env-kubernetes[] . xref:upgrade:k-rolling-upgrade.adoc#roll-back[Roll back the affected broker to the original version]. diff --git a/modules/upgrade/pages/k-rolling-upgrade.adoc b/modules/upgrade/pages/k-rolling-upgrade.adoc index 1d7cdc506..f90f5db93 100644 --- a/modules/upgrade/pages/k-rolling-upgrade.adoc +++ b/modules/upgrade/pages/k-rolling-upgrade.adoc @@ -37,12 +37,12 @@ kubectl exec --namespace -c redpanda -- \ [%collapsible] ==== The Redpanda version for each broker is listed under `BROKER-VERSION`. -[.no-copy] +[role="no-copy",subs="attributes+"] ``` NODE-ID BROKER-VERSION -0 v22.2.10 -1 v22.2.10 -2 v22.2.10 +0 {latest-redpanda-tag} +1 {latest-redpanda-tag} +2 {latest-redpanda-tag} ``` ==== - xref:upgrade:k-compatibility.adoc[Review the Kubernetes compatibility matrix] to find out if you need to upgrade the Helm chart or the Redpanda Operator to use your chosen version of Redpanda.