Kafka and Strimzi Upgrade Validation

Apache Kafka deployed via the Strimzi operator on Kubernetes. The wider team owned the Kafka architecture; this work focused on validation of upgrades, not ownership of the platform.

Kafka and Strimzi version upgrades carried real risk of message-flow regressions, operator-side surprises, and pod recovery issues, and needed systematic validation before rollout.

• Upgrades had to be rehearsable without affecting production data
• Validation had to be reproducible across environments rather than one-shot
• Rollback paths had to be considered for each upgrade scenario

Contributed to

Contributed to upgrade validation - verified producer and consumer behaviour, Kubernetes deployment changes, pod and service recovery, and message-flow stability across versions.

• Upgrade planning and pre-upgrade checks
• Compatibility verification across Kafka and Strimzi versions
• Validation of producer and consumer behaviour before and after upgrade
• Verification of Kubernetes deployment changes and operator reconciliation
• Investigation of pod and service failures observed during upgrade rehearsals
• Message-flow validation including consumer-group state
• Rollback considerations for each upgrade scenario
• Execution of validation steps through CI/CD

• Treating the upgrade as a single combined check (faster, but harder to attribute failures)
• Skipping rehearsals on minor version bumps (rejected because operator behaviour can still change between minors)

• Pods that recovered on their own after several minutes, masking a slow operator reconciliation
• Consumer groups whose offsets appeared correct but whose membership had not stabilised yet
• Transient deployment failures during the upgrade that looked like real regressions

• Apache Kafka
• Strimzi
• Kubernetes
• kubectl
• GitLab CI

• Distinguishing environment flakiness from real upgrade regressions
• Operator reconciliation behaviour changing between versions
• Reproducing transient pod and service failures observed during upgrades

Provided upgrade validation evidence that supported safer Kafka and Strimzi rollouts on Kubernetes and made operator-side regressions easier to spot during rehearsal.

During these upgrade rehearsals, several difficult failures appeared in operator reconciliation rather than broker behaviour. Validation is only useful when it clearly separates 'flaky' from 'broken'.

I would automate the comparison of operator state and broker state before and after the upgrade into a single diff artifact attached to the pipeline run, instead of relying on kubectl inspection by hand.