Apache ZooKeeper plays a critical role in distributed systems infrastructure. Are you aware of how long your current version will be supported? To help you avoid unexpected security patch discontinuation or technical support termination, this guide provides a comprehensive overview of ZooKeeper’s version-specific end-of-life schedules.
1. Apache ZooKeeper Overview: The Core of Distributed Coordination
Apache ZooKeeper is a high-reliability coordination service for distributed applications. Originally developed at Yahoo!, it’s now a top-level project of the Apache Software Foundation.
Key ZooKeeper functions include:
- Distributed Configuration Service: Centralized management of cluster-wide configuration information
- Synchronization Service: Process synchronization in distributed environments
- Naming Registry: Service discovery for distributed systems
Major corporations including Meta (Facebook), Twitter, LinkedIn, and Netflix rely on ZooKeeper as core infrastructure, particularly for Apache Kafka metadata management.
2. Understanding ZooKeeper Support Policy
The Apache ZooKeeper community maintains a unique support policy: only two release branches are supported simultaneously – the ‘stable’ and ‘current’ versions.
Core Support Policy Principles
- Stable Version: Proven, stable version recommended for production environments
- Current Version: Latest features for testing new functionality
- EOL Notice Period: Previous stable version EOL announced approximately 6 months after new minor version release
- Grace Period: Only security and critical fixes provided until EOL announcement
When a new minor version is released, the existing stable version will soon reach end-of-support, with approximately 6 months grace period before official End-of-Life declaration.
3. Detailed Version-Specific End-of-Life Schedule
Major Version Series EOL Status
The following table summarizes Apache ZooKeeper’s version-specific end-of-life schedules:
| Version Series | First Release | Last Release | EOL Date | Support Status | Download Availability |
|---|---|---|---|---|---|
| 3.4.x | November 2011 | 3.4.14 (March 2019) | June 1, 2021 | ❌ EOL | Until June 1, 2022 |
| 3.5.x | May 2019 | 3.5.10 (February 2022) | June 1, 2022 | ❌ EOL | Until June 1, 2023 |
| 3.6.x | March 2020 | 3.6.4 (December 2022) | December 30, 2022 | ❌ EOL | Until December 30, 2023 |
| 3.7.x | July 2021 | 3.7.2 (December 2023) | February 2, 2024 | ❌ EOL | Until February 2, 2025 |
| 3.8.x | February 2022 | 3.8.5 (September 2024) | TBD | ✅ Stable | Currently Supported |
| 3.9.x | July 2023 | 3.9.4 (October 2024) | TBD | ✅ Current | Currently Supported |
| 3.10.x | Planned | In Development | TBD | 🔄 Development | Java 17 minimum required |
Complete Patch Version Release List
3.9.x Series (Current – Currently Supported):
| Version | Release Date | Key Features | Java Version |
|---|---|---|---|
| 3.9.4 | October 2024 | CVE fixes, Logback upgrade | Java 8+ |
| 3.9.3 | June 2024 | Security patches, performance improvements | Java 8+ |
| 3.9.2 | March 2024 | Bug fix release | Java 8+ |
| 3.9.1 | January 2024 | Bug fix release | Java 8+ |
| 3.9.0 | July 2023 | New Admin Server API, Watch improvements | Java 8+ |
3.8.x Series (Stable – Currently Supported):
| Version | Release Date | Key Features | Java Version |
|---|---|---|---|
| 3.8.5 | September 2024 | Bug fixes, CVE patches | Java 8+ |
| 3.8.4 | November 2023 | Jetty upgrade, security fixes | Java 8+ |
| 3.8.3 | May 2023 | Bug fix release | Java 8+ |
| 3.8.2 | February 2023 | Bug fix release | Java 8+ |
| 3.8.1 | October 2022 | Bug fix release | Java 8+ |
| 3.8.0 | February 2022 | New major features, performance improvements | Java 8+ |
Currently Supported Versions (December 2024)
The Apache ZooKeeper community currently provides official support for:
- 3.8.x Series (Stable): 3.8.5 is the latest version
- 3.9.x Series (Current): 3.9.4 is the latest version
Upcoming 3.10.x Version Plans
Apache ZooKeeper developers are planning version 3.10.0 with the following major changes:
- Java 17 Minimum Requirement: Upgrade from Java 8 to Java 17
- Jetty 12.x Upgrade: Latest security standards support
- Performance Optimization: Memory usage improvements and processing performance enhancements
- New Features: Admin Server API expansion and enhanced monitoring capabilities
4. Detailed Information on End-of-Life Versions
EOL Version-Specific Release Details
3.7.x Series – EOL February 2, 2024
| Version | Release Date | Key Features | Java Version |
|---|---|---|---|
| 3.7.2 | December 2023 | Final release, CVE fixes | Java 8+ |
| 3.7.1 | May 2022 | Bug fixes, TLS improvements | Java 8+ |
| 3.7.0 | July 2021 | TLS 1.3 support, Admin Server improvements | Java 8+ |
3.6.x Series – EOL December 30, 2022
| Version | Release Date | Key Features | Java Version |
|---|---|---|---|
| 3.6.4 | December 2022 | Final release, Log4j removal | Java 8+ |
| 3.6.3 | April 2021 | Security patches, stability improvements | Java 8+ |
| 3.6.2 | September 2020 | Bug fix release | Java 8+ |
| 3.6.1 | May 2020 | Compatibility improvements | Java 8+ |
| 3.6.0 | March 2020 | New major features | Java 8+ |
3.5.x Series – EOL June 1, 2022
| Version | Release Date | Key Features | Java Version |
|---|---|---|---|
| 3.5.10 | February 2022 | Final release, CVE fixes | Java 8+ |
| 3.5.9 | January 2021 | Security patches | Java 8+ |
| 3.5.8 | May 2020 | Bug fixes | Java 8+ |
| 3.5.7 | January 2020 | Stability improvements | Java 8+ |
| 3.5.0-3.5.6 | 2019-2019 | Initial releases | Java 8+ |
3.4.x Series – EOL June 1, 2021
| Version | Release Date | Key Features | Java Version |
|---|---|---|---|
| 3.4.14 | March 2019 | Final release | Java 7+ |
| 3.4.13 | July 2018 | Security fixes | Java 7+ |
| 3.4.12 | May 2018 | Bug fixes | Java 7+ |
| 3.4.11 | November 2017 | Java 9 support added | Java 7+ |
| 3.4.0-3.4.10 | 2011-2017 | Initial stable versions | Java 6+/7+ |
Java Version Compatibility Matrix
| ZooKeeper Version | Minimum Java | Recommended Java | Tested Maximum | Build Requirements |
|---|---|---|---|---|
| 3.10.x (Planned) | Java 17 | Java 17+ | Java 21 | Java 17+ |
| 3.9.x | Java 8 | Java 11+ | Java 21 | Java 8+ |
| 3.8.x | Java 8 | Java 11+ | Java 17 | Java 8+ |
| 3.7.x | Java 8 | Java 11+ | Java 17 | Java 8+ |
| 3.6.x | Java 8 | Java 8+ | Java 15 | Java 8+ |
| 3.5.x | Java 8 | Java 8+ | Java 15 | Java 8+ |
| 3.4.x | Java 7 | Java 8+ | Java 11 | Java 7+ |
Critical Security Vulnerability History
| CVE Number | Affected Versions | Fixed Version | Severity | Description |
|---|---|---|---|---|
| CVE-2024-12798 | 3.9.0-3.9.3 | 3.9.4+ | High | Logback vulnerability |
| CVE-2024-6763 | 3.7.0-3.7.1 | 3.7.2+ | Medium | Jetty HTTP vulnerability |
| CVE-2023-43642 | 3.8.0-3.8.3 | 3.8.4+ | High | Snappy-java vulnerability |
| CVE-2021-34429 | 3.6.0-3.6.2, 3.7.0 | 3.6.3+, 3.7.1+ | High | Jetty vulnerability |
| Log4Shell | 3.5.x and below | 3.6.4+ | Critical | Log4j remote code execution |
5. Upgrade Guidelines and Migration Paths
Recommended Upgrade Path Matrix
| Current Version | Step 1 Upgrade | Step 2 Upgrade | Final Target | Estimated Time |
|---|---|---|---|---|
| 3.4.x | → 3.5.10 | → 3.8.5 | → 3.9.4 | 2-3 weeks |
| 3.5.x | → 3.6.4 | → 3.8.5 | → 3.9.4 | 1-2 weeks |
| 3.6.x | → 3.7.2 | → 3.8.5 | → 3.9.4 | 1 week |
| 3.7.x | → 3.8.5 | → 3.9.4 (optional) | – | 3-5 days |
| 3.8.x | → 3.9.4 (optional) | – | – | 1-2 days |
Version-Specific Upgrade Considerations
3.4.x → 3.5.x Upgrade:
- ⚠️ Java 8 Required: Java 7 support discontinued
- 🔧 Configuration Changes: Some configuration parameters require modification
- 📊 New Metrics: JMX metrics structure changes
3.5.x → 3.6.x Upgrade:
- 🔐 Security Enhancement: SASL authentication improvements
- 📝 Audit Log: New audit logging functionality
- 🚀 Performance Improvements: Memory usage optimization
3.6.x → 3.7.x Upgrade:
- 🔒 TLS 1.3: New encryption protocol support
- 🎛️ Admin Server: REST API expansion
- 🐛 Log4j Removal: Replaced with reload4j
3.7.x → 3.8.x Upgrade:
- 📈 Performance Enhancement: Throughput and latency improvements
- 🔧 New Configuration: Additional configuration options
- 🛡️ Security Patches: Multiple CVE fixes
3.8.x → 3.9.x Upgrade:
- 🎯 New APIs: Admin Server API expansion
- 👀 Watch Improvements: Enhanced event processing
- 📊 Monitoring: New metrics and diagnostic tools
Rolling Upgrade Support Matrix
| Upgrade Path | Rolling Support | Downtime | Client Compatibility |
|---|---|---|---|
| 3.4.x → 3.5.x | ✅ Supported | None | Backward compatible |
| 3.5.x → 3.6.x | ✅ Supported | None | Backward compatible |
| 3.6.x → 3.7.x | ✅ Supported | None | Backward compatible |
| 3.7.x → 3.8.x | ✅ Supported | None | Backward compatible |
| 3.8.x → 3.9.x | ✅ Supported | None | Backward compatible |
| 3.x → 3.10.x | ⚠️ Verification needed | TBD | Java 17 required |
Client Compatibility Matrix
| Server Version | 3.4.x Client | 3.5.x Client | 3.6.x Client | 3.7.x Client | 3.8.x Client | 3.9.x Client |
|---|---|---|---|---|---|---|
| 3.4.x | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| 3.5.x | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ |
| 3.6.x | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ |
| 3.7.x | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ |
| 3.8.x | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ |
| 3.9.x | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ |
6. Confluent Platform and ZooKeeper Support Schedule
Confluent Platform has also announced ZooKeeper support termination. Confluent Platform 7.9.x will be the last version to include ZooKeeper, with 8.0.x onwards transitioning completely to KRaft architecture.
Confluent’s ZooKeeper Support Timeline
- Standard Support: Supported until February 19, 2027
- Platinum Support: Supported until February 19, 2028
This represents 2 and 3 years of support respectively following the Confluent Platform 7.9.x release.
7. Practical Migration Checklist
Pre-Migration Phase Checklist
Phase 1: Current Environment Analysis (1-2 days)
- [ ] Verify current ZooKeeper version
# Method 1: Server status check
echo "stat" | nc localhost 2181 | grep "ZooKeeper version"
# Method 2: Log file check
grep "Server environment" zookeeper.out
# Method 3: JMX verification
jconsole localhost:9999 # Connect to JMX port
- [ ] Verify Java version compatibility
- [ ] Check client application compatibility
- [ ] Backup current configuration files (
zoo.cfg,myid, log settings) - [ ] Document cluster topology
Phase 2: Backup and Test Environment Setup (2-3 days)
- [ ] Complete data directory backup
# Backup data and log directories
tar -czf zookeeper-backup-$(date +%Y%m%d).tar.gz \
/var/lib/zookeeper/data \
/var/lib/zookeeper/logs \
/etc/zookeeper/zoo.cfg
- [ ] Create snapshot backup
- [ ] Build test cluster
- [ ] Test upgrade scenarios
Phase 3: Upgrade Execution Plan (1 day)
- [ ] Determine rolling upgrade order
- [ ] Coordinate downtime windows
- [ ] Establish rollback procedures
- [ ] Prepare monitoring tools
Version-Specific Detailed Upgrade Procedures
Rolling Upgrade Standard Process:
# 1. Start with Follower nodes
# Node 1 upgrade
systemctl stop zookeeper
# Install new version
systemctl start zookeeper
# Health check verification
echo "ruok" | nc localhost 2181
# 2. Next Follower node (same procedure)
# 3. Leader node upgraded last
Post-Upgrade Verification Checklist
Functional Verification:
- [ ] Cluster status verification (
echo "stat" | nc localhost 2181) - [ ] Leader election normal operation confirmation
- [ ] Client connection testing
- [ ] Data integrity verification
- [ ] Performance metrics comparison
Security Verification:
- [ ] TLS/SSL connection testing
- [ ] SASL authentication verification
- [ ] ACL permission testing
Emergency Response Manual
Rollback Scenario Response:
| Issue | Response Method | Estimated Recovery Time |
|---|---|---|
| Single node failure | Rollback to previous version | 10-15 minutes |
| Cluster split | Complete cluster rollback | 30-60 minutes |
| Data loss | Restore from backup | 1-2 hours |
| Client compatibility issues | Adjust client configuration | 30 minutes |
Monitoring Metrics and Alert Configuration
Key Monitoring Indicators:
| Metric | Normal Range | Alert Threshold | Description |
|---|---|---|---|
| Cluster size | Equals configured value | < Majority | Quorum status |
| Average latency | < 10ms | > 50ms | Response performance |
| Queue size | < 100 | > 1000 | Processing queue status |
| File descriptors | < 80% | > 90% | System resources |
| JVM heap usage | < 70% | > 85% | Memory consumption |
Additional Considerations for Kafka Integration:
When using ZooKeeper with Kafka:
- [ ] Verify Kafka broker compatibility
- [ ] Test metadata migration
- [ ] Verify consumer group information integrity
- [ ] Plan KRaft mode migration (Kafka 3.3+)
Automation Script Examples
Health Check Script:
#!/bin/bash
# zk-health-check.sh
ZK_HOSTS="zk1:2181,zk2:2181,zk3:2181"
for host in $(echo $ZK_HOSTS | tr "," "\n"); do
response=$(echo "ruok" | nc ${host/:/ } 2>/dev/null)
if [ "$response" != "imok" ]; then
echo "ALERT: $host is not responding correctly"
exit 1
fi
done
echo "All ZooKeeper nodes are healthy"
Version Check Script:
#!/bin/bash
# check-zk-versions.sh
for host in zk1 zk2 zk3; do
echo "=== $host ==="
ssh $host "echo 'stat' | nc localhost 2181 | grep 'ZooKeeper version'"
done
8. Security Risks of EOL Versions
Continuing to use end-of-life ZooKeeper versions poses the following security risks:
Major Security Risks
- CVE Patch Discontinuation: No patches provided for newly discovered security vulnerabilities
- Log4j Vulnerabilities: Legacy versions may be exposed to Log4j-related CVEs
- TLS/SSL Support: Lack of support for latest encryption standards
The 2021 Log4Shell vulnerability incident demonstrates how using outdated library versions can create serious security risks.
Apache ZooKeeper is critical distributed systems infrastructure, making version management essential. If you’re currently using EOL versions, establish an immediate upgrade plan.
Key Recommendations:
- Use currently supported 3.8.x or 3.9.x versions
- Establish regular version update planning
- Monitor security patches and release notes
- Thoroughly test in staging environments before production deployment
Through stable ZooKeeper operations, your distributed systems can provide more robust and reliable services.
Key References:
- Apache ZooKeeper Official Releases
- ZooKeeper 3.9.4 Release Notes
- ZooKeeper 3.8.5 Release Notes
- EndOfLife.date – ZooKeeper
- Confluent Platform ZooKeeper Support Policy
- Apache ZooKeeper Upgrade FAQ
- ZooKeeper GitHub Repository
Additional Useful Links: