Apache ZooKeeper plays a critical role in distributed systems infrastructure. Are you aware of how long your current version will be supported? To help you avoid unexpected security patch discontinuation or technical support termination, this guide provides a comprehensive overview of ZooKeeper’s version-specific end-of-life schedules.

 

 

 

1. Apache ZooKeeper Overview: The Core of Distributed Coordination

Apache ZooKeeper is a high-reliability coordination service for distributed applications. Originally developed at Yahoo!, it’s now a top-level project of the Apache Software Foundation.

Key ZooKeeper functions include:

• Distributed Configuration Service: Centralized management of cluster-wide configuration information
• Synchronization Service: Process synchronization in distributed environments
• Naming Registry: Service discovery for distributed systems

Major corporations including Meta (Facebook), Twitter, LinkedIn, and Netflix rely on ZooKeeper as core infrastructure, particularly for Apache Kafka metadata management.

 

 

2. Understanding ZooKeeper Support Policy

The Apache ZooKeeper community maintains a unique support policy: only two release branches are supported simultaneously – the ‘stable’ and ‘current’ versions.

Core Support Policy Principles

• Stable Version: Proven, stable version recommended for production environments
• Current Version: Latest features for testing new functionality
• EOL Notice Period: Previous stable version EOL announced approximately 6 months after new minor version release
• Grace Period: Only security and critical fixes provided until EOL announcement

When a new minor version is released, the existing stable version will soon reach end-of-support, with approximately 6 months grace period before official End-of-Life declaration.

 

 

3. Detailed Version-Specific End-of-Life Schedule

Major Version Series EOL Status

The following table summarizes Apache ZooKeeper’s version-specific end-of-life schedules:

Version Series	First Release	Last Release	EOL Date	Support Status	Download Availability
3.4.x	November 2011	3.4.14 (March 2019)	June 1, 2021	❌ EOL	Until June 1, 2022
3.5.x	May 2019	3.5.10 (February 2022)	June 1, 2022	❌ EOL	Until June 1, 2023
3.6.x	March 2020	3.6.4 (December 2022)	December 30, 2022	❌ EOL	Until December 30, 2023
3.7.x	July 2021	3.7.2 (December 2023)	February 2, 2024	❌ EOL	Until February 2, 2025
3.8.x	February 2022	3.8.5 (September 2024)	TBD	✅ Stable	Currently Supported
3.9.x	July 2023	3.9.4 (October 2024)	TBD	✅ Current	Currently Supported
3.10.x	Planned	In Development	TBD	🔄 Development	Java 17 minimum required

Complete Patch Version Release List

3.9.x Series (Current – Currently Supported):

Version	Release Date	Key Features	Java Version
3.9.4	October 2024	CVE fixes, Logback upgrade	Java 8+
3.9.3	June 2024	Security patches, performance improvements	Java 8+
3.9.2	March 2024	Bug fix release	Java 8+
3.9.1	January 2024	Bug fix release	Java 8+
3.9.0	July 2023	New Admin Server API, Watch improvements	Java 8+

3.8.x Series (Stable – Currently Supported):

Version	Release Date	Key Features	Java Version
3.8.5	September 2024	Bug fixes, CVE patches	Java 8+
3.8.4	November 2023	Jetty upgrade, security fixes	Java 8+
3.8.3	May 2023	Bug fix release	Java 8+
3.8.2	February 2023	Bug fix release	Java 8+
3.8.1	October 2022	Bug fix release	Java 8+
3.8.0	February 2022	New major features, performance improvements	Java 8+

Currently Supported Versions (December 2024)

The Apache ZooKeeper community currently provides official support for:

• 3.8.x Series (Stable): 3.8.5 is the latest version
• 3.9.x Series (Current): 3.9.4 is the latest version

Upcoming 3.10.x Version Plans

Apache ZooKeeper developers are planning version 3.10.0 with the following major changes:

• Java 17 Minimum Requirement: Upgrade from Java 8 to Java 17
• Jetty 12.x Upgrade: Latest security standards support
• Performance Optimization: Memory usage improvements and processing performance enhancements
• New Features: Admin Server API expansion and enhanced monitoring capabilities

 

 

4. Detailed Information on End-of-Life Versions

EOL Version-Specific Release Details

3.7.x Series – EOL February 2, 2024

Version	Release Date	Key Features	Java Version
3.7.2	December 2023	Final release, CVE fixes	Java 8+
3.7.1	May 2022	Bug fixes, TLS improvements	Java 8+
3.7.0	July 2021	TLS 1.3 support, Admin Server improvements	Java 8+

3.6.x Series – EOL December 30, 2022

Version	Release Date	Key Features	Java Version
3.6.4	December 2022	Final release, Log4j removal	Java 8+
3.6.3	April 2021	Security patches, stability improvements	Java 8+
3.6.2	September 2020	Bug fix release	Java 8+
3.6.1	May 2020	Compatibility improvements	Java 8+
3.6.0	March 2020	New major features	Java 8+

3.5.x Series – EOL June 1, 2022

Version	Release Date	Key Features	Java Version
3.5.10	February 2022	Final release, CVE fixes	Java 8+
3.5.9	January 2021	Security patches	Java 8+
3.5.8	May 2020	Bug fixes	Java 8+
3.5.7	January 2020	Stability improvements	Java 8+
3.5.0-3.5.6	2019-2019	Initial releases	Java 8+

3.4.x Series – EOL June 1, 2021

Version	Release Date	Key Features	Java Version
3.4.14	March 2019	Final release	Java 7+
3.4.13	July 2018	Security fixes	Java 7+
3.4.12	May 2018	Bug fixes	Java 7+
3.4.11	November 2017	Java 9 support added	Java 7+
3.4.0-3.4.10	2011-2017	Initial stable versions	Java 6+/7+

Java Version Compatibility Matrix

ZooKeeper Version	Minimum Java	Recommended Java	Tested Maximum	Build Requirements
3.10.x (Planned)	Java 17	Java 17+	Java 21	Java 17+
3.9.x	Java 8	Java 11+	Java 21	Java 8+
3.8.x	Java 8	Java 11+	Java 17	Java 8+
3.7.x	Java 8	Java 11+	Java 17	Java 8+
3.6.x	Java 8	Java 8+	Java 15	Java 8+
3.5.x	Java 8	Java 8+	Java 15	Java 8+
3.4.x	Java 7	Java 8+	Java 11	Java 7+

Critical Security Vulnerability History

CVE Number	Affected Versions	Fixed Version	Severity	Description
CVE-2024-12798	3.9.0-3.9.3	3.9.4+	High	Logback vulnerability
CVE-2024-6763	3.7.0-3.7.1	3.7.2+	Medium	Jetty HTTP vulnerability
CVE-2023-43642	3.8.0-3.8.3	3.8.4+	High	Snappy-java vulnerability
CVE-2021-34429	3.6.0-3.6.2, 3.7.0	3.6.3+, 3.7.1+	High	Jetty vulnerability
Log4Shell	3.5.x and below	3.6.4+	Critical	Log4j remote code execution

 

 

5. Upgrade Guidelines and Migration Paths

Recommended Upgrade Path Matrix

Current Version	Step 1 Upgrade	Step 2 Upgrade	Final Target	Estimated Time
3.4.x	→ 3.5.10	→ 3.8.5	→ 3.9.4	2-3 weeks
3.5.x	→ 3.6.4	→ 3.8.5	→ 3.9.4	1-2 weeks
3.6.x	→ 3.7.2	→ 3.8.5	→ 3.9.4	1 week
3.7.x	→ 3.8.5	→ 3.9.4 (optional)	–	3-5 days
3.8.x	→ 3.9.4 (optional)	–	–	1-2 days

Version-Specific Upgrade Considerations

3.4.x → 3.5.x Upgrade:

• ⚠️ Java 8 Required: Java 7 support discontinued
• 🔧 Configuration Changes: Some configuration parameters require modification
• 📊 New Metrics: JMX metrics structure changes

3.5.x → 3.6.x Upgrade:

• 🔐 Security Enhancement: SASL authentication improvements
• 📝 Audit Log: New audit logging functionality
• 🚀 Performance Improvements: Memory usage optimization

3.6.x → 3.7.x Upgrade:

• 🔒 TLS 1.3: New encryption protocol support
• 🎛️ Admin Server: REST API expansion
• 🐛 Log4j Removal: Replaced with reload4j

3.7.x → 3.8.x Upgrade:

• 📈 Performance Enhancement: Throughput and latency improvements
• 🔧 New Configuration: Additional configuration options
• 🛡️ Security Patches: Multiple CVE fixes

3.8.x → 3.9.x Upgrade:

• 🎯 New APIs: Admin Server API expansion
• 👀 Watch Improvements: Enhanced event processing
• 📊 Monitoring: New metrics and diagnostic tools

Rolling Upgrade Support Matrix

Upgrade Path	Rolling Support	Downtime	Client Compatibility
3.4.x → 3.5.x	✅ Supported	None	Backward compatible
3.5.x → 3.6.x	✅ Supported	None	Backward compatible
3.6.x → 3.7.x	✅ Supported	None	Backward compatible
3.7.x → 3.8.x	✅ Supported	None	Backward compatible
3.8.x → 3.9.x	✅ Supported	None	Backward compatible
3.x → 3.10.x	⚠️ Verification needed	TBD	Java 17 required

Client Compatibility Matrix

Server Version	3.4.x Client	3.5.x Client	3.6.x Client	3.7.x Client	3.8.x Client	3.9.x Client
3.4.x	✅	✅	✅	✅	✅	✅
3.5.x	❌	✅	✅	✅	✅	✅
3.6.x	❌	✅	✅	✅	✅	✅
3.7.x	❌	✅	✅	✅	✅	✅
3.8.x	❌	✅	✅	✅	✅	✅
3.9.x	❌	✅	✅	✅	✅	✅

 

 

6. Confluent Platform and ZooKeeper Support Schedule

Confluent Platform has also announced ZooKeeper support termination. Confluent Platform 7.9.x will be the last version to include ZooKeeper, with 8.0.x onwards transitioning completely to KRaft architecture.

Confluent’s ZooKeeper Support Timeline

• Standard Support: Supported until February 19, 2027
• Platinum Support: Supported until February 19, 2028

This represents 2 and 3 years of support respectively following the Confluent Platform 7.9.x release.

 

 

7. Practical Migration Checklist

Pre-Migration Phase Checklist

Phase 1: Current Environment Analysis (1-2 days)

• [ ] Verify current ZooKeeper version

# Method 1: Server status check
echo "stat" | nc localhost 2181 | grep "ZooKeeper version"

# Method 2: Log file check
grep "Server environment" zookeeper.out

# Method 3: JMX verification
jconsole localhost:9999 # Connect to JMX port

• [ ] Verify Java version compatibility
• [ ] Check client application compatibility
• [ ] Backup current configuration files (zoo.cfg, myid, log settings)
• [ ] Document cluster topology

Phase 2: Backup and Test Environment Setup (2-3 days)

• [ ] Complete data directory backup

# Backup data and log directories
tar -czf zookeeper-backup-$(date +%Y%m%d).tar.gz \
    /var/lib/zookeeper/data \
    /var/lib/zookeeper/logs \
    /etc/zookeeper/zoo.cfg

• [ ] Create snapshot backup
• [ ] Build test cluster
• [ ] Test upgrade scenarios

Phase 3: Upgrade Execution Plan (1 day)

• [ ] Determine rolling upgrade order
• [ ] Coordinate downtime windows
• [ ] Establish rollback procedures
• [ ] Prepare monitoring tools

Version-Specific Detailed Upgrade Procedures

Rolling Upgrade Standard Process:

# 1. Start with Follower nodes
# Node 1 upgrade
systemctl stop zookeeper
# Install new version
systemctl start zookeeper
# Health check verification
echo "ruok" | nc localhost 2181

# 2. Next Follower node (same procedure)
# 3. Leader node upgraded last

Post-Upgrade Verification Checklist

Functional Verification:

• [ ] Cluster status verification (echo "stat" | nc localhost 2181)
• [ ] Leader election normal operation confirmation
• [ ] Client connection testing
• [ ] Data integrity verification
• [ ] Performance metrics comparison

Security Verification:

• [ ] TLS/SSL connection testing
• [ ] SASL authentication verification
• [ ] ACL permission testing

Emergency Response Manual

Rollback Scenario Response:

Issue	Response Method	Estimated Recovery Time
Single node failure	Rollback to previous version	10-15 minutes
Cluster split	Complete cluster rollback	30-60 minutes
Data loss	Restore from backup	1-2 hours
Client compatibility issues	Adjust client configuration	30 minutes

Monitoring Metrics and Alert Configuration

Key Monitoring Indicators:

Metric	Normal Range	Alert Threshold	Description
Cluster size	Equals configured value	< Majority	Quorum status
Average latency	< 10ms	> 50ms	Response performance
Queue size	< 100	> 1000	Processing queue status
File descriptors	< 80%	> 90%	System resources
JVM heap usage	< 70%	> 85%	Memory consumption

Additional Considerations for Kafka Integration:

When using ZooKeeper with Kafka:

• [ ] Verify Kafka broker compatibility
• [ ] Test metadata migration
• [ ] Verify consumer group information integrity
• [ ] Plan KRaft mode migration (Kafka 3.3+)

Automation Script Examples

Health Check Script:

#!/bin/bash
# zk-health-check.sh

ZK_HOSTS="zk1:2181,zk2:2181,zk3:2181"
for host in $(echo $ZK_HOSTS | tr "," "\n"); do
    response=$(echo "ruok" | nc ${host/:/ } 2>/dev/null)
    if [ "$response" != "imok" ]; then
        echo "ALERT: $host is not responding correctly"
        exit 1
    fi
done
echo "All ZooKeeper nodes are healthy"

Version Check Script:

#!/bin/bash
# check-zk-versions.sh

for host in zk1 zk2 zk3; do
    echo "=== $host ==="
    ssh $host "echo 'stat' | nc localhost 2181 | grep 'ZooKeeper version'"
done

 

 

8. Security Risks of EOL Versions

Continuing to use end-of-life ZooKeeper versions poses the following security risks:

Major Security Risks

• CVE Patch Discontinuation: No patches provided for newly discovered security vulnerabilities
• Log4j Vulnerabilities: Legacy versions may be exposed to Log4j-related CVEs
• TLS/SSL Support: Lack of support for latest encryption standards

The 2021 Log4Shell vulnerability incident demonstrates how using outdated library versions can create serious security risks.

 

 

Apache ZooKeeper is critical distributed systems infrastructure, making version management essential. If you’re currently using EOL versions, establish an immediate upgrade plan.

Key Recommendations:

• Use currently supported 3.8.x or 3.9.x versions
• Establish regular version update planning
• Monitor security patches and release notes
• Thoroughly test in staging environments before production deployment

Through stable ZooKeeper operations, your distributed systems can provide more robust and reliable services.

 

 

---

Key References:

• Apache ZooKeeper Official Releases
• ZooKeeper 3.9.4 Release Notes
• ZooKeeper 3.8.5 Release Notes
• EndOfLife.date – ZooKeeper
• Confluent Platform ZooKeeper Support Policy
• Apache ZooKeeper Upgrade FAQ
• ZooKeeper GitHub Repository

Additional Useful Links:

• ZooKeeper Administrator’s Guide
• ZooKeeper Programmer’s Guide
• ZooKeeper JMX Monitoring