Security examples missing KRaft setup

[pneff93]

The examples in https://github.com/confluentinc/confluent-kubernetes-examples/tree/master/security are a great way to point to a concrete setup. However, all examples are still using ZK.

We should also have them with KRaft Controllers.

[pkleindl]

We are just working on a setup with KRaft for a customer project based on security/production-secure-deploy-ldap-rbac-all

It only took the following changes:
Replace ZK with KRaft controller

apiVersion: platform.confluent.io/v1beta1
kind: KRaftController
metadata:
  name: kraftcontroller
  namespace: confluent
spec:
  replicas: 3
  image:
    application: confluentinc/cp-server:7.6.0
    init: confluentinc/confluent-init-container:2.8.0
  listeners:
    controller:
      tls:
        enabled: true
      authentication:
        type: plain
        jaasConfig:
          secretRef: credential
  tls:
    secretRef: tls-group1
  dataVolumeCapacity: 10G
---

Replace dependency in Kafka resource with KRaft controller

    kRaftController:
      controllerListener:
        tls:
          enabled: true
        authentication:
          type: ldap
          jaasConfig:
            secretRef: credential
      clusterRef:
        name: kraftcontroller
        namespace: confluent

What would be nice to know is, why is the authentication type "plain" in KRaft controller definition, but "ldap" in the dependency? Because with plain in both locations it did not work for us.

[pkleindl]

Correction: we seem to be missing the MDS configuration for KRaft, but trying anything from the documentation under https://docs.confluent.io/operator/current/co-rbac.html#enable-rbac-for-kraft-controller leads to crash loops of the operator.