Fixed issues in Cloudera Manager 7.1.4

Cloudera Bug: OPSAPS-57495: The system user and group for Ranger changed from service-wide to role-specific.
Ranger role level principal for Ranger Admin, Ranger Usersync and Ranger Tagsync can now be customised from Cloudera Manager UI. In addition to this configuring of System user and System groups changed from Service-level to role-specific for components in Ranger.
Cloudera Bug: OPSAPS-57674: Knox to replace the resourceManager property in Oozie using a new service instead of using JobTrackerServiceModelGenerator in Cloudera Manager.
Cloudera Manager by default enables the new Resource Manager API service in the cdp-proxy-api topology in Knox which is used for replacing the "resourceManager" property with the actual resource manager rpc:// address when an Oozie Job is submitted.
Cloudera Bug: OPSAPS-57814: Cloudera Manager populates the newly introduced ZooKeeper SSL fields for Oozie when AutoTLS is enabled on the Cluster and SSL is enabled for ZooKeeper.
Cloudera Bug: OPSAPS-57429: Zookeeper SSL or TLS support for Oozie.
When SSL is enabled in Zookeeper, Oozie tries to connect to Zookeeper using SSL instead of a non-secure connection.
Cloudera Bug: OPSAPS-57610: Schema Registry fails to appear on Ubuntu18 configurations.
When setting up the service, the install script fails to set the "hdfs.kerberos.principal:" property. This issue is now resolved.
Cloudera Bug: OPSAPS-55940: Configuring JDBC connector jar location for Schema Registry and Streams Messaging Manager.
Now the configuration to use connector jars are provided in the default path according to the configured db type.
Cloudera Bug: OPSAPS-56457: When you set up the service, the install script fails to properly set the fs.defaultFS property.
For example, in the core-site.xml file, the fs.defaultFS property has the value abfs://bsari-azl@msisan.dfs.core.windows.net/bsari-srtest-az</value. However, in the registry.yaml file, the fsURL is abfs://bsari-azl.dfs.core.windows.net/bsari-srtest-az. @ is missing This issue is now resolved.
Cloudera Bug: OPSAPS-54386: Upgrade Swagger UI due to CVE.
In the Swagger version 42 based Cloudera Manager API client, some fields of API model objects have changed compared to the previous versions. In the Python client, several fields are migrated from type float to type integer, and in the Java client several fields are migrated from type BigDecimal to type Integer.
Cloudera Bug: OPSAPS-58007: Configuring JDBC connector jar location for Schema Registry and Streams Messaging Manager.
SchemaRegistry and Streams Messaging Manager can now use the database driver jars that are deployed to shared location (typically: usr/share/java/). Now you need not manually copy the database driver libraries to the lib folders of Streams Messaging Manager and Schema Registry.
Cloudera Bug: OPSAPS-57907:Kafka metric collector adapter causes high CPU load.
This issue is now resolved.
Cloudera Bug: OPSAPS-57467: Hardcoded parcel directory causes failure when non-standard path is used and TLS is enabled.
Eliminated hardcoded parcel directory path from the Schema Registry CSD. This issue is now resolved.
Cloudera Bug: OPSAPS-57468: Hardcoded parcel directory causes failure when non-standard path is used and TLS is enabled.
Eliminated hardcoded parcel directory path from the Streams Messaging Manager CSD. This issue is now resolved.
Cloudera Bug: OPSAPS-57539: The Streams Messaging Manager UI process does not restart.
The Streams Messaging Manager UI stop script can now kill the child processes and restart.
Cloudera Bug: OPSAPS-57745: The Streams Messaging Manager UI Server fails to start. However, status in Cloudera Manager still displays green.
Cloudera Manager now correctly displays the role status when the Streams Messaging Manager UI process fails or stops.
Cloudera Bug: OPSAPS-57867: Cloudera Manager Safety Valve evaluator does not comment out the over-ridden entry.
Safety Valve for property files will now override the existing values. This is expected to cause staleness and requires a restart.
Cloudera Bug: OPSAPS-57544: Hue is currently depending on HDFS rather than using the generic DFS connector.
Hue's HDFS dependency is now on DFS rather than HDFS. This issue is now resolved.
Cloudera Bug: OPSAPS-57113: ssl.principal.mapping.rules property configured in Cloudera Manager UI is not correctly propagated to kafka brokers.
Kafka SSL safety valve now propagates configuration containing dollar signs correctly. This issue is now resolved.
Cloudera Bug: OPSAPS-58052: Unexpected keyword argument 'exclude_versions'.
This was a typo in an annotation. This issue is now resolved.
Cloudera Bug: OPSAPS-57102: Diag bundle improvement: Increase number of Archivers and their respective timeouts.
Cloudera Manager will now be able to anticipate the number of archivers and their respective timeouts based on the size of the cluster it manages. The archivers are used while diag. bundle collection occurs. This fix will also provide user to configure the archiver count and heuristically determined scaling factor to set a timeout.
Cloudera Bug: OPSAPS-57607: redaction.py must to be sanitised for unicode characters in both regex and content.
Cloudera Manager Agent upon failing to redact with the error "UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 36". This issue is now resolved.
Cloudera Bug: OPSAPS-42195: API to evict old audit table entries on demand.
Cloudera Manager Audit records can now be periodically set for truncation. An admin user can now schedule this command to run, set a batch size of old records to be truncated and configure Cloudera Manager to only keep audit records by number of days.
Cloudera Bug: OPSAPS-57934: SPNEGO fails to authenticate with external authentication.
Cloudera Manager has fixed external authentication for the API users using SPNEGO kerberos protocol, which used to fail with the error HTTP/1.1 403 Access is denied. This issue is now resolved.
Cloudera Bug: OPSAPS-57587: Cluster Template must bar export and import of variables with null values.
In Cloudera Manager, the cluster template contains key & value pairs of variables. However, for keys without any values, get exported into the cluster template's json file. This can happen even if the Cloudera Manager UI exposes the issue by showing up configuration warnings. Importing such templates to new clusters also introduces these warnings. Therefore, an export of such templates require you to replace the null value. Importing the template with such key will fail with the appropriate error message. This issue is now resolved.
Cloudera Bug: OPSAPS-57033: ParamSpec for HDFS FS_CHECKPOINT_DIR_LIST causes "Too few entries. The minimum is 1." issue.
In Cloudera Manager for HDFS's Secondary Namenode role, the parameter FS_CHECKPOINT_DIR cannot be set to null if the role is in use. However, if the role is removed from the service, for example, if HDFS HA mode is enabled, then Secondary Namenode is removed automatically. This parameter can now be set to null. This issue is now resolved.
Cloudera Bug: OPSAPS-57419: Disable the Cloudera Manager session persistence.
Cloudera Manager's session persistence is disabled by default. This issue is now resolved.
Cloudera Bug: OPSAPS-57799: Handle LDAP's user search DN with multiple spaces.
Cloudera Manager failed to parse LDAP DN and OU that contain spaces. This issue is now resolved.
Cloudera Bug: OPSAPS-54397: Upgrade Supervisor due to CVE.
Supervisor upgraded to version 3.4.0. This update remove security vulnerability CVE-2017-11610.
Cloudera Bug: OPSAPS-58059: Solr log rotation: count the number of retained log files globally instead of daily.
The count of Solr log files to retain during log rotation is counted for each day instead of all Solr logs for a particular server. This issue is now resolved.
Cloudera Bug: OPSAPS-57422: HBase 2.0 JMX GET metrics changed.
Metrics removed in HBase2 are no longer polled by Cloudera Manager. This issue is now resolved.
Cloudera Bug: OPSAPS-57410: Add Security related headers to the Streams Messaging Manager Rest API Server responses.
Strict-Transport-Security and Cache-Control are added. This issue is now resolved.
Cloudera Bug: OPSAPS-57409: Add security related header controls to all Schema Registry responses..
Added the following HTTP headers to ScemaRegistry HTTP responses: Content-Security-Policy, XSS-Protection, X-Frame options, Content-Type-Options, and Cache-control. This issue is now resolved.
Cloudera Bug: OPSAPS-56714: Misinterpretation of Impala query endTime.
Impala queries are open after they are completed. For example, in Hue they now appear on the Impala query monitoring page of Cloudera Manager upon closure, without being logged as "outside acceptance window". This issue is now resolved.
Cloudera Bug: OPSAPS-58215: Same nameservice HA schedule create query is too long for Cloudera Manager.
Using cmSource/cmTarget prefixes because of which Cloudera Manager was not processing on the 50 odd properties and passing them as is to Hive repl queries as it was too big. With the prefixes changed to cldrSource and cldrTarget, the repl queries are shorter and Hive schedule create succeeded. This issue is now resolved.
Cloudera Bug: OPSAPS-57913: When HDFS HA is enabled, Cloudera Manager now passes the HDFS name service instead of one of the active NN address to the decommission monitor.
MDecommission monitor loop in the script is now improved to retry when stdout from dfsadmin -report command is empty, which helps avoid cases where NN is too busy to report success while decommissioning might still be in progress. This issue is now resolved.
Cloudera Bug: OPSAPS-43909: Execution filter is not applied to Delete Policy.
Execution filter is now applied to Delete Policy also. This issue is now resolved.