Fixed Issues in Cloudera Manager 7.3.1

Fixed issues in Cloudera Manager 7.3.1.

Cloudera Bug: OPSAPS-48440: Misleading SOLR monitoring warnings in the agent log
Eliminated the misleading SOLR monitoring-related warnings from the agent log file.
Cloudera Bug: OPSAPS-49837 Test Database Connection feature of ‘add service’ wizard now supports more MySQL variants
When adding a service, the Test Database Connection command now works when MySQL replication is enabled. This does not guarantee that the CDP service itself will work with MySQL replication using GTID, only that the DDL commands used to test the connection work with MySQL with GTID replication.
Note that cnn itself does not work with MySQL replication using GTID.
Cloudera Bug: OPSAPS-55872: New configuration properties in the Cruise Control service
The following properties were added to Cruise Control: self.healing.goals, hard.goals and anomaly.detection.goals.
Cloudera Bug: OPSAPS-56239: TEZ_JARS classpath directory configuration should not be hardcoded in
The parcel root directory had initially been hardcoded in various locations, causing issues if a different path was utilized. The parcels root directory is no longer hardcoded, and is now dynamically set.
Cloudera Bug: OPSAPS-56328: Changing Kafka Connect port numbers to non-ephemeral ports
Kafka Connect default ports are now non-ephemeral ports.
Cloudera Bug: OPSAPS-56999: ranger.usersync.keystore.password is not overridden via safety valves
Fixed a bug where the ranger.usersync.keystore.password configuration property specified in an Advanced Configuration Snippet did not update the password.
Cloudera Bug: OPSAPS-57097: Disable Kerberos referrals by default for all roles
Fixed an issue that occurred when kerberos was enabled and hosts were running JDK 1.8u232 or later, JDK 11 or JDK 13. Startup of most services failed with impersonation errors. This resolves that issue by disabling kerberos referrals by default for all Java services.
Cloudera Bug: OPSAPS-57595: Unused Reports Manager tuning parameters have been removed
Parameters related to older Lucene versions have been removed.
Cloudera Bug: OPSAPS-57937: No alerts are generated when the Hbase process is in a hung state
HBase master monitoring (canary) showed green status even if the master did not initialize yet. Added an extra check to query HBase to see whether it is up and running.
Cloudera Bug: OPSAPS-58157: Schema Registry swagger page does not work due to CSP violation
The Swagger interface (API Explorer) for Schema Registry now correctly renders and the browser does not report a Content Security Policy violation error.
Cloudera Bug: OPSAPS-58617: cdp-proxy Knox topology is missing identity-assertion
Added identity-assertion provider into the cdp-proxy Knox topology.
Cloudera Bug: OPSAPS-58659: Create a new checkbox in Oozie configuration to control the Callback URL Kerberos enablement
A new configuration property “Oozie Callback Servlet Authentication” has been added to the Oozie service, requiring only Kerberos-authenticated connections to the callback servlet.
Cloudera Bug: OPSAPS-58661: Increasing default value of ZooKeeper Session Timeout in Kafka
The default value of the ZooKeeper Session Timeout in Kafka has been increased.
Cloudera Bug: OPSAPS-58700: Log directories aren't removed from Cruise Control metrics when a log directory is removed from Kafka
Fixed an issue where Cruise Control capacity bootstrapping ignores deleted log directories.
Cloudera Bug: OPSAPS-58708: Failed to log audit event in Ranger for Kafka in AutoTLS enabled cluster
Ranger plugin's audit logging now works with non-secure Zookeeper connection while Kafka itself still uses TLS connection to Zookeeper.
Cloudera Bug: OPSAPS-58805: Atlas hook principal configuration created with wrong principal when using multiple Hbase Masters
The Atlas hook principal value for is now correct for HA enabled HBase clusters
Cloudera Bug: OPSAPS-58819: Unable to set nullable fields to null with cluster template import
The restriction on importing cluster templates with null values has been removed.
Cloudera Bug: OPSAPS-58889: HttpFS Safety Valve configuration for core-site.xml incorrectly gets emitted to hdfs-site.xml
HttpFS Safety Valve configurations for core-site.xml should now correctly be added to HttpFS core-site.xml.
Cloudera Bug: OPSAPS-59021: FIPS mode Agent install reports SSL errors
When installing agents with FIPS mode enabled, you may see the following error message:
Error creating custom SSL Context for the configured trustStore. Using default Trust Store location
even though the agent installation succeeds. This has been fixed.
Cloudera Bug: OPSAPS-59081: Custom kerberos principal support for Knox
Fixes an issue where a Knox kerberos principal configured in the Cloudera Manager Admin Console does not take effect. It is now possible to define arbitrary Kerberos principals for Knox
Cloudera Bug: OPSAPS-59091: Upgrading from CDH->CDP sets --parquet-configurator-implementation to unsupported option Kite, which breaks all Sqoop commands
Fixed a bug that occurred when upgrading to CDP 7.x. Cloudera Manager now sets the parquetjob.configurator.implementation configuration property to "hadoop" for Sqoop, which is the only value supported
Cloudera Bug: OPSAPS-59124: Kafka fails to start when there are multiple Ranger Admin roles running
The Kafka control script in Cloudera Manager was extended to be able to handle the scenario when there are multiple Ranger Admin roles configured in the cluster and it can now correctly create the required policy repository in Ranger.
Cloudera Bug: OPSAPS-59143: Failed to create new KafkaAdminClient from Spark Atlas Connector on TLS enabled clusters
Fixed Atlas client configuration properties for Atlas gateway role for Atlas-Kafka SSL communication.
Cloudera Bug: OPSAPS-59184: Incorrect Log4J configuration in Knox's script
Fixed logging issues in Knox IDBroker and corrected log configuration file paths.
Cloudera Bug: OPSAPS-59227: Streams Messaging Manager and Schema Registry configuration does not support the "#" character in the truststore and keystore password
Streams Messaging Manager and Schema Registry now support the "#" character in truststore and keystore passwords.
Cloudera Bug: OPSAPS-59248: Add support for disabling DFS audit in Schema Registry Ranger plugin
The Schema Registry Ranger plugin no longer tries to send audits to HDFS when the ranger_plugin_hdfs_audit_enabled property is disabled in the Ranger configuration.
Cloudera Bug: OPSAPS-59249: Add support for disabling DFS audit in Streams Messaging Manager (uses Kafka's Ranger plugin)
Streams Messaging Manager's Ranger plugin no longer tries to send audits to HDFS when the ranger_plugin_hdfs_audit_enabled property is disabled in the Ranger configuration.
Cloudera Bug: OPSAPS-59299: SOLR has issues if impersonating principal has a hyphen in its name
Fixed a bug where the SOLR service had issues if the impersonating principal has a hyphen ("-") in its name.
Cloudera Bug: OPSAPS-59340: Trying to add an HDFS Nameservice resulted in 500 Internal server error
Fixed an issue where adding a Nameservice to HDFS via the Cloudera Manager Admin Console failed with a server error.
Cloudera Bug: OPSAPS-59431: Console errors and performance issues on Instances page
Improved the performance of the Select All checkbox on the Instances page for large clusters with a large number of role instances.
Cloudera Bug: OPSAPS-59642: Hbase Replication Policy suspend action is failing (former ticket number: DMX-1405)
Fixed an issue where suspending a Replication policy failed.