What's New in Cloudera Manager 7.3.1

New features and changed behavior for Cloudera Manager 7.3.1.

New Ranger Configuration Option for Audit Log Archival
You can now use Cloudera Manager to configure the following:

Enable or disable Ranger Audit Log Archival (Ranger Plugin DFS Audit Enabled)

OPSAPS-53564: New default for auth_to-local rules
Default auth_to_local rule maps the first component of the principal name to the lowercase system user name. In case no rules are specified hadoop defaults to using DEFAULT.
OPSAPS-55088: The reported hostname for the Cloudera Manager agent can now be configured using the Cloudera Manager API.
When installing an agent via the Cloudera Manager API, the agent's reported hostname can now be specified with the agentReportedHostname property.
OPSAPS-55800: Cruise Control should infer Kerberos and SSL settings
The security.protocol property of CruiseControl has been removed, and now inferred from the Kafka broker configuration; affects CM >=7.2.1 and CDH >= 7.2.1, CM >= 7.3.0 and CDH >= 7.1.6
OPSAPS-57492: Custom kerberos principal support for Cruise Control
Custom kerberos principal is configurable for Cruise Control
OPSAPS-57496: Custom kerberos principal support for Schema Registry
Custom kerberos principal is configurable for Schema Registry
OPSAPS-57497: Custom kerberos principal support for Streams Messaging Manager
Custom kerberos principal is configurable for SMM
OPSAPS-57621: New option for text-based metrics in Custom Service Descriptors (CSD)
CSD-based services can now define and collect metrics based on enumerated text values.
See the Cloudera Manager Extensions documentation.
OPSAPS-57697: SMM Should Auto-Configure SRM In Cloudera Manager
SMM auto-configures its SRM connection based on a service dependency, manual configuration options are removed; affects CM > 7.2.3 with CDH >= 7.2.3, CM >= 7.3.0 and CDH >= 7.1.6
OPSAPS-57949: Omid (for HBase/Phoenix) is now configurable using Cloudera Manager
There is a new CSD-based service for Omid and there is a new HBase configuration file for Omid clients.
OPSAPS-57963: Expose new configuration properties for Streams Replication Manager metrics processing
New configuration properties have been added to Cloudera Manager to support tuning the metrics processing behavior of Streams Replication Manager: secondary->primary.metrics.period, metric.grace, and metric.retention.
OPSAPS-58153: Schema Registry role log is not visible through the Cloudera Manager UI
In versions before Cloudera Manager 7.2.3, Schema Registry logs are not displayed in the Cloudera Manager UI.
OPSAPS-58397: Make the Schema Registry hashing algorithm configurable
Added new option to Schema Registry configuration where you can change the hashing algorithm used to generate schema fingerprints. The default value is MD5.
OPSAPS-58498: [SCM] Lower the frequency of Global Audit Commands in Cloudera Manager
Cloudera Manager's Audit Evictor command will now run once every 23 hours.
OPSAPS-58546: Rollback documentation is now available for upgrades from CDH 5 to CDP Private Cloud Base 7
See Rolling Back a CDH 5 to CDP 7 Upgrade. Read all directions before attempting a rollback.
OPSAPS-58598: Exporting cluster configuration alters the solr-infra instance name
New behavior for Cloudera Manager 7.3.0 and later: When imported a cluster template, each service's name will be filled in with the refname defined in the template. Previous behavior was that the service name would be the service_type + a random number. The new behavior takes effect as long as there is no pre-existing service in Cloudera Manager with the same name. This applies to all services in Cloudera Manager across all clusters. If there is a pre-existing service with the same name, then the previous behavior takes effect, and the new service name will be the service_type + a random number.
OPSAPS-57097 Kerberos referrals are now disabled by default
Previously, if kerberos was enabled and hosts were running JDK 1.8u232 or JDK 11 , startup of most services failed with impersonation errors. Kerberos referrals are now disabled by default for all Java services.
OPSAPS-58621: Custom kerberos principal support for SRM
Custom kerberos principal is configurable for SRM
OPSAPS-59067: Collect additional Kafka Consumer Metrics via HTTP endpoint
New metrics about Kafka consumers are now available in the SMM service, and are now collected by Cloudera Manager from Kafka's HTTP metrics endpoint rather than being pushed from SMM into Cloudera Manager. Upon upgrade, staleness will be observed for the Kafka service's service-metrics.properties file. This is due to changes of internal representation of consumer metrics entity and will not affect changes to any existing functionality.
OPSAPS-59119: he supported TLS protocol versions be defaulted to Hello and v1.2 for Oozie
The default supported TLS versions for Oozie will become SSLv2Hello,TLSv1.2 instead of TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2. This configuration can be changed in Cloudera Manager if you would like to use to the old behavior.
OPSAPS-59190: SAML signature algorithm is now selectable
You can now select a SAML signature algorithm that a SAML message is signed with. The supported algorithms are RSA-SHA1, RSA-SHA256, RSA-SHA384, and RSA-SHA512.

Third-party software updates

OPSAPS-47379: Spring Framework Upgrade
The Spring Framework used by Cloudera Manager has been upgraded to version 4.3.19.RELEASE.
OPSAPS-53309: com.ning:async-http-client upgraded to version 2.12.1.
AsyncHttpClient used by Cloudera Manager has been upgraded from version 1.9.40 to version 2.12.1.
OPSAPS-54389: Upgrade Jython to 2.7.2
the Jython library has been upgraded to 2.7.2.
OPSAPS-56311: Lucene upgrade
The Lucene version has been upgraded to 8.4.1. Due to the Lucene API changes the following parameters for Reports Manager are no longer available: Maximum Index Writer Threads, Index Writer Thread Pool Queue Size, LUCENE_ENABLE_OPTIMIZE (Safety Valve).
OPSAPS-56938: Spring Data Commons for Security
Spring Data Commons has been upgraded to 1.13.11.
OPSAPS-59284: Upgrade org.apache.commons:commons-compress:1.18 due to CVE
The Apache commons-compress library has been upgraded to 1.19.