Known issues in Streams Messaging Manager

Learn about the known issues in Streams Messaging Manager, the impact or changes to the functionality, and the workaround.

OPSAPS-59597: SMM UI logs are not supported by Cloudera Manager

Cloudera Manager does not display a Log Files menu for SMM UI role (and SMM UI logs cannot be displayed in the Cloudera Manager UI) because the logging type used by SMM UI is not supported by Cloudera Manager.

Workaround: View the SMM UI logs on the host.

OPSAPS-59553: SMM's bootstrap server config should be updated based on Kafka's listeners

SMM does not show any metrics for Kafka or Kafka Connect when multiple listeners are set in Kafka.

Workaround: SMM cannot identify multiple listeners and still points to bootstrap server using the default broker port (9093 for SASL_SSL). You would have to override bootstrap server URL (hostname:port as set in the listeners for broker). Add the bootstrap server details in SMM safety valve in the following path:

Cloudera Manager > SMM > Configuration > Streams Messaging Manager Rest Admin Server Advanced Configuration Snippet (Safety Valve) for streams-messaging-manager.yaml > Add the following value for bootstrap servers>Save Changes > Restart SMM.

streams.messaging.manager.kafka.bootstrap.servers=<comma-separated list of brokers>

OPSAPS-59828: SMM cannot connect to Schema Registry when TLS is enabled

When TLS is enabled, SMM by default cannot properly connect to Schema Registry.

As a result, when viewing topics in the SMM Data Explorer with the deserializer key or value set to Avro, the following error messages are shown:

Error deserializing key/value for partition [***PARTITION***] at offset [***OFFSET***]. If needed, please seek past the record to continue consumption.
Failed to fetch value schema versions for topic : '[***TOPIC**]'.

In addition, the following certificate error will also be present the SMM log:

javax.net.ssl.SSLHandshakeException: PKIX path building failed:...

Workaround: Additional security properties must be set for SMM.

In Cloudera Manager, select the SMM service.
Go to Configuration.
Find and configure the SMM_JMX_OPTS property.
Add the following JVM SSL properties:
- Djavax.net.ssl.trustStore=[***SMM TRUSTSTORE LOCATION***]
- Djavax.net.ssl.trustStorePassword=[***PASSWORD***]

OPSAPS-68158: SMM does not apply cluster wide Kerberos principal mapping by default

SMM does not apply the cluster-wide Kerberos auth-to-local (ATL) rules from the Core Settings service.

Manually set the Kerberos Name Rules property to match the configuration of the Core Settings service.

OPSAPS-68172: SMM does not set Knox principal and service user as trusted proxies when using custom Kerberos principals

SMM automatically sets the Knox principal name as a trusted proxy. If the Kerberos Name Rules property is set in deployments where custom Kerberos principals are used, Knox might not be allowed to work as a trusted proxy.

Manually configure the Knox user name by adding the following to Streams Messaging Manager Rest Admin Server Advanced Configuration Snippet (Safety Valve) for streams-messaging-manager.yaml:

knox_principal_name=[***KNOX USER NAME***]

CDPD-61115: Requests made to /api/v1/admin/metrics/aggregated/* endpoints fail with error 500 if a custom time interval is specified

Requests made to /api/v1/admin//metrics/aggregated/* endpoints, for example /api/v1/admin/metrics/aggregated/topics, fail with error 500 if the request specifies a custom time interval with the from and to parameters. As a result, you cannot use custom time intervals when making requests to these endpoints. The /api/v1/admin/metrics/aggregated/brokers endpoint is an exception and continues to work with custom time intervals.

The issue is caused by the underlying kafka_consumer_lag and kafka_consumer_committed_offset related metrics no longer being available.

Use predefined time intervals instead of custom ones. Predefined time intervals are specified with the duration parameter.