Cloudera Docs

Cloudera Manager 7.7.1 Cumulative hotfix 2

Know more about the Cloudera Manager 7.7.1 cumulative hotfixes 2.

This cumulative hotfix was released on November 28, 2022.

Following are the list of known issues and their corresponding workarounds that are shipped for Cloudera Manager 7.7.1 CHF2 (version: 7.7.1-34281315):
OPSAPS-68689: Unable to emit the LDAP Bind password in core-site.xml for client configurations

If the CDP cluster has LDAP group to OS group mapping enabled, then applications running in Spark or Yarn would fail to authenticate to the LDAP server when trying to use the LDAP bind account during the LDAP group search.

This is because the LDAP bind password was not passed to the /etc/hadoop/conf/core-site.xml file. This was intended behavior to prevent leaking the LDAP bind password in a clear text field.

Set the LDAP Bind password through the HDFS client configuration safety valve.
  1. On the Cloudera Manager UI, navigate to the HDFS service, by clicking on the HDFS service under the Cluster.

  2. Click the Configuration tab. Search for the HDFS Client Advanced Configuration Snippet (Safety Valve) for hdfs-site.xml configuration parameter.

  3. Add an entry with the following values:
    • Name = hadoop.security.group.mapping.ldap.bind.password
    • Value = (Enter the LDAP bind password here)
    • Description = Password for LDAP bind account

  4. Then click the Save Changes button to save the safety valve entry.

  5. Perform the instructions from the Manually Redeploying Client Configuration Files to manually deploy client configuration files to the cluster.

OPSAPS-68452: Azul Open JDK 8 and 11 are not supported with Cloudera Manager

Azul Open JDK 8 and 11 are not supported with Cloudera Manager. To use Azul Open JDK 8 or 11 for Cloudera Manager RPM/DEBs, you must manually create a symlink between the Zulu JDK installation path and the default JDK path.

After installing Azul Open JDK8 or 11, you must run the following commands on all the hosts in the cluster:
Azul Open JDK 8
RHEL or SLES
# sudo ln -s /usr/lib/jvm/java-8-zulu-openjdk-jdk /usr/lib/jvm/java-8-openjdk
Ubuntu or Debian
# sudo ln -s /usr/lib/jvm/zulu-8-amd64 /usr/lib/jvm/java-8-openjdk
Azul Open JDK 11
For DEBs only
# sudo ln -s /usr/lib/jvm/zulu-11-amd64 /usr/lib/jvm/java-11
Following are the list of fixes that were shipped for Cloudera Manager 7.7.1 CHF2 (version: 7.7.1-34281315):
  • OPSAPS-62511 - Upgrade jsoup due to CVE-2021-37714
  • OPSAPS-62521 - Upgrade snakeyaml to 1.31 due to CVE-2017-18640, CVE-2022-25857, CVE-2022-38749, CVE-2022-38751, and CVE-2022-38750
  • OPSAPS-63984 - Upgrade commons-io to 2.11.0 due to CVE-2021-29425
  • OPSAPS-64032 - Upgrade poi to 5.2.2 due to CVE-2022-26336
  • OPSAPS-64080 - Upgrade requests to 2.27.1 due to CVE-2018-18074
  • OPSAPS-64082 - Upgrade esapi-java-legacy to 2.4.0.0 due to CVE-2022-23457, and CVE-2022-24891
  • OPSAPS-64654 - Multiple Critical CVEs for jackson-databind in the most recent scan report for CM 7.6.2 and CM 7.8.0
  • OPSAPS-65098 - Update logredactor to 2.0.14 due to CVEs in jackson-databind
  • OPSAPS-62805 - Extend Log search feature for the log4j2
  • OPSAPS-64153 - Core Settings service is getting added twice during cluster provisioning using clustertemplateimportcommand in data hub.
  • OPSAPS-64614 - Cloudera Manager server fails to complete the upgrade and will not start, if a cluster had a legacy Core Configuration service with any number of Storage Operations roles.
  • OPSAPS-64655 - Performance issues in loading and using Hue
  • OPSAPS-64744 - NPE in Cloudera Manager upgrade if StubDFS created but no StorageOps roles present
  • OPSAPS-65040 - ImpalaFileFormatAnalysisRule should only inspect SCAN_NODE
  • OPSAPS-65064 - Prevents importing a cluster template containing a base cluster with a service of type CORE_SETTINGS.
  • OPSAPS-65143 - NPE in RulesCluster.java:169 when adding Cloudera Management services

    The repositories for Cloudera Manager 7.7.1-CHF2 are listed in the following table:

    Table 1. Cloudera Manager 7.7.1-CHF2
    Repository Type Repository Location
    RHEL 8 Compatible Repository:
    http://username:password@bits.cloudera.com/5b3fb4b4/patch-5579/redhat8/yum
    Repository File:
    http://username:password@bits.cloudera.com/5b3fb4b4/patch-5579/redhat8/yum/cloudera-manager.repo
    RHEL 7 Compatible Repository:
    http://username:password@bits.cloudera.com/5b3fb4b4/patch-5579/redhat7/yum
    Repository File:
    http://username:password@bits.cloudera.com/5b3fb4b4/patch-5579/redhat7/yum/cloudera-manager.repo
    SLES 12 Repository:
    http://username:password@bits.cloudera.com/5b3fb4b4/patch-5579/sles12/yum
    Repository File:
    http://username:password@bits.cloudera.com/5b3fb4b4/patch-5579/sles12/yum/cloudera-manager.repo
    Ubuntu 20 Repository:
    http://username:password@bits.cloudera.com/5b3fb4b4/patch-5579/ubuntu2004/apt
    Repository file:
    http://username:password@bits.cloudera.com/5b3fb4b4/patch-5579/ubuntu2004/apt/cloudera-manager.list
    Ubuntu 18 Repository:
    http://username:password@bits.cloudera.com/5b3fb4b4/patch-5579/ubuntu1804/apt
    Repository file:
    http://username:password@bits.cloudera.com/5b3fb4b4/patch-5579/ubuntu1804/apt/cloudera-manager.list