Fixed Issues in Apache Atlas

Review the list of Atlas issues that are resolved in Cloudera Runtime 7.1.8.

CDPD-32226: Atlas is upgraded to use Log4j2 version 2.17.1 to avoid CVE-2021-44228.
CDPD-32432: Atlas is upgraded to use Logredactor version 2.0.13 to avoid CVE-2021-44228.
CDPD-34903: Log4j-core dependency is removed from Atlas to avoid CVE.
CDPD-35212: If Kerberos is enabled:
1. kinit -kt /cdep/keytabs/atlas.keytab atlas@ROOT.HWX.SITE
2. Add below to DEFAULT_JVM_OPTS in repair_index.py
3. Djavax.security.auth.useSubjectCredsOnly=false -Djava.security.auth.login.config=<path to atlas_jaas.conf>
If SSL is enabled, we need to make sure Solr cert or RootCA certificate is added which make use of below atlas-application properties
1. keystore.file <path to keystore jks file>
2. truststore.file <path to truststore jks file>
3. cert.stores.credential.provider.path <path to jceks file>
export HADOOP_CREDSTORE_PASSWORD=<password>
OPSAPS-64201: Default value set false for Atlas Server / Gateway Roles and Hook configurations for both 7.2.16 and 7.1.8 CSD.'s
OPSAPS-62184: HDFS Lineage configurations are available and user can configure the Blacklist and Whitelist paths from Atlas configurations.
OPSAPS-61342: When Atlas Solr collections are created through CM, the number of shards for the collection is now configured to the number of live infra-solr nodes if default shards is 1 and no of live solr nodes are more than one.
OPSAPS-61195: Added error handling for this scenario, this will avoid throwing NPE exception.
OPSAPS-57415: Required Kafka topics for Atlas will be pre-created for fresh install on clusters for kerberos enabled environments.
CDPD-43761: This is expected behaviour since upgrade scenario doesn't create the newly added default policies.
CDPD-42633: ElasticSearch dependency is removed from Atlas.
CDPD-35792: Updated the jquery-ui library from 1.12.1 to 1.13.1.
CDPD-35609: Jersey version upgrade to 1.19.4
CDPD-30950: Instead of loading entire lineage, fetch lineage on demand to improve performance.
CDPD-30163: Atlas is upgraded to use commons-io version 2.11.0.
CDPD-29335: Handle null pointer exception when retrieving tasks using the admin/tasks endpoint.
CDPD-29307: The Kafka-Atlas plugin now fully creates Producer and Consumer entities and won't generate incomplete ones.
CDPD-28919: Atlas is upgraded to use junit version 4.13.1 to avoid CVE-2020-15250.
CDPD-28865: Allow AWS and ADLS path entities through Hive DDL filter.
CDPD-28151: Atlas is upgraded to use nimbus-jose-jwt version 9.8.1 to avoid CVE-2021-27568.
CDPD-26509: Create FS entity successfully for load data inpath.
CDPD-14241: Dynamically handle indexing(secondary persistence) failures.

Apache patch information

  • ATLAS-4370
  • ATLAS-4375
  • ATLAS-4368
  • ATLAS-3985
  • ATLAS-4408
  • ATLAS-4324
  • ATLAS-4350
  • ATLAS-4316
  • ATLAS-4646
  • ATLAS-4340
  • ATLAS-4401
  • ATLAS-4372
  • ATLAS-4402
  • ATLAS-4431
  • ATLAS-4440
  • ATLAS-4431
  • ATLAS-4444
  • ATLAS-4493
  • ATLAS-4454
  • ATLAS-4570
  • ATLAS-4641
  • ATLAS-4569
  • ATLAS-4580
  • ATLAS-4558
  • ATLAS-4528
  • ATLAS-4398
  • ATLAS-4339