Cloudera Manager 7.11.3 Cumulative hotfix 3
Know more about the Cloudera Manager 7.11.3 cumulative hotfixes 3.
This cumulative hotfix was released on February 23, 2024.
- OPSAPS-68340: Zeppelin paragraph execution fails with the User not allowed to impersonate error.
-
Starting from Cloudera Manager 7.11.3, Cloudera Manager auto-configures the
livy_admin_usersconfiguration when Livy is run for the first time. If you add Zeppelin or Knox services later to the existing cluster and do not manually update the service user, the User not allowed to impersonate error is displayed. - OPSAPS-69342: Access issues identified in MariaDB 10.6 were causing discrepancies in High Availability (HA) mode
-
MariaDB 10.6, by default, includes the property
require_secure_transport=ONin the configuration file (/etc/my.cnf), which is absent in MariaDB 10.4. This setting prohibits non-TLS connections, leading to access issues. This problem is observed in High Availability (HA) mode, where certain operations may not be using the same connection. - OPSAPS-68452: Azul Open JDK 8 and 11 are not supported with Cloudera Manager
-
Azul Open JDK 8 and 11 are not supported with Cloudera Manager. To use Azul Open JDK 8 or 11 for Cloudera Manager RPM/DEBs, you must manually create a symlink between the Zulu JDK installation path and the default JDK path.
- CDPD-62834: Status of the deleted table is seen as ACTIVE in Atlas after the completion of navigator2atlas migration process
- The status of the deleted table displays as ACTIVE.
- CDPD-62837: During the navigator2atlas process, the hive_storagedesc is incomplete in Atlas
- For the hive_storagedesc entity, some of the attributes are not getting populated.
- OPSAPS-69897: NPE in Ozone replication from CM 7.7.1 to CM 7.11.3
- When you use source Cloudera Manager 7.7.1 and target Cloudera Manager 7.11.3 for Ozone replication policies, the policies fail with Failure during PreOzoneCopyListingCheck execution: null error. This is because the target Cloudera Manager 7.11.3 does not retrieve the required source bucket information for validation from the source Cloudera Manager 7.7.1 during the PreCopyListingCheck command phase. You come across this error when you use source Cloudera Manager versions lower than 7.10.1 and target Cloudera Manager versions higher than or equal to 7.10.1 in an Ozone replication policy.
- OPSAPS-69481: Some Kafka Connect metrics missing from Cloudera Manager due to conflicting definitions
- The metric definitions for
kafka_connect_connector_task_metrics_batch_size_avgandkafka_connect_connector_task_metrics_batch_size_maxin recent Kafka CSDs conflict with previous definitions in other CSDs. This prevents Cloudera Manager from registering these metrics. It also results in SMM returning an error. The metrics also cannot be monitored in Cloudera Manager chart builder or queried using the Cloudera Manager API.
- OPSAPS-69267: Extend Java opts for Impala to support JDK17 + Isilon
-
Impala no longer reports IllegalAccessErrors on sun.net.dns with Java 17 and Isilon.
- OPSAPS-69485: Invalid mapred-site.xml due to double dash in comments
-
The string '
--' is not allowed in XML comments. Cloudera Manager incorporates values from the safety valve into XML comments. Therefore, XML configuration file generation fails if the safety valve contains '--'.Cloudera Manager replaces the '
--' characters in XML configuration file comments with—which is the Unicode character of '--'. - CDPD-62464: Java process called by
navatlas.shtool fails on JDK-8 version - While running
nav2atlas.shscript on OracleJDK 8 an error message is thrown and returns code 0 on an unsuccessful run. - OPSAPS-69340:
Dlog4j.configurationFileannotation is not working with the log4j library of the Cloudera Manager Server. -
The incorrect notation used in defining the log4j configuration file name (which is
Dlog4j.configurationFileannotation) is preventing the Cloudera Manager Server from receiving updates made to thelog4j.properties file. This issue is fixed now. - OPSAPS-69022: Rack Topology is not updated on Ozone DataNode.
- Ozone, Kudu, and Cruise Control are rack aware services but topology mapping for the hosts containing roles from these services only are not updated in previous versions unless an HDFS or YARN role was present on these hosts. Fixed this issue in Cloudera Manager. Hosts containing Ozone, Kudu, and Cruise Control roles should now get the right topology mapping regardless of other roles present on the host.
- OPSAPS-69414: Expose missing Ozone metrics to Cloudera Manager.
- Three new Ozone metrics (number of datanodes, total capacity, and used space) are exposed to Cloudera Manager.
- OPSAPS-69063: Concurrent policy creation to multiple targets
- Sometimes, standard error or standard output retrieval of Cloudera Manager commands would fail because of a Java-related issue which affected the HTTPS connections using TLSv1.3 protocol. This resulted in different failures when the HBase replication commands were run remotely from the destination cluster on the source cluster. This issue is now resolved.
- OPSAPS-69257: Zeppelin: Interpreter logs are not getting printed
- A new parameter is added in SDL to pass the zeppelin log file name dynamically to the log4.properties file. This allows Zeppelin to log the interpreter logs in the CM Cluster.
- OPSAPS-69131: Unable to install Zeppelin on CDP 7.1.9 with Spark 3 on RHEL 9
- Zeppelin installation was failing on RHEL 9 because Spark 2 was configured as a mandatory dependency in the Zeppelin SDL file. Spark 2 could not be installed on RHEL 9 due to the python version incompatibility. This issue is now resolved.
- OPSAPS-69194: JDK 17 support for HBase Indexer
- This fix makes the KS-Indexer service JDK 17 compatible.
- OPSAPS-69378: Increase default certificate lifetime
- Default behaviour intact. Default expiry time - 1 year for all certs issued by RKE CA (except DB since it is not issued by RKE CA) Expiry time can be adjusted via CM parameter cluster_signing_duration. To apply the changes - Rolling restart for ECS and Rotate of Vault, DB, ecs webhook , ingress certs is required.
- OPSAPS-69329: Configure higher 'worker-shutdown-timeout' value for nginx ingress controller
- Updated rke-nginx-ingress-controller worker-shutdown-timeout config to 24 hrs.
- OPSAPS-69250: ECS Server restart failed as it requires "yum install" from repo
- The "yum install" line has been removed from the ECS Server startup script.
- CDPD-62464: Java process called by navatlas.sh tool fails on JDK-8 version
- Explicitly added eclipse-collections dependencies of version which is compatible with JDK-8 version.
- OPSAPS-69245: Oozie issue in FIPS environments
- In FIPS environment, Oozie needed the FIPS-related Java options to be present in HADOOP_CLIENT_OPTS in order to pick them up. Java options also needed to be added to container localizers. An admin option parameter for the localizers to pass these options has been created and will not to interfere with the user-defined options. This issue is now fixed.
- OPSAPS-69406: Existing HDFS and HBase snapshot policy configuration can be edited
- The Edit Configuration modal window appears when you click on the page for existing HDFS or HBase snapshot policies.
The repositories for Cloudera Manager 7.11.3-CHF3 are listed in the following table:
| Repository Type | Repository Location |
|---|---|
| RHEL 9 Compatible | Repository: |
| RHEL 8 Compatible | Repository: |
| RHEL 7 Compatible | Repository: |
| SLES 15 | Repository: |
| SLES 12 | Repository: |
| Ubuntu 20 | Repository: |
