What's New in Cloudera Manager 7.11.3
New features and changed behavior for Cloudera Manager 7.11.3.
- Zero Downtime Upgrades (ZDU)
Cloudera is reintroducing the concept of rolling upgrades in CDP 7.1.9 in an easier to use format called Zero Downtime Upgrades (ZDU). Zero Downtime Upgrades automates the process of performing rolling upgrades in an optimized format to allow for minimal to zero downtime depending on the services installed on a cluster. All future service packs and runtime upgrades will support ZDU. However, the enhancements brought by ZDU will be available on upgrades from CDP 7.1.7 and CDP 7.1.8. Before using this feature read the upgrade instructions. For more information, see the Zero Downtime upgrade documentation.
- TLS 1.2 encryption support for secured database connections
Cloudera Manager supports TLS (Transport Layer Security) 1.2 encryption between the Cloudera Manager Server and the backend databases such as MySQL, PostgreSQL, and MariaDB.
Now you can enable TLS 1.2 on Database Server and Cloudera Manager Server in the database environment. See Configuring TLS 1.2 for Cloudera Manager.
Also, now you can enable TLS 1.2 on Reports Manager in the database environment. See Configuring TLS 1.2 for Reports Manager.
Cloudera recommends that you secure the network connection between the Cloudera Manager Server and the backend database using TLS 1.2 encryption.TheFor more information on optional parameters, see Syntax for scm_prepare_database.sh.
scm_prepare_database.shscript in Cloudera Manager now accepts the following two new optional parameters:
- TCPS support for connections to Oracle database
Cloudera Manager supports connections to backend Oracle database that are secured with Transmission Control Protocol with SSL (TCPS). This provides greater security for connections between Cloudera Manager Server and the backend Oracle database. For more information, see Enabling TCPS for Oracle Database Server.
Now you can enable TCPS on Reports Manager in the Oracle database environment. For more information, see Configuring TCPS for Reports Manager.
- Python 3.8 (or 3.9 for RHEL 9.1) support for Cloudera Manager 7.11.3
Cloudera Manager 7.11.3 requires Python 3.8 on most of the supported operating systems. The exception is that on the RHEL 9.1 operating system, it supports Python 3.9 version only.
Cloudera Manager 7.11.3 does not work with Python 2.7. While using Cloudera Manager 7.11.3 with Cloudera Runtime 7.1.8 or 7.1.9 version, you may remove all Python 2 versions from the operating system, only when the operating system allows you to remove the Python 2 version.
If you are running Cloudera Runtime 7.1.7 SP2 or below versions with Cloudera Manager 7.11.3, then Python 2.7 is still required for the Cloudera Runtime components. In this scenario, you must install both Python 2.7 (for Cloudera Runtime components) and Python 3 (for Cloudera Manager 7.11.3).
You must install Python 3.8 (or 3.9 for RHEL 9.1) on all hosts before upgrading to Cloudera Manager 7.11.3. See Installing Python 3.
For more information about the operating systems that are supported when using Python 3.x with the Cloudera Manager Agents, see Platform support for Cloudera Manager 7.11.3.
- Support for
noexecoption on the /tmp directory
Cloudera Manager functions normally when you enable the
noexecoption for the /tmp directory on cluster hosts.
The /tmp directory on Linux hosts is used by many applications to store non-persistent data and to execute transient scripts.
Users require this
noexecoption on /tmp directory to eliminate possible security risks by preventing the execution of binaries from the /tmp filesystem.
noexecoption prevents unintentional system modifications or corruption that may potentially lead to system instability or data theft.
- Ability to modify existing Data Context and allow Ozone to be an option
Data Contexts in Cloudera Manager are used to access data in Cloudera Private Cloud Base environment. You can add or remove certain services to the Data Context. See About Data Context and Creating a Compute Cluster and Data Context.
- Certify CM with HA Postgres databases with SSL enabled
Postgres HA support involves enabling Postgres HA and configuring Postgres HA behind a load balancer. See PostgresSQL High Availability.
- Iceberg replication policies
- You can create Iceberg replication policies in CDP Private Cloud Base Replication
Manager to replicate Iceberg tables between CDP Private Cloud Base 7.1.9 or higher
clusters using Cloudera Manager 7.11.3 or higher versions.
For more information, see Iceberg replication policies
- Ranger replication policies
- You can create Ranger replication policies in CDP Private Cloud Base Replication
Manager. The Ranger replication policies migrate Ranger policies for HDFS, Hive, and
HBase services between Kerberos-enabled CDP Private Cloud Base 7.1.9 or higher clusters
using Cloudera Manager 7.11.3 or higher versions.
For more information, see Ranger replication policies.
- Incremental replication of Ozone data using Ozone replication policies
- You can choose the “Full file listing”, “Incremental only”, or “Incremental with
fallback to full file listing” option as a Listing method during
the Ozone replication policy creation process. The listing method determines the
replication method that Ozone replication policy can use to replicate Ozone data.
For more information, see Ozone replication policies.
- Ozone snapshot policies
- You can create Ozone snapshot policies in CDP Private Cloud Base Replication Manager
to take snapshots of Ozone buckets and volumes at regular intervals. Ozone replication
policies leverage the snapshots to perform incremental replication. You can also restore
an Ozone bucket to an earlier version using snapshots or restore the Ozone bucket to
another bucket in Cloudera Manager.
For more information, see Ozone snapshot policies.
- Collecting Heartbeat data from Cloudera Manager
Beginning with Cloudera Manager 7.11.3, a report containing basic cluster information will securely transmit to Cloudera periodically. This report contains cluster-related metadata to determine the version and size of each cluster. This information will assist Cloudera in gaining a clearer understanding of our customers' deployments so we can deliver more robust support and an improved customer experience.
Reports will be saved locally for Customers with infrastructure isolated from the public internet. For assistance, please open a General Administrative Assistance case on MyCloudera.
The generated report is human-readable for users and can be found under /var/lib/cloudera-scm-server/reports (configured as default).
- Replicate Hive external tables in Dell EMC Isilon storage clusters using Hive external table replication policies
- You can use Hive external table replication policies in CDP Private Cloud Base Replication Manager to replicate Hive external tables between Dell EMC Isilon storage clusters where the 7.1.9 clusters use Cloudera Manager 7.11.3 CHF1 or higher versions.
Changed or updated features
- An UI for Credential Storage Provider (CSP) is introduced on Cloudera Manager interface
On Cloudera Manager UI, now you can enable and manage CSP. To find CSP, go totab.
From this release onwards, CSP is generally available (GA). CSP is used to encrypt the sensitive values by configuring a Secure Credential Store that stores an encryption key to encrypt and decrypt sensitive information. Later this sensitive information is stored in encrypted form only in the Cloudera Manager database. For more information about CSP, see Securing sensitive information using a Secure Credential Storage Provider.
- Remove the SHA-1 hashing algorithm based GPG signing key and update them with the SHA-256 based GPG key
Cloudera Manager install packages (RPM and Deb) are now signed with the SHA-256 hashing algorithm. You must remove the SHA-1 hashing algorithm based GPG signing key and update them with the SHA-256 based GPG key.From this release onwards, you must import a new GPG public key into the OS key ring when installing the Cloudera Manager Agent, Cloudera Manager Server, and Cloudera Manager Daemon packages. The SHA-256 based signing key is applicable to both the fresh installation and upgrade of Cloudera Manager (7.11.3 version). The new GPG keys are now signed with a more secure SHA-256 hashing algorithm.
Platform support for Cloudera Manager 7.11.3
|Python 3.8||Python 3.9|