Fixed Issues in Apache Knox

Review the list of Knox issues that are resolved in Cloudera Runtime 7.1.9.

OPSAPS-67397: Intermittent Knox login error in 7.2.17

This fix adds CSD support for pac4j.password, which is a pseudo random string that needs to be synced between HA Knox instances for HA SSO to work.

OPSAPS-67449: Enable Loadbalancing param for Oozie and Impala services in cdp-proxy-api topology

Sticky session and loadbalancing support was missing for cdp-proxy-api topology, this change adds it back. This change also adds stickysession and LB props for Impala (OPSAPS-67376)

OPSAPS-63146: Support custom Kerberos path for Knox

With this change Knox will pick up the krb5 value configured in CM (Administrator -> Settings -> krb5.conf file path ) When the CM property changes, Knox configs will change keeping them in sync.

OPSAPS-68107: Response code 500 error at large-payload request test over Knox on PC-7.2.17 and DC-7.1.9 SMM executions

Larger requests (over 15KB) are not failing anymore using the Knox APIs (both SMM UI, and SMM API).

CDPD-40964: Need to update Knox re-write rules to allow access to newer APIs introduced in Ranger

Allow metrics,roles, tagrest & xaudit Ranger Admin APIs via knox proxy

CDPD-24808: SR with Knox should use round-robin load balancing

When multiple instances of Schema Registry are running, Knox will use round-robin to forward the requests.

CDPD-53722: Knox - Upgrade OkHttp to 3.14.9/4.10.0 due to medium CVEs - PvC

Upgrade OkHttp to 3.14.9/4.10.0 due to medium CVEs.

CDPD-50726: [7.1.9.x]- Need to update Knox re-write rules to allow access to newer APIs introduced in Ranger

Update Knox re-write rules to allow access to newer APIs introduced in Ranger

CDPD-58562: PvC - Reduce the time taken for Knox startup

Knox gateway and idbroker startup time improvements were added.

OPSAPS-58179: HIVE endpoint url is updated on only one knox host topolgies. While on other knox host, the Cloudera Manager configuration monitoring change is not identified and topologies are not updated with the Hive URL.

This issue is now fixed.

CDPD-43069: WEBHDFS operation on Namenode UI via knox fails when HDFS in HA

Added failover configuration to WebHDFS to the HaProvider in cdp-proxy topology.