Fixed Issues in Apache Knox

Review the list of Knox issues that are resolved in Cloudera Runtime 7.1.9.

OPSAPS-67397: Intermittent Knox login error in 7.2.17

This fix adds CSD support for pac4j.password, which is a pseudo random string that needs to be synced between HA Knox instances for HA SSO to work.

OPSAPS-67449: Enable Loadbalancing param for Oozie and Impala services in cdp-proxy-api topology

Sticky session and loadbalancing support was missing for cdp-proxy-api topology, this change adds it back. This change also adds stickysession and LB props for Impala (OPSAPS-67376)

OPSAPS-63146: Support custom Kerberos path for Knox

With this change Knox will pick up the krb5 value configured in CM (Administrator -> Settings -> krb5.conf file path ) When the CM property changes, Knox configs will change keeping them in sync.

OPSAPS-68107: Response code 500 error at large-payload request test over Knox on PC-7.2.17 and DC-7.1.9 SMM executions

Larger requests (over 15KB) are not failing anymore using the Knox APIs (both SMM UI, and SMM API).

CDPD-40964: Need to update Knox re-write rules to allow access to newer APIs introduced in Ranger

Allow metrics,roles, tagrest & xaudit Ranger Admin APIs via knox proxy

CDPD-24808: SR with Knox should use round-robin load balancing

When multiple instances of Schema Registry are running, Knox will use round-robin to forward the requests.

CDPD-53722: Knox - Upgrade OkHttp to 3.14.9/4.10.0 due to medium CVEs - PvC

Upgrade OkHttp to 3.14.9/4.10.0 due to medium CVEs.

CDPD-50726: [7.1.9.x]- Need to update Knox re-write rules to allow access to newer APIs introduced in Ranger

Update Knox re-write rules to allow access to newer APIs introduced in Ranger

CDPD-58562: PvC - Reduce the time taken for Knox startup

Knox gateway and idbroker startup time improvements were added.