Fixed Issues in YARN and YARN Queue Manager
Cloudera Runtime 7.1.9 SP2 resolves identified YARN and YARN Queue Manager functional errors and includes technical patches to improve service stability and performance.
- COMPX-25092: YARN web proxy AmIpFilter allows TRACE, bypassing Spark UI TRACE block
- In YARN mode, the
AmIpFilterin the web proxy bypassed Spark UI's TRACE protection by processing requests before they reached the Spark Jetty handler. This led security scanners to incorrectly flag HTTP TRACE as enabled.This issue is now resolved and the
AmIpFilteris now updated to block TRACE and TRACK methods with a405 Method Not Allowedstatus, aligning YARN-proxied behavior with established Spark UI protections. - COMPX-24920: Intermittent race condition prevents YARN ResourceManager to startup in High Availability environments
- When the Resource Managers (RM) are starting up and attempted to load the Capacity Scheduler queue configuration from the ZooKeeper Configuration Store, a timing-dependent race condition between those two RMs caused the root queue's definitions to appear empty, preventing queue initialization and the ResourceManager failed to start. The problem occurs because one RM start up with the -format-conf-store command (to delete configuration) while another RM is reading the configuration. This issue is now resolved to introduce a retry mechanism between those two RMs making sure the configuration is present when one RM is reading it.
