Cloudera Docs

Fixed Issues in Apache Knox

Review the list of Apache Knox issues that are resolved in Cloudera Runtime 7.3.2, its service packs, and cumulative hotfixes.

Cloudera Runtime 7.3.2

Cloudera Runtime 7.3.2 resolves Knox issues and incorporates fixes from the service packs and cumulative hotfixes from 7.3.1.100 through 7.3.1.706. For a comprehensive record of all fixes in Cloudera Runtime 7.3.1.x, see Fixed Issues.

CDPD-94038: Uploading large files through HUE UI using Knox Gateway fails
Fixed an issue where uploading large files through the HUE UI using Knox Gateway failed. Large file uploads now complete successfully.
CDPD-90879: Knox service discovery does not detect Cloudera Manager cluster-level restart commands
Knox service discovery now detects cluster-level RollingRestart and RestartWaitingForStalenessSuccess commands in Cloudera Manager and automatically regenerates topologies to reflect configuration changes.
Apache JIRA: KNOX-3194
CDPD-78656: Health test for Knox fails if gateway.client.auth.needed is set to true
Previously, the health test for Knox Gateway failed if the gateway.client.auth.needed parameter was set to true.
This issue is now resolved. For TLS Mutual Authentication to work, you must exclude the health topology. To do this, go to Cloudera Manager > Knox > Configuration, locate the Knox Service Advanced Configuration Snippet (Safety Valve) for conf/gateway-site.xml field, and add a new entry with the following parameters:
Name = gateway.client.auth.exclude
Value = health
For more information on excluding the topology, see the Apache Knox Documentation.
CDPD-77233: Knox Token TTL value of -1 set to never expire
Fixed an issue where the Knox Token API raised an UnknownTokenException error if the lifespan value of Knox Token TTL was set to -1. Tokens with a TTL value of -1 are now correctly handled as having no expiration when verifying tokens for authentication.
Apache JIRA: KNOX-3075
CDPD-82812: HA feature not working for Rest Catalog
7.3.2.0
Previously, the Knox topology file cdp-share-access.xml created during Cloudera Data Sharing setup could not handle multiple Hive Metastore (HMS) nodes. In the event of a node failure, healthy nodes could not reliably take over the workload. This issue has been resolved. The Knox topology now correctly supports High Availability (HA) for the REST Catalog, ensuring proper failover between HMS nodes.