Cloudera Docs

Known Issues in Schema Registry

Known issues and technical limitations for Schema Registry are addressed in Cloudera Runtime 7.3.2, its service packs, and cumulative hotfixes.

Known issues identified in Cloudera Runtime 7.3.2

There are no new known issues identified in this release.

Known issues identified before Cloudera Runtime 7.3.2

Known issues identified before Cloudera Runtime 7.3.2 include only unresolved issues from previous releases that continue to affect the Cloudera Runtime 7.3.2 base release.

CDPD-40380: Authorization checking issue when Kerberos is disabled
7.1.9 and all its SP and CHF releases, 7.3.1 and all its SP and CHF releases, 7.3.2
Due to an issue in Ranger, when Kerberos is disabled then it is not possible to check authorization.
  1. Open Schema Registry configuration in Cloudera Manager.
  2. Find the ranger.plugin.schema-registry.service.name field.
  3. Replace GENERATED_RANGER_SERVICE_NAME with the actual name of the service.
  4. Restart the Schema Registry service.
CDPD-49304: AvroConverter does not support composite default values
7.1.7 and all its SP and CHF releases, 7.1.9 and all its SP and CHF releases, 7.3.1 and all its SP and CHF releases, 7.3.2
AvroConverter cannot handle schemas containing a STRUCT type default value.
None.
OPSAPS-70971: Schema Registry does not have permissions to use Atlas after an upgrade
7.1.9 and all its SP and CHF releases, 7.3.1 and all its SP and CHF releases, 7.3.2
Following an upgrade, Schema Registry might not have the required permissions in Ranger to access Atlas. As a result, Schema Registry's integration with Atlas might not function in secure clusters where Ranger authorization is enabled.
  1. Access the Ranger Console (Ranger Admin web UI).
  2. Click the cm_atlas resource-based service.
  3. Add the schemaregistry user to the all - * policies.
  4. Click Manage Service > Edit Service.
  5. Add the schemaregistry user to the default.policy.users property.
OPSAPS-69317: Kafka Connect Rolling Restart Check fails if SSL Client authentication is required
7.1.9 and all its SP and CHF releases, 7.3.1 and all its SP and CHF releases, 7.3.2
The rolling restart action does not work in Kafka Connect when the ssl.client.auth option is set to required. The health check fails with a timeout which blocks restarting the subsequent Kafka Connect instances.
You can set ssl.client.auth to requested instead of required and initiate a rolling restart again. Alternatively, you can perform the rolling restart manually by restarting the Kafka Connect instances one-by-one and checking periodically whether the service endpoint is available before starting the next one.