What's New in Cloudera Manager 7.1.0

Cloudera Issue: OPSAPS-53169, OPSAPS-53636
The time required to create a cluster has decreased by up to 4 minutes.
Cloudera Issue: OPSAPS-51403: Support for Solr plugins has been added for workload clusters
Cloudera Issue: OPSAPS-43085: The HDFS directory usage report now allows you to select the size of the CSV download file
You can select on of the following options for downloading:
  • Top 1K rows
  • Top 10k rows
  • Top 100k rows
Cloudera Issue: OPSAPS-46007: New configuration parameters to add the ability to specify max_retries for service auto-restart
Two new configuration fields have been added on all Roles: Start Wait Timeout and Start Retry Attempts, located in the Advanced category. These fields control how many times a role's process is automatically restarted if the process exits or crashes during startup.
Startup is defined as a duration of Start Wait Timeout in seconds.
Start Retry Attempts is the number of times the process will get restarted before giving up.
After a process has been running longer than Start Wait Timeout seconds, the restarts count is set back to zero.
Cloudera Issue: OPSAPS-28229: Support for HTTP Strict Transport Security Mode
When TLS is enabled for the Cloudera Manager Admin Console, web requests will now include the Strict-Transport-Security header. For more details on this header, see Mozilla's documentation: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
Cloudera Issue: OPSAPS-52546: HBase thrift http server and proxy user are enabled if Hue and HBase are both installed
When Hue is used with HBase, the following configuration parameters are now set in HBase:
hbase.regionserver.thrift.http = true 
hbase.thrift.support.proxyuser = true
Cloudera Issue: OPSAPS-54069: SPNEGO for Impala's webui is on by default with Kerberos
Impala's Web UI is now automatically protected with Kerberos whenever it is configured on a cluster.
Cloudera Issue: OPSAPS-53826: Add Granular permissions to Tags
Tags will only be accessible via the TagsResource API if the user has correct permissions. Any role with read permissions grants read access to tags, and a Configurator, Limited Cluster Administrator, Cluster Administrator, or Full Administrator role is required to add or delete tags.
Cloudera Issue: OPSAPS-53341: New property in HBase
Added the following HBase configuration properties: hbase.use.dynamic.jars and hbase.dynamic.jars.dir properties. For new installations of Cloudera Runtime 7.1 or later, the hbase.use.dynamic.jars property is set to false by default.
Cloudera Issue: OPSAPS-53957: Phoenix Query Server memory options are configurable
It is now possible to set the Heap Size for Phoenix Query server.
Cloudera Issue: OPSAPS-54062: Zookeeper SSL/TLS support for Kafka
A new Kafka configuration parameter, zookeeper.secure.connection.enable has been added to allow Kafka to connect and communicate to Zookeeper through a secure channel. This configuration only takes effect if TLS is enabled on the Zookeeper server.
Cloudera Issue: OPSAPS-30763: New Kafka configuration parameter
The Kafka configuration parameter, zookeeper.set.acl, when set to true, causes Kafka to create Zookeeper nodes as world readable and creator writable, as opposed to the default of world readable and writable. This prevents unauthorized users from changing data in Zookeeper.
Cloudera Issue: OPSAPS-53340: PAM authentication is now configurable in Kafka CSD
You can now configure PAM configuration to allow Kafka clients to authenticate using Linux-PAM.
Cloudera Issue: OPSAPS-48218
Cloudera Manager configures the hbase.thrift.spnego.principal and hbase.thrift.spnego.keytab.file properties for HBase Thrift server.
Cloudera Issue: OPSAPS-53785: New HDFS configuration parameter
A new HDFS configuration parameter "Enable Async Audit Log" has been added. It is enabled by default for Cloudera Runtime 7.1.0 and later. When enabled, HDFS NameNode will append the audit log asynchronously when using the HDFS default audit logger. Enabling this parameter can improve NameNode throughput under heavy load.
Cloudera Issue: CDPD-6477

Cloudera Manager’s Auto-TLS feature now supports Apache Kudu.