Fixed Issues in Cloudera Manager 7.1.1

This topic lists the issues that have been fixed in Cloudera Manager since the previous release of Cloudera Manager.

Cloudera Bug: OPSAPS-56153: [SCM] Diagnostic bundle uploads fail to authenticate with Proxy

Cloudera Manager diagnostic bundle uploads have fixed the 407 authentication exception issue, when a diagnostic bundle was uploaded using a proxy server with basic authentication.

Cloudera Bug: OPSAPS-55810: Cloudera Manager Host Resource page shows invalid Unit/Values for memory for Ozone roles

the Cloudera Manager -> Configuration page showing invalid "Memory Overcommit warnings" with incorrect units is now fixed.

Cloudera Bug: OPSAPS-55542: Modification of IFS leads to unknown result

An issue detected regarding improper handling of duplicates the Cloudera Manager's gen_credentials_ad.sh script is now fixed.

Cloudera Bug: OPSAPS-55870: Installation failed because of health checks

Increased the default number of SCM descriptor fetch attempts from 5 to 10. Furthermore, the sleep interval between fetch attempts will be increased by one additional second per failed attempt.

Cloudera Bug: OPSAPS-56156: Enabling AutoTLS failed on cluster post upgrade

Occasionally, a timeout exception may occur when enabling Auto-TLS or rotating Auto-TLS certificates. The command has been modified to retry up two times in the event of a failure.

Cloudera Bug: OPSAPS-55064: Staleness in Kafka servcie in 7.03 cluster after upgrading Cloudera Manager

Stale Configurations Kafka Stale Configuration Changes in control scripts for Kafka security configuration (related to Ranger and Plain authentication) causing the Kafka configuration to be marked as stale after upgrading to Cloudera Manager 7.1.1. Perform a rolling restart of Kafka.

Cloudera Bug: OPSAPS-56491: Add Kerberos text to Knox CSD description

Warn users while installing Knox service that it is only supported for kerberized clusters

Cloudera Bug: OPSAPS-55143: Disable TLS for agent status server port on RHEL6

Fixed a file descriptor leak in the Cloudera Manager agent when running on Redhat 6 platform with TLS/SSL enabled for Cloudera Manager communications. The fix is to disable TLS/SSL for the Cloudera Manager agent status server port on Redhat 6. Heartbeat protocol and Navigator data (eg audit events) remain encrypted. 6.2.2 : Fixed a file descriptor leak in the Cloudera Manager agent when running on all platforms with TLS/SSL enabled for Cloudera Manager communications. The fix is to disable TLS/SSL for the Cloudera Manager agent status server port. Heartbeat protocol and Navigator data (eg audit events) remain encrypted. This regresses the behavior to match Cloudera Manager 5.x.

Cloudera Bug: OPSAPS-54951: Cloudera Manager template import fails

Fixed issue where Cloudera Manager gets stuck deploying cluster templates that reference non-CDH parcels.

Cloudera Bug: OPSAPS-56242: External user auth roles become mixed up when posting multiple mappings to API

When creating external role mappings via the /externalUserMappings API endpoint, if multiple mappings are given in the request, then later mappings will erroneously inherit roles specified in preceding mappings, thus granting those users or groups additional privileges than expected. This has been fixed. Note that existing role mappings that have already been created will not be fixed by this change. Cloudera recommendeds you review your existing role mappings in Administration > Users & Roles to correct any inconsistencies.

Cloudera Bug: OPSAPS-55012: AutoTLS should override manual TLS settings in agent

You no longer need to clear TLS configurations from the agent config.ini before enabling Auto-TLS. When enabling Auto-TLS, any existing TLS configurations in config.ini will be overwritten with Auto-TLS-specific configurations.

Cloudera Bug: OPSAPS-54727: HDFS health checks are not visible in the Cloudera Manager Admin Console

HDFS, HBase, MapReduce and Zookeeper health checks are visible again on Cloudera Manager Admin Console.

Cloudera Bug: OPSAPS-54964: Missing client configuration for srm-control

Cloudera Manager can now automatically generate client configuration properties (except security configurations) for srm-control to make it easier to use from the command line.

Cloudera Bug: OPSAPS-56498: Spark compute cluster failing to come up with oozie start failed

Fixed an error where a Virtual Private cluster for Spark started.

Cloudera Bug: OPSAPS-55410: Relax dependency on Kerberos to enable Ranger for Kafka

This fix removes the requirement that Ranger service can only be enabled when Kerberos is on. It enables 2-way SSL configs for Ranger client.

Cloudera Bug: OPSAPS-54635: Service logs of Queuemanager not collected in diagnostic bundles

QueueManager logs are now collected.

Cloudera Bug: OPSAPS-54477: "Missing service handler" error shown when trying to upgrade a cluster with Flume

You must remove Flume before upgrading to CDP Private Cloud Base.

Cloudera Bug: OPSAPS-55168: Server side caching in Schema Registry is now disabled.

Server side caching in Schema Registry is now disabled.

Cloudera Bug: OPSAPS-55881: Host monitor failed to respond

The memory requirements for Cloudera Manager 7.X have increased since Cloudera Manager 6.X. Heap memory size has been increased to 4GB.

Cloudera Bug: OPSAPS-56723: CM - cloudera-manager-installer.bin fails due to missing Postgres

PostgreSQL version 10 is now installed automatically.

Cloudera Bug: OPSAPS-52178: Race condition while starting Impala can prevent profiles from getting sent to Workload Experience Manager

If Impala Daemon is added after Telemetry Publisher, then queries using that Impala Daemon as co-ordinator will not be delivered to Workload XM.

Cloudera Bug: OPSAPS-55390: Need to create HBase tables during Atlas preStart initialization.

Atlas HBase tables are now created in Atlas before installation so that Atlas does not rely on the Ranger HBase plugin to be enabled to create the required tables during upgrades.

Cloudera Bug: OPSAPS-55158: Atlas Default authentication set by defaul to PAM

PAM authentication is now enabled by default for Atlas. File based authentication is disabled by default.