Fixed Issues in Cloudera Manager 7.1.1

This topic lists the issues that have been fixed in Cloudera Manager since the previous release of Cloudera Manager.

Cloudera Bug: OPSAPS-56153: [SCM] Diagnostic bundle uploads fail to authenticate with Proxy
Cloudera Manager diagnostic bundle uploads have fixed the 407 authentication exception issue, when a diagnostic bundle was uploaded using a proxy server with basic authentication.
Cloudera Bug: OPSAPS-55810: Cloudera Manager Host Resource page shows invalid Unit/Values for memory for Ozone roles
the Cloudera Manager -> Configuration page showing invalid "Memory Overcommit warnings" with incorrect units is now fixed.
Cloudera Bug: OPSAPS-55542: Modification of IFS leads to unknown result
An issue detected regarding improper handling of duplicates the Cloudera Manager's gen_credentials_ad.sh script is now fixed.
Cloudera Bug: OPSAPS-55870: Installation failed because of health checks
Increased the default number of SCM descriptor fetch attempts from 5 to 10. Furthermore, the sleep interval between fetch attempts will be increased by one additional second per failed attempt.
Cloudera Bug: OPSAPS-56156: Enabling AutoTLS failed on cluster post upgrade
Occasionally, a timeout exception may occur when enabling Auto-TLS or rotating Auto-TLS certificates. The command has been modified to retry up two times in the event of a failure.
Cloudera Bug: OPSAPS-55064: Staleness in Kafka servcie in 7.03 cluster after upgrading Cloudera Manager
Stale Configurations Kafka Stale Configuration Changes in control scripts for Kafka security configuration (related to Ranger and Plain authentication) causing the Kafka configuration to be marked as stale after upgrading to Cloudera Manager 7.1.1. Perform a rolling restart of Kafka.
Cloudera Bug: OPSAPS-56491: Add Kerberos text to Knox CSD description
Warn users while installing Knox service that it is only supported for kerberized clusters
Cloudera Bug: OPSAPS-55143: Disable TLS for agent status server port on RHEL6
Fixed a file descriptor leak in the Cloudera Manager agent when running on Redhat 6 platform with TLS/SSL enabled for Cloudera Manager communications. The fix is to disable TLS/SSL for the Cloudera Manager agent status server port on Redhat 6. Heartbeat protocol and Navigator data (eg audit events) remain encrypted. 6.2.2 : Fixed a file descriptor leak in the Cloudera Manager agent when running on all platforms with TLS/SSL enabled for Cloudera Manager communications. The fix is to disable TLS/SSL for the Cloudera Manager agent status server port. Heartbeat protocol and Navigator data (eg audit events) remain encrypted. This regresses the behavior to match Cloudera Manager 5.x.
Cloudera Bug: OPSAPS-54951: Cloudera Manager template import fails
Fixed issue where Cloudera Manager gets stuck deploying cluster templates that reference non-CDH parcels.
Cloudera Bug: OPSAPS-56242: External user auth roles become mixed up when posting multiple mappings to API
When creating external role mappings via the /externalUserMappings API endpoint, if multiple mappings are given in the request, then later mappings will erroneously inherit roles specified in preceding mappings, thus granting those users or groups additional privileges than expected. This has been fixed. Note that existing role mappings that have already been created will not be fixed by this change. Cloudera recommendeds you review your existing role mappings in Administration > Users & Roles to correct any inconsistencies.
Cloudera Bug: OPSAPS-55012: AutoTLS should override manual TLS settings in agent
You no longer need to clear TLS configurations from the agent config.ini before enabling Auto-TLS. When enabling Auto-TLS, any existing TLS configurations in config.ini will be overwritten with Auto-TLS-specific configurations.
Cloudera Bug: OPSAPS-54727: HDFS health checks are not visible in the Cloudera Manager Admin Console
HDFS, HBase, MapReduce and Zookeeper health checks are visible again on Cloudera Manager Admin Console.
Cloudera Bug: OPSAPS-54964: Missing client configuration for srm-control
Cloudera Manager can now automatically generate client configuration properties (except security configurations) for srm-control to make it easier to use from the command line.
Cloudera Bug: OPSAPS-56498: Spark compute cluster failing to come up with oozie start failed
Fixed an error where a Virtual Private cluster for Spark started.
Cloudera Bug: OPSAPS-55410: Relax dependency on Kerberos to enable Ranger for Kafka
This fix removes the requirement that Ranger service can only be enabled when Kerberos is on. It enables 2-way SSL configs for Ranger client.
Cloudera Bug: OPSAPS-54635: Service logs of Queuemanager not collected in diagnostic bundles
QueueManager logs are now collected.
Cloudera Bug: OPSAPS-54477: "Missing service handler" error shown when trying to upgrade a cluster with Flume
You must remove Flume before upgrading to CDP Private Cloud Base.
Cloudera Bug: OPSAPS-55168: Server side caching in Schema Registry is now disabled.
Server side caching in Schema Registry is now disabled.
Cloudera Bug: OPSAPS-55881: Host monitor failed to respond
The memory requirements for Cloudera Manager 7.X have increased since Cloudera Manager 6.X. Heap memory size has been increased to 4GB.
Cloudera Bug: OPSAPS-56723: CM - cloudera-manager-installer.bin fails due to missing Postgres
PostgreSQL version 10 is now installed automatically.
Cloudera Bug: OPSAPS-52178: Race condition while starting Impala can prevent profiles from getting sent to Workload Experience Manager
If Impala Daemon is added after Telemetry Publisher, then queries using that Impala Daemon as co-ordinator will not be delivered to Workload XM.
Cloudera Bug: OPSAPS-55390: Need to create HBase tables during Atlas preStart initialization.
Atlas HBase tables are now created in Atlas before installation so that Atlas does not rely on the Ranger HBase plugin to be enabled to create the required tables during upgrades.
Cloudera Bug: OPSAPS-55158: Atlas Default authentication set by defaul to PAM
PAM authentication is now enabled by default for Atlas. File based authentication is disabled by default.

Technical Service Bulletins (TSB)

TSB 2022-507 Certificate expiry issue in CDP
For the latest update on this issue, please see the corresponding Knowledge article: TSB 2022-507: Certificate expiry issue in CDP