Fixed Issues in Cloudera Manager 7.10.1

Fixed issues in Cloudera Manager 7.10.1.

OPSAPS-66539: PathParamspec system resources missing when Ranger Hdfs plugin is enabled in compute clusters .

When Ranger Hdfs plugin is enabled in compute cluster, below pathparamspec system resources are created: - Solr and Hdfs spool directories path - Policy cache directory path

OPSAPS-51761: YARN task failures after upgrading to CDH 6.2.0 (Invalid arguments for cgroups resources: /var/log/hadoop-yarn/container)

Fixed an issue during upgrade in YARN, where the upgraded container-executor binary is not copied due to the container-executor file being used by running applications.

OPSAPS-64733: Setting Hive warehouse directory to Ozone fails because the Ozone filesystem JAR is missing from Cloudera Manager runtime directory.

This issue has been fixed. The Hive metastore warehouse directory and external warehouse directory can be set to Ozone filesystem paths during the first Hive run. The Ozone filesystem JAR is available as part of the hdfs.sh script (in the /opt/cloudera/cm/lib/cdh7 directory).

OPSAPS-66255: Cloudera Manager - GET/clusters/{clusterName}/clientConfig API generating too many directories or files.

Previously, the GET/clusters/{clusterName}/clientConfig API for Spark ran a new command on each invocation, which increased the latency of the API call and created new directories or files under the Cloudera Manager agent process directories. This issue is fixed now.

The latest fix changes the above mentioned behavior and now you can only run the command when there is staleness in Spark2 or Spark3 configurations and later client configuration can be deployed. The files returned for Spark2 and Spark3 are complete files that are collected from a Spark gateway host instead of being generated by Cloudera Manager itself.

OPSAPS-65539: Kudu can not handle multiple Ranger KMS servers

Kudu can now handle HA KMS.

OPSAPS-65267

Cross-site sessions were prohibited in the latest browsers because of SameSite header by default was set to Lax. This issue is fixed now by adding SameSite=None with a secure attribute for the session cookies that are created after login so that cross-site secure cookies are supported.

The secure attribute works only with TLS-configured clusters. You must have a TLS-enabled cluster for cross-site sessions to work.

OPSAPS-65341: ECS and Longhorn UI proxies only read ingress_controller_cert_contents

Previously the ECS and Longhorn UI proxies do not read either from the Cloudera Manager truststore or the system truststore, but only from a Database entry. Due to this reason, your load balancers are unable to access the ECS and Longhorn UI. This latest fix now has the proxies read from both the system truststore and CM truststore. The ingress certificate is also added to the truststore.

OPSAPS-65491: The Skip Inspector button visibility issue when you run the host inspector command

When you run the host inspector command, the Run Again button appears first instead of the Skip Inspector button. The Skip Inspector button appears too late. This issue is fixed now and the Skip Inspector button now appears immediately if you want to skip the command.

OPSAPS-65888: The Collect Diagnostic Data button is not active for any date range selected

Previously, when Cloudera Manager is deployed in a timezone different than the user's timezone, it is observed that after selecting a time in the date time picker, the time chosen and the actual time shown do not match with the user's timezone. This issue is now fixed and matches the user's time zone.

OPSAPS-65984: Getting stale configurations issue after upgrading Private Cloud Data Services from 1.4.1 to 1.5.0

Previously after upgrading Private Cloud Data Services from 1.4.1 to 1.5.0, Cloudera Manager was showing stale configurations that are false alerts. This issue is fixed now.

OPSAPS-61519: ECS cluster shows configuration error

Previously, an ECS cluster used to incorrectly show the configuration error: Cluster has stale Kerberos client configuration even though ECS doesn't use Kerberos. This issue is fixed now.

OPSAPS-66023: Error message about an unsupported ciphersuite while upgrading or installing cluster with the latest FIPS compliance

When upgrading or installing a FIPS enabled cluster, Cloudera Manager is unable to download the new CDP parcel from the Cloudera parcel archive.

Cloudera Manager displays the following error message:

HTTP ERROR 400 java.net.ConnectException: Unsupported ciphersuite TLS_EDH_RSA_WITH_3DES_EDE_CBC_SHA

This issue is fixed now by correcting the incorrect ciphersuite selection.

OPSAPS-66080: Optimize pattern.compile in CspUtils.java

When Cloudera Manager is running, compiling the regex pattern for CSP multiple times causes other threads to wait, and that results in the slowness of Cloudera Manager. This issue is fixed now.

OPSAPS-66198: On Cloudera Manager UI, the Install Oozie ShareLib command fails to install shared libraries for the Oozie service

On Cloudera Manager UI, the Install Oozie ShareLib command fails to install shared libraries for the Oozie service if you configure the Kerberos krb_krb5_conf_path file path at the non-default file path. This issue is fixed now.

OPSAPS-66238: ProcessResource API fails with an exception for getting configuration files with multi-level file names

Previously if the user wants to get configuration files under a process directory that contains a multi-level file name, resulting in an API exception. This issue is fixed now.

OPSAPS-66280: Ecs Agent fails to (re)start if Ecs Agent Advanced Configuration Snippet (Safety Valve) for config.yaml is an empty string

Fixed an issue where after clearing the Ecs Agent Advanced Configuration Snippet (Safety Valve) for config.yaml configuration parameter, the Ecs Agent was unable to start.

OPSAPS-66306

When you create a Hive ACID replication policy, the policy does not appear on the Replication Policies page immediately. This issue is fixed.

OPSAPS-66297

Hive ACID replication policies-related issues appear when the source peer becomes unavailable or is deleted as a replication peer. This issue is fixed.

OPSAPS-66068

The Peer not found error appeared during Hive ACID replication policy creation. This issue is fixed.

OPSAPS-66053

Hive ACID replication policies did not appear on the Replication Policies page after policy creation. This issue is fixed.

OPSAPS-66022

When a Hive ACID replication policy run is skipped, the replication policy status incorrectly showed Failed or Error. This issue is fixed.

OPSAPS-65982

When a Hive ACID replication policy was deleted, the error No enum constant com.cloudera.cmf.model.DbReplicationMetric.StatusEnum.FINISHED appeared in Cloudera Manager. This issue is fixed.

OPSAPS-65688

The pre-failover command fails with a FileNotFound exception when the bootstrap replication is pending. This issue is fixed.

OPSAPS-65685

After a Hive ACID replication policy fails, the "type" field of replication metrics shows incorrect status. This issue is fixed.

OPSAPS-65410

LDAP authentication error appears during the Hive ACID replication policy creation.

If LDAP authorization is enabled, you must add LDAP_USERNAME and LDAP_PASSWORD fields, and then create the Hive ACID replication policy. Otherwise, an error appears during the replication policy creation.

OPSAPS-64879

Hive ACID replication policies with an empty name do not appear on the Replication Policies page.

Ensure that you provide a unique replication policy name during replication policy creation.

OPSAPS-61643

A Hive replication policy failed during the ‘Issue the invalidate metadata command on the Impala shell’ step. This issue is fixed.

OPSAPS-63571

Sometimes, entries in the HDFS snapshot-diff report of deleted directories appear as modified. This might raise a FileNotFoundException error.

In this scenario, configure the com.cloudera.enterprise.distcp.hdfs-snapshot-diff-cleanup.enabled safety value to address these unexpected entries.

OPSAPS-65732

Hive ACID replication policies failed with a HTTP response code: 401 error because a wrong Kerberos principal was used in the connection string. This issue is fixed.