Fixed Issues in Cloudera Manager 7.3.0

Fixed issues in Cloudera Manager 7.3.0.

Cloudera Bug: OPSAPS-58659: Create a new checkbox in Oozie's Cloudera Manager configuration to control the Callback URL Kerberos enablement
For more information, see
Cloudera Bug: OPSAPS-56678: SRM client configuration ( contains invalid properties
New configuration resolvers added: file, system environment with default. (This change is backward compatible, old configuration works as usual.)
Cloudera Bug: OPSAPS-56457: Schema Registry yaml file generation broken on Azure.
When setting up the service the install script failed to properly set the ""fs.defaultFS"" property. Example: core-site.xml:
registry.yaml: fsUrl: "abfs://" Notice: the ""bsari-azl@"" part is missing. Fix: By using sed it can handle the ""@"" character well in replacement.
Cloudera Bug: OPSAPS-53309: Upgrade com.ning:async-http-client:1.9.40 due to CVE
AsyncHttpClient used by Cloudera Manager is upgraded to org.asynchttpclient.async-http-client version 2.12.1.
Cloudera Bug: OPSAPS-56286: Schema Registry Health Check broken with multiple instances
Health State fixed for Schema Registry when having multiple instances
Cloudera Bug: OPSAPS-57411: Configuration for metrics fetching in group or separately
Configurable SMM metrics fetching mode
Cloudera Bug: OPSAPS-57539: Sometimes SMM UI process does not get killed and prevents restarting it
The SMM UI stop script has been improved, so that it will kill the child processes to prevent the SMM UI process from being stuck.
Cloudera Bug: OPSAPS-58661: Increasing default value of ZooKeeper Session Timeout in Kafka
Increasing default value of ZooKeeper Session Timeout in Kafka for 7.1.5 runtime version.
Cloudera Bug: OPSAPS-58708: Failed to log audit event in Ranger for Kafka in AutoTLS enabled cluster
Ranger plugin's audit logging works with non-secure Zookeeper connection while Kafka itself still uses TLS connection to Zookeeper.
Cloudera Bug: OPSAPS-56239: TEZ_JARS classpath directory configuration should not be hardcoded in
The parcel root directory had initially been hardcoded in various locations, causing issues if a different path was utilized. The parcels root directory is no longer hardcoded, and is now dynamically set.
Cloudera Bug: OPSAPS-58107: CSD support to configure caching in SMM Authorizer
SMM request processing is sped up by introducing an authorization cache. The default TTL of the cache is 30 seconds and it is configurable in CM. Setting the TTL to 0 disables the cache entirely.
Cloudera Bug: OPSAPS-57745: SMM UI Server failed to start but status in CM still show green
Cloudera Manager now correctly displays role status when the SMM UI process fails/stops.
Cloudera Bug: OPSAPS-58990: SMM and Schema Registry Ranger plugin Solr audits fails with HTTP 403
Fixed SMM Ranger plugin authorization issue with Solr. Audit events can now be logged to Solr.
Cloudera Bug: OPSAPS-56345: Issues with Schema Registry's Ranger repo handling
Ranger init script was rewritten to generate the repo name with a unique name. It will also not fail in case the repo already exists.
Cloudera Bug: OPSAPS-57317: Ranger user cannot send requests to SchemaRegistry
Added user rangerlookup to the default list of users when creating the schemaregistry policy in ranger
Cloudera Bug: OPSAPS-57294: Schema Registry first run fails when multiple Ranger Admin services are configured
Schema Registry startup script now can handle the case when multiple Ranger Admin services are configured.
Cloudera Bug: OPSAPS-57444: SMM throws an error if keystore and private key password are not the same
SMM secure configuration now supports non-matching key and keystore passwords; affects CDH >= 7.2.2 and CDH >= 7.1.4
Cloudera Bug: OPSAPS-58819: Unable to set nullable fields with template import
A restriction was placed to import cluster templates with null values prior to this Cloudera Manager Version. That is causing issues when users import a template generated by a previous CM version. As it used to allow setting null to the configuration field value. With this fix, that restriction has been removed.
Cloudera Bug: OPSAPS-58731: Add CM configurations for raz-s3
Emitting Ranger Raz configs for S3 to HDFS core-site.xml and to RAZ raz-site.xml
Cloudera Bug: OPSAPS-59219: [ranger-raz] Add ranger.raz.service-type.s3.super.users to fix cluster template init failure
Cloudera Bug: OPSAPS-59012: Telemetry Publisher is broken
Telemetry publisher no longer throws ClassDefNotFoundException
Cloudera Bug: OPSAPS-56328: Changing port numbers to non-ephemeral ports
Setting Kafka Connect default ports to be non ephemeral ports.
Cloudera Bug: OPSAPS-58728: Specify JDBC override param in Ranger CSD
Tested only JDBC url override for postgres database type for Ranger CSD supporting CDPD - 7.1.5 installation.
Cloudera Bug: OPSAPS-57410: Add Security related headers to SMM Rest API Server responses
Added Security-Related Headers to SMM Rest API respones: - Strict-Transport-Security - Cache-Control
Cloudera Bug: OPSAPS-57409: Add security related header controls to all Schema Registry responses.
Added the following HTTP headers to ScemaRegistry HTTP responses: -Content-Security-Policy -XSS-Protection -X-Frame options -Content-Type-Options -Cache-control
Cloudera Bug: OPSAPS-58541: Code to disable repeat for HBase schedules
Disabled repeat for HBase replication schedule, similar to Hive3
Cloudera Bug: OPSAPS-58435: Implement remove_peer for HBase replication
Cloudera Bug: OPSAPS-58751: Disable table for HBase replication
Implemented disable table replication for HBase schedules when removing a table from the HBase peer's tableCFs list.
Cloudera Bug: OPSAPS-58473: Implement enable_peer/disable_peer for HBase replication
Implemented enable_peer/disable_peer for HBase replication
Cloudera Bug: OPSAPS-58628: [JUnit testing] Implement enable_peer/disable_peer for HBase replication
Created JUnit tests for OPSAPS-58473: Implement enable_peer/disable_peer for HBase replication
Cloudera Bug: OPSAPS-58539: Redo HBaseReplicationCmdArgs.
Refactored HBaseReplicationCmdArgs
Cloudera Bug: OPSAPS-58542: [hbase][cdh-to-cdp] Proper paramSpec(s) instead of safety valve
Introduced new paramSpec: hbase_replication_auxiliary_info
Cloudera Bug: OPSAPS-56085: Adding a CSD version with new metrics hits staleness check upon upgrading Cloudera Manager
Multiple version compatibility ranges starting within the same major version can now be specified for built-in and CSD metrics. Metric version compatibility ranges that are not composed of one or more full major versions are now honored throughout Cloudera Manager.
Cloudera Bug: OPSAPS-58405: Add GCP support for IDBroker evaluators
GCP IDBroker configs will now appear in core-site.xml
Cloudera Bug: OPSAPS-58617: cdp-proxy topolgy is missing identity-assertion
Added identity-assertion provider into the cdp-proxy Knox topology.
Cloudera Bug: OPSAPS-59184: Incorrect Log4J configuration in Knox's
Fixed logging issues in Knox IDBroker and corrected log configuration file paths.
Cloudera Bug: OPSAPS-58820: [CDP Public Cloud][7.2.6][RAZ S3] SDX Cluster creation failed, Access Denied for hdfs user
Added hdfs user as superuser for RAZ S3
Cloudera Bug: OPSAPS-58889: HttpFS Safety Valve config for core-site.xml incorrectly gets emitted to hdfs-site.xml
HttpFS Safety Valve config for core-site.xml should now correctly be added to HttpFS core-site.xml.
Cloudera Bug: OPSAPS-54954: CM - Streams Replication Manager's Replication Configs "?" wording goes off page
Streams Replication Manager's Replication Configs help text was wrongly formatted.
Cloudera Bug: OPSAPS-55872: Missing configs in Cruise Control CSD
Added self.healing.goals, hard.goals and anomaly.detection.goals configs. affects: CM >= 7.2.1 and CDH >= 7.2.1, CM >= 7.3.0 and CDH >= 7.1.6
Cloudera Bug: OPSAPS-59143: [Knox] Failed to create new KafkaAdminClient
Fixed properties for Atlas gateway role for proper Atlas Kafka communication.
Cloudera Bug: OPSAPS-58499: Use Impala krpc port for connectivity check
This Jira is related to IMPALA-9180, which remove impala thrift based backend port and use krpc port to construct subscriber_ids.
Cloudera Bug: OPSAPS-56938: Update Spring Data Commons for Security (CM) in 6.3.3 (CVE-2018-1273)
Upgraded to Spring Data Commons 1.13.11
Cloudera Bug: OPSAPS-56854: Update Spring Framework for CM in 7.2.0 (CVE-2018-1270)
Using Spring Framework 4.3.19.RELEASE