Fixed Issues in Cloudera Manager 7.6.5

Fixed issues in Cloudera Manager 7.6.5.

Cloudera Bug: OPSAPS-63460 :

NFS mounts in pods are preventing nodes from restarting for an upgrade. This happens due to Longhorn going into a repair mode, please wait for the repair to complete and then resume the upgrade.

Cloudera Bug: OPSAPS-62357: Atlas JDK 11 version check needs to be fixed

Atlas JDK version check has now been improved to check for JDK 11. After upgrading Cloudera Manager, configuration staleness for thje Atlas service is expected, users must ensure sufficient downtime and restart the Atlas service.

Cloudera Bug: OPSAPS-62559: Delete Credentials is failing on RedHat8.2 with Active Directory KDC

For CDP Private Cloud Base running on RedHat 8 and higher, you may encounter an error when attempting to delete credentials if Active Directory is used as the Kerberos KDC. This has been fixed.

Cloudera Bug: OPSAPS-63124: Add option for Reports Manager snapshot processing to be turned on/off

Enabling snapshot processing caused an unexpected increase of memory consumption of the Reports Manager. This fix turns off this feature by default, therefore the memory consumption will not increase as much as before. For customers who want to use the snapshot processing feature and see the snapshot space consumption in the HDFS Directory Usage Report, the feature can be enabled on the Reports Manager configuration page with the snapshot.processing.enabled property.

Cloudera Bug: OPSAPS-62167NFS provisioner fails on cluster with more than ~10 nodes

Fixed longhorn nfs_provisioner failing to start on clusters with more than 10 nodes.

Cloudera Bug: OPSAPS-62657: ECS HA fails during FirstRun

Fixed an issue where selecting multiple ECS Server hosts during install would randomly result in a installation failure.

Cloudera Bug: OPSAPS-61852: Unable to remove hosts from Cloudera Manager or cluster - non-existing host running Docker server previously

For more information, see Manually uninstalling ECS from a cluster

Cloudera Bug: OPSAPS-61278: The Streams Replication Manager Client’s secure storage fails to generate correctly in FIPS-enabled clusters

The Streams Replication Manager client configuration secure storage did not work on FIPS-enabled clusters, which caused problems when trying to use the srm-control tool with the deployed client configurations. Secure storage is now working in FIPS enabled clusters.

Cloudera Bug: OPSAPS-62087: Upgrade ttorrent-core

The ttorrent-core dependency has been removed due to CVE issues. This fixes the following CVEs: CVE-2008-0071, CVE-2008-0364, CVE-2008-4434, CVE-2008-7166, CVE-2014-8515, CVE-2015-5474

Cloudera Bug: OPSAPS-62548: TopicMetrics get deleted from Cloudera Manager during restart or Kafka partition reassignment

Fixed an issue where KafkaTopicMetrics were accidentally deleted from ServiceMonitor's Timeseries database during a Kafka restart or partition leader change.

Cloudera Bug: OPSAPS-62581: Address log4j CVE-2021-44228

This patch addresses CVE-2021-44228 for log4j.

Cloudera Bug: OPSAPS-62588: Cloudera Manager: Upgrade Logredactor to version 2.0.11 to remediate CVE-2021-44228

This patch addresses CVE-2021-44228 affecting log4j library.

Cloudera Bug: OPSAPS-62670: Upgrade the transitive dependency of Log4j2 used by Hive in Cloudera Manager to 2.17.1

In some scenarios, a role may already exist in Ranger, In that case Authzmigrator tool throws an error because the role already exists. This has been fixed.

Cloudera Bug: OPSAPS-62760: Jetty version shown in HTTP header

The Jetty error page has been modified to hide the version and Jetty server name.

Cloudera Bug: OPSAPS-62770: Cloudera Manager Server setting HBaseCmdOpts.hbaseClusterKey incorrectly.

When using the Cloudera Manager API, when ApiHBaseReplicationArguments.hbaseClusterKey was left null/empty, the Cloudera Manager server supplied an incorrect default value for the cluster key. With this fix, if the value is null or empty, the correct cluster key is set.

The cluster key generated is hbase.zookeeper.quorum:hbase.zookeeper.property.clientPort:zookeeper.znode.parent.

Cloudera Bug: OPSAPS-62812: HostMonitor: Missing HSTS Header

Fixed an issue where the Service Monitor and Host Monitor only open a single port when TLS is used for increased security.

Cloudera Bug: OPSAPS-62836: WAITING_FOR_SOURCE_RESTART status when cluster setup hasn't started

Sometimes during HBase Replication First Time setup, the status may report WAITING_FOR_SOURCE_RESTART before it is really waiting for the source to restart. This behavior has been fixed to report the correct status.

Cloudera Bug: OPSAPS-62910: HBase peer is not removed if several policies are deleted simultaneously

When attempting concurrent deletion of an HBase policy, when the last policy referencing the HBase peer is deleted, the HBase peer will be deleted as well.

Cloudera Bug: OPSAPS-62948: Simultaneous HBase policy creation can fail

When attempting to create multiple HBase policies concurrently, sometimes all of the create operations did not complete. With this fix, all concurrent create operations should succeed.

Cloudera Bug: OPSAPS-62956: Failed delete of policy for which creation failed

When multiple HBase policies are created concurrently, sometimes some of them would fail, or succeed but have wrong column families saved. With this fix, they should now all succeed, and the underlying HBase peer should contain all of the tables/column families from all the policies created.

Cloudera Bug: OPSAPS-62970: Upgrade AuthzMigrator to handle Ignore "already exists" failures

This fix handles the scenario where roles already exist in Ranger.

Cloudera Bug: OPSAPS-62980: Browser crashes with out-of-memory error when Dashboards contain numerous or complex charts

Browser crashed with out-of-memory error on complex Dashboard pages due to charts resize, drag and drop functionality.

You can now use the new Edit Layout menu option on the Dashboard pages and chart sections (e.g. Cluster, Host, Service, Role status pages) for enabling resize functionality. By default, the charts position and size are static. In order to modify the chart size, position they use the Edit Layout menu option.

Cloudera Bug: OPSAPS-62998: Synchronization of HBase peer disable/enable

When concurrent HBase enable/disable policy operations are run, sometimes the final policy status was inconsistent. For instance, after the last operation that completed, the policy status was not set as desired. This situation can be sporadic. With this fix, the HBase policy status will be set reliably.

Cloudera Bug: OPSAPS-63069: Kafka keystore and truststore type is not configured for Cruise Control metrics reporter

The keystore and truststore types are now correctly supported by the Cruise Control metrics reporter in the Kafka broker. Previously, the type would not be configured, causing issues if the store type did not match the default type. Now the type is correctly configured.

Cloudera Bug: OPSAPS-63077: Fix decommisioning/recommissioning nodemanager failure in YARN

If Zookeeper config store is set in YARN, and QueueManager is not used every YARN node decommission caused an exception, because it called the refreshQueues command (which is disallowed if a mutable configuration store is used). This has been fixed

Cloudera Bug: OPSAPS-63104: Streams Replication Manager Service Co-Located Service password default is invalid

The Streams Replication Manager Service Basic Authentication would not work with the default, random generated password. Streams Replication Manager Service Basic Authentication default password is identical on all Streams Replication Manager Service role instances without any extra actions.

Cloudera Bug: OPSAPS-63138: HBase first time setup is green although remote command failed

When Cloudera Manager does HBase replication first time setup between the given source and destination and the HBASE_REPLICATION_AUXILIARY_INFO parameter was unintentionally left there from an older HBase replication first time setup, then the 'Admin setup remote command' step failed and was ignored on the source. Therefore the HBase replication first time setup command was still displayed as successful on the destination. This has been fixed

Cloudera Bug: OPSAPS-63158: Cruise Control may not able to start after upgrade, when the initial cluster version is 7.2.14 or lower and the post-upgrade version is 7.2.14.

This issue occured when any of Cruise Control's goals lists (default-, supported-, hard-, self-healing-, anomaly detection goals) contain com.linkedin.kafka.cruisecontrol.analyzer.goals.RackAwareGoal.

Cruise Control now automatically overrides all of the deprecated RackAwareGoal occurrences with RackAwareDistributionGoal, in its configurations during a parcel upgrade.

Cloudera Bug: OPSAPS-63419: Yarn MR Aggregation job fails with pt_PT locale

Fixed an issue where the Yarn MR Aggregation job got stuck with certain locale settings.

Cloudera Bug: OPSAPS-62471: Revert OPSAPS-32569 Disable HBase replication monitoring when Kerberos is enabled

Fixed an issue where HBase replication monitoring was not enabled when Kerberos was enabled.