Fixed Issues in Cloudera Manager 7.9.0

Fixed issues in Cloudera Manager 7.9.0.

Cloudera Bug: OPSAPS-59363: TLS 1.0 and 1.1 protocols are out-of-date and contain security vulnerabilities
This issue has been fixed by disabling the old TLS (1.0 and 1.1) protocols for every JVM started by Cloudera Manager and upgrading to a higher version of the protocol (1.2 or 1.3). Cloudera Manager now only supports TLS 1.2 for Java 8. For Java 11 and higher versions, Cloudera Manager supports TLS 1.2 and TLS 1.3.
Cloudera Bug: OPSAPS-62050: Unable to download client configurations using the endpoint (cdp-proxy-api clientConfig) for services without setting CLIENT_CONFIG_AUTH param
This issue has been fixed now, and the cdp-proxy-api endpoint for clientConfig can be used successfully without setting authorization to access clientConfig.
Cloudera Bug: OPSAPS-62802: Unable to track individual health test changes through SNMP traps
When SNMP traps contain merged health test alerts the monitoring systems fail to track the individual health test changes. This issue has been fixed now by separating the health test alerts, disabling merging the health tests in Service Monitor and Host Monitor, and enabling open and close SNMP traps.
Cloudera Bug: OPSAPS-62805: Kafka role log file retrieval fails and diagnostic bundles do not contain the Kafka broker role logs.

Fixed an issue where Kafka and Cruise Control role-level logs cannot be accessed due to a u'LOG4J2 issue. Added LOG4J2 in the file to provide support to the LOG4J2 log type for accessing service logs through Cloudera Manager UI.

Cloudera Bug: OPSAPS-62908: Missing metrics in a diagnostic bundle for CSD based roles
Fixed an issue where CSD based services were missing metrics in the diagnostic bundle since they use a different naming convention.
Cloudera Bug: OPSAPS-63475: Cloudera Manager server log reports an illegal character error while adding a new host using host template
Fixed an issue where, in some cases, Host templates and Role groups accept the special character "forward slash (/)" but breaks the API.
Cloudera Bug: OPSAPS-63521: Port 9000 (heartbeat port) is not using a strong cipher
This issue has been fixed now by introducing a strict server_cipher_list on port 9000 and setting up the cipher preference according to the Cloudera Manager server.
Cloudera Bug: OPSAPS-63605: An Event server cannot start after an upgrade due to a field type mismatch
Fixed an issue where, in case of sufficiently long event attributes, a deprecated field type is replaced with an incompatible field type in the backing data store as part of the Cloudera Manager upgrade. This prevents the Event server from starting. This fix changes the field type to a compatible one.
Cloudera Bug: OPSAPS-63640: Cloudera Manager runs out of memory with Kafka
Fixed an issue where monitoring a large number of Kafka producers could cause Cloudera Manager performance to degrade and run out of memory.
Cloudera Bug: OPSAPS-63881: Permissions of user directories under /var/lib/ is 700 on RHEL 8.4
This issue applies only when RHEL 8.4 or higher is used. In these versions the /etc/login.defs file has HOME_MODE configured with 700 permissions. Due to this, service directories were incorrectly created with 700 permissions.
Cloudera Bug: OPSAPS-63739: RPC command calls timeout to fetch NFS mount points and causes heartbeat delays
Fixed an issue where, in some cases, heartbeats are delayed due to an RPC command timing out when stale (non-responsive) NFS mount points exist on a host and the end-user has configured the Cloudera Manager agent not to monitor NFS filesystems.
Cloudera Bug: OPSAPS-64599: The Service Monitor logs are flooded with error messages during the CDH 5 cluster management
Fixed an issue where a dependency conflict prevents periodic HBase monitoring tasks, and Service Monitor logs are flooded with NoClassDefFoundError errors when Cloudera Manager is managing a CDH 5 cluster.
Cloudera Bug: OPSAPS-64602: Error message about an unsupported ciphersuite on FIPS upgrade
While upgrading a FIPS-enabled cluster, Cloudera Manager is unable to download the new Cloudera Runtime parcel from the Cloudera parcel archive. This issue is fixed by updating the list of supported ciphersuites.
Cloudera Bug: OPSAPS-64619: Refreshing the Data Hub cluster using the Refresh Cluster option fails with an error
Fixed an issue where, during the Data Hub cluster upgrade, the refresh cluster command fails with the following error: Failed to update refreshable configuration files in the cluster.