Fixed Issues in Cloudera Manager 7.9.0
Fixed issues in Cloudera Manager 7.9.0.
- Cloudera Bug: OPSAPS-59363: TLS 1.0 and 1.1 protocols are out-of-date and contain security vulnerabilities
- This issue has been fixed by disabling the old TLS (1.0 and 1.1) protocols for every JVM started by Cloudera Manager and upgrading to a higher version of the protocol (1.2 or 1.3). Cloudera Manager now only supports TLS 1.2 for Java 8. For Java 11 and higher versions, Cloudera Manager supports TLS 1.2 and TLS 1.3.
- Cloudera Bug: OPSAPS-62050: Unable to download client configurations
using the endpoint (
cdp-proxy-api clientConfig) for services without settingCLIENT_CONFIG_AUTHparam - This issue has been fixed now, and the
cdp-proxy-apiendpoint for clientConfig can be used successfully without setting authorization to access clientConfig. - Cloudera Bug: OPSAPS-62802: Unable to track individual health test changes through SNMP traps
- When SNMP traps contain merged health test alerts the monitoring systems fail to track the individual health test changes. This issue has been fixed now by separating the health test alerts, disabling merging the health tests in Service Monitor and Host Monitor, and enabling open and close SNMP traps.
- Cloudera Bug: OPSAPS-62805: Kafka role log file retrieval fails and diagnostic bundles do not contain the Kafka broker role logs.
-
Fixed an issue where Kafka and Cruise Control role-level logs cannot be accessed due to a u'LOG4J2 issue. Added
LOG4J2in the log_search.py file to provide support to theLOG4J2log type for accessing service logs through Cloudera Manager UI. - Cloudera Bug: OPSAPS-62908: Missing metrics in a diagnostic bundle for CSD based roles
- Fixed an issue where CSD based services were missing metrics in the diagnostic bundle since they use a different naming convention.
- Cloudera Bug: OPSAPS-63475: Cloudera Manager server log reports an illegal character error while adding a new host using host template
- Fixed an issue where, in some cases, Host templates and Role groups accept the special character "forward slash (/)" but breaks the API.
- Cloudera Bug: OPSAPS-63521: Port 9000 (heartbeat port) is not using a strong cipher
- This issue has been fixed now by introducing a strict server_cipher_list on port 9000 and setting up the cipher preference according to the Cloudera Manager server.
- Cloudera Bug: OPSAPS-63605: An Event server cannot start after an upgrade due to a field type mismatch
- Fixed an issue where, in case of sufficiently long event attributes, a deprecated field type is replaced with an incompatible field type in the backing data store as part of the Cloudera Manager upgrade. This prevents the Event server from starting. This fix changes the field type to a compatible one.
- Cloudera Bug: OPSAPS-63640: Cloudera Manager runs out of memory with Kafka
- Fixed an issue where monitoring a large number of Kafka producers could cause Cloudera Manager performance to degrade and run out of memory.
- Cloudera Bug: OPSAPS-63881: Permissions of user directories under /var/lib/ is 700 on RHEL 8.4
- This issue applies only when RHEL 8.4 or higher is used. In
these versions the
/etc/login.defsfile has HOME_MODE configured with 700 permissions. Due to this, service directories were incorrectly created with 700 permissions. - Cloudera Bug: OPSAPS-63739: RPC command calls timeout to fetch NFS mount points and causes heartbeat delays
- Fixed an issue where, in some cases, heartbeats are delayed due to an RPC command timing out when stale (non-responsive) NFS mount points exist on a host and the end-user has configured the Cloudera Manager agent not to monitor NFS filesystems.
- Cloudera Bug: OPSAPS-64599: The Service Monitor logs are flooded with error messages during the CDH 5 cluster management
- Fixed an issue where a dependency conflict prevents periodic HBase monitoring tasks, and Service Monitor logs are flooded with NoClassDefFoundError errors when Cloudera Manager is managing a CDH 5 cluster.
- Cloudera Bug: OPSAPS-64602: Error message about an unsupported ciphersuite on FIPS upgrade
- While upgrading a FIPS-enabled cluster, Cloudera Manager is unable to download the new Cloudera Runtime parcel from the Cloudera parcel archive. This issue is fixed by updating the list of supported ciphersuites.
- Cloudera Bug: OPSAPS-64619: Refreshing the Data Hub cluster using the Refresh Cluster option fails with an error
- Fixed an issue where, during the Data Hub cluster upgrade, the refresh cluster command fails with the following error: Failed to update refreshable configuration files in the cluster.
