Known issues and limitations in Cloudera Data Warehouse Private Cloud

This section lists known issues and limitations that you might run into while using the Cloudera Data Warehouse (CDW) service CDP Private Cloud.

CDW Private Cloud general known issues and limitations

DWX-5091: SSL-enabled PostgreSQL database required for Hive Metastore on the CDP base cluster on the Cloudera Manager side
The database that is used for the Hive Metastore on the base CDP cluster (Cloudera Manager side) must be PostgreSQL, and must meet the following requirements:
  • SSL-enabled.
  • Uses the same keystore containing an embedded certificate as Ranger and Atlas uses.
To use the same keystore with embedded certificate for Ranger and Atlas:
  • If you are using Auto-TLS:

    In the Management Console Administration page, navigate to Security > Enable Auto-TLS and add the certificate name (for example, /path/to/postgres.pem) in the Trusted CA Certificate option.

  • If you are not using Auto-TLS:

    Ensure that the public certificate of the certificate authority (CA) that signed the Hive metastore database's certificate is present in Cloudera Manager's JKS truststore. If the certificate is self-signed, import that certificate into Cloudera Manager's JKS truststore: In the Management Console Administration page, find the path to Cloudera Manager's JKS truststore by navigating to Administration > Settings > Security > Cloudera Manager TLS/SSL Client Trust Store File. Import the CA's certificate into that JKS file.

    To add the certificate name to an existing or a new JKS file, use the following keytool command, which uses the same example certificate name:

    keytool -import -alias postgres -file /path/to/postgres.pem -storetype JKS -keystore /path/to/cm.jks

    Where /path/to/cm.jks is the JKS file that is configured by Cloudera Manager.

    This ensures that the file specified for Cloudera Manager TLS/SSL Client Trust Store File is passed to Management Console and workloads.

DWX-5129: Management Console and CDW service workloads must reside in the same OpenShift cluster
Problem: If Management Console and the CDW service workload reside on two different OpenShift clusters, the workload will fail.
Workaround: Ensure during environment registration in Management Console that you point to the same OpenShift cluster as you did during installation.

Environments on OpenShift Clusters for CDW Private Cloud

DWX-4723: HTTP 504 Gateway timeout error returned when you delete an environment
Problem: When a CDW Private Cloud environment is deleted in the CDW Private Cloud UI, an HTTP 504 Gateway timeout error can be returned.
Workaround: Using the OpenShift CLI, increase the route timeout to 60s on the OpenShift cluster:
oc annotate route <route-name> --overwrite
For more information about setting this timeout, see the OpenShift documentation.

Database Catalogs on CDW Private Cloud

DWX-4534: Default Database Catalog fails to start when Hive metastore on base cluster does not use PostgreSQL database
In CDW Private Cloud version 1.0, you must use a PostgreSQL database for your Hive metastore on the base cluster. For more information, see Base cluster database requirements for CDW Private Cloud.
DWX-5247: Database Catalog managed tables location points to incorrect directory
Problem: Default Database Catalogs that are created with the CDW Private Cloud UI point to an incorrect directory location for managed tables.
Workaround: To correct this, perform the following steps:
  1. Using Data Analytics Studio (DAS), run a DESCRIBE statement to check the default database MANAGEDLOCATION setting:
    DESCRIBE database default;
    DB_NAME   COMMENT                 LOCATION                           MANAGEDLOCATION                 more…
    default   Default Hive database   hdfs://ns1/warehouse/dwx- more...  hdfs://ns1/user/hive/warehouse  more…
    Note the HDFS URL because you will need it to correct the setting in Step 3.
  2. Still using DAS, run the following query to get the correct path for the default database:
    SET hive.metastore.warehouse.dir;
    Note that this path does not include the HDFS URL that you obtained in Step 1.
  3. A user with ALTER privileges on the default database sets the database's MANAGEDLOCATION using the following elements from previous steps:
    • HDFS URL from Step 1: hdfs://ns1…
    • Results returned by the SET statement used in Step 2: …/warehouse/dwx-impala7b096/warehouse-1597085504-c4b/warehouse/tablespace/managed/hive
    ALTER DATABASE default SET MANAGEDLOCATION 'hdfs://ns1/warehouse/dwx-impala7b096/warehouse-1597085504-cv4b/warehouse/tablespace/managed/hive';

Hive Virtual Warehouses on CDW Private Cloud

DWX-4703: Using UDFs and custom JARs are not supported
Problem: In the GA (general availability) release of Cloudera Data Warehouse Private Cloud, using UDFs and custom JARs are not supported on Hive Virtual Warehouses.
Workaround: none
DWX-4842: Entities are not being created in Atlas
Problem: Base clusters that are using Java 11 might be using truststores in PKCS12 format. Currently, Hive Virtual Warehouses on CDW Private Cloud only supports truststores in JKS format. This prevents the entities from being created in Atlas.
Workaround: Using the keytool, convert the PKCS12 truststore in the base cluster to a JKS truststore.
DWX-5241: Intermittent query execution failures
Problem: Query execution might fail producing return code 2 from org.apache.hadoop.hive.ql.exec.tez.TexTask with multiple Vertex class errors.
Workaround: To address this issue set either of the following properties to false at the session-level:
SET hive.mapjoin.optimized.hashtable=false;
SET hive.optimize.scan.probedecode=false;

Impala Virtual Warehouses on CDW Private Cloud

DWX-5172 and DWX-5229: Hue UI does not load
Problem: On Impala Virtual Warehouses, the Hue UI does not load if unsecured LDAP or OpenLDAPs is being used for authentication.
Workaround: To load the Hue UI for Impala Virtual Warehouses, use Active Directory LDAP over SSL for authentication (LDAPS).

Hue on CDW Private Cloud

DWX-5229 and DWX-5172: Hue only supports Active Directory LDAP over SSL authentication
Logging in to the Hue UI on CDW Private Cloud version 1.0 fails if OpenLDAP is the configured authentication method. Instead, Hue only supports Active Directory LDAP over SSL in CDW Private Cloud version 1.0.