Fixed Issues in Apache Kudu
Review the list of Apache Kudu issues that are resolved in Cloudera Runtime 7.2.12.
- KUDU-1921: Add ability for clients to require authentication/encryption
- Kudu servers support requiring authentication and encryption to be enabled, and clients prefer connecting in a secure way, but if a server does not support authentication and/or encryption, the client will silently connect insecurely, which can lead to a downgrade attack. With this fix, clients can require authentication and encryption to be set using the client API, where if such an attack is attempted, the client will fail to connect to the cluster.
- KUDU-2302: Leader crashes if it can't resolve DNS address of a peer
-
When a tablet replica is elected leader, it constructs Peer objects for each replica in the Raft configuration to send RPCs to each. If during this construction any remote peer cannot be reached for any reason, it could result in a crash. This fix allows to start Peers without a proxy, and retries constructing the proxy the next time a proxy is required.
- KUDU-3291: Crash when performing a diff scan after delta flush races with a batch of ops that update the same row
-
Performing an incremental backup of rows that had many batches of update could result in a crash.
- KUDU-3297: KRPC connection negotiation fails with RedHat/CentOS cyrus-sasl-gssapi-2.1.27-5 for secure clusters
-
Prior to this patch, GSSAPI-involved scenarios of the negotiation-test and security-itest would fail when running against the GSSAPI plugin with patch applied. With this patch, all scenarios in the negotiation-test and the security-itest pass.