Known Issues and Limitations in Cloudera Manager 6.2.0

Cloudera Manager 6.2.0 does not have the correct license notification

Cloudera Manager 6.2.0 contains the third-party license notification for a previous release. You can view the correct license notification file here or on the Third-party License Page for Cloudera Manager.

Limitations for Virtual Private Clusters

There are a number of limitations and considerations for running Virtual Private Clusters, including the types of services you can run on a Compute cluster and supported versions of CDH. See Compatibility Considerations for Virtual Private Clusters.

Restart of Impala and Hive required for Cloudera Manager 6.2 upgrade with ADLS

After upgrading to Cloudera Manager 6.2 or higher, Impala and Hive will be marked as stale for users running CDH 6.1 and using the ADLS Service. You will need to restart Hive and Impala before being able to connect to ADLS Gen2, but all previous functionality will continue to work without a restart. The configurations that will be marked stale are:
  • fs.azure.account.auth.type
  • fs.azure.account.oauth.provider.type
  • fs.azure.account.oauth2.client.endpoint
  • fs.azure.account.oauth2.client.id
  • fs.azure.account.oauth2.client.secret.

Cloudera Bug: OPSAPS-47436

Add Hive Execution Service on Compute Cluster for Hue

To enable Hue to run Hive queries on a Compute cluster, you must install the Hive Execution Service on the Compute cluster.

Alternately, you can disable the Hive editor in Hue to prevent users from using it (it will not work correctly) by doing the following:
  1. In the Cloudera Manager Admin console, go to the Hue service on the Compute cluster.
  2. Open the Hue Web UI.
  3. Select Admin > Manage Users.
  4. Select the Group tab.
  5. Click on the row containing the default group.
  6. De-select the beeswax.access:Launch this application permission.
  7. Click Update Group.

Cloudera Bug: DOCS-4438 OPSAPS-49062

BDR invalidate metadata command

When running a Hive replication job, the invalidate metadata command is run automatically by the replication job and runs as the impala user. If an administrator has configured a different user with permissions to run the invalidate metadata command, the command fails.

Workaround: Grant the Impala user permission to run the invalidate metadata command.

Cloudera Bug: OPSAPS-49215

TLS Protocol Error with OpenJDK

If you are using an older version of OpenJDK 1.8 and have enabled SSL/TLS for the Cloudera Manager Admin Console, you may encounter a TLS protocol error when connecting to the Admin Console, stating that there are no ciphers in common. This is because older versions of OpenJDK may not implement certain TLS ciphers, causing an inability to log into the Cloudera Manager Admin Console when TLS is enabled.

Workaround:

You can workaround this issue by doing one of the following:
  • Upgrade OpenJDK to a supported version of OpenJDK that is higher than version 1.8.0_181.
  • If it is not possible to upgrade OpenJDK, enable less secure TLS ciphers in Cloudera Manager. You can do this by opening the /etc/default/cloudera-scm-server in a text editor and adding the following line:
    export CMF_OVERRIDE_TLS_CIPHERS=<cipher_list>
    Where <cipher_list> is a list of TLS cipher suites separated by colons. For example:
    export CMF_OVERRIDE_TLS_CIPHERS="TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:TLS_DHE_RSA_WITH_AES_128_CBC_SHA:TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:TLS_DHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:TLS_EDH_RSA_WITH_3DES_EDE_CBC_SHA:TLS_RSA_WITH_AES_128_GCM_SHA256:TLS_RSA_WITH_AES_256_GCM_SHA384:TLS_RSA_WITH_AES_128_CBC_SHA256:TLS_RSA_WITH_AES_256_CBC_SHA256:TLS_RSA_WITH_AES_128_CBC_SHA:TLS_RSA_WITH_AES_256_CBC_SHA:TLS_RSA_WITH_3DES_EDE_CBC_SHA"
    

Cloudera Bug: OPSAPS-49578