Known Issues Fixed in Cloudera Manager 4.5.2
— Embedded PostgreSQL database permissions are incorrect.
Fixed a security vulnerability where the credentials of the embedded database is world readable. This affects the Enterprise management services that use the embedded PostgreSQL database.You need to change the permissions for /etc/cloudera-scm-server/db.mgmt.properties to be 600.
Severity: High
Resolution: Fixed in Cloudera Manager 4.5.2
chmod 600 /etc/cloudera-scm-server/db.mgmt.propertiesIf you have done a new install of Cloudera manager 4.5.2 this is not necessary, the correct permissions are in place.
— Enable short-circuit read to allow Impala 0.7 to with CDH 4.1.
In order for Impala beta 0.7 to work with CDH 4.1,after installation using Cloudera Manager, dfs.client.use.legacy.blockreader.local must be enabled via the Impala Daemon HDFS Safety Valve.
Note: If you upgrade to CDH4.2, you must remove this property.
Severity: Low
Resolution: Fixed in Cloudera Manager 4.5.2
<property> <name>dfs.client.use.legacy.blockreader.local</name> <value>true</value> </property>.
— Enabling the NameNode to bind to wildcard address does not work in Cloudera Manager 4.5.
In Cloudera Manager 4.5 enabling the NameNode to bind to wildcard address does not work for non-Highly Available and non-Federated HDFS. It works correctly if High Availability or Federated HDFS is configured.
Severity: Medium
Resolution: Fixed in Cloudera Manager 4.5.2
Workaround: Add the following to the NameNode hdfs-site safety valve:
<property> <name>dfs.namenode.rpc-address</name> <value>0.0.0.0:8020</value> </property>
— HiveServer2 is missing the concurrency configuration.
HiveServer2 requires the "hive.support.concurrency" and "hive.zookeeper.quorum" properties to be configured, otherwise it can cause Hive data and metadata corruption. The Cloudera Manager Validator will warn if these properties are missing for HiveServer2 or for the service-wide safety valve.
Severity: High
Resolution: Fixed in Cloudera Manager 4.5.2.
Workaround:
<property> <name>hive.support.concurrency</name> <value>true</value> </property> <property> <name>hive.zookeeper.quorum</name> <value>zk1.myco.com,zk2.myco.com,zk3.myco.com</value> </property>
Note that this requires installing ZooKeeper and setting up a ZooKeeper ensemble, if you have not already done so.