Cloudera Docs

Known Issues in Schema Registry

Learn about the known issues in Schema Registry, the impact or changes to the functionality, and the workaround in Cloudera Runtime 7.1.9 SP1 CHF 7.

Known issues identified in Cloudera Runtime 7.1.9 SP1 CHF 7

There are no new known issues identified in this release.

Known issues identified before Cloudera Runtime 7.1.9 SP1 CHF 7

CDPD-40380: Authorization checking issue when Kerberos is disabled

Due to an issue in Ranger, when Kerberos is disabled then it is not possible to check authorization.

  1. Open Schema Registry configuration in Cloudera Manager.
  2. Find the ranger.plugin.schema-registry.service.name field.
  3. Replace GENERATED_RANGER_SERVICE_NAME with the actual name of the service.
  4. Restart the Schema Registry service.
CDPD-49304: AvroConverter does not support composite default values
AvroConverter cannot handle schemas containing a STRUCT type default value.
None.
OPSAPS-68708: Schema Registry might fail to start if a load balancer address is specified in Ranger
Schema Registry does not start if the address specified in the Load Balancer Address Ranger property does not end with a trailing slash (/).
Set the value of the RANGER_REST_URL Schema Registry environment variable to an address that includes a trailing slash.
  1. In Cloudera Manager, select the Schema Registry service.
  2. Go to Configuration.
  3. Find the Schema Registry Server Environment Advanced Configuration Snippet (Safety Valve) property and add the following:
    Key: RANGER_REST_URL
        Value: [***RANGER REST API URL***]
    Replace [***RANGER REST API URL***] with an address that can be used by Schema Registry to access Ranger. Ensure that the address ends with a trailing slash. For example: https://ranger-1.cloudera.com:6182/
  4. Restart the Schema Registry service.
OPSAPS-70971: Schema Registry does not have permissions to use Atlas after an upgrade
Following an upgrade, Schema Registry might not have the required permissions in Ranger to access Atlas. As a result, Schema Registry's integration with Atlas might not function in secure clusters where Ranger authorization is enabled.
  1. Access the Ranger Console (Ranger Admin web UI).
  2. Click the cm_atlas resource-based service.
  3. Add the schemaregistry user to the all - * policies.
  4. Click Manage Service > Edit Service.
  5. Add the schemaregistry user to the default.policy.users property.
OPSAPS-69317: Kafka Connect Rolling Restart Check fails if SSL Client authentication is required
The rolling restart action does not work in Kafka Connect when the ssl.client.auth option is set to required. The health check fails with a timeout which blocks restarting the subsequent Kafka Connect instances.
You can set ssl.client.auth to requested instead of required and initiate a rolling restart again. Alternatively, you can perform the rolling restart manually by restarting the Kafka Connect instances one-by-one and checking periodically whether the service endpoint is available before starting the next one.