Monitoring Components - EEP 7.1.1 Release Notes

The notes below relate specifically to the HPE Ezmeral Data Fabric.

These release notes contain only data-fabric-specific information and are not necessarily cumulative in nature. For information about how to use the release notes, see Ecosystem Component Release Notes.

Version The EEP 7.1.1 release contains the following monitoring-component versions:
  • Collectd 5.10.0.0
  • Fluentd 1.10.3.200
  • Opentsdb 2.4.0
  • Elasticsearch 6.8.8.300
  • Grafana 7.5.2.200
  • Kibana 6.8.8.300
Release Date October 2021
Version Interoperability Component Versions for Released EEPs
Package Names Package Names for Ecosystem Packs (EEPs)

New in This Release

  • EEP 7.1.1 includes updates to all monitoring components.
  • In Grafana 7.5.x, the steps to display sample dashboards are different from the steps used in previous versions of Grafana. For more information, see Sample Dashboards in Grafana.

Fixes

Principal fixes in this release include:
  • COLD-206: Activate Java logging in collectd
  • COLD-208: Collectd Log rotation fails when SELinux is enabled
  • ES-85: Configure.sh fails to get ip address of interface on SLES
  • FLUD-54: Fluentd log rotation fails when SELinux is enabled
  • FLUD-59: Configure.sh failed to extract certs when clustername is not all lowercase
  • KIB-54: Fix es_mgmt.sh not getting correct return codes - 688 changed format
  • KIB-55: Configure.sh fails to extract certs when clustername is not all lowercase
  • OTSDB-121: CVE-2018-10237,CVE-2020-8908 vulnerabilities in Guava
  • OTSDB-128: Opentsdb.err file is overwritten / not preserved on restart
  • OTSDB-130: Ot_purgeData.log log rotation fails when selinux is enabled and enforcing
  • SPYG-1146: Centos8.4 Searchguard - SearchGuardSSLNettyHttpServerTransport - Exception during establishing a SSL connection: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate

Known Issues and Limitations

This release contains the following known issues and limitations:
  • SPYG-1146: In Elasticsearch 6.8.8, Elasticsearch generates a fatal exception when used with Java 11.0.12 on RHEL/CentOS 8.3 or 8.4. This issue can occur in EEP 7.0.0, 7.0.1, or 7.1.0. The following message can be seen in the monitoring log in the Elasticsearch log directory:
    Unable to check whether cluster is sane: None of the configured nodes are available: [{#transport#-1}{mMuDVg1_TFytqJ-sgcTNjQ}{m2-mapreng-vm167242.mip.storage.hpecorp.net}{10.163.167.242:9300}]
06:17:07.986 [elasticsearch[_client_][transport_worker][T#1]] ERROR com.floragunn.searchguard.ssl.http.netty.SearchGuardSSLNettyHttpServerTransport - Exception during establishing a SSL connection: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
	at sun.security.ssl.Alert.createSSLException(Alert.java:131) ~[?:?]
	at sun.security.ssl.Alert.createSSLException(Alert.java:117) ~[?:?]
	at sun.security.ssl.TransportContext.fatal(TransportContext.java:336)
    Workaround: Use one of the following workarounds:
    • Do not run Elasticsearch with Java 11.0.12. If you see this problem, reinstall 11.0.11 or an earlier Java release.
    • If you want to continue running Elasticsearch with Java 11.0.12, use the following keytool command to import the certificates. You must provide the truststore password and cluster name:
      cat /opt/mapr/conf/ca/signing-ca.pem | keytool \
    -import \
    -v \ 
    -keystore /opt/mapr/conf/ssl_usertruststore \
    -storepass <truststore_password> \ 
    -noprompt -alias <cluster_name>-root-signing-ca
  • ES-85: In EEP 7.x.x with SLES 15 SP2, the Elasticsearch configure.sh module generates an error saying it cannot find a DNS or IP address. The configure.sh command succeeds, but Elasticsearch fails to start because it is not configured correctly.

    Workaround: Upgrade to EEP 7.1.1 or later, where this issue is fixed.

Resolved Issues

  • None.