https://community.cloudera.com/t5/Support-Questions/hive-server2-thrift-http-cookie-auth-enabled/m-p/300530#M220279 <P>Hi Team,</P><P>We are hitting a bug&nbsp;<STRONG>BUG-77340&nbsp;</STRONG>where&nbsp;<SPAN>HS2 failover requires knox restart if cookie use is enabled for HS2. We checked&nbsp;<A href="https://my.cloudera.com/knowledge/quotError-opening?id=273455" target="_blank">https://my.cloudera.com/knowledge/quotError-opening?id=273455</A>&nbsp;and it is mentioned to set&nbsp;<STRONG>hive.server2.thrift.http.cookie.auth.enabled</STRONG> to <STRONG>false</STRONG>. We would like to know if there is any known performance impact if we set this parameter to false.&nbsp;</SPAN></P><P>&nbsp;</P><P><SPAN>Also, we have below parameters set to 600s but still we are seeing server&nbsp;<STRONG>500 </STRONG>error.</SPAN></P><LI-CODE lang="markup">gateway.httpclient.connectionTimeout 600s gateway.httpclient.socketTimeout 600s</LI-CODE><P>&nbsp;</P> Wed, 29 Jul 2020 10:28:39 GMT AdityaShaw 2020-07-29T10:28:39Z https://community.cloudera.com/t5/Support-Questions/hive-server2-thrift-http-cookie-auth-enabled/m-p/300530#M220279 <P>Hi Team,</P><P>We are hitting a bug&nbsp;<STRONG>BUG-77340&nbsp;</STRONG>where&nbsp;<SPAN>HS2 failover requires knox restart if cookie use is enabled for HS2. We checked&nbsp;<A href="https://my.cloudera.com/knowledge/quotError-opening?id=273455" target="_blank">https://my.cloudera.com/knowledge/quotError-opening?id=273455</A>&nbsp;and it is mentioned to set&nbsp;<STRONG>hive.server2.thrift.http.cookie.auth.enabled</STRONG> to <STRONG>false</STRONG>. We would like to know if there is any known performance impact if we set this parameter to false.&nbsp;</SPAN></P><P>&nbsp;</P><P><SPAN>Also, we have below parameters set to 600s but still we are seeing server&nbsp;<STRONG>500 </STRONG>error.</SPAN></P><LI-CODE lang="markup">gateway.httpclient.connectionTimeout 600s gateway.httpclient.socketTimeout 600s</LI-CODE><P>&nbsp;</P> Wed, 29 Jul 2020 10:28:39 GMT https://community.cloudera.com/t5/Support-Questions/hive-server2-thrift-http-cookie-auth-enabled/m-p/300530#M220279 AdityaShaw 2020-07-29T10:28:39Z https://community.cloudera.com/t5/Support-Questions/hive-server2-thrift-http-cookie-auth-enabled/m-p/300532#M220281 <P>Hello&nbsp;<a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/79669">@AdityaShaw</a>&nbsp;,</P><P>&nbsp;</P><P>thank you for inquiring about the performance impact on <A href="https://docs.cloudera.com/HDPDocuments/DLM1/DLM-1.1.0/release-notes/content/dlm_known_issues.html" target="_self">disabling<SPAN>&nbsp;</SPAN><STRONG>hive.server2.thrift.http.cookie.auth.enabled</STRONG></A>.</P><P>&nbsp;</P><P>I have done some research in our internal jira and support cases, however have not seen any performance issue reported.</P><P>&nbsp;</P><P>Please note, this bug is now fixed&nbsp;<SPAN>as part of HIVE-22841</SPAN> and will be available in a future HDP release.&nbsp;</P><P>&nbsp;</P><P>Thank you:<BR />Ferenc</P> Wed, 29 Jul 2020 11:49:35 GMT https://community.cloudera.com/t5/Support-Questions/hive-server2-thrift-http-cookie-auth-enabled/m-p/300532#M220281 Bender 2020-07-29T11:49:35Z https://community.cloudera.com/t5/Support-Questions/hive-server2-thrift-http-cookie-auth-enabled/m-p/300551#M220288 <P>Hello&nbsp;<a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/12296">@Bender</a>&nbsp;</P><P>&nbsp;</P><P>Thanks a lot for your response. Can you please also provide some insight on timeout parameter. Can this be increased and will there be any extra load on Knox if we increase the timeout and&nbsp;<STRONG>maxConnections &nbsp;</STRONG></P> Wed, 29 Jul 2020 17:38:25 GMT https://community.cloudera.com/t5/Support-Questions/hive-server2-thrift-http-cookie-auth-enabled/m-p/300551#M220288 AdityaShaw 2020-07-29T17:38:25Z https://community.cloudera.com/t5/Support-Questions/hive-server2-thrift-http-cookie-auth-enabled/m-p/300615#M220306 <P>Hello&nbsp;<a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/79669">@AdityaShaw</a>&nbsp;,</P><P>&nbsp;</P><P>sorry I have missed addressing your enquiry about the server 500 error. Based on the KB article you referenced, it is related to the bug. Do you still have the server 500 error once&nbsp;hive.server2.thrift.http.cookie.auth.enabled is set to false, please?</P><P>&nbsp;</P><P><SPAN>Should you experience disconnects even after applying the workaround, you might have too many HTTPClient connections, which are too high for KNOX to handle at a time.</SPAN></P><P>&nbsp;</P><P>Please only change any of the parameters listed below once you tested that the above workaround was not sufficient. Based on my research the below parameters are still safe to apply. Before applying any changes in production, please test out the new values in a non-prod environment, as we are not familiar with your use cases and how your cluster/workload is designed:</P><P>gateway.httpclient.connectionTimeout=600000 (10 min)<BR />gateway.httpclient.socketTimeout=600000 (10 min)<BR />gateway.metrics.enabled=false<BR />gateway.jmx.metrics.reporting.enabled=false<BR />gateway.httpclient.maxConnections=128<BR />&nbsp;</P><P>Kind regards:</P><P>Ferenc</P><P>&nbsp;</P> Thu, 30 Jul 2020 08:36:16 GMT https://community.cloudera.com/t5/Support-Questions/hive-server2-thrift-http-cookie-auth-enabled/m-p/300615#M220306 Bender 2020-07-30T08:36:16Z