Cloudera Community

Community Articles

Find and share helpful community-sourced technical articles.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

JMeter Kerberos Setup for Hive Load Testing

Labels (1)
Labels:
avatar
author-rank cstanca
Super Guru

Created on ‎10-06-2017 07:20 PM

Introduction

This is a continuation of an article I wrote about 1 year ago: https://community.hortonworks.com/articles/60580/jmeter-setup-for-hive-load-testing-draft.htmlhttps://www.blazemeter.com/blog/windows-authentication-apache-jmeter

Steps

1) Enable Kerberos on your cluster

Perform all steps specified here: https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.6.2/bk_security/content/configuring_amb_hdp_for... and connect successfully to hive service via command line using your user keytab. That implies a valid ticket.

2) Install JMeter

See previous article mentioned in Introduction.

3) Set Hive User keytab in jaas.conf

JMETER_HOME/bin/jaas.conf

Your jaas.conf should look something like this:

JMeter {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=false
doNotPrompt=true
useKeyTab=true
keyTab="/etc/security/keytabs/hive.service.keytab"
principal="hive/server.example.com@EXAMPLE.COM"
debug=true;
};

4) JMeter Setup

There are 2 files under /bin folder of the JMeter installation which are used for Kerberos configuration:

krb5.conf - file of .ini format which contains Kerberos configuration details

jaas.conf - file which holds configuration details of Java Authentication and Authorization service

These files aren’t being used by default, so you have to tell JMeter where they are via system properties such as:

-Djava.security.krb5.conf=krb5.conf
-Djava.security.auth.login.config=jaas.conf

Alternatively you can add the next two lines to the system.properties file which is located at the same /bin folder.

java.security.krb5.conf=krb5.conf
java.security.auth.login.config=jaas.conf

I suggest using full paths to files.

5) Manage Issues

If you encounter any issues:

- enable debug by adding the following to your command:

-Dsun.security.krb5.debug=true
-Djava.security.debug=gssloginconfig,configfile,configparser,logincontext

- check jmeter.log to see whether all properties are set as expected and map to existent file paths.

6) Turn-off Subject Credentials

-Djavax.security.auth.useSubjectCredsOnly=false

7) Example of JMeter Command

JVM_ARGS="-Xms1024m
-Xmx1024m" bin/jmeter -Dsun.security.krb5.debug=true
-Djavax.security.auth.useSubjectCredsOnly=false
-Djava.security.debug=gssloginconfig,configfile,configparser,logincontext
-Djava.security.krb5.conf=/path/to/krb5.conf
-Djava.security.auth.login.config=/path/to/jaas.conf -n -t t1.jmx -l results -e
-o output

This could be simplified if you add those two lines mentioned earlier to be added to system.properties.

8,213 Views
webinar banner
Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements
Version history
Last update:
‎10-06-2017 07:20 PM
Updated by:
Super Guru
Contributors
meetups banner