Community Articles
Find and share helpful community-sourced technical articles
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.
Labels (1)

Introduction

This is a continuation of an article I wrote about 1 year ago: https://community.hortonworks.com/articles/60580/jmeter-setup-for-hive-load-testing-draft.htmlhttps://www.blazemeter.com/blog/windows-authentication-apache-jmeter

Steps

1) Enable Kerberos on your cluster

Perform all steps specified here: https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.6.2/bk_security/content/configuring_amb_hdp_for... and connect successfully to hive service via command line using your user keytab. That implies a valid ticket.

2) Install JMeter

See previous article mentioned in Introduction.

3) Set Hive User keytab in jaas.conf

JMETER_HOME/bin/jaas.conf

Your jaas.conf should look something like this:

JMeter {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=false
doNotPrompt=true
useKeyTab=true
keyTab="/etc/security/keytabs/hive.service.keytab"
principal="hive/server.example.com@EXAMPLE.COM"
debug=true;
};

4) JMeter Setup

There are 2 files under /bin folder of the JMeter installation which are used for Kerberos configuration:

krb5.conf - file of .ini format which contains Kerberos configuration details

jaas.conf - file which holds configuration details of Java Authentication and Authorization service

These files aren’t being used by default, so you have to tell JMeter where they are via system properties such as:

-Djava.security.krb5.conf=krb5.conf
-Djava.security.auth.login.config=jaas.conf

Alternatively you can add the next two lines to the system.properties file which is located at the same /bin folder.

java.security.krb5.conf=krb5.conf
java.security.auth.login.config=jaas.conf

I suggest using full paths to files.

5) Manage Issues

If you encounter any issues:

- enable debug by adding the following to your command:

-Dsun.security.krb5.debug=true
-Djava.security.debug=gssloginconfig,configfile,configparser,logincontext

- check jmeter.log to see whether all properties are set as expected and map to existent file paths.

6) Turn-off Subject Credentials

-Djavax.security.auth.useSubjectCredsOnly=false

7) Example of JMeter Command

JVM_ARGS="-Xms1024m
-Xmx1024m" bin/jmeter -Dsun.security.krb5.debug=true
-Djavax.security.auth.useSubjectCredsOnly=false
-Djava.security.debug=gssloginconfig,configfile,configparser,logincontext
-Djava.security.krb5.conf=/path/to/krb5.conf
-Djava.security.auth.login.config=/path/to/jaas.conf -n -t t1.jmx -l results -e
-o output

This could be simplified if you add those two lines mentioned earlier to be added to system.properties.

2,610 Views
Don't have an account?
Coming from Hortonworks? Activate your account here
Version history
Revision #:
1 of 1
Last update:
‎10-06-2017 07:20 PM
Updated by:
 
Contributors
Top Kudoed Authors