Community Articles

Find and share helpful community-sourced technical articles.
Labels (2)
avatar
Community Manager

This video contains a step by step process that shows how to connect to Hive running on a secure cluster while using a JDBC Uber driver from MS Windows.

Open the video on YouTube here

 

Prerequisites:

  • Validate username belong to the same @DOMAIN /Realm as the one setup on cluster nodes.
  • Install  DbVisualizer.
  • Download Hive Uber driver for same version as HDP.


Kerberos Java  Config

  • Get Kerberos /etc/krb5.conf from cluster, scp this file from any cluster node to c:\windows.
  • Rename krb5.conf to c:\windows\krb5.ini.
  • Edit krb5.ini and add property: (see video) 
    property udp_preference_limit = 1

 

DbVisualizer Setup

  1. Add Hive Uber driver .jar to DBVisualizer as driver for Hive (see video).
  2. Add startup Java command line options to DBVisualizer for kerberos , under Tools (see video):
    -Dsun.security.krb5.debug=true
    -Djavax.security.auth.useSubjectCredsOnly=false
    -Djava.security.krb5.conf=c:\windows\krb5.ini
  3. Setup new connection for HDP cluster:
    Database Server = ( hostname of node running HiveServer2)
    Database = change from default to default;principal=hive/_HOST@DOMAIN.CO

 

Get Kerberos Session Ticket from DbVisualizer java JRE

  1. cd to folder where it is installed, find inside folder \jre\bin:
    kinit username
  2. OR if keytabfile used:
    kinit -kt keytab username@DOMAIN.COM
  3. Check for session on cache file with: 
    klist

Restart DbVisualizer and test connection to Hive

3,869 Views
0 Kudos
Comments

hello team,

 

Thanks for this useful demo,

i'm still facing connectivity issue from DbViz to kerberised hdp

i'm using DbVisualiser 12.1.3

 

error message:

An error occurred while establishing the connection:

Long Message:
Could not open client transport with JDBC Uri: jdbc:hive2://<hiveserver2 host>:10000/default;AuthMech=1;KrbRealm=EXAMPLE.COM;KrbServiceName=hive;KrbHostFQDN=<HOST>;KrbAuthType=2;

 

: Invalid status 21
Also, could not send response: org.apache.hive.org.apache.thrift.transport.TTransportException: java.net.SocketException: Connection reset by peer: socket write error

 

FYI: its working with non kerberised cluster

 

Thanks

avatar
Community Manager

@aarif, Thanks for reaching out to us. You will have a better chance of getting responses if you can post your query in the Support Questions section. You can post your query there and provide the link to this article in your post. Experts who are following the components/labels will be able to help you quickly.