Support Questions
Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Advanced Search

Acces Hive Via Knox Gatewy URL

Acces Hive Via Knox Gatewy URL

Koffi
Contributor

Created ‎07-19-2019 05:08 AM

Hi,

My environment is kerberized with multple nodes. So we would like to acces hive db via knox gateway setup. I am facing some issue. the following steps:

in HDFS:

hadoop.proxyuser.hive.groups=*

hadoop.proxyuser.hive.hosts=*

hadoop.proxyuser.knox.groups=*

hadoop.proxyuser.knox.hosts=*


Configured the server2 transports and SASL:

hive.server2.transport.mode=http

hive.server2.thrift.sasl.qop=auth-conf


in Ranger:

Knox Topology = default

Knox Service = HIVE


i have extracted the knox certificat using the following cmd:

shell> cd /usr/hdp/current/knox-server/data/security/keystores/

shell> keytool -exportcert -alias gateway-identity -keystore ./gateway.jks -file knox.crt


Created a client keystore and imported the certificate on a client machine

shell> keytool -keystore clientkeystore.jks -genkey -alias client

shell> keytool -import -keystore clientkeystore.jks -file knox.crt


And finally i tried to connect using beeline on my client machine (i am able to connect to a non kerized hadoop environment)

shell> beeline -u jdbc:hive2://<knox host>:8443/;ssl=true;sslTrustStore=<keystore client path>=< keystore pwd>;user=<ad username>;password=<adpassword>hive.server2.transport.mode=http;hive.server2.thrift.http.path=gateway/default/hive


SLF4J: Class path contains multiple SLF4J bindings.

SLF4J: Found binding in [jar:file:/home/client77/Documents/HDP/apache-hive-3.1.0-bin/lib/log4j-slf4j-impl-2.10.0.jar!/org/slf4j/impl/StaticLoggerBinder.class]

SLF4J: Found binding in [jar:file:/home/client77/Documents/HDP/hadoop-3.0.1/share/hadoop/common/lib/slf4j-log4j12-1.7.25.jar!/org/slf4j/impl/StaticLoggerBinder.class]

SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.

SLF4J: Actual binding is of type [org.apache.logging.slf4j.Log4jLoggerFactory]

Connecting to jdbc:hive2://<knox host>:8443/

19/07/17 09:10:34 [main]: WARN jdbc.HiveConnection: Failed to connect to <knox host>:8443

Unexpected end of file when reading from HS2 server. The root cause might be too many concurrent connections. Please ask the administrator to check the number of active connections, and adjust hive.server2.thrift.max.worker.threads if applicable.

Error: Could not open client transport with JDBC Uri: jdbc:hive2://<knox host>:8443/: null (state=08S01,code=0).


Not sure about the missing steps, could you please help?


Thank you

Reply
387 Views
0 Kudos
Don't have an account?
Register
Announcements
Product Announcements
[ANNOUNCE] Cloudera ODBC Driver 2.6.11 for Apache Hive Released
What's New @ Cloudera
Data Engineering HA template for Data Hub on AWS delivers end-to-end resiliency
What's New @ Cloudera
[PREVIEW] Cloudera Data Warehouse allows custom naming for CDP environments
What's New @ Cloudera
Cloudera Data Warehouse increases security of Azure deployments by preventing public endpoints
What's New @ Cloudera
Improved support for hybrid environments in Management Console
View More Announcements