Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Beeline Fails to connect to Hive with Auto-TLS enabled

Solved Go to solution

Beeline Fails to connect to Hive with Auto-TLS enabled

Explorer

Hi Experts,

we setup Cloudera cluster on  to verify the performance

Cloudera was installed with Auto-TLS enabled and we are facing issues to connect to hive.

 

[root@slave1 agent-cert]#  beeline -u jdbc:hive2://slave1:10000;ssl=true;sslTrustStore=/var/run/cloudera-scm-agent/process/72-hive-HIVESERVER2/cm-auto-host_keystore.jks;trustStorePassword=yeap4IhJzRvK5gBGVMeTahoL21BNmBF2TSi46pbQTP6

WARNING: Use "yarn jar" to launch YARN applications.

SLF4J: Class path contains multiple SLF4J bindings.

SLF4J: Found binding in [jar:file:/opt/cloudera/parcels/CDH-6.2.1-1.cdh6.2.1.p0.1425774/jars/log4j-slf4j-impl-2.8.2.jar!/org/slf4j/impl/StaticLoggerBinder.class]

SLF4J: Found binding in [jar:file:/opt/cloudera/parcels/CDH-6.2.1-1.cdh6.2.1.p0.1425774/jars/slf4j-log4j12-1.7.25.jar!/org/slf4j/impl/StaticLoggerBinder.class]

SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.

SLF4J: Actual binding is of type [org.apache.logging.slf4j.Log4jLoggerFactory]

Connecting to jdbc:hive2://slave1:10000

19/10/03 18:54:16 [main]: WARN jdbc.HiveConnection: Failed to connect to slave1:10000

Unknown HS2 problem when communicating with Thrift server.

Error: Could not open client transport with JDBC Uri: jdbc:hive2://slave1:10000: Invalid status 21 (state=08S01,code=0)

Beeline version 2.1.1-cdh6.2.1 by Apache Hive

beeline>

 

also standard format fails:


[root@slave1 agent-cert]# beeline -u jdbc:hive2://slave1:10000
WARNING: Use "yarn jar" to launch YARN applications.
SLF4J: Class path contains multiple SLF4J bindings.
SLF4J: Found binding in [jar:file:/opt/cloudera/parcels/CDH-6.2.1-1.cdh6.2.1.p0.1425774/jars/log4j-slf4j-impl-2.8.2.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in [jar:file:/opt/cloudera/parcels/CDH-6.2.1-1.cdh6.2.1.p0.1425774/jars/slf4j-log4j12-1.7.25.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.
SLF4J: Actual binding is of type [org.apache.logging.slf4j.Log4jLoggerFactory]
Connecting to jdbc:hive2://slave1:10000
19/10/03 19:07:50 [main]: WARN jdbc.HiveConnection: Failed to connect to slave1:10000
Unknown HS2 problem when communicating with Thrift server.
Error: Could not open client transport with JDBC Uri: jdbc:hive2://slave1:10000: Invalid status 21 (state=08S01,code=0)
Beeline version 2.1.1-cdh6.2.1 by Apache Hive
beeline>

 

we were not sure about the trustStorePassword so we used what is included in:

 

[root@slave1 agent-cert]# cat /var/lib/cloudera-scm-agent/agent-cert/cm-auto-host_key.pw

yeap4IhJzRvK5gBGVMeTahoL21BNmBF2TSi46pbQTP6

[root@slave1 agent-cert]#

 

We were try to connect following: https://docs.cloudera.com/documentation/enterprise/5-6-x/topics/sg_hive_encryption.html#concept_rqh_...

 

But not sure what is need to be fixed , appreciate your help please

 

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: Beeline Fails to connect to Hive with Auto-TLS enabled

Guru
Hmm, you missed the database name in the connection string, try below:

beeline -u 'jdbc:hive2://slave1:10000/default;ssl=true;sslTrustStore=/var/run/cloudera-scm-agent/process/72-hive-HIVESERVER2/cm-auto-host_keystore.jks;trustStorePassword=yeap4IhJzRvK5gBGVMeTahoL21BNmBF2TSi46pbQTP6'

Cheers
Eric
5 REPLIES 5

Re: Beeline Fails to connect to Hive with Auto-TLS enabled

Guru
@Mekaam,

Can you please add quotes around the JDBC connection string? So like below:

beeline -u 'jdbc:hive2://slave1:10000;ssl=true;sslTrustStore=/var/run/cloudera-scm-agent/process/72-hive-HIVESERVER2/cm-auto-host_keystore.jks;trustStorePassword=yeap4IhJzRvK5gBGVMeTahoL21BNmBF2TSi46pbQTP6'

I believe without quotes it will cause issues.

If still not working, check HS2 log to see what it complains on the server side.

Cheers
Eric

Re: Beeline Fails to connect to Hive with Auto-TLS enabled

Explorer

@EricL 

Thank you for your help.

when adding the single quote i got a different errors

[root@slave1 ~]# beeline -u 'jdbc:hive2://slave1:10000;ssl=true;sslTrustStore=/var/run/cloudera-scm-agent/process/72-hive-HIVESERVER2/cm-auto-host_keystore.jks;trustStorePassword=yeap4IhJzRvK5gBGVMeTahoL21BNmBF2TSi46pbQTP6'
WARNING: Use "yarn jar" to launch YARN applications.
SLF4J: Class path contains multiple SLF4J bindings.
SLF4J: Found binding in [jar:file:/opt/cloudera/parcels/CDH-6.2.1-1.cdh6.2.1.p0.1425774/jars/log4j-slf4j-impl-2.8.2.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in [jar:file:/opt/cloudera/parcels/CDH-6.2.1-1.cdh6.2.1.p0.1425774/jars/slf4j-log4j12-1.7.25.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.
SLF4J: Actual binding is of type [org.apache.logging.slf4j.Log4jLoggerFactory]
Connecting to jdbc:hive2://slave1:10000;ssl=true;sslTrustStore=/var/run/cloudera-scm-agent/process/72-hive-HIVESERVER2/cm-auto-host_keystore.jks;trustStorePassword=yeap4IhJzRvK5gBGVMeTahoL21BNmBF2TSi46pbQTP6
Error: Bad URL format. Hostname not found in authority part of the url: slave1:10000;ssl=true;sslTrustStore=. Are you missing a '/' after the hostname ? (state=,code=0)
Beeline version 2.1.1-cdh6.2.1 by Apache Hive
beeline>

 

if i added the / , i got different error

 

[root@slave1 ~]# beeline -u 'jdbc:hive2://slave1/:10000;ssl=true;sslTrustStore=/var/run/cloudera-scm-agent/process/72-hive-HIVESERVER2/cm-auto-host_keystore.jks;trustStorePassword=yeap4IhJzRvK5gBGVMeTahoL21BNmBF2TSi46pbQTP6'
WARNING: Use "yarn jar" to launch YARN applications.
SLF4J: Class path contains multiple SLF4J bindings.
SLF4J: Found binding in [jar:file:/opt/cloudera/parcels/CDH-6.2.1-1.cdh6.2.1.p0.1425774/jars/log4j-slf4j-impl-2.8.2.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in [jar:file:/opt/cloudera/parcels/CDH-6.2.1-1.cdh6.2.1.p0.1425774/jars/slf4j-log4j12-1.7.25.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.
SLF4J: Actual binding is of type [org.apache.logging.slf4j.Log4jLoggerFactory]
Connecting to jdbc:hive2://slave1/:10000;ssl=true;sslTrustStore=/var/run/cloudera-scm-agent/process/72-hive-HIVESERVER2/cm-auto-host_keystore.jks;trustStorePassword=yeap4IhJzRvK5gBGVMeTahoL21BNmBF2TSi46pbQTP6
19/10/04 07:48:03 [main]: WARN jdbc.HiveConnection: Failed to connect to slave1:-1
Unknown HS2 problem when communicating with Thrift server.
Error: Could not open client transport with JDBC Uri: jdbc:hive2://slave1:-1/:10000;ssl=true;sslTrustStore=/var/run/cloudera-scm-agent/process/72-hive-HIVESERVER2/cm-auto-host_keystore.jks;trustStorePassword=yeap4IhJzRvK5gBGVMeTahoL21BNmBF2TSi46pbQTP6: Error creating the transport (state=08S01,code=0)
Beeline version 2.1.1-cdh6.2.1 by Apache Hive
beeline>

 

i do not have domain name in this setup

[root@slave1 ~]# hostname
slave1
[root@slave1 ~]# hostname -a

 

[root@slave1 ~]#

 

Appreciate your help

 

Highlighted

Re: Beeline Fails to connect to Hive with Auto-TLS enabled

Guru
Hmm, you missed the database name in the connection string, try below:

beeline -u 'jdbc:hive2://slave1:10000/default;ssl=true;sslTrustStore=/var/run/cloudera-scm-agent/process/72-hive-HIVESERVER2/cm-auto-host_keystore.jks;trustStorePassword=yeap4IhJzRvK5gBGVMeTahoL21BNmBF2TSi46pbQTP6'

Cheers
Eric

Re: Beeline Fails to connect to Hive with Auto-TLS enabled

Explorer

thanks Eric, this fixed the issue

Re: Beeline Fails to connect to Hive with Auto-TLS enabled

Guru
@Mekaam,

Glad that it helped.

Cheers
Eric