Created on 10-30-2019 11:32 PM - last edited on 10-31-2019 03:12 AM by VidyaSargur
I have a new cluster with HDP-3.0.1.0 without kerberos or any security. But when I use hive cli it is asking username and password to enter:
[root@ip-XXX-XX-XX-XXX ~]# hive
SLF4J: Class path contains multiple SLF4J bindings.
SLF4J: Found binding in [jar:file:/usr/hdp/3.0.1.0-187/hive/lib/log4j-slf4j-impl-2.10.0.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in [jar:file:/usr/hdp/3.0.1.0-187/hadoop/lib/slf4j-log4j12-1.7.25.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See <a href="<a href="http://www.slf4j.org/codes.html#multiple_bindings" target="_blank">http://www.slf4j.org/codes.html#multiple_bindings</a>" target="_blank"><a href="http://www.slf4j.org/codes.html#multiple_bindings</a" target="_blank">http://www.slf4j.org/codes.html#multiple_bindings</a</a>> for an explanation.
SLF4J: Actual binding is of type [org.apache.logging.slf4j.Log4jLoggerFactory]
Connecting to jdbc:hive2://hostname1:2181,hostname2:2181,hostname3:2181/default;serviceDiscoveryMode=zooKeeper;zooKeeperNamespace=hiveserver2
Enter username for jdbc:hive2://hostname1:2181,hostname2:2181,hostname3:2181/default:
Enter password for jdbc:hive2://hostname1:2181,hostname2:2181,hostname3:2181/default:
19/10/31 06:26:10 [main]: INFO jdbc.HiveConnection: Connected to hostname2:10000
Connected to: Apache Hive (version 3.1.0.3.0.1.0-187)
Driver: Hive JDBC (version 3.1.0.3.0.1.0-187)
Transaction isolation: TRANSACTION_REPEATABLE_READ
Beeline version 3.1.0.3.0.1.0-187 by Apache Hive
0: jdbc:hive2://hostname1:2181,h>
It should directly go inside hive cli. Could you please let me know what property I need to change.
Created on 10-31-2019 11:00 AM - edited 10-31-2019 11:02 AM
hive cli is deprecated in HDP3.x version and executing it would take you to the same process of beeline. A new variable is set in script USE_BEELINE_FOR_HIVE_CLI=true which will make hive cli session to go use beeline.
It is no longer recommended to use hive cli. Please use beeline session in HDP 3.x
If you understand the risks of using hive CLI and still want to use, then change the script to set USE_BEELINE_FOR_HIVE_CLI=false which we don't recommend, but this is one way of making hive cli to work in HDP 3.
Without authentication configured on hive, you can give any name and password at beeline prompt and beeline will allow the access. Even blank username/password is accepted, but this would set user name as 'anonymous' .
Created on 10-31-2019 11:30 AM - edited 10-31-2019 11:31 AM
Either way HIVE or Beeline you MUST provide username /password to authenticate to be able to execute any SQL statement against the DB. See below examples
Hive CLI
[hive@calgary ~]$ hive
..........
SLF4J: Actual binding is of type [org.apache.logging.slf4j.Log4jLoggerFactory]
Connecting to jdbc:hive2://calgary.canada.ca:2181,ottawa.canada.ca:2181/default;serviceDiscoveryMode=zooKeeper;zooKeeperNamespace=hiveserver2
Enter username for jdbc:hive2://calgary.canada.ca:2181,ottawa.canada.ca:2181/default: hive
Enter password for jdbc:hive2://calgary.canada.ca:2181,ottawa.canada.ca:2181/default: ****
Beeline Connection
[hive@london ~]$ beeline
Beeline version 1.2.1000.2.5.3.0-37 by Apache Hive
beeline> ! connect jdbc:hive2://london.tesco.co.uk:10000/;principal=hive/london.tesco.co.uk@TESCO.CO.UK
Connecting to jdbc:hive2://london.tesco.co.uk:10000/;principal=hive/london.tesco.co.uk@TESCO.CO.UK
Enter username for jdbc:hive2://london.tesco.co.uk:10000/;principal=hive/london.tesco.co.uk@TESCO.CO.UK:xxxxx
Enter password for jdbc:hive2://london.tesco.co.uk:10000/;principal=hive/london.tesco.co.uk@TESCO.CO.UK:xxxxx
Connected to: Apache Hive (version 1.2.1000.2.5.3.0-37)
Driver: Hive JDBC (version 1.2.1000.2.5.3.0-37)
Transaction isolation: TRANSACTION_REPEATABLE_READ
0: jdbc:hive2://london.tesco.co.uk:10000/> show databases;
+----------------+--+
| database_name |
+----------------+--+
| default |
| uxbribge |
| White_city |
+----------------+--+
3 rows selected (2.863 seconds)
If you have ranger plugin enable for hive then you will have authorization centrally handles by Ranger.
HTH