- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Float this Question for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
How to access Hive in CLI using non Root users in HDP 2. 5 ??
- Labels:
-
Apache Hive
-
Apache Ranger
Created 12-07-2016 09:53 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Can i login to hive using non root user through CLI and what are the different and easiest way to access hive. Please note that my environment is kerberized.
Thanks you,
Subash
Created 12-07-2016 10:13 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@subash sharmayes you can access hive cli after getting the valid kerberos credential for non-root user, given that this user belongs to hdfs group.
Created 12-07-2016 10:13 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@subash sharmayes you can access hive cli after getting the valid kerberos credential for non-root user, given that this user belongs to hdfs group.
Created 12-07-2016 10:16 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hey Raj Thanks for the quick response. Can you please send me the syntax to list down users in HDFS as well as in Kerberos.
Created 12-07-2016 10:21 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
try with ambari-qa
klist -kt /etc/security/keytabs/smokeuser.headless.keytab
Keytab name: FILE:/etc/security/keytabs/smokeuser.headless.keytab
KVNO Timestamp Principal
---- ----------------- --------------------------------------------------------
1 11/22/16 11:24:27 ambari-qa-rks242secure@EXAMPLE.COM
1 11/22/16 11:24:27 ambari-qa-rks242secure@EXAMPLE.COM
1 11/22/16 11:24:27 ambari-qa-rks242secure@EXAMPLE.COM
1 11/22/16 11:24:27 ambari-qa-rks242secure@EXAMPLE.COM
1 11/22/16 11:24:27 ambari-qa-rks242secure@EXAMPLE.COM
then obtain ticket
kinit -kt /etc/security/keytabs/smokeuser.headless.keytab ambari-qa-rks242secure@EXAMPLE.COM
Created 12-07-2016 10:28 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hey @Rajkumar can you please send me the syntax to login to hive cli for normal non root users and kerberos primcipals
Created 12-07-2016 10:31 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
after getting these credential using above command just do execute hive
Created 12-07-2016 03:43 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
please note Hive CLI is not supported by Ranger.
Created 12-07-2016 08:17 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please use beeline as it is the CLI for HiveServer2, the hive CLI (and HiveServer1) is deprecated. Syntax to connect to kerberized Hive is
beeline -u jdbc:hive2://<HIVE_HOST_FQDN>:10000;principal=hive/<hive_host_fqdn>@YOUR.REALM
You must kinit first. You will authenticate to HiveServer2 using the credentials associated with the Kerberos principal that you use to request a TGT from your KDC.
Users that can authenticate to HS2 don't need to be part of the hdfs group. They need to be present as Kerberos principals in the KDC for the realm which you used to kerberize the cluster, or within some other realm that is trusted by the former.