Hi there, I am seeking for the proper step to allow impersonation. I am trying to achieve impersonation by allowing sdc from external system to create table and insert data using the default cloudera user. This is my test environment (Cloudera VMware - Quickstart.cloudera 5.13) cat /usr/lib/hadoop/cloudera/cdh_version.properties shows this: # Autogenerated build properties version=2.6.0-cdh5.13.0 git.hash=42e8860b182e55321bd5f5605264da4adc8882be cloudera.hash=42e8860b182e55321bd5f5605264da4adc8882be cloudera.cdh.hash=92e97f10234ee5290b82890ea38671f16344028f cloudera.cdh-packaging.hash=c5f90582119ab994c6e6711f5578370ca6cef0b7 cloudera.base-branch=cdh5-base-2.6.0 cloudera.build-branch=cdh5-2.6.0_5.13.0 cloudera.pkg.version=2.6.0+cdh5.13.0+2639 cloudera.pkg.release=1.cdh5.13.0.p0.34 cloudera.cdh.release=cdh5.13.0 cloudera.build.time=2017.10.04-17:55:01GMT cloudera.pkg.name=hadoop So basically, I want the core-site.xml file to have these entries: <property> <name>hadoop.proxyuser.sdc.hosts</name> <value>*</value> </property> <property> <name>hadoop.proxyuser.sdc.users</name> <value>cloudera</value> </property> Instead of editing the core-site.xml file directly from the filesystem, I edited in from Clouder Manager by going through these steps below: 1. Go to Cloudera Manager. Click on HDFS on the left panel 2. Go to to the Configuration tab 3. On the left panel, under the SCOPE, click on HDFS (Service-Wide) 4. On the left panel, under the CATEGORY, click on Advanced 5. On the main panel, expand Cluster-wide Advanced Configuration Snippet (Safety Valve) for core-site.xml 6. Key in the name,value pair; - hadoop.proxyuser.sdc.hosts and * - hadoop.proxyuser.sdc.users and cloudera 7. Save the changes 8. Restart the stale services Here are few questions: 1. Say if the changes are properly picked up, which main core-site.xml will it write to (as there are few of them)? /etc/hadoop/conf.empty/core-site.xml /etc/hadoop/conf.impala/core-site.xml /etc/hadoop/conf.pseudo/core-site.xml /etc/hadoop-kms/conf.dist/core-site.xml /etc/impala/conf.dist/core-site.xml /etc/oozie/conf.dist/hadoop-conf/core-site.xml 2. If the impersonation is set up properly, when the user sdc runs impersonation as cloudera, should the file created in /user/hive/warehouse owned by the user, cloudera or should it show up as anonymous? If I still see the file being created under the user, anonymous, can I safely conclude that the impersonation didn't work?
Can anyone see why after the restart, all files create are still belonging to the user, anonymous? Where step did I miss?
... View more