Skip to end of metadata
Go to start of metadata

This page is obsolete. It describes old HA which is no longer supported. There is work in progress on the new HA implementation.

 

Sentry HA is a new feature which provides uninterrupted access of metastore meta data to downstream clients: Hive, Impala, Solr and HDFS ACLs.

Add Enough Servers for Sentry

Theoretically more than one servers can be added into Sentry Service, up to now 2 servers case is fully supported.

Sentry Service (sentry-site.xml)

HA

Config PropertyValueDefaultRequired
sentry.ha.enabledTrue | FalseFalseYes

ZK Quorum

Config PropertyValueDefaultRequired
sentry.ha.zookeeper.quorumcomma separated list of ZK serverslocalhostYes
sentry.ha.zookeeper.client.portZK client port number2180Yes
sentry.zookeeper.client.principalsentry/_HOST@REALM No
sentry.zookeeper.client.keytabsentry.keytab No
sentry.service.server.principalsentry/_HOST@REALM  

ZK Security

Config PropertyValueDefaultRequired
sentry.ha.zookeeper.securityTrue | FalseFalseYes

HiveMetaStore (hive-site.xml)

Config PropertyValueDefaultRequired
sentry.metastore.pluginsenable Sentry HA to work with HMS HA and HDFS SyncUpsentry.zookeeper.client.principalorg.apache.sentry.hdfs.MetastorePluginWithHANo
sentry.zookeeper.client.principalHIVE/_HOST@REALM No
sentry.zookeeper.client.keytabhive.keytab No

HiveServer2 (sentry-site.xml)

Config PropertyValueDefaultRequired
sentry.zookeeper.client.principalHIVE/_HOST@REALM No
sentry.zookeeper.client.keytabhive.keytab No

Impala (sentry-site.xml)

Config PropertyValueDefaultRequired
sentry.zookeeper.client.principalIMPALA/_HOST@REALM No
sentry.zookeeper.client.keytabimpala.keytab No

Hue (sentry-site.xml)

Config PropertyValueDefaultRequired
sentry.zookeeper.client.principalHUE/_HOST@REALM No
sentry.zookeeper.client.keytabhue.keytab No
  • No labels