...
| Panel |
|---|
HIVE_SERVER2_THRIFT_BIND_HOST – Optional TCP host interface to bind to. Overrides the configuration file setting. |
Running in HTTP mode
Starting in Hive 0.13, HiveServer2 provides support for sending Thrift RPC messages over HTTP transport (transport (Hive 0.13 onward, see HIVE-4752). This is particularly useful to support a proxying intermediary between the client and the server (for example, for load balancing or security reasons). Currently, you can run HiveServer2 in either TCP mode or the HTTP mode, but not in both. For the corresponding JDBC URL, check this link: HiveServer2 Clients -- JDBC Connection URLs. Use the following settings to enable HTTP mode:
...
Optional Global Init File
Staring in Hive 0.14 with HIVE-5160, HIVE-7497, and HIVE-8138, a A global init file can be placed in the configured hive.server2.global.init.file.location location . This (Hive 0.14 onward, see HIVE-5160, HIVE-7497, and HIVE-8138). This can be either the path to the init file itself, or a directory where an init file named ".hiverc" is expected.
The init file lists a set of commands that will run for users of this HiveServer2 instance, such as register a standard set of jars and functions.
Logging Configuration
Starting in Hive 0.14, HiveServer2 operation logs are available for Beeline clients (Hive 0.14 onward). These parameters configure logging:
- hive.server2.logging.operation.enabled
- hive.server2.logging.operation.log.location
- hive.server2.logging.operation.verbose (Hive 0.14 to 1.1)
- hive.server2.logging.operation.level (Hive 1.2 onward)
...
Integrity/Confidentiality Protection
Changes in HIVE-4911, which is available in Hive 0.12, enable integrity Integrity protection and confidentiality protection (beyond just the default of authentication) for communication between the Hive JDBC driver and HiveServer2 are enabled (Hive 0.12 onward, see HIVE-4911). You can use the SASL QOP property to configure this.
- This is only when Kerberos is used for the HS2 client (JDBC/ODBC application) authentication with HiveServer2.
- hive.server2.thrift.sasl.qop in
hive-site.xmlhas to be set to one of the valid QOP values ('auth', 'auth-int' or 'auth-conf').
SSL Encryption
Changes in HIVE-5351, which is available in Support is provided for SSL encryption (Hive 0.13 , provide support for SSL encryptiononward, see HIVE-5351). To enable, set the following configurations in hive-site.xml:
...
Pluggable Authentication Modules (PAM)
HIVE-6466, which will be available in Support is provided for PAM (Hive 0.13 , provides support for PAMonward, see HIVE-6466). To configure PAM:
- Download the JPAM native library for the relevant architecture.
- Unzip and copy libjpam.so to a directory (<libjmap-directory>) on the system.
- Add the directory to the LD_LIBRARY_PATH environment variable like so:
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:<libjmap-directory>
...