HiveServer2 (HS2) is a server interface that enables remote clients to execute queries against hive and retrieve the results. The current thirft RPC based implementation is an improved version of HiveServer that supports multi-client concurrency and authentication. It is designed to provide better support for open API clients like JDBC and ODBC. The thrift IDL is available at https://github.com/apache/hive/blob/trunk/service/if/TCLIService.thrift
This document describes how to setup the server. How to use a client with this server is described in Hive client setup doc .
Introduced in Hive version 0.11. See HIVE-2935.
How to configure
Configuration properties in hive-site.xml
Optional Environment settings
How to start
HiveServer2 support Anonymous (no auth), Kerberos, pass through LDAP and pluggable custom authentication.
By default HiveServer2 performs the query processing as the user who submitted the query. If this parameter is set to false, the query would run as user hiveserver2 process runs as.
To prevent memory leak in unsecure mode, disable file system caches, by setting following params to true
Changes in HIVE-4911 which should be available in hive 0.12, enable integrity protection and confidentiality protection ( beyond just the default of authentication), for communication between hive jdbc driver and hive server2 . You can use SASL QOP property configure this.
- This is only when kerberos is used for the HS2 client (jdbc/odbc application) authentication with HS2.
- hive.server2.thrift.sasl.qop in hive site.xml has to be set to one of valid QOP values ('auth', 'auth-int' or 'auth-conf')
- specify sasl.qop in hive connection string sessionconf part of your jdbc hive connection string. eg jdbc:hive://hostname/dbname;sasl.qop=auth-int