HiveServer2 (HS2) is a server interface that enables remote clients to execute queries against Hive and retrieve the results. The current implementation, based on Thrift RPC, is an improved version of HiveServer and supports multi-client concurrency and authentication. It is designed to provide better support for open API clients like JDBC and ODBC.
This document describes how to set up the server. How to use a client with this server is described in the HiveServer2 Clients document.
Introduced in Hive version 0.11. See HIVE-2935.
Configuration Properties in the
hive.server2.thrift.min.worker.threads – Minimum number of worker threads, default 5.
Optional Environment Settings
HIVE_SERVER2_THRIFT_BIND_HOST – Optional TCP host interface to bind to. Overrides the configuration file setting.
Running in HTTP mode
Starting Hive 0.13, HiveServer2 provides support for sending Thrift RPC messages over http transport (HIVE-4752). This is particularly useful to support a proxying intermediary between the client and the server (for example, for load balancing or security reasons). Currently, you can run HiveServer2 in either TCP mode or the HTTP mode, but not in both. Use the following settings to enable http mode:
hive.server2.transport.mode – Set this to http.
Optional Environment Settings
hive.server2.thrift.http.port – HTTP port number to listen on; default is 10001.
hive.server2.thrift.http.path – The service endpoint; default is cliservice.
hive.server2.thrift.http.min.worker.threads – Minimum worker threads in the server pool; default is 5.
hive.server2.thrift.http.max.worker.threads – Maximum worker threads in the server pool; default is 500.
How to Start
$HIVE_HOME/bin/hive --service hiveserver2
--help option displays a usage message, for example:
$HIVE_HOME/bin/hive --service hiveserver2 -H Starting HiveServer2 usage: hiveserver2 -H,--help Print help information --hiveconf <property=value> Use value for given property
HiveServer2 supports Anonymous (no authentication), Kerberos, pass through LDAP and pluggable custom authentication.
hive.server2.authentication – Authentication mode, default NONE. Options are NONE, KERBEROS, LDAP and CUSTOM.
By default HiveServer2 performs the query processing as the user who submitted the query. But if the following parameter is set to false, the query will run as the user that the
hiveserver2 process runs as.
hive.server2.enable.doAs – Impersonate the connected user, default true.
To prevent memory leaks in unsecure mode, disable file system caches by setting the following parameters to true:
fs.hdfs.impl.disable.cache – Disable HDFS filesystem cache, default false.
Changes in HIVE-4911, which is available in Hive 0.12, enable integrity protection and confidentiality protection (beyond just the default of authentication) for communication between the Hive JDBC driver and HiveServer2. You can use the SASL QOP property to configure this.
hive-site.xmlhas to be set to one of the valid QOP values ('auth', 'auth-int' or 'auth-conf').
Changes in HIVE-5351, which will be available in Hive 0.13, provides support for SSL encryption. To enable, set the following configurations in
Set hive.server2.use.SSL to true.
A Python client driver for HiveServer2 is available at https://github.com/BradRuderman/pyhs2 (thanks, Brad). It includes all the required packages such as SASL and Thrift wrappers.
To use the pyhs2 driver:
pip install pyhs2
import pyhs2 conn = pyhs2.connect(host='localhost', port=10000, authMechanism="PLAIN", user='root', password='test', database='default') cur = conn.cursor() cur.execute("show tables") for i in cur.fetch(): print i cur.close() conn.close()
You can discuss this driver on the firstname.lastname@example.org mailing list.