Help Center/ MapReduce Service/ Component Operation Guide (LTS)/ Using Hive/ Enterprise-Class Enhancements of Hive/ Hive Load Balancing/ Configuring User Lease Isolation to Access HiveServer on a Specified Node
Updated on 2024-10-25 GMT+08:00
View PDF
Share

Configuring User Lease Isolation to Access HiveServer on a Specified Node

Hive user lease isolation allows specified users to access the HiveServer service on specified nodes, implementing resource isolation for users to access the HiveServer service.

Procedure

This section describes how to set lease isolation for user hiveuser for existing HiveServer instances.

  1. Log in to FusionInsight Manager. And Choose Cluster > Services > Hive > Instances.
  2. In the Instances list, select the HiveServer for which lease isolation is configured and choose HiveServer > Instance Configurations > All Configurations.

  3. In the upper right corner of the All Configurations page, search for hive.server2.zookeeper.namespace and specify its value, for example, hiveserver2_zk.

  4. Click Save. In the dialog box that is displayed, click OK.
  5. Return to the Instances page, click Dashboard, choose More > Restart Service, enter the password of the current user, and click OK to restart the service.
  6. Log in to the node where the Hive client is installed as the client installation user and run the following command:

    cd client installation directory

    source bigdata_env

    kinit Hive service user (Skip this step if Kerberos authentication is not enabled for the cluster.)

  7. Run the beeline -u command to log in to the client and run the following command:

    beeline -u "jdbc:hive2://IP address of any ZooKeeper instance:2181/;serviceDiscoveryMode=zooKeeper;zooKeeperNamespace=hiveserver2_zk;sasl.qop=auth-conf;auth=KERBEROS;principal=hive/hadoop.<System domain name>@<System domain name>"

    • To view the IP address of the ZooKeeper instance, log in to FusionInsight Manager and choose Cluster > Services > ZooKeeper > Instances.
    • hiveserver2_zk is the value of hive.server2.zookeeper.namespace in 3.
    • To obtain the system domain name, log in to FusionInsight Manager, choose System > Permission > Domain and Mutual Trust, and check the Local Domain parameter.
    • hive/hadoop.<System domain name> indicates the user name. All letters in the system domain name contained in the user name are in lowercase.
    As a result, only the HiveServer whose lease isolation is configured can be logged in.
    • After this function is enabled, you must run the preceding command during login to access the HiveServer for which lease isolation is configured. If you run the beeline command to log in to the client, only the HiveServer that is not isolated by the lease is accessed.
    • You can log in to FusionInsight Manager, choose System > Permission > Domain and Mutual Trust, and view the value of Local Domain, which is the current system domain name. hive/hadoop.<system domain name> is the username. All letters in the system domain name contained in the username are lowercase letters.

Parent topic: Hive Load Balancing