Step 3: Modify the Hive Storage Plugin in Drill
About this task
Complete the following steps to modify the Hive storage plugin configuration:
Procedure
-
Navigate to
http://<drillbit_hostname>:8047
, and select the Storage tab. - Click Update next to the hive option.
-
In the configuration window, add the required properties based on the authorization
type and security scenario:
- Storage Based Authorization or No Authorization Enabled
- For a non-secure cluster, add the following properties to the
configuration:
{ type:"hive", enabled: true, configProps : { "hive.metastore.uris" : "thrift://<metastore_hostname>:9083", "fs.default.name" : "maprfs:///", "hive.metastore.sasl.enabled" : "false", "hive.server2.enable.doAs" : "true", "hive.metastore.execute.setugi" : "true" } }
For a secure cluster, add the following properties to the configuration:{ "type": "hive", "enabled": true, "configProps": { "hive.metastore.uris": "thrift://<metastore_hostname>:9083", "fs.default.name": "maprfs:///", "hive.server2.enable.doAs": "true" } }
Add the following additional properties if the Hive metastore is configured with Kerberos in a secure cluster; include a comma after each line except for the last:"hive.metastore.kerberos.principal": "hive/<metastore_thrift_server>" "hive.metastore.sasl.enabled": "true"
- SQL Standard Based Authorization
- For an non-secure cluster, add the following properties to the
configuration:
{ type:"hive", enabled: true, configProps : { "hive.metastore.uris" : "thrift://<metastore_hostname>:9083", "fs.default.name" : "maprfs:///", "hive.security.authorization.enabled" : "true", "hive.security.authenticator.manager" : "org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator", "hive.security.authorization.manager" : "org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory", "hive.metastore.sasl.enabled" : "false", "hive.server2.enable.doAs" : "false", "hive.metastore.execute.setugi" : "false" } }
For a secure cluster, add the following properties to the configuration:{ "type": "hive", "enabled": true, "configProps": { "hive.metastore.uris": " thrift://<metastore_hostname>:9083", "fs.default.name": "maprfs:///", "hive.security.authorization.enabled": "true", "hive.security.authenticator.manager": "org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator", "hive.security.authorization.manager": "org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory", "hive.server2.enable.doAs": "false", "hive.metastore.execute.setugi": "true" } }
Add the following additional properties if the Hive metastore is configured with Kerberos in a secure cluster; include a comma after each line except for the last:"hive.metastore.kerberos.principal": "hive/<metastore_thrift_server>" "hive.metastore.sasl.enabled": "true"