hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Prasad Mujumdar (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-6741) HiveServer2 startup fails in secure (kerberos) mode due to backward incompatible hadoop change
Date Tue, 25 Mar 2014 20:59:17 GMT

    [ https://issues.apache.org/jira/browse/HIVE-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13947145#comment-13947145
] 

Prasad Mujumdar commented on HIVE-6741:
---------------------------------------

[~vaibhavgumashta] This is an incompatible change and hence would be better to do this along
with the hadoop upgrade. The code being removed is applicable to Hadoop 2.3. We might not
switch to Hadoop 2.4 at all for Hive 0.14 as well, or may be Hadoop 2.4 will change the logic
later during it's release cycle etc. In such cases the patch won't be adding any value.
Also [https://issues.apache.org/jira/browse/HIVE-6657|HIVE-6657] is proposing to add miniKdc
based test in Hive. I guess that would catch this problem once we upgrade, so won't miss out
this patch.

Regarding the actual patch, is the new unconditional log message needed at all ? It's getting
printed be printed regardless the hadoop.rpc.protection and hive.server2.thrift.sasl.qop config.
Would it make sense to just add it to docs and remove the message ?


> HiveServer2 startup fails in secure (kerberos) mode due to backward incompatible hadoop
change
> ----------------------------------------------------------------------------------------------
>
>                 Key: HIVE-6741
>                 URL: https://issues.apache.org/jira/browse/HIVE-6741
>             Project: Hive
>          Issue Type: Bug
>          Components: HiveServer2
>    Affects Versions: 0.14.0
>            Reporter: Vaibhav Gumashta
>            Assignee: Vaibhav Gumashta
>            Priority: Blocker
>             Fix For: 0.14.0
>
>         Attachments: HIVE-6741.1.patch
>
>
>  [HADOOP-10211|https://issues.apache.org/jira/browse/HADOOP-10211] made a backward incompatible
change due to which the following hive call returns a null map ([HiveAuthFactory-old|https://github.com/apache/hive/blob/fc3fdb19668369c56994d11df3207e14f2c5dba8/service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java#L115]):
> {code}
> Map<String, String> hadoopSaslProps =  ShimLoader.getHadoopThriftAuthBridge().
>         getHadoopSaslProperties(conf); 
> SaslQOP hadoopSaslQOP = SaslQOP.fromString(hadoopSaslProps.get(Sasl.QOP));
> if(hadoopSaslQOP.ordinal() > saslQOP.ordinal()) {
> LOG.warn(MessageFormat.format("\"hadoop.rpc.protection\" is set to higher security level
" +
>           "{0} then {1} which is set to {2}", hadoopSaslQOP.toString(),
>           ConfVars.HIVE_SERVER2_THRIFT_SASL_QOP.varname, saslQOP.toString()));
> }
> {code}
> Since this code path is only used for logging hadoop sasl qop values in case hadoop's
qop > hive's qop, we can do away with this and add a general log message.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message