从2.0.4版本滚动升级至2.1.0版本会导致kerberos认证的hive catalog无法使用
create catalog如下:
CREATE CATALOG hive_krb_ha PROPERTIES (
'type'='hms',
'hive.metastore.uris' = 'thrift://172.0.0.1:9083',
'hive.metastore.sasl.enabled' = 'true',
'hive.metastore.kerberos.principal' = 'your-hms-principal',
'hadoop.security.authentication' = 'kerberos',
'hadoop.kerberos.keytab' = '/your-keytab-filepath/your.keytab',
'hadoop.kerberos.principal' = 'your-principal@YOUR.COM',
'yarn.resourcemanager.principal' = 'your-rm-principal',
'dfs.nameservices'='your-nameservice',
'dfs.ha.namenodes.your-nameservice'='nn1,nn2',
'dfs.namenode.rpc-address.your-nameservice.nn1'='172.21.0.2:8088',
'dfs.namenode.rpc-address.your-nameservice.nn2'='172.21.0.3:8088',
'dfs.client.failover.proxy.provider.your-nameservice'='org.apache.hadoop.hdfs.server.namenode.ha.ConfiguredFailoverProxyProvider'
);
switch hive_krb_ha;
show databases;
滚动升级到2.1.0后,切换hive catalog后,执行show databases;会报异常:
[HY000]: RuntimeException, msg:javax.security.auth.login LoginException: Unable to obtain password from user
查看fe.log后,发现是hive.metastore.kerberos.principal导致的上述异常
回退到2.0.4版本后,hive catalog恢复正常.
大佬们,请有空看一下这个异常是什么导致的,万分感谢🙏🙏🙏
