[jira] [Commented] (HIVE-6741) HiveServer2 startup fails in secure (kerberos) mode due to backward incompatible hadoop change
[ https://issues.apache.org/jira/browse/HIVE-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13987192#comment-13987192 ] Lefty Leverenz commented on HIVE-6741: -- For the record: This adds information to the description of *hive.server2.thrift.sasl.qop* which was introduced in Hive 0.12.0, so I've put a comment in HIVE-6586 (for HIVE-6037) and updated the wiki here: * [Configuration Properties -- hive.server2.thrift.sasl.qop |https://cwiki.apache.org/confluence/display/Hive/Configuration+Properties#ConfigurationProperties-hive.server2.thrift.sasl.qop] * [HIVE-6586 comment |https://issues.apache.org/jira/browse/HIVE-6586?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13987186#comment-13987186] > HiveServer2 startup fails in secure (kerberos) mode due to backward > incompatible hadoop change > -- > > Key: HIVE-6741 > URL: https://issues.apache.org/jira/browse/HIVE-6741 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Affects Versions: 0.14.0 >Reporter: Vaibhav Gumashta >Assignee: Vaibhav Gumashta >Priority: Blocker > Fix For: 0.14.0 > > Attachments: HIVE-6741.1.patch, HIVE-6741.2.patch, HIVE-6741.3.patch > > > [HADOOP-10211|https://issues.apache.org/jira/browse/HADOOP-10211] made a > backward incompatible change due to which the following hive call returns a > null map > ([HiveAuthFactory-old|https://github.com/apache/hive/blob/fc3fdb19668369c56994d11df3207e14f2c5dba8/service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java#L115]): > {code} > Map hadoopSaslProps = ShimLoader.getHadoopThriftAuthBridge(). > getHadoopSaslProperties(conf); > SaslQOP hadoopSaslQOP = SaslQOP.fromString(hadoopSaslProps.get(Sasl.QOP)); > if(hadoopSaslQOP.ordinal() > saslQOP.ordinal()) { > LOG.warn(MessageFormat.format("\"hadoop.rpc.protection\" is set to higher > security level " + > "{0} then {1} which is set to {2}", hadoopSaslQOP.toString(), > ConfVars.HIVE_SERVER2_THRIFT_SASL_QOP.varname, saslQOP.toString())); > } > {code} > Since this code path is only used for logging hadoop sasl qop values in case > hadoop's qop > hive's qop, we can do away with this and add a general log > message. -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (HIVE-6741) HiveServer2 startup fails in secure (kerberos) mode due to backward incompatible hadoop change
[ https://issues.apache.org/jira/browse/HIVE-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13986297#comment-13986297 ] Vaibhav Gumashta commented on HIVE-6741: Thanks for review [~jdere]. > HiveServer2 startup fails in secure (kerberos) mode due to backward > incompatible hadoop change > -- > > Key: HIVE-6741 > URL: https://issues.apache.org/jira/browse/HIVE-6741 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Affects Versions: 0.14.0 >Reporter: Vaibhav Gumashta >Assignee: Vaibhav Gumashta >Priority: Blocker > Fix For: 0.14.0 > > Attachments: HIVE-6741.1.patch, HIVE-6741.2.patch, HIVE-6741.3.patch > > > [HADOOP-10211|https://issues.apache.org/jira/browse/HADOOP-10211] made a > backward incompatible change due to which the following hive call returns a > null map > ([HiveAuthFactory-old|https://github.com/apache/hive/blob/fc3fdb19668369c56994d11df3207e14f2c5dba8/service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java#L115]): > {code} > Map hadoopSaslProps = ShimLoader.getHadoopThriftAuthBridge(). > getHadoopSaslProperties(conf); > SaslQOP hadoopSaslQOP = SaslQOP.fromString(hadoopSaslProps.get(Sasl.QOP)); > if(hadoopSaslQOP.ordinal() > saslQOP.ordinal()) { > LOG.warn(MessageFormat.format("\"hadoop.rpc.protection\" is set to higher > security level " + > "{0} then {1} which is set to {2}", hadoopSaslQOP.toString(), > ConfVars.HIVE_SERVER2_THRIFT_SASL_QOP.varname, saslQOP.toString())); > } > {code} > Since this code path is only used for logging hadoop sasl qop values in case > hadoop's qop > hive's qop, we can do away with this and add a general log > message. -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (HIVE-6741) HiveServer2 startup fails in secure (kerberos) mode due to backward incompatible hadoop change
[ https://issues.apache.org/jira/browse/HIVE-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13986279#comment-13986279 ] Jason Dere commented on HIVE-6741: -- These test failures do not look related to this patch. > HiveServer2 startup fails in secure (kerberos) mode due to backward > incompatible hadoop change > -- > > Key: HIVE-6741 > URL: https://issues.apache.org/jira/browse/HIVE-6741 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Affects Versions: 0.14.0 >Reporter: Vaibhav Gumashta >Assignee: Vaibhav Gumashta >Priority: Blocker > Fix For: 0.14.0 > > Attachments: HIVE-6741.1.patch, HIVE-6741.2.patch, HIVE-6741.3.patch > > > [HADOOP-10211|https://issues.apache.org/jira/browse/HADOOP-10211] made a > backward incompatible change due to which the following hive call returns a > null map > ([HiveAuthFactory-old|https://github.com/apache/hive/blob/fc3fdb19668369c56994d11df3207e14f2c5dba8/service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java#L115]): > {code} > Map hadoopSaslProps = ShimLoader.getHadoopThriftAuthBridge(). > getHadoopSaslProperties(conf); > SaslQOP hadoopSaslQOP = SaslQOP.fromString(hadoopSaslProps.get(Sasl.QOP)); > if(hadoopSaslQOP.ordinal() > saslQOP.ordinal()) { > LOG.warn(MessageFormat.format("\"hadoop.rpc.protection\" is set to higher > security level " + > "{0} then {1} which is set to {2}", hadoopSaslQOP.toString(), > ConfVars.HIVE_SERVER2_THRIFT_SASL_QOP.varname, saslQOP.toString())); > } > {code} > Since this code path is only used for logging hadoop sasl qop values in case > hadoop's qop > hive's qop, we can do away with this and add a general log > message. -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (HIVE-6741) HiveServer2 startup fails in secure (kerberos) mode due to backward incompatible hadoop change
[ https://issues.apache.org/jira/browse/HIVE-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13984991#comment-13984991 ] Hive QA commented on HIVE-6741: --- {color:red}Overall{color}: -1 at least one tests failed Here are the results of testing the latest attachment: https://issues.apache.org/jira/secure/attachment/12642517/HIVE-6741.3.patch {color:red}ERROR:{color} -1 due to 19 failed/errored test(s), 5490 tests executed *Failed tests:* {noformat} org.apache.hadoop.hive.cli.TestCliDriver.testCliDriver_groupby2_map_skew org.apache.hadoop.hive.cli.TestCliDriver.testCliDriver_index_compact_binary_search org.apache.hadoop.hive.cli.TestCliDriver.testCliDriver_stats_list_bucket org.apache.hadoop.hive.cli.TestCliDriver.testCliDriver_stats_partscan_1_23 org.apache.hadoop.hive.cli.TestMiniTezCliDriver.testCliDriver_bucket_map_join_tez1 org.apache.hadoop.hive.cli.TestMiniTezCliDriver.testCliDriver_bucket_map_join_tez2 org.apache.hadoop.hive.cli.TestMiniTezCliDriver.testCliDriver_count org.apache.hadoop.hive.cli.TestMiniTezCliDriver.testCliDriver_limit_pushdown org.apache.hadoop.hive.cli.TestMiniTezCliDriver.testCliDriver_load_dyn_part1 org.apache.hadoop.hive.cli.TestMiniTezCliDriver.testCliDriver_mrr org.apache.hadoop.hive.cli.TestMiniTezCliDriver.testCliDriver_tez_dml org.apache.hadoop.hive.cli.TestMiniTezCliDriver.testCliDriver_tez_union org.apache.hadoop.hive.cli.TestMiniTezCliDriver.testCliDriver_union2 org.apache.hadoop.hive.cli.TestMiniTezCliDriver.testCliDriver_union3 org.apache.hadoop.hive.cli.TestMiniTezCliDriver.testCliDriver_union5 org.apache.hadoop.hive.cli.TestMiniTezCliDriver.testCliDriver_union7 org.apache.hadoop.hive.cli.TestMiniTezCliDriver.testCliDriver_union9 org.apache.hadoop.hive.cli.TestMinimrCliDriver.testCliDriver_root_dir_external_table org.apache.hadoop.hive.cli.TestNegativeCliDriver.testNegativeCliDriver_dynamic_partitions_with_whitelist {noformat} Test results: http://ec2-174-129-184-35.compute-1.amazonaws.com/jenkins/job/PreCommit-HIVE-Build/79/testReport Console output: http://ec2-174-129-184-35.compute-1.amazonaws.com/jenkins/job/PreCommit-HIVE-Build/79/console Messages: {noformat} Executing org.apache.hive.ptest.execution.PrepPhase Executing org.apache.hive.ptest.execution.ExecutionPhase Executing org.apache.hive.ptest.execution.ReportingPhase Tests exited with: TestsFailedException: 19 tests failed {noformat} This message is automatically generated. ATTACHMENT ID: 12642517 > HiveServer2 startup fails in secure (kerberos) mode due to backward > incompatible hadoop change > -- > > Key: HIVE-6741 > URL: https://issues.apache.org/jira/browse/HIVE-6741 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Affects Versions: 0.14.0 >Reporter: Vaibhav Gumashta >Assignee: Vaibhav Gumashta >Priority: Blocker > Fix For: 0.14.0 > > Attachments: HIVE-6741.1.patch, HIVE-6741.2.patch, HIVE-6741.3.patch > > > [HADOOP-10211|https://issues.apache.org/jira/browse/HADOOP-10211] made a > backward incompatible change due to which the following hive call returns a > null map > ([HiveAuthFactory-old|https://github.com/apache/hive/blob/fc3fdb19668369c56994d11df3207e14f2c5dba8/service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java#L115]): > {code} > Map hadoopSaslProps = ShimLoader.getHadoopThriftAuthBridge(). > getHadoopSaslProperties(conf); > SaslQOP hadoopSaslQOP = SaslQOP.fromString(hadoopSaslProps.get(Sasl.QOP)); > if(hadoopSaslQOP.ordinal() > saslQOP.ordinal()) { > LOG.warn(MessageFormat.format("\"hadoop.rpc.protection\" is set to higher > security level " + > "{0} then {1} which is set to {2}", hadoopSaslQOP.toString(), > ConfVars.HIVE_SERVER2_THRIFT_SASL_QOP.varname, saslQOP.toString())); > } > {code} > Since this code path is only used for logging hadoop sasl qop values in case > hadoop's qop > hive's qop, we can do away with this and add a general log > message. -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (HIVE-6741) HiveServer2 startup fails in secure (kerberos) mode due to backward incompatible hadoop change
[ https://issues.apache.org/jira/browse/HIVE-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13984916#comment-13984916 ] Jason Dere commented on HIVE-6741: -- +1 > HiveServer2 startup fails in secure (kerberos) mode due to backward > incompatible hadoop change > -- > > Key: HIVE-6741 > URL: https://issues.apache.org/jira/browse/HIVE-6741 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Affects Versions: 0.14.0 >Reporter: Vaibhav Gumashta >Assignee: Vaibhav Gumashta >Priority: Blocker > Fix For: 0.14.0 > > Attachments: HIVE-6741.1.patch, HIVE-6741.2.patch, HIVE-6741.3.patch > > > [HADOOP-10211|https://issues.apache.org/jira/browse/HADOOP-10211] made a > backward incompatible change due to which the following hive call returns a > null map > ([HiveAuthFactory-old|https://github.com/apache/hive/blob/fc3fdb19668369c56994d11df3207e14f2c5dba8/service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java#L115]): > {code} > Map hadoopSaslProps = ShimLoader.getHadoopThriftAuthBridge(). > getHadoopSaslProperties(conf); > SaslQOP hadoopSaslQOP = SaslQOP.fromString(hadoopSaslProps.get(Sasl.QOP)); > if(hadoopSaslQOP.ordinal() > saslQOP.ordinal()) { > LOG.warn(MessageFormat.format("\"hadoop.rpc.protection\" is set to higher > security level " + > "{0} then {1} which is set to {2}", hadoopSaslQOP.toString(), > ConfVars.HIVE_SERVER2_THRIFT_SASL_QOP.varname, saslQOP.toString())); > } > {code} > Since this code path is only used for logging hadoop sasl qop values in case > hadoop's qop > hive's qop, we can do away with this and add a general log > message. -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (HIVE-6741) HiveServer2 startup fails in secure (kerberos) mode due to backward incompatible hadoop change
[ https://issues.apache.org/jira/browse/HIVE-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13984633#comment-13984633 ] Jason Dere commented on HIVE-6741: -- I think it looks good - can you also add a comment to HadoopThriftAuthBridge20S.getHadoopSaslProperties() saying that method no longer works with Hadoop 2.4.0? > HiveServer2 startup fails in secure (kerberos) mode due to backward > incompatible hadoop change > -- > > Key: HIVE-6741 > URL: https://issues.apache.org/jira/browse/HIVE-6741 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Affects Versions: 0.14.0 >Reporter: Vaibhav Gumashta >Assignee: Vaibhav Gumashta >Priority: Blocker > Fix For: 0.14.0 > > Attachments: HIVE-6741.1.patch, HIVE-6741.2.patch > > > [HADOOP-10211|https://issues.apache.org/jira/browse/HADOOP-10211] made a > backward incompatible change due to which the following hive call returns a > null map > ([HiveAuthFactory-old|https://github.com/apache/hive/blob/fc3fdb19668369c56994d11df3207e14f2c5dba8/service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java#L115]): > {code} > Map hadoopSaslProps = ShimLoader.getHadoopThriftAuthBridge(). > getHadoopSaslProperties(conf); > SaslQOP hadoopSaslQOP = SaslQOP.fromString(hadoopSaslProps.get(Sasl.QOP)); > if(hadoopSaslQOP.ordinal() > saslQOP.ordinal()) { > LOG.warn(MessageFormat.format("\"hadoop.rpc.protection\" is set to higher > security level " + > "{0} then {1} which is set to {2}", hadoopSaslQOP.toString(), > ConfVars.HIVE_SERVER2_THRIFT_SASL_QOP.varname, saslQOP.toString())); > } > {code} > Since this code path is only used for logging hadoop sasl qop values in case > hadoop's qop > hive's qop, we can do away with this and add a general log > message. -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (HIVE-6741) HiveServer2 startup fails in secure (kerberos) mode due to backward incompatible hadoop change
[ https://issues.apache.org/jira/browse/HIVE-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13984586#comment-13984586 ] Vaibhav Gumashta commented on HIVE-6741: Incorporated [~prasadm]'s feedback. cc [~jdere] > HiveServer2 startup fails in secure (kerberos) mode due to backward > incompatible hadoop change > -- > > Key: HIVE-6741 > URL: https://issues.apache.org/jira/browse/HIVE-6741 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Affects Versions: 0.14.0 >Reporter: Vaibhav Gumashta >Assignee: Vaibhav Gumashta >Priority: Blocker > Fix For: 0.14.0 > > Attachments: HIVE-6741.1.patch, HIVE-6741.2.patch > > > [HADOOP-10211|https://issues.apache.org/jira/browse/HADOOP-10211] made a > backward incompatible change due to which the following hive call returns a > null map > ([HiveAuthFactory-old|https://github.com/apache/hive/blob/fc3fdb19668369c56994d11df3207e14f2c5dba8/service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java#L115]): > {code} > Map hadoopSaslProps = ShimLoader.getHadoopThriftAuthBridge(). > getHadoopSaslProperties(conf); > SaslQOP hadoopSaslQOP = SaslQOP.fromString(hadoopSaslProps.get(Sasl.QOP)); > if(hadoopSaslQOP.ordinal() > saslQOP.ordinal()) { > LOG.warn(MessageFormat.format("\"hadoop.rpc.protection\" is set to higher > security level " + > "{0} then {1} which is set to {2}", hadoopSaslQOP.toString(), > ConfVars.HIVE_SERVER2_THRIFT_SASL_QOP.varname, saslQOP.toString())); > } > {code} > Since this code path is only used for logging hadoop sasl qop values in case > hadoop's qop > hive's qop, we can do away with this and add a general log > message. -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (HIVE-6741) HiveServer2 startup fails in secure (kerberos) mode due to backward incompatible hadoop change
[ https://issues.apache.org/jira/browse/HIVE-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13947157#comment-13947157 ] Vaibhav Gumashta commented on HIVE-6741: [~prasadm] Makes sense. I also think we can get away with the log message and document it instead. Let me post a new patch. > HiveServer2 startup fails in secure (kerberos) mode due to backward > incompatible hadoop change > -- > > Key: HIVE-6741 > URL: https://issues.apache.org/jira/browse/HIVE-6741 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Affects Versions: 0.14.0 >Reporter: Vaibhav Gumashta >Assignee: Vaibhav Gumashta >Priority: Blocker > Fix For: 0.14.0 > > Attachments: HIVE-6741.1.patch > > > [HADOOP-10211|https://issues.apache.org/jira/browse/HADOOP-10211] made a > backward incompatible change due to which the following hive call returns a > null map > ([HiveAuthFactory-old|https://github.com/apache/hive/blob/fc3fdb19668369c56994d11df3207e14f2c5dba8/service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java#L115]): > {code} > Map hadoopSaslProps = ShimLoader.getHadoopThriftAuthBridge(). > getHadoopSaslProperties(conf); > SaslQOP hadoopSaslQOP = SaslQOP.fromString(hadoopSaslProps.get(Sasl.QOP)); > if(hadoopSaslQOP.ordinal() > saslQOP.ordinal()) { > LOG.warn(MessageFormat.format("\"hadoop.rpc.protection\" is set to higher > security level " + > "{0} then {1} which is set to {2}", hadoopSaslQOP.toString(), > ConfVars.HIVE_SERVER2_THRIFT_SASL_QOP.varname, saslQOP.toString())); > } > {code} > Since this code path is only used for logging hadoop sasl qop values in case > hadoop's qop > hive's qop, we can do away with this and add a general log > message. -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (HIVE-6741) HiveServer2 startup fails in secure (kerberos) mode due to backward incompatible hadoop change
[ https://issues.apache.org/jira/browse/HIVE-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13947145#comment-13947145 ] Prasad Mujumdar commented on HIVE-6741: --- [~vaibhavgumashta] This is an incompatible change and hence would be better to do this along with the hadoop upgrade. The code being removed is applicable to Hadoop 2.3. We might not switch to Hadoop 2.4 at all for Hive 0.14 as well, or may be Hadoop 2.4 will change the logic later during it's release cycle etc. In such cases the patch won't be adding any value. Also [https://issues.apache.org/jira/browse/HIVE-6657|HIVE-6657] is proposing to add miniKdc based test in Hive. I guess that would catch this problem once we upgrade, so won't miss out this patch. Regarding the actual patch, is the new unconditional log message needed at all ? It's getting printed be printed regardless the hadoop.rpc.protection and hive.server2.thrift.sasl.qop config. Would it make sense to just add it to docs and remove the message ? > HiveServer2 startup fails in secure (kerberos) mode due to backward > incompatible hadoop change > -- > > Key: HIVE-6741 > URL: https://issues.apache.org/jira/browse/HIVE-6741 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Affects Versions: 0.14.0 >Reporter: Vaibhav Gumashta >Assignee: Vaibhav Gumashta >Priority: Blocker > Fix For: 0.14.0 > > Attachments: HIVE-6741.1.patch > > > [HADOOP-10211|https://issues.apache.org/jira/browse/HADOOP-10211] made a > backward incompatible change due to which the following hive call returns a > null map > ([HiveAuthFactory-old|https://github.com/apache/hive/blob/fc3fdb19668369c56994d11df3207e14f2c5dba8/service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java#L115]): > {code} > Map hadoopSaslProps = ShimLoader.getHadoopThriftAuthBridge(). > getHadoopSaslProperties(conf); > SaslQOP hadoopSaslQOP = SaslQOP.fromString(hadoopSaslProps.get(Sasl.QOP)); > if(hadoopSaslQOP.ordinal() > saslQOP.ordinal()) { > LOG.warn(MessageFormat.format("\"hadoop.rpc.protection\" is set to higher > security level " + > "{0} then {1} which is set to {2}", hadoopSaslQOP.toString(), > ConfVars.HIVE_SERVER2_THRIFT_SASL_QOP.varname, saslQOP.toString())); > } > {code} > Since this code path is only used for logging hadoop sasl qop values in case > hadoop's qop > hive's qop, we can do away with this and add a general log > message. -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (HIVE-6741) HiveServer2 startup fails in secure (kerberos) mode due to backward incompatible hadoop change
[ https://issues.apache.org/jira/browse/HIVE-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13947093#comment-13947093 ] Vaibhav Gumashta commented on HIVE-6741: [~prasadm] Sure, we can wait. However, the problem will manifest whenever we upgrade so I thought fixing it sooner is no harm. But since 13 won't be using hadoop 2.4, let me tag this for 14. [~thejas] Had chat with hadoop folks, and it seems they won't revert the change. Check the logic for the change in this comment: https://issues.apache.org/jira/browse/HADOOP-10221?focusedCommentId=13923205&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13923205. > HiveServer2 startup fails in secure (kerberos) mode due to backward > incompatible hadoop change > -- > > Key: HIVE-6741 > URL: https://issues.apache.org/jira/browse/HIVE-6741 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Affects Versions: 0.14.0 >Reporter: Vaibhav Gumashta >Assignee: Vaibhav Gumashta >Priority: Blocker > Fix For: 0.14.0 > > Attachments: HIVE-6741.1.patch > > > [HADOOP-10211|https://issues.apache.org/jira/browse/HADOOP-10211] made a > backward incompatible change due to which the following hive call returns a > null map > ([HiveAuthFactory-old|https://github.com/apache/hive/blob/fc3fdb19668369c56994d11df3207e14f2c5dba8/service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java#L115]): > {code} > Map hadoopSaslProps = ShimLoader.getHadoopThriftAuthBridge(). > getHadoopSaslProperties(conf); > SaslQOP hadoopSaslQOP = SaslQOP.fromString(hadoopSaslProps.get(Sasl.QOP)); > if(hadoopSaslQOP.ordinal() > saslQOP.ordinal()) { > LOG.warn(MessageFormat.format("\"hadoop.rpc.protection\" is set to higher > security level " + > "{0} then {1} which is set to {2}", hadoopSaslQOP.toString(), > ConfVars.HIVE_SERVER2_THRIFT_SASL_QOP.varname, saslQOP.toString())); > } > {code} > Since this code path is only used for logging hadoop sasl qop values in case > hadoop's qop > hive's qop, we can do away with this and add a general log > message. -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (HIVE-6741) HiveServer2 startup fails in secure (kerberos) mode due to backward incompatible hadoop change
[ https://issues.apache.org/jira/browse/HIVE-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13946756#comment-13946756 ] Prasad Mujumdar commented on HIVE-6741: --- [~vaibhavgumashta] Thanks for looking into the problem. [HADOOP-10211|https://issues.apache.org/jira/browse/HADOOP-10211] seems to be fixed in Hadoop 2.4 and trunk (3.0), which are both unreleased hadoop versions. Hive is still using last hadoop release 2.3.0. Shouldn't this wait till we upgrade hadoop dependencies ? > HiveServer2 startup fails in secure (kerberos) mode due to backward > incompatible hadoop change > -- > > Key: HIVE-6741 > URL: https://issues.apache.org/jira/browse/HIVE-6741 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Affects Versions: 0.13.0 >Reporter: Vaibhav Gumashta >Assignee: Vaibhav Gumashta >Priority: Blocker > Fix For: 0.13.0 > > Attachments: HIVE-6741.1.patch > > > [HADOOP-10211|https://issues.apache.org/jira/browse/HADOOP-10211] made a > backward incompatible change due to which the following hive call returns a > null map > ([HiveAuthFactory-old|https://github.com/apache/hive/blob/fc3fdb19668369c56994d11df3207e14f2c5dba8/service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java#L115]): > {code} > Map hadoopSaslProps = ShimLoader.getHadoopThriftAuthBridge(). > getHadoopSaslProperties(conf); > SaslQOP hadoopSaslQOP = SaslQOP.fromString(hadoopSaslProps.get(Sasl.QOP)); > if(hadoopSaslQOP.ordinal() > saslQOP.ordinal()) { > LOG.warn(MessageFormat.format("\"hadoop.rpc.protection\" is set to higher > security level " + > "{0} then {1} which is set to {2}", hadoopSaslQOP.toString(), > ConfVars.HIVE_SERVER2_THRIFT_SASL_QOP.varname, saslQOP.toString())); > } > {code} > Since this code path is only used for logging hadoop sasl qop values in case > hadoop's qop > hive's qop, we can do away with this and add a general log > message. -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (HIVE-6741) HiveServer2 startup fails in secure (kerberos) mode due to backward incompatible hadoop change
[ https://issues.apache.org/jira/browse/HIVE-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13946192#comment-13946192 ] Harish Butani commented on HIVE-6741: - +1 for 0.13 > HiveServer2 startup fails in secure (kerberos) mode due to backward > incompatible hadoop change > -- > > Key: HIVE-6741 > URL: https://issues.apache.org/jira/browse/HIVE-6741 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Affects Versions: 0.13.0 >Reporter: Vaibhav Gumashta >Assignee: Vaibhav Gumashta >Priority: Blocker > Fix For: 0.13.0 > > Attachments: HIVE-6741.1.patch > > > [HADOOP-10211|https://issues.apache.org/jira/browse/HADOOP-10211] made a > backward incompatible change due to which the following hive call returns a > null map > ([HiveAuthFactory-old|https://github.com/apache/hive/blob/fc3fdb19668369c56994d11df3207e14f2c5dba8/service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java#L115]): > {code} > Map hadoopSaslProps = ShimLoader.getHadoopThriftAuthBridge(). > getHadoopSaslProperties(conf); > SaslQOP hadoopSaslQOP = SaslQOP.fromString(hadoopSaslProps.get(Sasl.QOP)); > if(hadoopSaslQOP.ordinal() > saslQOP.ordinal()) { > LOG.warn(MessageFormat.format("\"hadoop.rpc.protection\" is set to higher > security level " + > "{0} then {1} which is set to {2}", hadoopSaslQOP.toString(), > ConfVars.HIVE_SERVER2_THRIFT_SASL_QOP.varname, saslQOP.toString())); > } > {code} > Since this code path is only used for logging hadoop sasl qop values in case > hadoop's qop > hive's qop, we can do away with this and add a general log > message. -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (HIVE-6741) HiveServer2 startup fails in secure (kerberos) mode due to backward incompatible hadoop change
[ https://issues.apache.org/jira/browse/HIVE-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13946167#comment-13946167 ] Vaibhav Gumashta commented on HIVE-6741: Marking this as blocker for 13. Will submit a patch in few mins. > HiveServer2 startup fails in secure (kerberos) mode due to backward > incompatible hadoop change > -- > > Key: HIVE-6741 > URL: https://issues.apache.org/jira/browse/HIVE-6741 > Project: Hive > Issue Type: Bug > Components: HiveServer2 >Affects Versions: 0.13.0 >Reporter: Vaibhav Gumashta >Assignee: Vaibhav Gumashta >Priority: Blocker > Fix For: 0.13.0 > > > [HADOOP-10211|https://issues.apache.org/jira/browse/HADOOP-10211] made a > backward incompatible change due to which the following hive call returns a > null map > ([HiveAuthFactory-old|https://github.com/apache/hive/blob/fc3fdb19668369c56994d11df3207e14f2c5dba8/service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java#L115]): > {code} > Map hadoopSaslProps = ShimLoader.getHadoopThriftAuthBridge(). > getHadoopSaslProperties(conf); > SaslQOP hadoopSaslQOP = SaslQOP.fromString(hadoopSaslProps.get(Sasl.QOP)); > if(hadoopSaslQOP.ordinal() > saslQOP.ordinal()) { > LOG.warn(MessageFormat.format("\"hadoop.rpc.protection\" is set to higher > security level " + > "{0} then {1} which is set to {2}", hadoopSaslQOP.toString(), > ConfVars.HIVE_SERVER2_THRIFT_SASL_QOP.varname, saslQOP.toString())); > } > {code} > Since this code path is only used for logging hadoop sasl qop values in case > hadoop's qop > hive's qop, we can do away with this and add a general log > message. -- This message was sent by Atlassian JIRA (v6.2#6252)