Configure Hive Metastore to Use Kerberos Authentication

  1. Configure the following properties in hive-site.xml (/opt/mapr/hive/hive-<version>/conf/hive-site.xml):
    Property Value
    hive.metastore.kerberos.keytab.file (The Keytab file that contains the HiveMetastore principle.)
    hive.metastore.kerberos.principal (The HiveMetastore principal. For example, mapr/<FQDN@REALM>).
      <description>The path to the Kerberos Keytab file containing the metastore thrift server's service principal.</description>          
      <description>The service principal for the metastore thrift server. The special string _HOST will be replaced automatically with the correct hostname.</description>
  2. Configure the following properties in /opt/mapr/conf/ on each node where the Hive Metastore is installed:
    • Set MAPR_HIVE_LOGIN _OPTS to "-Dhadoop.login=hybrid"
    • Set MAPR_HIVE_SERVER_LOGIN_OPTS to "-Dhadoop.login=hybrid"