THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Setup the CredentialProvider to store the Hive Metastore password, using the key javax.jdo.option.ConnectionPassword (the same key as used in the Hive configuration). For example, the following command adds the metastore password to a JCEKS keystore file at /tmpusr/lib/hive/conf/hive.jceks:
No Format $ hadoop credential create javax.jdo.option.ConnectionPassword -provider jceks://file/tmp/usr/lib/hive/conf/hive.jceks Enter password: Enter password again: javax.jdo.option.ConnectionPassword has been successfully created. org.apache.hadoop.security.alias.JavaKeyStoreProvider has been updated.
Make sure to restrict access to this file to just the user running the Hive Metastore server/HiveServer2.
See http://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-common/CommandsManual.html#credential for more information.Update the Hive configuration to use the designated CredentialProvider. For example to use our /tmp/usr/lib/hive/conf/hive.jceks filejceks file:
No Format <!-- Configure credential store for passwords--> <property> <name>hadoop.security.credential.provider.path</name> <value>jceks://file/tmpusr/lib/hive/conf/hive.jceks</value> </property>This configures the CredentialProvider used by http://hadoop.apache.org/docs/current/api/org/apache/hadoop/conf/Configuration.html#getPassword(java.lang.String), which is used by Hive to retrieve the metastore password.
- Remove the Hive Metastore password entry (javax.jdo.option.ConnectionPassword) from the Hive configuration. The CredentialProvider will be used instead.
- Restart Hive Metastore Server/HiveServer2.
...