About Release 7.9.0
This site contains documentation for HPE Ezmeral Data Fabric release 7.9.0, including installation, configuration, administration, and reference content, as well as content for the associated ecosystem components and drivers.
7.9.0 Installation
This section contains information about installing and upgrading HPE Ezmeral Data Fabric software. It also contains information about how to migrate data and applications from an Apache Hadoop cluster to a HPE Ezmeral Data Fabric cluster.
7.9.0 Data Fabric
HPE Ezmeral Data Fabric is the industry-leading data platform for AI and analytics that solves enterprise business needs.
7.9.0 Administration
This section describes how to manage the nodes and services that make up a cluster.
7.9.0 Development
This section contains information related to application development for Ezmeral ecosystem components and HPE Ezmeral Data Fabric products, including the file system, Database (Key-Value and JSON), and Event Streams.
- Application Development Process
  Before you start developing applications on the HPE Ezmeral Data Fabric platform, consider how you will get the data into the platform, the storage format of the data, the type of processing or modeling that is required, and how the data will be accessed.
- File Store and Apps
  The following sections provide information about accessing the File Store with C and Java applications.
- HPE Ezmeral Data Fabric Database and Apps
  This section contains information about developing client applications for JSON and key-value tables.
- Apache Kafka Wire Protocol Service
  HPE Ezmeral Data Fabric Streams supports Apache Kafka Wire Protocol Service. Apache Kafka Wire Protocol Service is a TCP/IP service that emulates a Kafka cluster backed by HPE Ezmeral Data Fabric Streams. The service makes it possible for Apache Kafka clients written in any programming language to access topics in HPE Ezmeral Data Fabric Streams.
- HPE Ezmeral Data Fabric Streams and Apps
  HPE Ezmeral Data Fabric Streams brings integrated publish and subscribe messaging to HPE Ezmeral Data Fabric.
- MapReduce and Apps
  This section contains information associated with developing YARN applications.
- Kubernetes Interfaces for Data Fabric
  This section describes how to leverage the capabilities of the Kubernetes Interfaces for Data Fabric.
- Ecosystem Components
  The following sections provide information about each open-source project that is supported by the HPE Ezmeral Data Fabric.
  - Ecosystem Packs
  - Apache Airflow
    This topic provides an overview of Apache Airflow on HPE Ezmeral Data Fabric.
  - AsyncHBase
  - Cascading
  - Apache Drill
  - Hadoop
  - HBase
  - HBase Client and HPE Ezmeral Data Fabric Database Binary Tables
  - HCatalog
  - Hive
    - Getting Started with Hive
    - Configuring Hive
      - Configure Hive Directories
      - Configuring Hive Client on a Data Fabric Client Node
        This topic describes how to configure the Hive client on a Data Fabric client node.
      - Configuring MSCK REPAIR TABLE
        This section guides you through configuring MSCK REPAIR TABLE command to compare and update the partitions in Hive Metastore and file systems.
      - Configuring Database for Hive Metastore
      - User Impersonation for Hive
      - Hive Security
        Hive Security Configuration Options
        This section describes changes made in Hive default configuration. It shows how to configure Hive after manual installation.
        Hive Authentication
        The authentication method that you configure for the Hive Metastore, HiveServer2, and WebHcat determines how these Hive components access and connect to each other.
        Authentication for Hive Metastore
        Configuring Hive Metastore Authentication
        This section describes how to configure the hive.metastore.authentication property for secured and unsecured clusters. It describes cases when the property must be configured explicitly and when it can be omitted from hive-site.xml.
        Configure Hive Metastore to use MapR-SASL
        Configuring Hive Metastore Clients to use MapR-SASL
        Configure Hive Metastore to use Kerberos
        Configure Hive Metastore Clients to use Kerberos
        When the Hive Metastore is configured to use Kerberos authentication, you must also configure Hive Metastore Clients to use Kerberos when authenticating with Hive Metastore.
        Authentication for HiveServer2
        Authentication for WebHCat
        Configuring Hive for SCRAM Token Authentication
        This topic describes the manual and automatic options to configure Hive for SCRAM token authentication.
        Hive Encryption
        When you configure encryption, the thrift messages sent between the Hive Metastore, HiveServer 2, and HiveServer2 clients are encrypted.
        Hive Password Encryption
        EEP 4.0 introduces default configuration for Hive Metastore password encryption using the Data Fabric Installer. The password is stored in the hive-site.xml file.
        Hive Authorization
        HPE Ezmeral Data Fabric has built-in platform authorization that protects all data regardless of the execution engine. This topic describes alternative authorization modes you can choose to implement.
        Fallback Hive Authorizer
        Fallback Hive Authorizer is used by Hive DDL (Data Definition Language) tasks for access control and for checking authorization from Driver.doAuthorization().
      - Considerations for Hive on JDK 17
    - Integrating Hive
    - Managing Hive Services
    - Connecting to Hive
    - Enabling High Availability for Hive
      This section describes how to enable High Availability for HiveServer2 and HiveMetastore.
    - Hive Features in HPE Ezmeral Data Fabric
      Describes HPE Ezmeral Data Fabric-specific features in Hive.
    - Hive 3.1.3 API Changes
      This topic describes the public API changes that occurred between Hive 2.3.9 EEP 8.1.0 and Hive 3.1.3 EEP 9.0.0.
    - Hive 2.3 API Changes
      This topic describes the public API changes that occurred between Hive 2.1 EEP 5.0.0 and Hive 2.3 EEP 6.0.0.
    - Hive 2.1 API
    - Troubleshooting Hive and Tez
    - Hive Logging
      This section describes Hive logging for Hive 2.1 and later releases and includes information about log splitting.
  - HttpFS
  - Hue
  - Livy
    Apache Livy is primarily used to provide integration between Hue and Spark.
  - HPE Ezmeral Data Fabric Streams Clients and Tools
    Describes the supported HPE Ezmeral Data Fabric Streams tools and clients.
  - NiFi
    This topic provides an overview of Apache NiFi on HPE Ezmeral Data Fabric.
  - OTel
    This topic provides an overview of OpenTelemetry on HPE Ezmeral Data Fabric.
  - Ranger
  - Apache Spark
  - YARN
  - Zeppelin
- Maven and the HPE Ezmeral Data Fabric
  This section discusses topics associated with Maven and the HPE Ezmeral Data Fabric.
- Developer's Reference
  This section contains in-depth information for the developer.
- API Documentation
  HPE Ezmeral Data Fabric supports public APIs for file system, HPE Ezmeral Data Fabric Database, and HPE Ezmeral Data Fabric Streams. These APIs are available for application-development purposes.
Other Docs
This section contains release-independent information, including: Installer documentation, Ecosystem release notes, interoperability matrices, security vulnerabilities, and links to other data-fabric version documentation.
Glossary
Definitions for commonly used terms in MapR Converged Data Platform environments.

Configure Hive Metastore to use Kerberos

About this task

Enabling Hive Metastore to use Kerberos authentication requires a kerberos principal, kerberos keytab, and the following configurations.

Complete the following steps on each node where a Hive Metastore is installed:

Procedure

Create a Kerberos server identity and add it to a keytab file. You can use the following commands in a Linux-based Kerberos environment to set up the identity and update the keytab file:
NOTE
MapR clusters do not provide Kerberos infrastructure. The tips in this step assume a Linux-based Kerberos environment, and the specific commands for your environment may vary. Consult with your Kerberos administrator for assistance.
```
# kadmin
    : addprinc -randkey username/<FQDN@REALM>
    : ktadd -k /opt/mapr/conf/hive.keytab username/<FQDN@REALM>
```
The hive.keytab file must be owned and readable only by the mapr user.

Configure the following properties in the following file:

/opt/mapr/hive/hive-<version>/conf/hive-site.xml

Property	Value
`hive.metastore.kerberos.keytab.file`	The Keytab file that contains the HiveMetastore principal.
`hive.metastore.kerberos.principal`	<The HiveMetastore principal. For example, mapr/<FQDN@REALM>.>

<property>
  <name>hive.metastore.kerberos.keytab.file</name>
  <value>/opt/mapr/conf/metastore.keytab</value>
  <description>The path to the Kerberos Keytab file containing the metastore thrift server's service principal.</description>                   
</property>
<property>
  <name>hive.metastore.kerberos.principal</name>
  <value>mapr/<FQDN@REALM></value>
  <description>The service principal for the metastore thrift server. The special string _HOST will be replaced automatically with the correct hostname.</description>
</property>

Configure the following properties in /opt/mapr/conf/env.sh on each node where the Hive Metastore is installed:
- Set MAPR_HIVE_LOGIN _OPTS to
```
"-Dhadoop.login=hybrid"
```
- Set MAPR_HIVE_SERVER_LOGIN_OPTS to
```
"-Dhadoop.login=hybrid"
```

Partners Support Dev-Hub Community Training ALA Privacy Policy Glossary

HPE Ezmeral Data Fabric – Customer-Managed 7.9.0 Documentation
Abstract	This site contains documentation for the customer-managed platform of the HPE Ezmeral Data Fabric version 7.9.0 including installation, configuration, administration, and reference content, as well as content for the associated bundled ecosystem components and drivers.
Published	November 2024
Edition	7.9.0