vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/mrs/component-operation-guide/mrs_01_0949.html
Yang, Tong 6182f91ba8 MRS component operation guide_normal 2.0.38.SP20 version 
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: Yang, Tong <yangtong2@huawei.com>
Co-committed-by: Yang, Tong <yangtong2@huawei.com>
2022-12-09 14:55:21 +00:00

116 lines
28 KiB
HTML
Raw Blame History

<a name="mrs_01_0949"></a><a name="mrs_01_0949"></a>
<h1 class="topictitle1">Creating a Hive Role</h1>
<div id="body1590395281683"><div class="section" id="mrs_01_0949__sc82e559d8e0945e4b64bac08d9e1cdda"><h4 class="sectiontitle">Scenario</h4><p id="mrs_01_0949__a7f9dc4a5c0fd4d1b95591ff87bc0c950">This section describes how to create and configure a Hive role on Manager as the system administrator. The Hive role can be granted the permissions of the Hive administrator and the permissions to operate Hive table data.</p>
<p id="mrs_01_0949__aebe7296ac1064ae69acd4363f98a3b11">Creating a database with Hive requires users to join in the <strong id="mrs_01_0949__b317529132919">hive</strong> group, without granting a role. Users have all permissions on the databases or tables created by themselves in Hive or HDFS. They can create tables, select, delete, insert, or update data, and grant permissions to other users to allow them to access the tables and corresponding HDFS directories and files. The created databases or tables are saved in the<strong id="mrs_01_0949__b13716516142918"> /user/hive/warehouse</strong> directory of the HDFS by default.</p>
<div class="note" id="mrs_01_0949__n6757f921e8a64929a0cc23c62f40d757"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="mrs_01_0949__ul61731222164414"><li id="mrs_01_0949__li1417322212443">A Hive role can be created only in security mode.</li><li id="mrs_01_0949__li168631085544">If the current component uses Ranger for permission control, you need to configure permission management policies based on Ranger. For details, see <a href="mrs_01_1858.html">Adding a Ranger Access Permission Policy for Hive</a> for MRS 3.<em id="mrs_01_0949__i1419333773216">x</em> or later that supports Ranger.</li></ul>
</div></div>
</div>
<div class="section" id="mrs_01_0949__s518b5e46bd1e44ee8c1a5cb080a77cf2"><h4 class="sectiontitle">Prerequisites</h4><ul id="mrs_01_0949__u2a6ff83bf38e483a88929fb6825c1ec4"><li id="mrs_01_0949__l6985f3f805b94c128da50090adefeea4">The system administrator has understood the service requirements.</li><li id="mrs_01_0949__l0f62449740814103963c97ff0fef5e3f">Log in to FusionInsight Manager.</li><li id="mrs_01_0949__l4efabb2c24294791aa965bba8735c044">The Hive client has been installed.</li></ul>
</div>
<div class="section" id="mrs_01_0949__s78d336c70e6e4e5cb2bb4d4ddb77aefb"><h4 class="sectiontitle">Procedure</h4><p id="mrs_01_0949__p1072019133617">For versions earlier than MRS 3.x, perform the following operations to create a Hive role:</p>
<ol id="mrs_01_0949__o245b950036aa4ab5a058550c3de75dcf"><li id="mrs_01_0949__li176471458192113"><span>Log in to MRS Manager.</span></li><li id="mrs_01_0949__lb2c1888a42284bc0ac8c6edb3c0fa854"><span>Choose <strong id="mrs_01_0949__b19411151419358">System</strong> &gt; <strong id="mrs_01_0949__b17516196358">Permission</strong> &gt; <strong id="mrs_01_0949__b941953315350">Manage Role</strong>.</span></li><li id="mrs_01_0949__l9325a5ebc8a044a281312f8e4b908318"><span>Click <strong id="mrs_01_0949__b184196409346">Create Role</strong>, and set <strong id="mrs_01_0949__b1425124018345">Role Name</strong> and <strong id="mrs_01_0949__b942594043416">Description</strong>.</span></li><li id="mrs_01_0949__l4bc2a125740043fbbf1b5949d6114c8c"><span>Set permissions. For details, see <a href="#mrs_01_0949__t407ce486d4824c69ba125f7c1be82b9b">Table 1</a>.</span><p><ul id="mrs_01_0949__u0ae143e7271947feadc58989ad61c6cd"><li id="mrs_01_0949__l50f63f66d3554522b1b60a4b7c54ad37"><strong id="mrs_01_0949__b9829203711514">Hive Admin Privilege</strong>: Hive administrator permissions. If you want to use this permission, run the <strong id="mrs_01_0949__b4886124110814">set role admin</strong> command to set the permission before running SQL statements.</li><li id="mrs_01_0949__l106cce80a31c49f398509ded3ccb7fd7"><strong id="mrs_01_0949__b138034717204">Hive Read Write Privileges</strong>: Hive data table management permission, which is the operation permission to set and manage the data of created tables. Select the permissions of a database as required. To specify permissions on tables, click the database name and select the permissions of the tables.</li></ul>
<div class="note" id="mrs_01_0949__n1e3a7b51789144618a13b140334a3eeb"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="mrs_01_0949__u09e13433e3a840e0ace934f9c64e6e55"><li id="mrs_01_0949__l3b18a318b02841f8b2f9890186af1e00">Hive role management supports the <span id="mrs_01_0949__ph16892520163813">Hive </span>administrator permission, and the permissions of accessing tables and views, without granting the database permission.</li><li id="mrs_01_0949__la0949c551f0b4d3ab38021f8382922f9">The permissions of the Hive administrator do not include the permission to manage HDFS.</li><li id="mrs_01_0949__l42d2bd11976f4ef79b56ee7249cd258f">If there are too many tables in the database or too many files in tables, the permission granting may last a while. For example, if a table contains 10,000 files, the permission granting lasts about 2 minutes.</li></ul>
</div></div>
<div class="tablenoborder"><a name="mrs_01_0949__t407ce486d4824c69ba125f7c1be82b9b"></a><a name="t407ce486d4824c69ba125f7c1be82b9b"></a><table cellpadding="4" cellspacing="0" summary="" id="mrs_01_0949__t407ce486d4824c69ba125f7c1be82b9b" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Setting a role</caption><thead align="left"><tr id="mrs_01_0949__r8970570f5e404ff3b4e26f1ec887b626"><th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.3.3.4.2.3.2.3.1.1"><p id="mrs_01_0949__a966f96441ec341ab81e25cd71592239c">Scenario</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.3.3.4.2.3.2.3.1.2"><p id="mrs_01_0949__a32ca2f2b7e424d8480ede0da91c11ded">Role Authorization</p>
</th>
</tr>
</thead>
<tbody><tr id="mrs_01_0949__r37ebca35241b4cae98114fef8e98c8dc"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.3.4.2.3.2.3.1.1 "><p id="mrs_01_0949__af314c609654c4df69886c974332dfe3d">Setting the Hive administrator permission</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.3.4.2.3.2.3.1.2 "><p id="mrs_01_0949__a3a16f1b645ea4893b9dbd0a7c16f56d5">In the <strong id="mrs_01_0949__b8680180133911">Permission</strong> table, click <strong id="mrs_01_0949__b1680200163910">Hive</strong> and select <strong id="mrs_01_0949__b233815217387">Hive Admin Privilege</strong>.</p>
<div class="note" id="mrs_01_0949__n768c024de71e4be5a7ca11d780550475"><span class="notetitle"> NOTE: </span><div class="notebody"><p class="textintable" id="mrs_01_0949__aeaaa930f124b470ca0f6c4f62ddfea8f">After being bound to the Hive administrator role, perform the following operations during each maintenance operation:</p>
<ol type="a" id="mrs_01_0949__o22025688792147a69a4b441a2e159ca0"><li id="mrs_01_0949__l3ec30b72298549d2b374d9add384655d">Log in to the node where the client is installed. For details, see <a href="https://docs.otc.t-systems.com/usermanual/mrs/mrs_01_0091.html" target="_blank" rel="noopener noreferrer">Installing a Client</a>.</li><li id="mrs_01_0949__l53e519f4f75e40b097f9a24dc70486d0">Run the following command to configure environment variables:<p class="litext" id="mrs_01_0949__a7cb143b430624aed9fcb7f62f733aa51"><a name="mrs_01_0949__l53e519f4f75e40b097f9a24dc70486d0"></a><a name="l53e519f4f75e40b097f9a24dc70486d0"></a>For example, if the Hive client installation directory is <strong id="mrs_01_0949__b9200144514432">/opt/hiveclient</strong>, run <strong id="mrs_01_0949__a2163e7f877a9454db8ee28ea87144eeb">source /opt/hiveclient/bigdata_env</strong>.</p>
</li><li id="mrs_01_0949__l1a40354ae9674d0da669b4fc35cc918e">Run the following command to authenticate the user:<p class="litext" id="mrs_01_0949__a48755538b3d44de38791df7ed368ab85"><a name="mrs_01_0949__l1a40354ae9674d0da669b4fc35cc918e"></a><a name="l1a40354ae9674d0da669b4fc35cc918e"></a><strong id="mrs_01_0949__b1833534919432">kinit</strong> <em id="mrs_01_0949__i2034074914318">Hive service user</em></p>
</li><li id="mrs_01_0949__l68bc41f3262f4d78852dae085cb4dd1c">Run the following command to log in to the client tool:<p class="litext" id="mrs_01_0949__a3b73ca536c184361b13af264c16b1c1d"><a name="mrs_01_0949__l68bc41f3262f4d78852dae085cb4dd1c"></a><a name="l68bc41f3262f4d78852dae085cb4dd1c"></a><strong id="mrs_01_0949__aa1e3a7d17715434ea08b2578a5591503">beeline</strong></p>
</li><li id="mrs_01_0949__le84ff71b118b4a48a9f24cbab9188f94">Run the following command to update the <span id="mrs_01_0949__ph1512102023917">Hive </span>administrator permissions:<p id="mrs_01_0949__ac94d0dcac4814326b675097bfa097f1b"><strong id="mrs_01_0949__a2707464e1e1147df8a1a6525470a5827">set role admin;</strong></p>
</li></ol>
</div></div>
</td>
</tr>
<tr id="mrs_01_0949__r32ef203c8450407ba2e7daaad43e84b3"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.3.4.2.3.2.3.1.1 "><p id="mrs_01_0949__a0bfbdb5549ff41a996b9b9516203ffca">Setting the permission to query a table of another user in the default database</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.3.4.2.3.2.3.1.2 "><ol type="a" id="mrs_01_0949__o03ff4239c1dd418a8aac1901b1a42eaf"><li id="mrs_01_0949__l9ab7163cd15648638cc721f9350ecb4c">In the <strong id="mrs_01_0949__b1084045518438">Permission</strong> table, choose <strong id="mrs_01_0949__b1936511945514">Hive</strong> &gt; <strong id="mrs_01_0949__b15351815165516">Hive Read Write Privileges</strong>.</li><li id="mrs_01_0949__l87588c577a3d440e81b1dfed39f48920">In the <strong id="mrs_01_0949__b1775914348558">Permission</strong> column of the specified table, select <strong id="mrs_01_0949__b25571640115515">SELECT</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_0949__rc691dab3ec894d229b3089f314930b46"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.3.4.2.3.2.3.1.1 "><p id="mrs_01_0949__a63c7fa067a2c482ba8938e1eb2b5329b">Setting the permission to query a table of another user in the default database</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.3.4.2.3.2.3.1.2 "><ol type="a" id="mrs_01_0949__oa035ad8e31e345b68862f21f259a443f"><li id="mrs_01_0949__lc65c2897dc464e8ab520176402b75539">In the <strong id="mrs_01_0949__b141761254444">Permission</strong> table, choose <strong id="mrs_01_0949__b118214020579">Hive</strong> &gt; <strong id="mrs_01_0949__b821817115713">Hive Read Write Privileges</strong>.</li><li id="mrs_01_0949__l4ff1a9d257c64adcbf2326a15993b241">In the <strong id="mrs_01_0949__b562302085712">Permission</strong> column of the specified table, select <strong id="mrs_01_0949__b45456465574">Insert</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_0949__racaeeea562d449f6973523ddc07996a0"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.3.4.2.3.2.3.1.1 "><p id="mrs_01_0949__a8efa8e2e06224b16826141db91790a14">Setting the permission to import data to a table of another user in the default database</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.3.4.2.3.2.3.1.2 "><ol type="a" id="mrs_01_0949__o1781c8d0839d4117be5170cc4f1f0ec5"><li id="mrs_01_0949__l1c80b919a3f04d5d9370d20b919f9231">In the <strong id="mrs_01_0949__b2098697442">Permission</strong> table, choose <strong id="mrs_01_0949__b5690123112583">Hive</strong> &gt; <strong id="mrs_01_0949__b1710233675813">Hive Read Write Privileges</strong>.</li><li id="mrs_01_0949__l7a47e3a33a1549bca1fba4d99cd1cb0d">In the <strong id="mrs_01_0949__b29487913446">Permission</strong> column of the specified table, select <strong id="mrs_01_0949__b10949793444">Delete</strong> and <strong id="mrs_01_0949__b169498964414">Insert</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_0949__redd589ffe6e7438aa2462b39d1caae46"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.3.4.2.3.2.3.1.1 "><p id="mrs_01_0949__a8cfcb2ad226748ba963e1a8cedcc5e63">Setting the permission to submit HQL commands to Yarn for execution</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.3.4.2.3.2.3.1.2 "><p id="mrs_01_0949__a180f570e2d6d46bc93fde77b2614ecff">The HQL commands used by some services are converted into MapReduce tasks and submitted to Yarn for execution. You need to set the Yarn permissions. For example, the HQL statements to be run use statements, such as <strong id="mrs_01_0949__a56ea7c5c86fc42629d4dac8bb489e410">insert</strong>, <strong id="mrs_01_0949__b2558131418111">count</strong>, <strong id="mrs_01_0949__aa27cdbc9f6b549bb98a535bd6652c79f">distinct</strong>, <strong id="mrs_01_0949__af491d3348f1c482ca39eeec197cabeeb">group by</strong>, <strong id="mrs_01_0949__a3120ee50ff664ebc8408cfa7a7846895">order by</strong>, <strong id="mrs_01_0949__ac2459da78c314850a9f4c101efe01edb">sort by</strong>, or <strong id="mrs_01_0949__a444755eb74fd419fa98f8cbafd144a28">join</strong>.</p>
<ol type="a" id="mrs_01_0949__o3001b283aedf4d219d8470bcae96c133"><li id="mrs_01_0949__l4a5cdb4e3d0c446c9896498ea1a49ce3">In the <strong id="mrs_01_0949__b117518311614">Permission</strong> table, choose <strong id="mrs_01_0949__b1179964116110">Yarn</strong> &gt; <strong id="mrs_01_0949__b1061584410119">Scheduler Queue</strong> &gt; <strong id="mrs_01_0949__b188393461014">root</strong>.</li><li id="mrs_01_0949__l9d54bd41da7e45bfa0545812963fd79c">In the <strong id="mrs_01_0949__b19716521914">Permission</strong> column of the default queue, select <strong id="mrs_01_0949__b10909957216">Submit</strong>.</li></ol>
</td>
</tr>
</tbody>
</table>
</div>
</p></li><li id="mrs_01_0949__l30dc6d42328f42c8a9d8968aadfeaf11"><span>Click <strong id="mrs_01_0949__b713711213214">OK</strong>, and return to the <strong id="mrs_01_0949__b1571761218">Role</strong> page.</span></li><li id="mrs_01_0949__li7234339135010"><span>Choose <strong id="mrs_01_0949__b13691919104412">System</strong> &gt; <strong id="mrs_01_0949__b1469661934411">Manage User</strong> &gt; <strong id="mrs_01_0949__b869621994416">Create User</strong>.</span></li><li id="mrs_01_0949__li3160666456"><span>Enter the username, set <strong id="mrs_01_0949__b8276162819313">User Type</strong> to <strong id="mrs_01_0949__b1531693617312">Human-machine</strong>, set the user password, add a user group bound with the Hive administrator role, bind the new Hive role to the user group, and click <strong id="mrs_01_0949__b185494510417">OK</strong>.</span></li><li id="mrs_01_0949__li25111610194"><span>After the user is created, you can run the SQL statement using the user.</span></li></ol>
<p id="mrs_01_0949__p136440173378">For MRS 3.<em id="mrs_01_0949__i1341313619358">x</em> or later, perform the following operations to create a Hive role:</p>
<ol id="mrs_01_0949__ol1115310213814"><li id="mrs_01_0949__li615320233813"><span>Log in to FusionInsight Manager. For details, see<a href="mrs_01_2124.html">Accessing FusionInsight Manager (MRS 3.x or Later)</a></span></li><li id="mrs_01_0949__li31535217389"><span>Choose <strong id="mrs_01_0949__b12622719153520">System</strong> &gt; <strong id="mrs_01_0949__b10627819163518">Permission</strong> &gt; <strong id="mrs_01_0949__b1662813199351">Role</strong>.</span></li><li id="mrs_01_0949__li1915317219383"><span>Click <strong id="mrs_01_0949__b985434887">Create Role</strong>, and set <strong id="mrs_01_0949__b2028410211">Role Name</strong> and <strong id="mrs_01_0949__b1121617282">Description</strong>.</span></li><li id="mrs_01_0949__li61531426387"><span>Set <strong id="mrs_01_0949__b157767817052722">Configure Resource Permission</strong>. For details, see <a href="#mrs_01_0949__table715417215388">Table 2</a>.</span><p><ul id="mrs_01_0949__ul15154325386"><li id="mrs_01_0949__li112924815165">Grant the read and execution permissions for the HDFS directory.<ul id="mrs_01_0949__ul230494851910"><li id="mrs_01_0949__li14372124612196">Click <em id="mrs_01_0949__i17911431153711">Name of the desired cluster</em> and select <strong id="mrs_01_0949__b1278012610387">HDFS</strong> for <strong id="mrs_01_0949__b355675111395">Service Name</strong>. On the displayed page, click <strong id="mrs_01_0949__b8903175816446">File System</strong>, choose <strong id="mrs_01_0949__b670823111457">hdfs://hacluster/</strong> &gt; <strong id="mrs_01_0949__b124291254713">user</strong>, locate the row where <strong id="mrs_01_0949__b214112169485">hive</strong> is located, and select <strong id="mrs_01_0949__b2714113124817">Read</strong> and <strong id="mrs_01_0949__b7208537144813">Execute</strong> in the <strong id="mrs_01_0949__b9533113314577">Permission</strong> column.</li><li id="mrs_01_0949__li77601346260">Click <em id="mrs_01_0949__i10759157175315">Name of the desired cluster</em> and select <strong id="mrs_01_0949__b77591057165320">HDFS</strong> for <strong id="mrs_01_0949__b375995718531">Service Name</strong>. On the displayed page, click <strong id="mrs_01_0949__b117591157145310">File System</strong>, choose <strong id="mrs_01_0949__b19759155715320">hdfs://hacluster/</strong> &gt; <strong id="mrs_01_0949__b4759557145318">user</strong> &gt; <strong id="mrs_01_0949__b1875955715532">hive</strong>, locate the row where <strong id="mrs_01_0949__b153151657115611">warehouse</strong> is located, and select <strong id="mrs_01_0949__b19759165715534">Read</strong> and <strong id="mrs_01_0949__b17596571533">Execute</strong> in the <strong id="mrs_01_0949__b19820174711572">Permission</strong> column.</li><li id="mrs_01_0949__li1876914557298">Click <em id="mrs_01_0949__i14259232135817">Name of the desired cluster</em> and select <strong id="mrs_01_0949__b1325963225814">HDFS</strong> for <strong id="mrs_01_0949__b5259632185817">Service Name</strong>. On the displayed page, click <strong id="mrs_01_0949__b192591032155813">File System</strong>, choose <strong id="mrs_01_0949__b4259173212586">hdfs://hacluster/</strong> &gt; <strong id="mrs_01_0949__b102591732145819">tmp</strong>, locate the row where <strong id="mrs_01_0949__b1325963216586">hive-scratch</strong> is located, and select <strong id="mrs_01_0949__b4260432125810">Read</strong> and <strong id="mrs_01_0949__b9260132105811">Execute</strong> in the <strong id="mrs_01_0949__b1126043219580">Permission</strong> column.</li></ul>
</li><li id="mrs_01_0949__li51543216385"><strong id="mrs_01_0949__b83038332452722">Hive Admin Privilege</strong>: Hive administrator permission.</li><li id="mrs_01_0949__li615411243811"><strong id="mrs_01_0949__b109369534352722">Hive Read Write Privileges</strong>: Hive data table management permission, which is the operation permission to set and manage the data of created tables.</li></ul>
<div class="note" id="mrs_01_0949__note0154324388"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="mrs_01_0949__ul515417211389"><li id="mrs_01_0949__li591619511150">In MRS 3.1.0, Hive role management supports the administrator permission, and the permissions of accessing tables and views, without granting the database permission.</li><li id="mrs_01_0949__li1115432143814">The permissions of the Hive administrator do not include the permission to manage HDFS.</li><li id="mrs_01_0949__li20154192153813">If there are too many tables in the database or too many files in tables, the permission granting may last a while. For example, if a table contains 10,000 files, the permission granting lasts about 2 minutes.</li></ul>
</div></div>
<div class="tablenoborder"><a name="mrs_01_0949__table715417215388"></a><a name="table715417215388"></a><table cellpadding="4" cellspacing="0" summary="" id="mrs_01_0949__table715417215388" frame="border" border="1" rules="all"><caption><b>Table 2 </b>Setting a role</caption><thead align="left"><tr id="mrs_01_0949__row1615420213383"><th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.3.5.4.2.3.2.3.1.1"><p id="mrs_01_0949__p61542233820">Task</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.3.5.4.2.3.2.3.1.2"><p id="mrs_01_0949__p17154425383">Role Authorization</p>
</th>
</tr>
</thead>
<tbody><tr id="mrs_01_0949__row7155192143817"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.5.4.2.3.2.3.1.1 "><p id="mrs_01_0949__p0155624388">Setting the Hive administrator permission</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.5.4.2.3.2.3.1.2 "><p id="mrs_01_0949__p1215513213387">In the <strong id="mrs_01_0949__b70840216852722">Configure Resource Permission</strong> table, choose <em id="mrs_01_0949__i13324331252722">Name of the desired cluster</em> &gt; <strong id="mrs_01_0949__b18285216052722">Hive</strong> and select <strong id="mrs_01_0949__b128389454952722">Hive Admin Privilege</strong>.</p>
<div class="note" id="mrs_01_0949__note715522123812"><span class="notetitle"> NOTE: </span><div class="notebody"><p class="textintable" id="mrs_01_0949__p151551524383">After being bound to the Hive administrator role, perform the following operations during each maintenance operation:</p>
<ol type="a" id="mrs_01_0949__ol2155122133819"><li id="mrs_01_0949__li1515515217382">Log in to the node where the Hive client is installed as the client installation user.</li><li id="mrs_01_0949__li10155152193818">Run the following command to configure environment variables:<p class="litext" id="mrs_01_0949__p19155102153815"><a name="mrs_01_0949__li10155152193818"></a><a name="li10155152193818"></a>For example, if the Hive client installation directory is <strong id="mrs_01_0949__b1826375251">/opt/hiveclient</strong>, run <strong id="mrs_01_0949__b487239377">source /opt/hiveclient/bigdata_env</strong>.</p>
</li><li id="mrs_01_0949__li01553293818">Run the following command to authenticate the user:<p class="litext" id="mrs_01_0949__p111551263816"><a name="mrs_01_0949__li01553293818"></a><a name="li01553293818"></a><strong id="mrs_01_0949__b2146576785">kinit</strong> <em id="mrs_01_0949__i2086021042">Hive service user</em></p>
</li><li id="mrs_01_0949__li1915516211389">Run the following command to log in to the client tool:<p class="litext" id="mrs_01_0949__p1715514210388"><a name="mrs_01_0949__li1915516211389"></a><a name="li1915516211389"></a><strong id="mrs_01_0949__b41558293810">beeline</strong></p>
</li><li id="mrs_01_0949__li1815520223819">Run the following command to update the administrator permissions:<p id="mrs_01_0949__p191552212383"><a name="mrs_01_0949__li1815520223819"></a><a name="li1815520223819"></a><strong id="mrs_01_0949__b215514211386">set role admin;</strong></p>
</li></ol>
</div></div>
</td>
</tr>
<tr id="mrs_01_0949__row6155162153815"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.5.4.2.3.2.3.1.1 "><p id="mrs_01_0949__p111551829389">Setting the permission to query a table of another user in the default database</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.5.4.2.3.2.3.1.2 "><ol type="a" id="mrs_01_0949__ol14155112183819"><li id="mrs_01_0949__li5155132133820">In the <strong id="mrs_01_0949__b173620318852722">Configure Resource Permission</strong> table, choose <em id="mrs_01_0949__i18185717552722">Name of the desired cluster</em> &gt; <strong id="mrs_01_0949__b190280723552722">Hive</strong> &gt; <strong id="mrs_01_0949__b127688542652722">Hive Read Write Privileges</strong>.</li><li id="mrs_01_0949__lfe65edb7f7794c8ba5479289b347e1ed">Click the name of the specified database in the database list. Tables in the database are displayed.</li><li id="mrs_01_0949__li141558213811">In the <strong id="mrs_01_0949__b18411112192610">Rights </strong>column of the specified table, choose <strong id="mrs_01_0949__b44121212265">Select</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_0949__row6155122385"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.5.4.2.3.2.3.1.1 "><p id="mrs_01_0949__p915515213381">Setting the permission to query a table of another user in the default database</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.5.4.2.3.2.3.1.2 "><ol type="a" id="mrs_01_0949__ol1515612263815"><li id="mrs_01_0949__li171566211380">In the <strong id="mrs_01_0949__b7346674052722">Configure Resource Permission</strong> table, choose <em id="mrs_01_0949__i74843636352722">Name of the desired cluster</em> &gt; <strong id="mrs_01_0949__b25275065152722">Hive</strong> &gt; <strong id="mrs_01_0949__b74058998452722">Hive Read Write Privileges</strong>.</li><li id="mrs_01_0949__lf07a86f5c219414e8deab1c53b577187">Click the name of the specified database in the database list. Tables in the database are displayed.</li><li id="mrs_01_0949__li41562210381">In the <strong id="mrs_01_0949__b170052580152722">Permission</strong> column of the specified table, select <strong id="mrs_01_0949__b183845807052722">INSERT</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_0949__row11156426389"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.5.4.2.3.2.3.1.1 "><p id="mrs_01_0949__p81567219384">Setting the permission to import data to a table of another user in the default database</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.5.4.2.3.2.3.1.2 "><ol type="a" id="mrs_01_0949__ol1315616223815"><li id="mrs_01_0949__li615662193812">In the <strong id="mrs_01_0949__b81846595552722">Configure Resource Permission</strong> table, choose <em id="mrs_01_0949__i32723194652722">Name of the desired cluster</em> &gt; <strong id="mrs_01_0949__b201239099052722">Hive</strong> &gt; <strong id="mrs_01_0949__b187132351052722">Hive Read Write Privileges</strong>.</li><li id="mrs_01_0949__l9c7d295190e74628ac95bb1a3fbe1f76">Click the name of the specified database in the database list. Tables in the database are displayed.</li><li id="mrs_01_0949__li815632163819">In the <strong id="mrs_01_0949__b121111079852722">Permission</strong> column of the specified indexes, select <strong id="mrs_01_0949__b162038862752722">DELETE</strong> and <strong id="mrs_01_0949__b201612736752722">INSERT</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_0949__row1415615243814"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.5.4.2.3.2.3.1.1 "><p id="mrs_01_0949__p1515619283819">Setting the permission to submit HQL commands to Yarn for execution</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.5.4.2.3.2.3.1.2 "><p id="mrs_01_0949__p6156822385">The HQL commands used by some services are converted into MapReduce tasks and submitted to Yarn for execution. You need to set the Yarn permissions. For example, the HQL statements to be run use statements, such as <strong id="mrs_01_0949__b1942645179">insert</strong>, <strong id="mrs_01_0949__b299277859">count</strong>, <strong id="mrs_01_0949__b1127308833">distinct</strong>, <strong id="mrs_01_0949__b1857240241">group by</strong>, <strong id="mrs_01_0949__b1930227070">order by</strong>, <strong id="mrs_01_0949__b1450539609">sort by</strong>, or <strong id="mrs_01_0949__b900493162">join</strong>.</p>
<ol type="a" id="mrs_01_0949__ol715613216381"><li id="mrs_01_0949__li515617211382">In the <strong id="mrs_01_0949__b144340299652722">Permission</strong> table, choose <em id="mrs_01_0949__i137005037652722">Name of the desired cluster</em> &gt; <strong id="mrs_01_0949__b192637680952722">Yarn</strong> &gt; <strong id="mrs_01_0949__b9427554252722">Scheduling Queue</strong> &gt; <strong id="mrs_01_0949__b39656566952722">root</strong>.</li><li id="mrs_01_0949__li1015720263812">In the <strong id="mrs_01_0949__b161011774852722">Permission</strong> column of the <strong id="mrs_01_0949__b23987984852722">default </strong>queue, select <strong id="mrs_01_0949__b166792241252722">Submit</strong>.</li></ol>
</td>
</tr>
</tbody>
</table>
</div>
</p></li><li id="mrs_01_0949__li1615716211384"><span>Click <strong id="mrs_01_0949__b2116615854">OK</strong>, and return to the <strong id="mrs_01_0949__b1640600563">Role</strong> page.</span></li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="mrs_01_0947.html">Permission Management</a></div>
</div>
</div>
View Git Blame Copy Permalink