cdh版本：5.14
主要參照官方文檔：https://www.cloudera.com/documentation/enterprise/5-14-x/topics/sentry.html

創(chuàng)新互聯(lián)成立與2013年，是專業(yè)互聯(lián)網(wǎng)技術(shù)服務(wù)公司，擁有項(xiàng)目成都網(wǎng)站建設(shè)、做網(wǎng)站網(wǎng)站策劃，項(xiàng)目實(shí)施與項(xiàng)目整合能力。我們以讓每一個(gè)夢(mèng)想脫穎而出為使命，1280元西峰做網(wǎng)站,已為上家服務(wù),為西峰各地企業(yè)和個(gè)人服務(wù),聯(lián)系電話:18982081108

一.部署sentry服務(wù)
1.配置：官方建議將hive metastore的heap size至少設(shè)為10GB：
Set the HMS heap size to at least 10 GB. This is required because by default, Sentry uses 12 connections to communicate with HMS. To verify the HMS heap size, open the Hive service, click the Configuration tab, and search for the Java Heap Size of Hive Meatstore Server in Bytes property.

hive中每百萬(wàn)個(gè)對(duì)象（包括servers, databases, tables, partitions, columns, URIs, and views），則sentry的Heap Size相應(yīng)地需要2.25GB：
Cloudera recommends that for each Sentry host, you have 2.25 GB memory per million objects in the Hive database. Hive objects include servers, databases, tables, partitions, columns, URIs, and views.

Make sure that the JVM heap size is set to a value that is appropriate for the memory requirements. You can check the heap size in Cloudera Manager. Open the Sentry service, click the Configuration tab, and search for the Java Heap Size of Sentry Server in Bytes property. Set that property to the maximum size for the Java process heap memory.

2.安裝sentry
在CDH中添加sentry服務(wù)

3.開啟sentry服務(wù)之前的準(zhǔn)備工作
Using the default Hive warehouse directory - Permissions on the warehouse directory must be set as follows (see following Note for caveats):
771 on the directory itself (by default, /user/hive/warehouse)
771 on all subdirectories (for example, /user/hive/warehouse/mysubdir)
All files and subdirectories should be owned by hive:hive
For example:
$ sudo -u hdfs hdfs dfs -chmod -R 771 /user/hive/warehouse
$ sudo -u hdfs hdfs dfs -chown -R hive:hive /user/hive/warehouse

在hive服務(wù)中勾選開啟senrty認(rèn)證
去除hiveserver2配置項(xiàng)：HiveServer2 Enable Impersonation
增加yarn nodemanager選項(xiàng)-Allowed System Users：增加hive
在hive配置 hadoop.proxyuser.hive.groups，增加hive,hue,sentry

二.集成

1.hive配置項(xiàng)Sentry 服務(wù)，選擇sentry
2.impala配置項(xiàng)Sentry 服務(wù) 選擇sentry
3.hue配置項(xiàng)Sentry 服務(wù) 選擇sentry

另外有需要云服務(wù)器可以了解下創(chuàng)新互聯(lián)scvps.cn，海內(nèi)外云服務(wù)器15元起步，三天無理由+7*72小時(shí)售后在線，公司持有idc許可證，提供“云服務(wù)器、裸金屬服務(wù)器、高防服務(wù)器、香港服務(wù)器、美國(guó)服務(wù)器、虛擬主機(jī)、免備案服務(wù)器”等云主機(jī)租用服務(wù)以及企業(yè)上云的綜合解決方案，具有“安全穩(wěn)定、簡(jiǎn)單易用、服務(wù)可用性高、性價(jià)比高”等特點(diǎn)與優(yōu)勢(shì)，專為企業(yè)上云打造定制，能夠滿足用戶豐富、多元化的應(yīng)用場(chǎng)景需求。

網(wǎng)站欄目：cdh啟用sentry的步驟-創(chuàng)新互聯(lián)
URL分享：http://weahome.cn/article/cddhgo.html