diff --git common/src/java/org/apache/hadoop/hive/conf/HiveConf.java common/src/java/org/apache/hadoop/hive/conf/HiveConf.java index 44d9a57..fd92598 100644 --- common/src/java/org/apache/hadoop/hive/conf/HiveConf.java +++ common/src/java/org/apache/hadoop/hive/conf/HiveConf.java @@ -947,6 +947,10 @@ HIVE_SERVER2_SSL_KEYSTORE_PATH("hive.server2.keystore.path", ""), HIVE_SERVER2_SSL_KEYSTORE_PASSWORD("hive.server2.keystore.password", ""), + // server socket related + HIVE_SERVER2_READ_SOCKET_TIMEOUT("hive.server2.read.socket.timeout", 0), + HIVE_SERVER2_TCP_KEEP_ALIVE("hive.server2.tcp.keepalive", false), + HIVE_SECURITY_COMMAND_WHITELIST("hive.security.command.whitelist", "set,reset,dfs,add,delete,compile"), HIVE_CONF_RESTRICTED_LIST("hive.conf.restricted.list", "hive.security.authenticator.manager,hive.security.authorization.manager"), diff --git conf/hive-default.xml.template conf/hive-default.xml.template index e53df4f..d0f5fef 100644 --- conf/hive-default.xml.template +++ conf/hive-default.xml.template @@ -945,7 +945,22 @@ hive.server2.thrift.http.max.worker.threads 500 Maximum number of worker threads when in HTTP mode. - + + + + hive.server2.read.socket.timeout + 0 + + Timeout for the HiveServer2 to close the connection if no response from the client in N seconds. + In http mode, it's translated to maxIdleTime of jetty connector. + + + + + hive.server2.tcp.keepalive + false + Whether to enable TCP keepalive for HiveServer2. Not effective in http mode. + hive.script.recordreader diff --git metastore/src/java/org/apache/hadoop/hive/metastore/TServerSocketKeepAlive.java metastore/src/java/org/apache/hadoop/hive/metastore/TServerSocketKeepAlive.java index 9ac18dc..c62a475 100644 --- metastore/src/java/org/apache/hadoop/hive/metastore/TServerSocketKeepAlive.java +++ metastore/src/java/org/apache/hadoop/hive/metastore/TServerSocketKeepAlive.java @@ -18,6 +18,7 @@ package org.apache.hadoop.hive.metastore; +import java.net.ServerSocket; import java.net.SocketException; import org.apache.thrift.transport.TServerSocket; @@ -30,6 +31,11 @@ * */ public class TServerSocketKeepAlive extends TServerSocket { + + public TServerSocketKeepAlive(ServerSocket serverSocket) throws TTransportException { + super(serverSocket); + } + public TServerSocketKeepAlive(int port) throws TTransportException { super(port, 0); } diff --git service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java index 72b3e7e..ae4a563 100644 --- service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java +++ service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java @@ -214,18 +214,18 @@ public static TTransport getSSLSocket(String host, int port, int loginTimeout, return TSSLTransportFactory.getClientSocket(host, port, loginTimeout, params); } - public static TServerSocket getServerSocket(String hiveHost, int portNum) + public static TServerSocket getServerSocket(String hiveHost, int portNum, int socketTimeout) throws TTransportException { - InetSocketAddress serverAddress = null; + InetSocketAddress serverAddress; if (hiveHost != null && !hiveHost.isEmpty()) { serverAddress = new InetSocketAddress(hiveHost, portNum); } else { - serverAddress = new InetSocketAddress(portNum); + serverAddress = new InetSocketAddress(portNum); } - return new TServerSocket(serverAddress ); + return new TServerSocket(serverAddress, socketTimeout); } - public static TServerSocket getServerSSLSocket(String hiveHost, int portNum, + public static TServerSocket getServerSSLSocket(String hiveHost, int portNum, int socketTimeout, String keyStorePath, String keyStorePassWord) throws TTransportException, UnknownHostException { TSSLTransportFactory.TSSLTransportParameters params = new TSSLTransportFactory.TSSLTransportParameters(); @@ -237,7 +237,7 @@ public static TServerSocket getServerSSLSocket(String hiveHost, int portNum, } else { serverAddress = InetAddress.getByName(hiveHost); } - return TSSLTransportFactory.getServerSocket(portNum, 0, serverAddress, params); + return TSSLTransportFactory.getServerSocket(portNum, socketTimeout, serverAddress, params); } // retrieve delegation token for the given user diff --git service/src/java/org/apache/hive/service/cli/thrift/ThriftBinaryCLIService.java service/src/java/org/apache/hive/service/cli/thrift/ThriftBinaryCLIService.java index b009a88..77eeefa 100644 --- service/src/java/org/apache/hive/service/cli/thrift/ThriftBinaryCLIService.java +++ service/src/java/org/apache/hive/service/cli/thrift/ThriftBinaryCLIService.java @@ -19,14 +19,18 @@ package org.apache.hive.service.cli.thrift; import java.net.InetSocketAddress; +import java.net.UnknownHostException; +import org.apache.hadoop.hive.conf.HiveConf; import org.apache.hadoop.hive.conf.HiveConf.ConfVars; +import org.apache.hadoop.hive.metastore.TServerSocketKeepAlive; import org.apache.hive.service.auth.HiveAuthFactory; import org.apache.hive.service.cli.CLIService; import org.apache.thrift.TProcessorFactory; import org.apache.thrift.protocol.TBinaryProtocol; import org.apache.thrift.server.TThreadPoolServer; import org.apache.thrift.transport.TServerSocket; +import org.apache.thrift.transport.TTransportException; import org.apache.thrift.transport.TTransportFactory; @@ -61,21 +65,8 @@ public void run() { serverAddress = new InetSocketAddress(portNum); } - minWorkerThreads = hiveConf.getIntVar(ConfVars.HIVE_SERVER2_THRIFT_MIN_WORKER_THREADS); - maxWorkerThreads = hiveConf.getIntVar(ConfVars.HIVE_SERVER2_THRIFT_MAX_WORKER_THREADS); + TServerSocket serverSocket = createServerSocket(hiveHost); - TServerSocket serverSocket = null; - if (!hiveConf.getBoolVar(ConfVars.HIVE_SERVER2_USE_SSL)) { - serverSocket = HiveAuthFactory.getServerSocket(hiveHost, portNum); - } else { - String keyStorePath = hiveConf.getVar(ConfVars.HIVE_SERVER2_SSL_KEYSTORE_PATH).trim(); - if (keyStorePath.isEmpty()) { - throw new IllegalArgumentException(ConfVars.HIVE_SERVER2_SSL_KEYSTORE_PATH.varname + - " Not configured for SSL connection"); - } - serverSocket = HiveAuthFactory.getServerSSLSocket(hiveHost, portNum, - keyStorePath, hiveConf.getVar(ConfVars.HIVE_SERVER2_SSL_KEYSTORE_PASSWORD)); - } TThreadPoolServer.Args sargs = new TThreadPoolServer.Args(serverSocket) .processorFactory(processorFactory) .transportFactory(transportFactory) @@ -94,4 +85,24 @@ public void run() { } } + + private TServerSocket createServerSocket(String hiveHost) throws TTransportException, UnknownHostException { + TServerSocket serverSocket; + if (!hiveConf.getBoolVar(ConfVars.HIVE_SERVER2_USE_SSL)) { + serverSocket = HiveAuthFactory.getServerSocket(hiveHost, portNum, socketTimeout); + } else { + String keyStorePath = hiveConf.getVar(ConfVars.HIVE_SERVER2_SSL_KEYSTORE_PATH).trim(); + if (keyStorePath.isEmpty()) { + throw new IllegalArgumentException(ConfVars.HIVE_SERVER2_SSL_KEYSTORE_PATH.varname + + " is not configured for SSL connection"); + } + serverSocket = HiveAuthFactory.getServerSSLSocket(hiveHost, portNum, socketTimeout, + keyStorePath, hiveConf.getVar(ConfVars.HIVE_SERVER2_SSL_KEYSTORE_PASSWORD)); + } + if (keepAlive) { + // TServerSocket is simple wrapper of internal server socket + serverSocket = new TServerSocketKeepAlive(serverSocket.getServerSocket()); + } + return serverSocket; + } } diff --git service/src/java/org/apache/hive/service/cli/thrift/ThriftCLIService.java service/src/java/org/apache/hive/service/cli/thrift/ThriftCLIService.java index 5c87bcb..a7e5a1e 100644 --- service/src/java/org/apache/hive/service/cli/thrift/ThriftCLIService.java +++ service/src/java/org/apache/hive/service/cli/thrift/ThriftCLIService.java @@ -70,6 +70,8 @@ protected int minWorkerThreads; protected int maxWorkerThreads; + protected int socketTimeout; + protected boolean keepAlive; protected static HiveAuthFactory hiveAuthFactory; @@ -81,6 +83,11 @@ public ThriftCLIService(CLIService cliService, String serviceName) { @Override public synchronized void init(HiveConf hiveConf) { this.hiveConf = hiveConf; + minWorkerThreads = hiveConf.getIntVar(ConfVars.HIVE_SERVER2_THRIFT_MIN_WORKER_THREADS); + maxWorkerThreads = hiveConf.getIntVar(ConfVars.HIVE_SERVER2_THRIFT_MAX_WORKER_THREADS); + + socketTimeout = hiveConf.getIntVar(ConfVars.HIVE_SERVER2_READ_SOCKET_TIMEOUT); + keepAlive = hiveConf.getBoolVar(ConfVars.HIVE_SERVER2_TCP_KEEP_ALIVE); super.init(hiveConf); } diff --git service/src/java/org/apache/hive/service/cli/thrift/ThriftHttpCLIService.java service/src/java/org/apache/hive/service/cli/thrift/ThriftHttpCLIService.java index 98d75b5..19728df 100644 --- service/src/java/org/apache/hive/service/cli/thrift/ThriftHttpCLIService.java +++ service/src/java/org/apache/hive/service/cli/thrift/ThriftHttpCLIService.java @@ -60,9 +60,6 @@ public void run() { portNum = hiveConf.getIntVar(ConfVars.HIVE_SERVER2_THRIFT_HTTP_PORT); } - minWorkerThreads = hiveConf.getIntVar(ConfVars.HIVE_SERVER2_THRIFT_HTTP_MIN_WORKER_THREADS); - maxWorkerThreads = hiveConf.getIntVar(ConfVars.HIVE_SERVER2_THRIFT_HTTP_MAX_WORKER_THREADS); - String httpPath = getHttpPath(hiveConf.getVar(HiveConf.ConfVars.HIVE_SERVER2_THRIFT_HTTP_PATH)); httpServer = new org.eclipse.jetty.server.Server(); @@ -97,6 +94,8 @@ public void run() { connector.setPort(portNum); // Linux:yes, Windows:no connector.setReuseAddress(!Shell.WINDOWS); + connector.setMaxIdleTime(socketTimeout); + httpServer.addConnector(connector); hiveAuthFactory = new HiveAuthFactory(hiveConf);