Known issues in Hive Virtual Warehouses on public clouds
Learn about the known issues related to Hive Virtual Warehouse in Cloudera Data Warehouse (CDW) service on public clouds, the impact or changes to the functionality, and the workaround.
- DWX-8118: INSERT INTO command fails under certain circumstances
- This problem affects users who have a PostgreSQL database as the backend Hive database. If
you create a table A and create a table B as select (CTAS) from an empty table A,
inserting values into table B fails as follows:
Error while compiling statement: FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.StatsTask.org.apache.thrift.transport.TTransportException
- Workaround: Disable auto-stats gathering: Go to
, and click the Hive VW name in the list. In , set
- DWX-5841: Virtual Warehouse endpoints are now restricted to TLS 1.2
- Problem: TLS 1.0 and 1.1 are no longer considered secure, so now Virtual Warehouse endpoints must be secured with TLS 1.2 or later, and then the environment that the Virtual Warehouse uses must be reactivated in CDW. This includes both Hive and Impala Virtual Warehouses. To reactivate the environment in the CDW UI:
- Workaround: If environment reactivation is not possible, you can perform manual
steps using the
kubectlcommand line tool to pick up the TLS 1.2 endpoint change. Open a terminal window on a system where the
kubectlcommand line tool is installed, log in, and run the following commands:
kubectl edit svc nginx-service -n <cluster-name> # Add the following under the metadata.annotations field service.beta.kubernetes.io/aws-load-balancer-ssl-negotiation-policy: "ELBSecurityPolicy-TLS-1-2-2017-01" # Save and quit the editor, and then run the following command to check your changes. kubectl get svc nginx-service -n <cluster-name> -o yaml # Make sure that the annotation you added is present.
- DWX-5926: Cloning an existing Hive Virtual Warehouse fails
- Problem: If you have an existing Hive Virtual Warehouse that you clone by selecting Clone from the drop-down menu, the cloning process fails. This does not apply to creating a new Hive Virtual Warehouse.
- Workaround: Make the following configuration change to resolve this issue:
- In the Hive Virtual Warehouse tile, click the edit icon. This launches the Virtual Warehouse details page.
- In the details page for the Virtual Warehouse, click the Configurations tab.
- Click the Hiveserver2 sub-tab.
- Select hive-site from the configuration file drop-down list menu.
- Search for the configuration property
- Set the
hive.metastore.sasl.enabledconfiguration property to
- Click Apply in the upper right corner of the page to save the configuration.
- Click the Actions menu and select Clone to clone the Hive Virtual Warehouse:
- DWX-2690: Older versions of Beeline return SSLPeerUnverifiedException when submitting a query
Problem: When submitting queries to Virtual Warehouses that use Hive, older Beeline clients return an SSLPeerUnverifiedException error:
javax.net.ssl.SSLPeerUnverifiedException: Host name ‘ec2-18-219-32-183.us-east-2.compute.amazonaws.com’ does not match the certificate subject provided by the peer (CN=*.env-c25dsw.dwx.cloudera.site) (state=08S01,code=0)
Workaround: Only use Beeline clients from CDP Runtime version 22.214.171.124 or later.