hiveserver2 连接报:root is not allowed to impersonate anonymous (state=08S01,code=0)

[root@node300 /root]$ beeline -u jdbc:hive2://node300:10000
SLF4J: Class path contains multiple SLF4J bindings.
SLF4J: Found binding in [jar:file:/usr/local/hive/apache-hive-3.1.2-bin/lib/log4j-slf4j-impl-2.10.0.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in [jar:file:/usr/local/hadoop/hadoop-3.2.0/share/hadoop/common/lib/slf4j-log4j12-1.7.25.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.
SLF4J: Actual binding is of type [org.apache.logging.slf4j.Log4jLoggerFactory]
Connecting to jdbc:hive2://node300:10000
20/01/15 14:04:17 [main]: WARN jdbc.HiveConnection: Failed to connect to node300:10000
Error: Could not open client transport with JDBC Uri: jdbc:hive2://node300:10000: Failed to open new session: java.lang.RuntimeException: org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.authorize.AuthorizationException): User: root is not allowed to impersonate anonymous (state=08S01,code=0)
Beeline version 3.1.2 by Apache Hive

核心在于root is not allowed to impersonate anonymous (state=08S01,code=0)，

hadoop 里面有一种安全伪装机制，保证hadoop不允许上层系统直接将实际用户传递到hadoop层，而是将实际用户传递给一个超级代理，通过该代理在hadoop上面执行操作，避免任意客户端随意操作hadoop；而Hadoop内部还是沿用Linux对应的用户和权限，当用户使用哪个Linux启动Hadoop时，对应到Hadoop里面的用户也是那个；

所以需要去修改一下hadoop主节点里面的core-site.xml文件

<property>
    <name>hadoop.proxyuser.root.hostsname>
    <value>*value>
property>
<property>
    <name>hadoop.proxyuser.root.groupsname>
    <value>*value>
property>

注意，此处我用root运行的hadoop，你可能不是这个用户，自行修改

hiveserver2 启动都会占用会话，可以采用后台启动的方式：

nohup hive --service hiveserver2 &

访问hive安装的IP:10002，可以看到当前hive的连接数，以及操作的记录

参考：https://blog.csdn.net/Maslii/article/details/103988294