EMR 011 Presto JDBC with SSL on EMR - qyjohn/AWS_Tutorials GitHub Wiki
- Create a security configuration to enable in-transit encryption. You can refer to the following AWS documentation on how to achieve this. This configures the internal communication between Presto nodes to use SSL/TLS.
https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-data-encryption.html
- After the EMR cluster becomes running, SSH into the master node. In /etc/hadoop/conf/ssl-client.xml, take note of the following properties. It should be noted that the actual values on your EMR cluster will be different from the following example.
<property>
<name>ssl.client.keystore.location</name>
<value>/usr/share/aws/emr/security/conf/keystore.jks</value>
</property>
<property>
<name>ssl.client.keystore.password</name>
<value>SzW7JMOH9N</value>
</property>
<property>
<name>ssl.client.truststore.location</name>
<value>/usr/share/aws/emr/security/conf/truststore.jks</value>
</property>
<property>
<name>ssl.client.truststore.password</name>
<value>ercfo6j2pI</value>
</property>
-
The Presto JDBC driver is located in /usr/lib/presto/presto-jdbc/
-
Use the following JDBC connection in your Java code:
String JDBC_DRIVER = "com.facebook.presto.jdbc.PrestoDriver";
String DB_URL = "jdbc:presto://ip-xxx-xxx-xx-xx.us-west-2.compute.internal:8446/hive/default";
Properties properties = new Properties();
properties.setProperty("user", "hadoop");
properties.setProperty("password", "hadoop");
properties.setProperty("SSL", "true");
Class.forName(JDBC_DRIVER);
Connection conn = DriverManager.getConnection(DB_URL, properties);
- Use the following command to run your Java application. You will need to use the properties and values obtained in step 2.
java -cp presto-jdbc-0.215.jar:. -Djavax.net.ssl.trustStore="/usr/share/aws/emr/security/conf/truststore.jks" -Djavax.net.ssl.trustStorePassword="ercfo6j2pI" -Djavax.net.ssl.keyStore="/usr/share/aws/emr/security/conf/keystore.jks" -Djavax.net.keyStorePassword="SzW7JMOH9N" YourApplication