I can enable TLS/SSL network encryption between a client program and Impala. How can I pass the TLS/SSL parameters to establish an Impala connection between a Talend Job and the Impala service?
There are two ways you can do this:
You can pass the TLS/SSL parameters for Impala (sslTrustStore and trustStorePassword) using the Impala principal parameter in the tImpalaConnection component:
Select Use Kerberos authentication (as the cluster is Kerberized).
Set the Impala principal field to "impala/_HOST@CLOUDERA.COM;ssl=true;sslTrustStore=C:/DL/impala/impala.jks;trustStorePassword=talend1".
Because the Hadoop cluster is not secured with Kerberos, the Use Kerberos authentication option is deselected. As a result, there is no way to provide the TLS/SSL parameters for connecting to Impala using the tImpalaConnection component.
Impala listens for HiveServer2 requests on TLS/SSL-secured ports. So, a workaround is to use the tHiveConnection component to establish a TLS/SSL-secured connection to Impala. Against either a Kerberized or non-Kerberized Hadoop Cluster, the tHiveConnection component has an Additional JDBC Settings property where you can pass the TLS/SSL parameters to encrypt the connection, for example by setting it to "ssl=true;sslTrustStore=C:/1_Thoan/B_BigData/Kerberos/hdfs.truststore;trustStorePassword=talend".
Note: You can use tHive components to interact with Impala, since they use the Hive connection for accessing Impala, but you can't use the tImpala components directly.