You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@phoenix.apache.org by st...@apache.org on 2020/01/13 08:45:25 UTC
svn commit: r1872704 - in /phoenix/site: publish/language/datatypes.html
publish/language/functions.html publish/language/index.html
publish/server.html source/src/site/markdown/server.md
Author: stoty
Date: Mon Jan 13 08:45:24 2020
New Revision: 1872704
URL: http://svn.apache.org/viewvc?rev=1872704&view=rev
Log:
Document: PHOENIX-5642 Add HTTPS support to Phoenix Query Server and thin client
additional changes to PQS page:
- Mention unbundled phoenix-queryserver
- Remove incomplete URL option list, refer Avacitca documentation instead
Modified:
phoenix/site/publish/language/datatypes.html
phoenix/site/publish/language/functions.html
phoenix/site/publish/language/index.html
phoenix/site/publish/server.html
phoenix/site/source/src/site/markdown/server.md
Modified: phoenix/site/publish/language/datatypes.html
URL: http://svn.apache.org/viewvc/phoenix/site/publish/language/datatypes.html?rev=1872704&r1=1872703&r2=1872704&view=diff
==============================================================================
--- phoenix/site/publish/language/datatypes.html (original)
+++ phoenix/site/publish/language/datatypes.html Mon Jan 13 08:45:24 2020
@@ -1,7 +1,7 @@
<!DOCTYPE html>
<!--
- Generated by Apache Maven Doxia at 2020-01-09
+ Generated by Apache Maven Doxia at 2020-01-13
Rendered using Reflow Maven Skin 1.1.0 (http://andriusvelykis.github.io/reflow-maven-skin)
-->
<html xml:lang="en" lang="en">
Modified: phoenix/site/publish/language/functions.html
URL: http://svn.apache.org/viewvc/phoenix/site/publish/language/functions.html?rev=1872704&r1=1872703&r2=1872704&view=diff
==============================================================================
--- phoenix/site/publish/language/functions.html (original)
+++ phoenix/site/publish/language/functions.html Mon Jan 13 08:45:24 2020
@@ -1,7 +1,7 @@
<!DOCTYPE html>
<!--
- Generated by Apache Maven Doxia at 2020-01-09
+ Generated by Apache Maven Doxia at 2020-01-13
Rendered using Reflow Maven Skin 1.1.0 (http://andriusvelykis.github.io/reflow-maven-skin)
-->
<html xml:lang="en" lang="en">
Modified: phoenix/site/publish/language/index.html
URL: http://svn.apache.org/viewvc/phoenix/site/publish/language/index.html?rev=1872704&r1=1872703&r2=1872704&view=diff
==============================================================================
--- phoenix/site/publish/language/index.html (original)
+++ phoenix/site/publish/language/index.html Mon Jan 13 08:45:24 2020
@@ -1,7 +1,7 @@
<!DOCTYPE html>
<!--
- Generated by Apache Maven Doxia at 2020-01-09
+ Generated by Apache Maven Doxia at 2020-01-13
Rendered using Reflow Maven Skin 1.1.0 (http://andriusvelykis.github.io/reflow-maven-skin)
-->
<html xml:lang="en" lang="en">
Modified: phoenix/site/publish/server.html
URL: http://svn.apache.org/viewvc/phoenix/site/publish/server.html?rev=1872704&r1=1872703&r2=1872704&view=diff
==============================================================================
--- phoenix/site/publish/server.html (original)
+++ phoenix/site/publish/server.html Mon Jan 13 08:45:24 2020
@@ -1,7 +1,7 @@
<!DOCTYPE html>
<!--
- Generated by Apache Maven Doxia at 2020-01-07
+ Generated by Apache Maven Doxia at 2020-01-13
Rendered using Reflow Maven Skin 1.1.0 (http://andriusvelykis.github.io/reflow-maven-skin)
-->
<html xml:lang="en" lang="en">
@@ -177,7 +177,8 @@
</div>
<div class="section">
<h2 id="Installation">Installation</h2>
- <p>The query server and its JDBC client are part of the standard Phoenix distribution. They require no additional dependencies.</p>
+ <p>In the 4.x and 5.0 releases the query server and its JDBC client are part of the standard Phoenix distribution. They require no additional dependencies.</p>
+ <p>After the 5.0 release, the query server has been unbundled into the phoenix-queryserver repository, and its version number has been reset to 1.0. At the time of writing there is no released version of the standalone query server.</p>
</div>
<div class="section">
<h2 id="Usage">Usage</h2>
@@ -201,10 +202,10 @@
<pre>jdbc:phoenix:thin:url=<scheme>://<server-hostname>:<port>[;option=value...]
</pre>
</div>
- <p><tt><scheme></tt> specifies the transport protocol used when communicating with the server. The only supported transport at this time is <tt>http</tt>.</p>
+ <p><tt><scheme></tt> specifies the transport protocol (http or https) used when communicating with the server.</p>
<p><tt><server-hostname></tt> is the name of the host offering the service.</p>
<p><tt><port></tt> is the port number on which the host is listening. Default is <tt>8765</tt>, though this is configurable (see below).</p>
- <p>A full list of options that can be provided via the JDBC URL string is <a href="#jdbc_url_options">available in the below table</a></p>
+ <p>The full list of options that can be provided via the JDBC URL string is <a class="externalLink" href="https://calcite.apache.org/avatica/docs/client_reference.html">available in the Avatica documentation</a></p>
<p>The script <tt>bin/sqlline-thin.py</tt> is intended to behave identically to its sibling script <tt>bin/sqlline.py</tt>. It supports the following usage options.</p>
<div class="source">
<pre>bin/sqlline-thin.py [[scheme://]host[:port]] [sql_file]
@@ -280,115 +281,133 @@ log4j.logger.org.eclipse.jetty.server=IN
<td colspan="3"> </td>
</tr>
<tr class="a">
- <td colspan="3"><b>Configurations relating to server connecting to a secure cluster.</b></td>
+ <td colspan="3"><b>Configurations relating to HTTPS.</b></td>
</tr>
<tr class="b">
+ <td colspan="3"><i>HTTPS support is only available in the unbundled phoenix-queryserver 1.0.0-SNAPSHOT version at the time of writing.</i></td>
+ </tr>
+ <tr class="a">
<td><b>Property</b></td>
<td><b>Description</b></td>
<td><b>Default</b></td>
</tr>
+ <tr class="b">
+ <td><small>phoenix.queryserver.tls.enabled</small></td>
+ <td style="text-align: left;">Boolean which controls if QueryServer uses HTTPS transport. When using HTTPS, the key- and trustore files, and their passwords must also be provided.</td>
+ <td>false</td>
+ </tr>
+ <tr class="a">
+ <td><small>phoenix.queryserver.tls.keystore</small></td>
+ <td style="text-align: left;">The keystore file that contains the private key of the HTTPS service</td>
+ <td><i>unset</i></td>
+ </tr>
+ <tr class="b">
+ <td><small>phoenix.queryserver.tls.keystore.password</small></td>
+ <td style="text-align: left;">The password for the keystore file that contains the HTTPS private key</td>
+ <td><i>empty string</i></td>
+ </tr>
<tr class="a">
+ <td><small>phoenix.queryserver.tls.truststore</small></td>
+ <td style="text-align: left;">The keystore file that contains the HTTPS certificate</td>
+ <td><i>unset</i></td>
+ </tr>
+ <tr class="b">
+ <td><small>phoenix.queryserver.tls.truststore.password</small></td>
+ <td style="text-align: left;">The password for the keystore file that contains the HTTPS certificate</td>
+ <td><i>empty string</i></td>
+ </tr>
+ <tr class="a">
+ <td colspan="3"> </td>
+ </tr>
+ <tr class="b">
+ <td colspan="3"><b>Configurations relating to server connecting to a secure cluster.</b></td>
+ </tr>
+ <tr class="a">
+ <td><b>Property</b></td>
+ <td><b>Description</b></td>
+ <td><b>Default</b></td>
+ </tr>
+ <tr class="b">
<td><small>hbase.security.authentication</small></td>
<td style="text-align: left;">When set to "kerberos", the server will attempt to log in before initiating Phoenix connections.</td>
<td><i>Specified hbase-default.xml</i></td>
</tr>
- <tr class="b">
+ <tr class="a">
<td><small>phoenix.queryserver.keytab.file</small></td>
<td style="text-align: left;">The key to look for keytab file.</td>
<td><i>unset</i></td>
</tr>
- <tr class="a">
+ <tr class="b">
<td><small>phoenix.queryserver.kerberos.principal</small></td>
<td style="text-align: left;">The kerberos principal to use when authenticating. If phoenix.queryserver.kerberos.http.principal is not configured, this principal specified will be also used to both authenticate SPNEGO connections and to connect to HBase.</td>
<td><i>unset</i></td>
</tr>
- <tr class="b">
+ <tr class="a">
<td><small>phoenix.queryserver.http.keytab.file</small></td>
<td style="text-align: left;">The keytab file to use for authenticating SPNEGO connections. This configuration MUST be specified if phoenix.queryserver.kerberos.http.principal is configured. phoenix.queryserver.keytab.file will be used if this property is undefined.</td>
<td><i>unset</i></td>
</tr>
- <tr class="a">
+ <tr class="b">
<td><small>phoenix.queryserver.http.kerberos.principal</small></td>
<td style="text-align: left;">The kerberos principal to use when authenticating SPNEGO connections. phoenix.queryserver.kerberos.principal will be used if this property is undefined.</td>
<td><i>unset</i></td>
</tr>
- <tr class="b">
+ <tr class="a">
<td><small>phoenix.queryserver.kerberos.http.principal</small></td>
<td style="text-align: left;">Deprecated, use phoenix.queryserver.http.kerberos.principal instead.</td>
<td><i>unset</i></td>
</tr>
- <tr class="a">
+ <tr class="b">
<td><small>phoenix.queryserver.kerberos.allowed.realms</small></td>
<td style="text-align: left;">A comma-separated list of Kerberos realms, other than that of the PQS's HTTP principal's realm, that should be allowed to authenticate with PQS via SPNEGO.</td>
<td><i>unset</i></td>
</tr>
- <tr class="b">
+ <tr class="a">
<td><small>phoenix.queryserver.dns.nameserver</small></td>
<td style="text-align: left;">The DNS hostname</td>
<td>default</td>
</tr>
- <tr class="a">
+ <tr class="b">
<td><small>phoenix.queryserver.dns.interface</small></td>
<td style="text-align: left;">The name of the network interface to query for DNS.</td>
<td>default</td>
</tr>
- <tr class="b">
+ <tr class="a">
<td colspan="3"> </td>
</tr>
- <tr class="a">
+ <tr class="b">
<td colspan="3"><b>Configurations relating to the server connection cache.</b></td>
</tr>
- <tr class="b">
+ <tr class="a">
<td><b>Property</b></td>
<td><b>Description</b></td>
<td><b>Default</b></td>
</tr>
- <tr class="a">
+ <tr class="b">
<td><small>avatica.connectioncache.concurrency</small></td>
<td style="text-align: left;">Connection cache concurrency level. Default is 10.</td>
<td>10</td>
</tr>
- <tr class="b">
+ <tr class="a">
<td><small>avatica.connectioncache.initialcapacity</small></td>
<td style="text-align: left;">Connection cache initial capacity. Default is 100.</td>
<td>100</td>
</tr>
- <tr class="a">
+ <tr class="b">
<td><small>avatica.connectioncache.maxcapacity</small></td>
<td style="text-align: left;"> Connection cache maximum capacity. Approaching this point, the cache will start to evict least recently used connection objects. Default is 1000. </td>
<td>1000</td>
</tr>
- <tr class="b">
+ <tr class="a">
<td><small>avatica.connectioncache.expiryduration</small></td>
<td style="text-align: left;"> Connection cache expiration duration. Any connections older than this value will be discarded. Default is 10 minutes. </td>
<td>10</td>
</tr>
- <tr class="a">
+ <tr class="b">
<td><small>avatica.connectioncache.expiryunit</small></td>
<td style="text-align: left;"> Connection cache expiration unit. Unit modifier applied to the value provided in avatica.connectioncache.expiryunit. Default is minutes. </td>
<td>MINUTES</td>
</tr>
- <tr class="b">
- <td colspan="3"> </td>
- </tr>
- <tr class="a">
- <td colspan="3" id="jdbc_url_options"><b>JDBC URL options.</b></td>
- </tr>
- <tr class="b">
- <td><small>url</small></td>
- <td style="text-align: left;"> The URL of the QueryServer. </td>
- <td>null</td>
- </tr>
- <tr class="a">
- <td><small>serialization</small></td>
- <td style="text-align: left;"> The client-side analogy to phoenix.queryserver.serialization in the server to control how the client should serialize data to send to the QueryServer. </td>
- <td>PROTOBUF</td>
- </tr>
- <tr class="b">
- <td><small>timeZone</small></td>
- <td style="text-align: left;"> The time zone the JDBC connection should use. If not provided, the time zone will be specified by JVM. The value of this should be parseable by Java's TimeZone class. </td>
- <td>null</td>
- </tr>
<tr class="a">
<td colspan="3"> </td>
</tr>
Modified: phoenix/site/source/src/site/markdown/server.md
URL: http://svn.apache.org/viewvc/phoenix/site/source/src/site/markdown/server.md?rev=1872704&r1=1872703&r2=1872704&view=diff
==============================================================================
--- phoenix/site/source/src/site/markdown/server.md (original)
+++ phoenix/site/source/src/site/markdown/server.md Mon Jan 13 08:45:24 2020
@@ -25,9 +25,13 @@ tested thoroughly enough to be stated as
## Installation
-The query server and its JDBC client are part of the standard Phoenix
+In the 4.x and 5.0 releases the query server and its JDBC client are part of the standard Phoenix
distribution. They require no additional dependencies.
+After the 5.0 release, the query server has been unbundled into the phoenix-queryserver
+repository, and its version number has been reset to 1.0. At the time of writing
+there is no released version of the standalone query server.
+
## Usage
### Server
@@ -61,16 +65,16 @@ The JDBC connection string is composed a
jdbc:phoenix:thin:url=<scheme>://<server-hostname>:<port>[;option=value...]
-`<scheme>` specifies the transport protocol used when communicating with the
-server. The only supported transport at this time is `http`.
+`<scheme>` specifies the transport protocol (http or https) used when communicating with the
+server.
`<server-hostname>` is the name of the host offering the service.
`<port>` is the port number on which the host is listening. Default is `8765`,
though this is configurable (see below).
-A full list of options that can be provided via the JDBC URL string is [available
-in the below table](#jdbc_url_options)
+The full list of options that can be provided via the JDBC URL string is [available
+in the Avatica documentation](https://calcite.apache.org/avatica/docs/client_reference.html)
The script `bin/sqlline-thin.py` is intended to behave identically to its
sibling script `bin/sqlline.py`. It supports the following usage options.
@@ -163,6 +167,41 @@ configuration.
</tr>
<tr><td colspan="3"> </td></tr>
<tr>
+ <td colspan="3"><b>Configurations relating to HTTPS.</b></td>
+ </tr>
+ <tr>
+ <td colspan="3"><em>HTTPS support is only available in the unbundled phoenix-queryserver 1.0.0-SNAPSHOT
+version at the time of writing.</em></td>
+ </tr>
+ <tr><td><b>Property</b></td><td><b>Description</b></td><td><b>Default</b></td></tr>
+ <tr>
+ <td><small>phoenix.queryserver.tls.enabled</small></td>
+ <td style="text-align: left;">Boolean which controls if QueryServer uses HTTPS transport.
+ When using HTTPS, the key- and trustore files, and their passwords must also be provided.</td>
+ <td>false</td>
+ </tr>
+ <tr>
+ <td><small>phoenix.queryserver.tls.keystore</small></td>
+ <td style="text-align: left;">The keystore file that contains the private key of the HTTPS service</td>
+ <td><em>unset</em></td>
+ </tr>
+ <tr>
+ <td><small>phoenix.queryserver.tls.keystore.password</small></td>
+ <td style="text-align: left;">The password for the keystore file that contains the HTTPS private key</td>
+ <td><em>empty string</em></td>
+ </tr>
+ <tr>
+ <td><small>phoenix.queryserver.tls.truststore</small></td>
+ <td style="text-align: left;">The keystore file that contains the HTTPS certificate</td>
+ <td><em>unset</em></td>
+ </tr>
+ <tr>
+ <td><small>phoenix.queryserver.tls.truststore.password</small></td>
+ <td style="text-align: left;">The password for the keystore file that contains the HTTPS certificate</td>
+ <td><em>empty string</em></td>
+ </tr>
+ <tr><td colspan="3"> </td></tr>
+ <tr>
<td colspan="3"><b>Configurations relating to server connecting to a secure cluster.</b></td>
</tr>
<tr><td><b>Property</b></td><td><b>Description</b></td><td><b>Default</b></td></tr>
@@ -259,34 +298,6 @@ configuration.
</tr>
<tr><td colspan="3"> </td></tr>
<tr>
- <td colspan="3" id="jdbc_url_options"><b>JDBC URL options.</b></td>
- </tr>
- <tr>
- <td><small>url</small></td>
- <td style="text-align: left;">
- The URL of the QueryServer.
- </td>
- <td>null</td>
- </tr>
- <tr>
- <td><small>serialization</small></td>
- <td style="text-align: left;">
- The client-side analogy to phoenix.queryserver.serialization in the server
- to control how the client should serialize data to send to the QueryServer.
- </td>
- <td>PROTOBUF</td>
- </tr>
- <tr>
- <td><small>timeZone</small></td>
- <td style="text-align: left;">
- The time zone the JDBC connection should use. If not provided, the
- time zone will be specified by JVM. The value of this should be parseable by
- Java's TimeZone class.
- </td>
- <td>null</td>
- </tr>
- <tr><td colspan="3"> </td></tr>
- <tr>
<td colspan="3"><b>Configurations relating to the server statement cache.</b></td>
</tr>
<tr><td><b>Property</b></td><td><b>Description</b></td><td><b>Default</b></td></tr>