Configuring the Hive Migrator service
The Hive Migrator service is responsible for communication between agents and migration of metadata.
Find details here for configuring the Hive Migrator service.
#
Security#
Basic authenticationimportant
When basic authentication is enabled on Hive Migrator, update the LiveData UI with the credentials to maintain functionality.
#
Edit application.yamlFollow these steps to enable basic authentication on the Hive Migrator REST API:
Open
/etc/wandisco/hivemigrator/application.yaml
In the security section, ensure enabled: is set to "true". For example,
Ensure the enabled parameter is truemicronaut: security: enabled: true
Save and close the file.
#
Edit hive-migrator.yamlApply these steps if basic authentication is enabled on the LiveData Migrator REST API
Open
/etc/wandisco/hivemigrator/hive-migrator.yaml
.In the LiveDataMigrator block, add
username
andpassword
. Both credentials should match those used for LiveData Migrator core.Exampleintegration: liveDataMigrator: port: 18080 useSsl: false username: "admin" password: "password"
Add properties,
username
, andpassword
to the integration section.Don't indent: these are top-level properties. Use your LiveData Migrator username so that you only need to authenticate once when connecting through the CLI.
The password string needs to be encrypted using a bcrypt generator that provides a "2a" prefix at the beginning of the encrypted password.
Exampleintegration:liveDataMigrator: port: 18080 useSsl: false username: "admin" password: "password"storagePath: /opt/wandisco/hivemigrator/hivemigrator.dbusername: "admin"password: "$2a$10$3gc/9QTnGQQj51e0YRAK.OAplbj4A9S4sx7rRpMSOSpb5UrLW2p/."
Restart the Hive Migrator service to enable the new configuration:
service hivemigrator restart
tip
The username and password values can be changed without having to restart the Hive Migrator service. They will become active once you have saved the file.
#
Connecting to Hive Migrator with basic authenticationnote
Follow these steps if you have used different credentials for LiveData Migrator and Hive Migrator, or if basic authentication is not enabled on LiveData Migrator.
If you have used the same credentials for both services, this step is not required.
When basic authentication is enabled, provide the username and password when prompted to connect to Hive Migrator through the CLI:
connect hivemigrator localhost: trying to connect...Username: adminPassword: ***********Connected to hivemigrator v1.2.1-428 on http://localhost:6780.
The username and password will also be required when accessing the Hive Migrator REST API directly.
#
TLS certificatesWhen deploying a remote agent (for example: Azure SQL or AWS Glue), a TLS connection will be established by default between Hive Migrator and the remote agent.
Certificates (and keys) are automatically generated for this connection for both Hive Migrator and the remote agent. These are placed in the following directories:
/etc/wandisco/hivemigrator/client-key.pem/etc/wandisco/hivemigrator/client-cert.pem/etc/wandisco/hivemigrator/ca-cert.pem/etc/wandisco/hivemigrator/ca-key.pem/etc/wandisco/hivemigrator/ca-cert.srl
/etc/wandisco/hivemigrator-remote-server/server-key.pem/etc/wandisco/hivemigrator-remote-server/server-cert.pem/etc/wandisco/hivemigrator-remote-server/ca-cert.pem
You can generate new certificates at any time or upload your own.
#
Generate new certificatesimportant
You must generate new certificates for Hive Migrator and all remote agents that are connected.
Generating certificates for just one of these components will break existing connections.
Generate new certificates and keys by using the following Hive Migrator REST API endpoints:
POST ​/config​/certificates​/generate
POST ​/agents/{name}/certificates/generate
The remote agent service will automatically restart when new certificates are generated this way. The Hive Migrator service does not require a restart to start using new certificates.
#
Upload your own certificatesimportant
Make sure the correct certificates and keys are uploaded for Hive Migrator and all remote agents that are connected.
Existing connections will break if the trust relationship is not established between Hive Migrator and remote agents.
Upload certificates and keys by using the following Hive Migrator REST API endpoints:
POST ​/config​/certificates​/upload
POST ​/agents/{name}/certificates/upload
The remote agent service will automatically restart when new certificates are uploaded this way. The Hive Migrator service does not require a restart to start using new certificates.
#
Directory structureThe following directories are used for Hive Migrator:
Location | Content |
---|---|
/var/log/wandisco/hivemigrator | Logs |
/etc/wandisco/hivemigrator | Configuration files |
/opt/wandisco/hivemigrator | Java archive files |
/var/run/hivemigrator | Runtime files |
#
Remote serversThe following directories are used for Hive Migrator remote servers (remote agents):
Location | Content |
---|---|
/var/log/wandisco/hivemigrator-remote-server | Logs |
/etc/wandisco/hivemigrator-remote-server | Configuration files |
/opt/wandisco/hivemigrator-remote-server | Java archive files |
/var/run/hivemigrator-remote-server | Runtime files |