Dremio JDBC Driver
The legacy Dremio JDBC driver is included as a part of Dremio installations under <DREMIO_HOME>/jars/jdbc-driver/. The main JAR Class is com.dremio.jdbc.Driver. You can also download the JDBC driver from here. This driver is licensed under Apache-2.0.
It is recommended to use the JDBC driver for Arrow Flight SQL, rather than this legacy JDBC driver.
A new version of the JDBC driver is made available with every release of Dremio software. However, this doesn't mean changes or new features were introduced in a driver release. Only when actual changes are made to a driver will the JDBC driver release notes be published.
Tip: To distribute query planning for JDBC connections, configure secondary coordinator nodes for your deployment.
Supported Authentication Methods
- Use the username and password of the Dremio account that you want to connect with.
- Use a username and personal access token (PAT). To generate a PAT, see Personal Access Tokens.
Setup
You can set up the JDBC driver in the following manner:
- Connect directly to the Dremio server
- Connect to the Dremio server via Zookeeper
Connecting directly to Dremio
The following configuration establishes a direct connection to a Dremio coordinator node. Planning is done on the specified node.
Connect directly to Dremio coordinator nodejdbc:dremio:direct=<DREMIO_COORDINATOR>:31010[;schema=<OPTIONAL_SCHEMA>]
Connecting to ZooKeeper
The following configuration establishes a distributed connection to Dremio coordinator nodes through a Zookeeper quorum. Planning is distributed across the available coordinator nodes.
Connect to Dremio coordinator node with ZooKeeperjdbc:dremio:zk=<ZOOKEEPER_QUORUM>:2181[;schema=<OPTIONAL_SCHEMA>]
Multiple Dremio Clusters in the same ZooKeeper Quorum
Cluster Ajdbc:dremio:zk=<ZOOKEEPER_QUORUM>:2181/path/to/ClusterA
jdbc:dremio:zk=<ZOOKEEPER_QUORUM>:2181/path/to/ClusterB
JDBC Parameters for Dremio Wire Encryption
If you are setting up encrypted communication between your JDBC client applications and the Dremio server, use the SSL JDBC connection parameters and a fully qualified host name to configure the JDBC connection string and connect to Dremio:
| Parameter | Value | Required | Description |
|---|---|---|---|
| ssl | true/false | [Optional] | If true, SSL is enabled. If not set or set to false, SSL is not enabled. |
| trustStoreType | string | [Optional] | Default: JKS The trustStore type. Allowed values are : JKS PKCS12 If the useSystemTrustStore option is set to true (on Windows only), the allowed values are: Windows-MY Windows-ROOT Import the certificate into the Trusted Root Certificate Authorities and set trustStoreType=Windows-ROOT. Also import the certificate into Trusted Root Certificate Authorities or Personal and set trustStoreType=Windows-MY. |
| trustStore | string | [Optional] | Path to the truststore. If not provided, the default Java truststore is used (usually $JAVA_HOME/lib/security/cacerts) and the trustStorePassword parameter is ignored. |
| useSystemTrustStore | true/false | [Optional] | By default, the value is true. Bypasses trustStoreType and automatically picks the correct Truststore based on the operating system: Keychain on MacOS, Local Machine and Current User Certificate Stores on Windows, and default truststore on other systems. |
| trustStorePassword | string | [Optional] | Password to the truststore. |
| disableHostVerification | true/false | [Optional] | If true, Dremio does not verify that the host in the certificate is the host we are connecting to. False by default. (Hostname verification follows the specification in RFC2818) |
| disableCertificateVerification | true/false | [Optional] | If true, Dremio does not verify the host certificate against the truststore. False by default. |
Optional Advanced JDBC Driver Properties
| Parameter | Value | Description |
|---|---|---|
| impersonation_target | string | When inbound impersonation is configured, impersonation_target is used for authorization, so it must have permission to the queried datasets, and impersonation_target appears as the identity that submitted the queries. The username used to establish the connection must be mapped to impersonation_target in the impersonation policy for the Dremio service, otherwise, the connection fails with an authorization error. In the policy, the user used to establish the connection is the proxy_principle and impersonation_target is its target_principle. For more information on configuring policies, see Inbound Impersonation. |
| routing_queue | string | Specifies the queue to use for processing queries while a connection is open. For more information, see Connection Tagging & Direct Routing Configuration. |
| routing_tag | string | Sets a tag for rule processing. The specified tag is associated with all queries executed while a connection is open. Rules can check for the presence of a tag with the function tag(). For more information, see Connection Tagging & Direct Routing Configuration. |
| token_type | string | The type of the token in the password field. Valid values are jwt for external tokens or personal_access_token for personal access tokens. If you are using your Dremio password, omit the token_type property. |
SOCKS Proxy Connection Parameters
If you want to connect to Dremio Cloud through a SOCKS proxy, use these connection parameters:
| Parameter | Type | Description | Default Value | Required? |
|---|---|---|---|---|
| socksProxyHost | string | The IP address or hostname of the SOCKS proxy. | N/A | Yes |
| socksProxyPort | integer | The port to use on the SOCKS proxy. | 1080 | No |
| socksProxyUsername | string | The username to use for connections. | N/A | No |
| socksProxyPassword | string | The password to use for connections. | N/A | Only if a username is specified. |