java连接开启强认证hyperbase环境demo

  其他常见问题
内容纲要

概要描述

使用须知:
TDH6.2.0之后的版本都开启了zookeeper强认证,修复安全漏扫的时候会被扫出zookeeper的安全认证问题,本实验演示在开启了强认证的环境如何通过java访问hyperbase服务

以下开发环境以IDEA + Windows10 + jdk1.8 + Maven3.6.1为例
请安装好以上开发工具

详细说明

获取Hbase api运行依赖的jar包

  1. HBase API的依赖jar包都在如下列表中

jar名称中 * 位置是包的版本号,这些jar的版本号根据您使用的TDH版本的不同会有所不同,以您集群上正在使用的包为准:

hbase-client-*-transwarp.jar
hbase-bson-*-transwarp.jar
hbase-common-*-transwarp.jar
hbase-protocol-*-transwarp.jar
hadoop-common-*-transwarp.jar
hadoop-auth-*-transwarp.jar
hadoop-annotations-*-transwarp.jar
hadoop-mapreduce-client-core-*-transwarp.jar
commons-codec-*.jar
commons-io-*.jar
commons-lang-*.jar
commons-logging-*.jar
commons-collections-*.jar
guava-*.jar
protobuf-java-*.jar
netty-*.Final.jar
htrace-core-*.jar
elasticsearch-*-transwarp.jar
jackson-mapper-asl-*.jar
findbugs-annotations-*.jar
zookeeper-*-transwarp.jar
log4j-*.jar
commons-configuration-*.jar
slf4j-api-*.jar
slf4j-log4j12-*.jar
jsch-*.jar
jzlib-*.jar
hbase-hyperbase-*-transwarp.jar
  1. 进入容器内部将jar包使用命令scp获取

  • 获取hyperbase服务所在pod

    kubectl get pod|grep hyperbase

  • 进入任意一个该服务pod中,这里以regionserver为例

    kubectl exec -it hyperbase-regionserver-hyperbase1-2285948569-0b7cl bash

  • 取出jar包

    scp /usr/lib/hbase/lib/*.jar 172.22.33.1:/mnt/disk3

demo参考如下

import com.google.protobuf.ServiceException;
import org.apache.commons.codec.DecoderException;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.hbase.Cell;
import org.apache.hadoop.hbase.CellUtil;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.HColumnDescriptor;
import org.apache.hadoop.hbase.HTableDescriptor;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.client.Admin;
import org.apache.hadoop.hbase.client.Connection;
import org.apache.hadoop.hbase.client.ConnectionFactory;
import org.apache.hadoop.hbase.client.HBaseAdmin;
import org.apache.hadoop.hbase.client.HTable;
import org.apache.hadoop.hbase.client.Result;
import org.apache.hadoop.hbase.client.ResultScanner;
import org.apache.hadoop.hbase.client.Scan;
import org.apache.hadoop.hbase.util.Bytes;
import org.apache.hadoop.security.UserGroupInformation;

import java.io.IOException;

public class hyperbase {
    private static Connection conn;
    private static final String ZK_QUORUM = "hbase.zookeeper.quorum";
    private static final String ZK_CLIENT_PORT = "hbase.zookeeper.property.clientPort";
    private static final String ZK_POS = "mll01:2181,mll02:2181,mll03:2181";
    private static final String ZK_PORT_VALUE = "2181";
    private static Configuration conf;

    public static void main(String[] args) throws IOException, ServiceException, DecoderException {
        System.setProperty("java.security.krb5.conf", "D:\\work\\tmp\\krb5.conf");
        System.setProperty("java.security.auth.login.config", "D:\\work\\tmp\\jaas.conf");
        conf = HBaseConfiguration.create();
        conf.addResource(new Path("D:\\work\\tmp\\hbase-site.xml"));
        conf.addResource(new Path("D:\\work\\tmp\\hdfs-site.xml"));
        conf.addResource(new Path("D:\\work\\tmp\\core-site.xml"));
        conf.set(ZK_QUORUM, ZK_POS);
        conf.set(ZK_CLIENT_PORT, ZK_PORT_VALUE);
        conf.set("hadoop.security.authentication", "kerberos");
        UserGroupInformation.setConfiguration(conf);
        UserGroupInformation.loginUserFromKeytab("hbase/mll01@TDH", "D:\\work\\tmp\\hyperbase.keytab");
        //创建连接池
        try {
            conn = ConnectionFactory.createConnection(conf);
        } catch (Exception e) {
            e.printStackTrace();
        }
        scanData("yangliu");
//        HBaseAdmin.checkHBaseAvailable(conf);
//        Admin admin = conn.getAdmin();
//        HTableDescriptor tableDescriptor = new HTableDescriptor(TableName.valueOf("forpoc"));
        // 给表描述对象增加列族
//        tableDescriptor.addFamily(new HColumnDescriptor("cf"));
//       admin.createTable(tableDescriptor);
//       conn.close();
    }

    public static void scanData(String tableName) throws IOException, DecoderException {
        HTable table = (HTable) conn.getTable(TableName.valueOf(tableName));
        Scan scan = new Scan();
        ResultScanner resultScanner = table.getScanner(scan);
        for (Result result : resultScanner) {
            for (Cell cell : result.rawCells()) {
                String row = new String(CellUtil.cloneRow(cell));
                String family = new String(CellUtil.cloneFamily(cell));
                String Qualifier = new String(CellUtil.cloneQualifier(cell));
                String value = new String(CellUtil.cloneValue(cell));

                System.out.println("row: " + row + " family: " + family + " Qualifier: "+Qualifier +" value: " + value);
            }
            System.out.println("----------------------");
        }
        table.close();
        conn.close();
    }
}

注意

  1. ZK_POS参数是zookeeper的三个节点;
  2. ZK_PORT_VALUE参数是zookeeper默认的端口号2181;
  3. 替换demo中的java.security.krb5.conf参数对应的文件为实际路径,该文件对应集群节点的/etc/krb5.conf文件;
  4. 替换demo中的java.security.auth.login.config参数对应的文件为实际路径,该文件对应集群节点的/etc/hyperbase1/conf/jaas.conf;
  5. 指定集群配置文件,分别对应集群中位置/etc/hyperbase1/conf/hbase-site.xml、/etc/hdfs1/conf/hdfs-site.xml、/etc/hdfs1/conf/core-site.xml;
  6. 指定keytab文件所在的位置;
  7. 在windows的hosts文件中配置集群的host信息;
  8. 修改代码中指定的jaas.conf文件中涉及keytab的路径为实际路径

file

替换完毕之后,可以看到hyperbase对应表中的数据:

file

这篇文章对您有帮助吗?

平均评分 5 / 5. 次数: 1

尚无评价,您可以第一个评哦!

非常抱歉,这篇文章对您没有帮助.

烦请您告诉我们您的建议与意见,以便我们改进,谢谢您。