内容纲要
概要描述
使用须知:
TDH6.2.0之后的版本都开启了zookeeper强认证,修复安全漏扫的时候会被扫出zookeeper的安全认证问题,本实验演示在开启了强认证的环境如何通过java访问hyperbase服务
以下开发环境以IDEA + Windows10 + jdk1.8 + Maven3.6.1为例
请安装好以上开发工具
详细说明
获取Hbase api运行依赖的jar包
- HBase API的依赖jar包都在如下列表中
jar名称中 * 位置是包的版本号,这些jar的版本号根据您使用的TDH版本的不同会有所不同,以您集群上正在使用的包为准:
hbase-client-*-transwarp.jar
hbase-bson-*-transwarp.jar
hbase-common-*-transwarp.jar
hbase-protocol-*-transwarp.jar
hadoop-common-*-transwarp.jar
hadoop-auth-*-transwarp.jar
hadoop-annotations-*-transwarp.jar
hadoop-mapreduce-client-core-*-transwarp.jar
commons-codec-*.jar
commons-io-*.jar
commons-lang-*.jar
commons-logging-*.jar
commons-collections-*.jar
guava-*.jar
protobuf-java-*.jar
netty-*.Final.jar
htrace-core-*.jar
elasticsearch-*-transwarp.jar
jackson-mapper-asl-*.jar
findbugs-annotations-*.jar
zookeeper-*-transwarp.jar
log4j-*.jar
commons-configuration-*.jar
slf4j-api-*.jar
slf4j-log4j12-*.jar
jsch-*.jar
jzlib-*.jar
hbase-hyperbase-*-transwarp.jar
- 进入容器内部将jar包使用命令scp获取
-
获取hyperbase服务所在pod
kubectl get pod|grep hyperbase
-
进入任意一个该服务pod中,这里以regionserver为例
kubectl exec -it hyperbase-regionserver-hyperbase1-2285948569-0b7cl bash
-
取出jar包
scp /usr/lib/hbase/lib/*.jar 172.22.33.1:/mnt/disk3
demo参考如下
import com.google.protobuf.ServiceException;
import org.apache.commons.codec.DecoderException;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.hbase.Cell;
import org.apache.hadoop.hbase.CellUtil;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.HColumnDescriptor;
import org.apache.hadoop.hbase.HTableDescriptor;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.client.Admin;
import org.apache.hadoop.hbase.client.Connection;
import org.apache.hadoop.hbase.client.ConnectionFactory;
import org.apache.hadoop.hbase.client.HBaseAdmin;
import org.apache.hadoop.hbase.client.HTable;
import org.apache.hadoop.hbase.client.Result;
import org.apache.hadoop.hbase.client.ResultScanner;
import org.apache.hadoop.hbase.client.Scan;
import org.apache.hadoop.hbase.util.Bytes;
import org.apache.hadoop.security.UserGroupInformation;
import java.io.IOException;
public class hyperbase {
private static Connection conn;
private static final String ZK_QUORUM = "hbase.zookeeper.quorum";
private static final String ZK_CLIENT_PORT = "hbase.zookeeper.property.clientPort";
private static final String ZK_POS = "mll01:2181,mll02:2181,mll03:2181";
private static final String ZK_PORT_VALUE = "2181";
private static Configuration conf;
public static void main(String[] args) throws IOException, ServiceException, DecoderException {
System.setProperty("java.security.krb5.conf", "D:\\work\\tmp\\krb5.conf");
System.setProperty("java.security.auth.login.config", "D:\\work\\tmp\\jaas.conf");
conf = HBaseConfiguration.create();
conf.addResource(new Path("D:\\work\\tmp\\hbase-site.xml"));
conf.addResource(new Path("D:\\work\\tmp\\hdfs-site.xml"));
conf.addResource(new Path("D:\\work\\tmp\\core-site.xml"));
conf.set(ZK_QUORUM, ZK_POS);
conf.set(ZK_CLIENT_PORT, ZK_PORT_VALUE);
conf.set("hadoop.security.authentication", "kerberos");
UserGroupInformation.setConfiguration(conf);
UserGroupInformation.loginUserFromKeytab("hbase/mll01@TDH", "D:\\work\\tmp\\hyperbase.keytab");
//创建连接池
try {
conn = ConnectionFactory.createConnection(conf);
} catch (Exception e) {
e.printStackTrace();
}
scanData("yangliu");
// HBaseAdmin.checkHBaseAvailable(conf);
// Admin admin = conn.getAdmin();
// HTableDescriptor tableDescriptor = new HTableDescriptor(TableName.valueOf("forpoc"));
// 给表描述对象增加列族
// tableDescriptor.addFamily(new HColumnDescriptor("cf"));
// admin.createTable(tableDescriptor);
// conn.close();
}
public static void scanData(String tableName) throws IOException, DecoderException {
HTable table = (HTable) conn.getTable(TableName.valueOf(tableName));
Scan scan = new Scan();
ResultScanner resultScanner = table.getScanner(scan);
for (Result result : resultScanner) {
for (Cell cell : result.rawCells()) {
String row = new String(CellUtil.cloneRow(cell));
String family = new String(CellUtil.cloneFamily(cell));
String Qualifier = new String(CellUtil.cloneQualifier(cell));
String value = new String(CellUtil.cloneValue(cell));
System.out.println("row: " + row + " family: " + family + " Qualifier: "+Qualifier +" value: " + value);
}
System.out.println("----------------------");
}
table.close();
conn.close();
}
}
注意:
- ZK_POS参数是zookeeper的三个节点;
- ZK_PORT_VALUE参数是zookeeper默认的端口号2181;
- 替换demo中的java.security.krb5.conf参数对应的文件为实际路径,该文件对应集群节点的/etc/krb5.conf文件;
- 替换demo中的java.security.auth.login.config参数对应的文件为实际路径,该文件对应集群节点的/etc/hyperbase1/conf/jaas.conf;
- 指定集群配置文件,分别对应集群中位置/etc/hyperbase1/conf/hbase-site.xml、/etc/hdfs1/conf/hdfs-site.xml、/etc/hdfs1/conf/core-site.xml;
- 指定keytab文件所在的位置;
- 在windows的hosts文件中配置集群的host信息;
- 修改代码中指定的jaas.conf文件中涉及keytab的路径为实际路径
替换完毕之后,可以看到hyperbase对应表中的数据: