概要描述

本文主要介绍，如何在老版本（以TDH6.0.2为例）未开启强认证的环境如何通过java访问开启kerberos的hyperbase服务。

以下开发环境以IDEA + Windows10 + jdk1.8 + Maven3.6.1为例
请安装好以上开发工具

详细说明

1、获取Hbase api运行依赖的jar包

从hyperbase容器或者最新的TDH-Client/hyperbase/lib目录下，获取依赖的jar包

进入容器内部将jar包使用命令scp获取
a) 获取hyperbase服务所在pod
kubectl get pod|grep hyperbase
b) 进入任意一个该服务pod中，这里以regionserver为例
kubectl exec -it hyperbase-regionserver-hyperbase1-2285948569-0b7cl bash
c) 取出jar包
scp /usr/lib/hbase/lib/*.jar 172.22.23.1:/mnt/disk1

2、配置krb5文件

windows环境下，将集群上获取的/etc/krb5.conf文件，放置到C://Windows/krb5.ini (注意修改后缀为 ini)

3、demo参考如下

import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.*;
import org.apache.hadoop.hbase.client.*;
import org.apache.hadoop.hbase.util.Bytes;
import org.apache.hadoop.security.UserGroupInformation;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;

/**
 * Created by gordon on 2015/6/16.
 */
public class HyperbaseSecureTest {

    private static Configuration conf = null;

    static {
        Configuration HBASE_CONFIG = new Configuration();
        HBASE_CONFIG.set("hbase.zookeeper.quorum", "tdh60201,tdh60202,tdh60203");
        HBASE_CONFIG.set("hbase.master.kerberos.principal", "hbase/_HOST@TDH");
        HBASE_CONFIG.set("hbase.regionserver.kerberos.principal", "hbase/_HOST@TDH");
        HBASE_CONFIG.set("hbase.security.authentication", "kerberos");
        HBASE_CONFIG.set("zookeeper.znode.parent", "/hyperbase1");
        HBASE_CONFIG.set("hadoop.security.authentication", "kerberos");

        conf = HBaseConfiguration.create(HBASE_CONFIG);
    }

    /**
     * 创建一张表
     */
    public static void creatTable(String tableName, String[] familys) throws Exception {
        HBaseAdmin admin = new HBaseAdmin(conf);
        if (admin.tableExists(tableName)) {
            System.out.println("table already exists!");
        } else {
            HTableDescriptor tableDesc = new HTableDescriptor(tableName);
            for(int i=0; i < familys.length; i++){
                tableDesc.addFamily(new HColumnDescriptor(familys[i]));
            }
            admin.createTable(tableDesc);
            System.out.println("create table " + tableName + " ok.");
        }
    }

    /**
     * 删除表
     */
    public static void deleteTable(String tableName) throws Exception {
        try {
            HBaseAdmin admin = new HBaseAdmin(conf);
            admin.disableTable(tableName);
            admin.deleteTable(tableName);
            System.out.println("delete table " + tableName + " ok.");
        } catch (MasterNotRunningException e) {
            e.printStackTrace();
        } catch (ZooKeeperConnectionException e) {
            e.printStackTrace();
        }
    }

    /**
     * 插入一行记录
     */
    public static void addRecord (String tableName, String rowKey, String family, String qualifier, String value)
            throws Exception{
        try {
            HTable table = new HTable(conf, tableName);
            Put put = new Put(Bytes.toBytes(rowKey));
            put.add(Bytes.toBytes(family),Bytes.toBytes(qualifier),Bytes.toBytes(value));
            table.put(put);
            System.out.println("insert recored " + rowKey + " to table " + tableName +" ok.");
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    /**
     * 删除一行记录
     */
    public static void delRecord (String tableName, String rowKey) throws IOException{
        HTable table = new HTable(conf, tableName);
        List list = new ArrayList();
        Delete del = new Delete(rowKey.getBytes());
        list.add(del);
        table.delete(list);
        System.out.println("del recored " + rowKey + " ok.");
    }

    /**
     * 查找一行记录
     */
    public static void getOneRecord (String tableName, String rowKey) throws IOException{
        HTable table = new HTable(conf, tableName);
        Get get = new Get(rowKey.getBytes());
        Result rs = table.get(get);
        for(KeyValue kv : rs.raw()){
            System.out.print(new String(kv.getRow()) + " " );
            System.out.print(new String(kv.getFamily()) + ":" );
            System.out.print(new String(kv.getQualifier()) + " " );
            System.out.print(kv.getTimestamp() + " " );
            System.out.println(new String(kv.getValue()));
        }
    }

    /**
     * 显示所有数据
     */
    public static void getAllRecord (String tableName) {
        try{
            HTable table = new HTable(conf, tableName);
            Scan s = new Scan();
            ResultScanner ss = table.getScanner(s);
            for(Result r:ss){
                for(KeyValue kv : r.raw()){
                    System.out.print(new String(kv.getRow()) + " ");
                    System.out.print(new String(kv.getFamily()) + ":");
                    System.out.print(new String(kv.getQualifier()) + " ");
                    System.out.print(kv.getTimestamp() + " ");
                    System.out.println(new String(kv.getValue()));
                }
            }
        } catch (IOException e){
            e.printStackTrace();
        }
    }

    public static void main(String[] args) throws IOException {
        try {
            UserGroupInformation.setConfiguration(conf);
            UserGroupInformation.loginUserFromKeytab("hbase/tdh60201@TDH", "C:\\Users\\17171\\Desktop\\hyperbase.keytab");
//        HBaseAdmin hBaseAdmin = new HBaseAdmin(conf);
//        hBaseAdmin.createTable(new HTableDescriptor("gordon2"));

            String tablename = "scores";
            String[] familys = {"grade", "course"};
            HyperbaseSecureTest.creatTable(tablename, familys);

            //add record zkb
            HyperbaseSecureTest.addRecord(tablename,"zkb","grade","","5");
            HyperbaseSecureTest.addRecord(tablename,"zkb","course","","90");
            HyperbaseSecureTest.addRecord(tablename,"zkb","course","math","97");
            HyperbaseSecureTest.addRecord(tablename,"zkb","course","art","87");
            //add record  baoniu
            HyperbaseSecureTest.addRecord(tablename,"baoniu","grade","","4");
            HyperbaseSecureTest.addRecord(tablename,"baoniu","course","math","89");

            System.out.println("===========get one record========");
            HyperbaseSecureTest.getOneRecord(tablename, "zkb");

            System.out.println("===========show all record========");
            HyperbaseSecureTest.getAllRecord(tablename);

            System.out.println("===========del one record========");
            HyperbaseSecureTest.delRecord(tablename, "baoniu");
            HyperbaseSecureTest.getAllRecord(tablename);

            System.out.println("===========show all record========");
            HyperbaseSecureTest.getAllRecord(tablename);

        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

注意：
1、hbase.zookeeper.quorum 参数是zookeeper的三个节点，本机配置了HOSTS文件的情况下可以直接使用hostname；
HBASE_CONFIG.set("hbase.zookeeper.quorum", "tdh60201,tdh60202,tdh60203");
2、从集群获取的hyperbase.keytab文件，可以通过klist -ket hyperbase.keytab 命令获取对应的SPN
UserGroupInformation.loginUserFromKeytab("hbase/tdh60201@TDH", "C:\\Users\\17171\\Desktop\\hyperbase.keytab");

执行结果：

create table scores ok.
insert recored zkb to table scores ok.
insert recored zkb to table scores ok.
insert recored zkb to table scores ok.
insert recored zkb to table scores ok.
insert recored baoniu to table scores ok.
insert recored baoniu to table scores ok.
===========get one record========
zkb course: 1631239340867 90
zkb course:art 1631239340898 87
zkb course:math 1631239340884 97
zkb grade: 1631239340763 5
===========show all record========
baoniu course:math 1631239340924 89
baoniu grade: 1631239340915 4
zkb course: 1631239340867 90
zkb course:art 1631239340898 87
zkb course:math 1631239340884 97
zkb grade: 1631239340763 5
===========del one record========
del recored baoniu ok.
zkb course: 1631239340867 90
zkb course:art 1631239340898 87
zkb course:math 1631239340884 97
zkb grade: 1631239340763 5
===========show all record========
zkb course: 1631239340867 90
zkb course:art 1631239340898 87
zkb course:math 1631239340884 97
zkb grade: 1631239340763 5

Process finished with exit code 0