The Process of Write a File to Encryption Zone

最新推荐文章于 2020-09-28 02:09:21 发布
最新推荐文章于 2020-09-28 02:09:21 发布
阅读量429 收藏
点赞数
分类专栏: hadoop-hdfs
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/houzhizhen/article/details/78298761
版权

This is the process of command hadoop fs -put /etc/hosts /secureweblogs, and /secureweblogs is a encryption zone.

protected void copyStreamToTarget(InputStream in, PathData target)
  throws IOException {
    if (target.exists && (target.stat.isDirectory() || !overwrite)) {
      throw new PathExistsException(target.toString());
    }
    TargetFileSystem targetFs = new TargetFileSystem(target.fs);
    try {
      PathData tempTarget = target.suffix("._COPYING_");
      targetFs.setWriteChecksum(writeChecksum);
      targetFs.writeStreamToFile(in, tempTarget, lazyPersist);
      targetFs.rename(tempTarget, target);
    } finally {
      targetFs.close(); // last ditch effort to ensure temp file is removed
    }
  }
public FSDataOutputStream create(final Path f, final FsPermission permission,
    final EnumSet<CreateFlag> cflags, final int bufferSize,
    final short replication, final long blockSize, final Progressable progress,
    final ChecksumOpt checksumOpt) throws IOException {
    statistics.incrementWriteOps(1);
    Path absF = fixRelativePart(f);
    return new FileSystemLinkResolver<FSDataOutputStream>() {
      @Override
      public FSDataOutputStream doCall(final Path p)
          throws IOException, UnresolvedLinkException {
        final DFSOutputStream dfsos = dfs.create(getPathName(p), permission,
                cflags, replication, blockSize, progress, bufferSize,
                checksumOpt);
        return dfs.createWrappedOutputStream(dfsos, statistics);
      }
      @Override
      public FSDataOutputStream next(final FileSystem fs, final Path p)
          throws IOException {
        return fs.create(p, permission, cflags, bufferSize,
            replication, blockSize, progress, checksumOpt);
      }
    }.resolve(this, absF);
  }

DfsClient.create

DfsClient.create calls DFSOutputStream.newStreamForCreate


  public DFSOutputStream create(String src, 
                             FsPermission permission,
                             EnumSet<CreateFlag> flag, 
                             boolean createParent,
                             short replication,
                             long blockSize,
                             Progressable progress,
                             int buffersize,
                             ChecksumOpt checksumOpt,
                             InetSocketAddress[] favoredNodes) throws IOException {
    checkOpen();
    if (permission == null) {
      permission = FsPermission.getFileDefault();
    }
    FsPermission masked = permission.applyUMask(dfsClientConf.uMask);
    if(LOG.isDebugEnabled()) {
      LOG.debug(src + ": masked=" + masked);
    }
    final DFSOutputStream result = DFSOutputStream.newStreamForCreate(this,
        src, masked, flag, createParent, replication, blockSize, progress,
        buffersize, dfsClientConf.createChecksum(checksumOpt),
        getFavoredNodesStr(favoredNodes));
    beginFileLease(result.getFileId(), result);
    return result;
  }

DFSOutputStream.newStreamForCreate

In this method, first call 

static DFSOutputStream newStreamForCreate(DFSClient dfsClient, String src,
      FsPermission masked, EnumSet<CreateFlag> flag, boolean createParent,
      short replication, long blockSize, Progressable progress, int buffersize,
      DataChecksum checksum, String[] favoredNodes) throws IOException {
    TraceScope scope =
        dfsClient.getPathTraceScope("newStreamForCreate", src);
    try {
      HdfsFileStatus stat = null;

      // Retry the create if we get a RetryStartFileException up to a maximum
      // number of times
      boolean shouldRetry = true;
      int retryCount = CREATE_RETRY_COUNT;
      while (shouldRetry) {
        shouldRetry = false;
        try {
          stat = dfsClient.namenode.create(src, masked, dfsClient.clientName,
              new EnumSetWritable<CreateFlag>(flag), createParent, replication,
              blockSize, SUPPORTED_CRYPTO_VERSIONS);
          break;
        } catch (RemoteException re) {
         ...
    } finally {
      scope.close();
    }
  }

The fields of HdfsFileStatus

There is a FileEncryptionInfo field.



  private final byte[] path;  // local name of the inode that's encoded in java UTF8
  private final byte[] symlink; // symlink target encoded in java UTF8 or null
  private final long length;
  private final boolean isdir;
  private final short block_replication;
  private final long blocksize;
  private final long modification_time;
  private final long access_time;
  private final FsPermission permission;
  private final String owner;
  private final String group;
  private final long fileId;

  private final FileEncryptionInfo feInfo;

  // Used by dir, not including dot and dotdot. Always zero for a regular file.
  private final int childrenNum;
  private final byte storagePolicy;

  public static final byte[] EMPTY_NAME = new byte[0];

Field of FileEncryptionInfo


  private final CipherSuite cipherSuite;
  private final CryptoProtocolVersion version;
  private final byte[] edek;
  private final byte[] iv;
  private final String keyName;
  private final String ezKeyVersionName;

The Process Namennode calls create

NamenodeRpcServer.create

public HdfsFileStatus create(String src, FsPermission masked,
      String clientName, EnumSetWritable<CreateFlag> flag,
      boolean createParent, short replication, long blockSize, 
      CryptoProtocolVersion[] supportedVersions)
      throws IOException {
   ...

    HdfsFileStatus status = null;
    try {
      PermissionStatus perm = new PermissionStatus(getRemoteUser()
          .getShortUserName(), null, masked);
      status = namesystem.startFile(src, perm, clientName, clientMachine,
          flag.get(), createParent, replication, blockSize, supportedVersions,
          cacheEntry != null);
    } finally {
      RetryCache.setState(cacheEntry, status != null, status);
    }

    return status;
  }

FSNameSystem.startFile

HdfsFileStatus startFile(String src, PermissionStatus permissions,
      String holder, String clientMachine, EnumSet<CreateFlag> flag,
      boolean createParent, short replication, long blockSize, 
      CryptoProtocolVersion[] supportedVersions, boolean logRetryCache)
      throws AccessControlException, SafeModeException,
      FileAlreadyExistsException, UnresolvedLinkException,
      FileNotFoundException, ParentNotDirectoryException, IOException {

    HdfsFileStatus status = null;
    try {
      status = startFileInt(src, permissions, holder, clientMachine, flag,
          createParent, replication, blockSize, supportedVersions,
          logRetryCache);
    } catch (AccessControlException e) {
      logAuditEvent(false, "create", src);
      throw e;
    }
    return status;
  }
private HdfsFileStatus startFileInt(final String srcArg,
      PermissionStatus permissions, String holder, String clientMachine,
      EnumSet<CreateFlag> flag, boolean createParent, short replication,
      long blockSize, CryptoProtocolVersion[] supportedVersions,
      boolean logRetryCache)
      throws AccessControlException, SafeModeException,
      FileAlreadyExistsException, UnresolvedLinkException,
      FileNotFoundException, ParentNotDirectoryException, IOException {
    String src = srcArg;

    HdfsFileStatus stat = null;

    byte[][] pathComponents = FSDirectory.getPathComponentsForReservedPath(src);

    CryptoProtocolVersion protocolVersion = null;
    CipherSuite suite = null;
    String ezKeyName = null;
    EncryptedKeyVersion edek = null;

    if (provider != null) {
      readLock();
      try {
        src = dir.resolvePath(pc, src, pathComponents);
        INodesInPath iip = dir.getINodesInPath4Write(src);
        // Nothing to do if the path is not within an EZ
        final EncryptionZone zone = dir.getEZForPath(iip);
        if (zone != null) {
          protocolVersion = chooseProtocolVersion(zone, supportedVersions);
          //CryptoProtocolVersion{description='Encryption zones', version=2, unknownValue=null}
          suite = zone.getSuite(); //{name: AES/CTR/NoPadding, algorithmBlockSize: 16}
          ezKeyName = zone.getKeyName();//key1
          }
        ...

      // Generate EDEK if necessary while not holding the lock
      edek = generateEncryptedDataEncryptionKey(ezKeyName);
      EncryptionFaultInjector.getInstance().startFileAfterGenerateKey();
    }

    // Proceed with the create, using the computed cipher suite and 
    // generated EDEK
    BlocksMapUpdateInfo toRemoveBlocks = null;
    writeLock();
    try {
      checkOperation(OperationCategory.WRITE);
      checkNameNodeSafeMode("Cannot create file" + src);
      dir.writeLock();
      try {
        src = dir.resolvePath(pc, src, pathComponents);
        final INodesInPath iip = dir.getINodesInPath4Write(src);
        toRemoveBlocks = startFileInternal(
            pc, iip, permissions, holder,
            clientMachine, create, overwrite,
            createParent, replication, blockSize,
            isLazyPersist, suite, protocolVersion, edek,
            logRetryCache);
        stat = FSDirStatAndListingOp.getFileInfo(
            dir, src, false, FSDirectory.isReservedRawName(srcArg), true);
      } finally {
        dir.writeUnlock();
      }
    } catch (StandbyException se) {
      skipSync = true;
      throw se;
    } finally {
      writeUnlock();
      // There might be transactions logged while trying to recover the lease.
      // They need to be sync'ed even when an exception was thrown.
      if (!skipSync) {
        getEditLog().logSync();
        if (toRemoveBlocks != null) {
          removeBlocks(toRemoveBlocks);
          toRemoveBlocks.clear();
        }
      }
    }

    return stat;
  }

getEZForPath

 EncryptionZone getEZForPath(INodesInPath iip) {
    readLock();
    try {
      return ezManager.getEZINodeForPath(iip);
    } finally {
      readUnlock();
    }
  }

getEncryptionZoneForPath

Looks up the EncryptionZoneInt for a path within an encryption zone.
Returns null if path is not within an EZ.


  private EncryptionZoneInt getEncryptionZoneForPath(INodesInPath iip) {
    assert dir.hasReadLock();
    Preconditions.checkNotNull(iip);
    List<INode> inodes = iip.getReadOnlyINodes();
    for (int i = inodes.size() - 1; i >= 0; i--) {
      final INode inode = inodes.get(i);
      if (inode != null) {
        final EncryptionZoneInt ezi = encryptionZones.get(inode.getId());
        if (ezi != null) {
          return ezi;
        }
      }
    }
    return null;
  }

generateEncryptedDataEncryptionKey

/**
   * Invoke KeyProvider APIs to generate an encrypted data encryption key for an
   * encryption zone. Should not be called with any locks held.
   *
   * @param ezKeyName key name of an encryption zone
   * @return New EDEK, or null if ezKeyName is null
   * @throws IOException
   */
  private EncryptedKeyVersion generateEncryptedDataEncryptionKey(String
      ezKeyName) throws IOException {
    if (ezKeyName == null) {
      return null;
    }
    EncryptedKeyVersion edek = null;
    try {
      edek = provider.generateEncryptedKey(ezKeyName);
    } catch (GeneralSecurityException e) {
      throw new IOException(e);
    }
    Preconditions.checkNotNull(edek);
    return edek;
  }

KeyProviderCryptoExtension.generateEncryptedKey


  public EncryptedKeyVersion generateEncryptedKey(String encryptionKeyName)
      throws IOException,
                                           GeneralSecurityException {
    return getExtension().generateEncryptedKey(encryptionKeyName);
  }

KMSClientProvider.generateEncryptedKey

@Override
  public EncryptedKeyVersion generateEncryptedKey(
      String encryptionKeyName) throws IOException, GeneralSecurityException {
    try {
      return encKeyVersionQueue.getNext(encryptionKeyName);
    } catch (ExecutionException e) {
      if (e.getCause() instanceof SocketTimeoutException) {
        throw (SocketTimeoutException)e.getCause();
      }
      throw new IOException(e);
    }
  }

encKeyVersionQueue

encKeyVersionQueue =
        new ValueQueue<KeyProviderCryptoExtension.EncryptedKeyVersion>(
            conf.getInt(
                CommonConfigurationKeysPublic.KMS_CLIENT_ENC_KEY_CACHE_SIZE,
                CommonConfigurationKeysPublic.
                    KMS_CLIENT_ENC_KEY_CACHE_SIZE_DEFAULT),
            conf.getFloat(
                CommonConfigurationKeysPublic.
                    KMS_CLIENT_ENC_KEY_CACHE_LOW_WATERMARK,
                CommonConfigurationKeysPublic.
                    KMS_CLIENT_ENC_KEY_CACHE_LOW_WATERMARK_DEFAULT),
            conf.getInt(
                CommonConfigurationKeysPublic.
                    KMS_CLIENT_ENC_KEY_CACHE_EXPIRY_MS,
                CommonConfigurationKeysPublic.
                    KMS_CLIENT_ENC_KEY_CACHE_EXPIRY_DEFAULT),
            conf.getInt(
                CommonConfigurationKeysPublic.
                    KMS_CLIENT_ENC_KEY_CACHE_NUM_REFILL_THREADS,
                CommonConfigurationKeysPublic.
                    KMS_CLIENT_ENC_KEY_CACHE_NUM_REFILL_THREADS_DEFAULT),
            new EncryptedQueueRefiller());
private class EncryptedQueueRefiller implements
    ValueQueue.QueueRefiller<EncryptedKeyVersion> {

    @Override
    public void fillQueueForKey(String keyName,
        Queue<EncryptedKeyVersion> keyQueue, int numEKVs) throws IOException {
      checkNotNull(keyName, "keyName");
      Map<String, String> params = new HashMap<String, String>();
      params.put(KMSRESTConstants.EEK_OP, KMSRESTConstants.EEK_GENERATE);
      params.put(KMSRESTConstants.EEK_NUM_KEYS, "" + numEKVs); //numEKVs = 150
      URL url = createURL(KMSRESTConstants.KEY_RESOURCE, keyName,
          KMSRESTConstants.EEK_SUB_RESOURCE, params);
          //http://localhost:16000/kms/v1/key/key1/_eek?num_keys=150&eek_op=generate
      HttpURLConnection conn = createConnection(url, HTTP_GET);
      conn.setRequestProperty(CONTENT_TYPE, APPLICATION_JSON_MIME);
      List response = call(conn, null,
          HttpURLConnection.HTTP_OK, List.class);
      List<EncryptedKeyVersion> ekvs =
          parseJSONEncKeyVersion(keyName, response);
      keyQueue.addAll(ekvs);
    }
  }

DFSClient

DFSOutputStream.newStreamForCreate


stat = dfsClient.namenode.create(src, masked, dfsClient.clientName,
              new EnumSetWritable<CreateFlag>(flag), createParent, replication,
              blockSize, SUPPORTED_CRYPTO_VERSIONS);
final DFSOutputStream result = DFSOutputStream.newStreamForCreate(this,
        src, masked, flag, createParent, replication, blockSize, progress,
        buffersize, dfsClientConf.createChecksum(checksumOpt),
        getFavoredNodesStr(favoredNodes));
private DFSOutputStream(DFSClient dfsClient, String src, Progressable progress,
      HdfsFileStatus stat, DataChecksum checksum) throws IOException {
    super(getChecksum4Compute(checksum, stat));
    this.dfsClient = dfsClient;
    this.src = src;
    this.fileId = stat.getFileId();
    this.blockSize = stat.getBlockSize();
    this.blockReplication = stat.getReplication();
   <bold> this.fileEncryptionInfo = stat.getFileEncryptionInfo();</bold>
    this.progress = progress;
    this.cachingStrategy = new AtomicReference<CachingStrategy>(
        dfsClient.getDefaultWriteCachingStrategy());
    if ((progress != null) && DFSClient.LOG.isDebugEnabled()) {
      DFSClient.LOG.debug(
          "Set non-null progress callback on DFSOutputStream " + src);
    }

    this.bytesPerChecksum = checksum.getBytesPerChecksum();
    if (bytesPerChecksum <= 0) {
      throw new HadoopIllegalArgumentException(
          "Invalid value: bytesPerChecksum = " + bytesPerChecksum + " <= 0");
    }
    if (blockSize % bytesPerChecksum != 0) {
      throw new HadoopIllegalArgumentException("Invalid values: "
          + DFSConfigKeys.DFS_BYTES_PER_CHECKSUM_KEY + " (=" + bytesPerChecksum
          + ") must divide block size (=" + blockSize + ").");
    }
    this.checksum4WriteBlock = checksum;

    this.dfsclientSlowLogThresholdMs =
      dfsClient.getConf().dfsclientSlowIoWarningThresholdMs;
    this.byteArrayManager = dfsClient.getClientContext().getByteArrayManager();
  }

DFSClient.append


  public HdfsDataOutputStream append(final String src, final int buffersize,
      EnumSet<CreateFlag> flag, final Progressable progress,
      final FileSystem.Statistics statistics,
      final InetSocketAddress[] favoredNodes) throws IOException {
    final DFSOutputStream out = append(src, buffersize, flag,
        getFavoredNodesStr(favoredNodes), progress);
    return createWrappedOutputStream(out, statistics, out.getInitialLen());
  }
public HdfsDataOutputStream createWrappedOutputStream(DFSOutputStream dfsos,
      FileSystem.Statistics statistics, long startPos) throws IOException {
    final FileEncryptionInfo feInfo = dfsos.getFileEncryptionInfo();
    if (feInfo != null) {
      // File is encrypted, wrap the stream in a crypto stream.
      // Currently only one version, so no special logic based on the version #
      getCryptoProtocolVersion(feInfo);
      final CryptoCodec codec = getCryptoCodec(conf, feInfo);
      KeyVersion decrypted = decryptEncryptedDataEncryptionKey(feInfo);
      final CryptoOutputStream cryptoOut =
          new CryptoOutputStream(dfsos, codec,
              decrypted.getMaterial(), feInfo.getIV(), startPos);
      return new HdfsDataOutputStream(cryptoOut, statistics, startPos);
    } else {
      // No FileEncryptionInfo present so no encryption.
      return new HdfsDataOutputStream(dfsos, statistics, startPos);
    }
  }
private static CryptoCodec getCryptoCodec(Configuration conf,
      FileEncryptionInfo feInfo) throws IOException {
    final CipherSuite suite = feInfo.getCipherSuite();
    if (suite.equals(CipherSuite.UNKNOWN)) {
      throw new IOException("NameNode specified unknown CipherSuite with ID "
          + suite.getUnknownValue() + ", cannot instantiate CryptoCodec.");
    }
    final CryptoCodec codec = CryptoCodec.getInstance(conf, suite);
    //org.apache.hadoop.crypto.JceAesCtrCryptoCodec

    return codec;
  }
 private KeyVersion decryptEncryptedDataEncryptionKey(FileEncryptionInfo
      feInfo) throws IOException {
    TraceScope scope = Trace.startSpan("decryptEDEK", traceSampler);
    try {
      KeyProvider provider = getKeyProvider();
      if (provider == null) {
        throw new IOException("No KeyProvider is configured, cannot access" +
            " an encrypted file");
      }
      EncryptedKeyVersion ekv = EncryptedKeyVersion.createForDecryption(
          feInfo.getKeyName(), feInfo.getEzKeyVersionName(), feInfo.getIV(),
          feInfo.getEncryptedDataEncryptionKey());
      try {
        KeyProviderCryptoExtension cryptoProvider = KeyProviderCryptoExtension
            .createKeyProviderCryptoExtension(provider);
        return cryptoProvider.decryptEncryptedKey(ekv);
      } catch (GeneralSecurityException e) {
        throw new IOException(e);
      }
    } finally {
      scope.close();
    }
  }
 public KeyVersion decryptEncryptedKey(
      EncryptedKeyVersion encryptedKeyVersion) throws IOException,
                                                      GeneralSecurityException {
    checkNotNull(encryptedKeyVersion.getEncryptionKeyVersionName(),
        "versionName");
    checkNotNull(encryptedKeyVersion.getEncryptedKeyIv(), "iv");
    Preconditions.checkArgument(
        encryptedKeyVersion.getEncryptedKeyVersion().getVersionName()
            .equals(KeyProviderCryptoExtension.EEK),
        "encryptedKey version name must be '%s', is '%s'",
        KeyProviderCryptoExtension.EEK,
        encryptedKeyVersion.getEncryptedKeyVersion().getVersionName()
    );
    checkNotNull(encryptedKeyVersion.getEncryptedKeyVersion(), "encryptedKey");
    Map<String, String> params = new HashMap<String, String>();
    params.put(KMSRESTConstants.EEK_OP, KMSRESTConstants.EEK_DECRYPT);
    Map<String, Object> jsonPayload = new HashMap<String, Object>();
    jsonPayload.put(KMSRESTConstants.NAME_FIELD,
        encryptedKeyVersion.getEncryptionKeyName());
       //"name" -> "key1"
    jsonPayload.put(KMSRESTConstants.IV_FIELD, Base64.encodeBase64String(
        encryptedKeyVersion.getEncryptedKeyIv()));
        //"iv" -> "pTed5nE5XCMHhPLFlXQDoQ=="
    jsonPayload.put(KMSRESTConstants.MATERIAL_FIELD, Base64.encodeBase64String(
            encryptedKeyVersion.getEncryptedKeyVersion().getMaterial()));
            //"material" -> "obbuPRMxATfe8Y17b8R1yg=="
    URL url = createURL(KMSRESTConstants.KEY_VERSION_RESOURCE,
        encryptedKeyVersion.getEncryptionKeyVersionName(),
        KMSRESTConstants.EEK_SUB_RESOURCE, params);
        // http://localhost:16000/kms/v1/keyversion/key1%400/_eek?eek_op=decrypt
    HttpURLConnection conn = createConnection(url, HTTP_POST);
    conn.setRequestProperty(CONTENT_TYPE, APPLICATION_JSON_MIME);
    Map response =
        call(conn, jsonPayload, HttpURLConnection.HTTP_OK, Map.class);
    return parseJSONKeyVersion(response);
    //key(EK)= ea bd b7 d1 94 09 7f c8 76 05 30 d2 9f ff e5 5b
  }
houzhizhen
关注
专栏目录
【grafana 】mac端grafana配置的文件 grafana.ini 及login
突围
08-04 320
grafana.ini
Chrome的启动参数
Criss@陈磊
02-23 4828
List of Chromium Command Line Switches Condition Explanation --[1]⊗ Classic, non-material, mode for the |kTopChromeMD| switch.↪ --0⊗ Value of the --profiler-timing flag that will disable timin...
探寻hdfs-audit log -1
qq_36108146的博客
02-22 1891
最近集群压力较大,为了缓解集群压力,开始分析hdfs-audit log。对于hdfs-audit 审计日志,我们先看一些常用命令; cmd 命令解释: getfileinfo mkdirs setAcl -- checkOperation(OperationCategory.WRITE); getAclStatus -- checkOperation(OperationCategor...
hadoop源码解析之hdfs写数据全流程分析---创建文件
公众号[大数据技术与应用实战],分享大数据实战案例
07-09 1898
概述 DFSClient创建文件 namenode创建文件 概述hdfs中写数据应该是hdfs中最复杂的业务之一了,hadoop中的每个文件由多个block组成,每个块又有多个备份,这些备份又放在了不同的机器上,所以新建文件的时候会向namenode申请block所在的机器。hdfs中每个block默认情况下是128M,由于每个块比较大,所以在写数据的过程中是把数据块拆分成一个个的数据包以管道的形式
hive 用户分享给其他用户的做法
蘑菇丁的专栏
01-10 1776
1.系统创建两个用户 [root@namenode01 ~]#adduser test [root@namenode01 ~]#kadmin.local -q "addprinc test" 2.用acl设置hive/warehourse里面数据库中的表做权限共享 [root@namenode01 ~]# hdfs dfs -getfacl /user/hive/warehouse/s
HDFS数据加密空间--Encryption zone
热门推荐
走在前往架构师的路上
05-15 1万+
前言之前写了许多关于数据迁移的文章,也衍生的介绍了很多HDFS中相关的工具和特性,比如DistCp,ViewFileSystem等等.但是今天本文所要讲的主题转移到了另外一个领域数据安全.数据安全一直是用户非常重视的一点,所以对于数据管理者,务必要做到以下原则:数据不丢失,不损坏,数据内容不能被非法查阅.本文所主要描述的方面就是上面原则中最后一点,保证数据不被非常查阅.在HDFS中,就有专门的功能来
记一次Spark ThriftServer Bug排查
Deegue
07-01 2522
问题描述 我们在用Spark ThriftServer(以下简称STS)用在查询平台时,遇到了以下报错: ERROR SparkExecuteStatementOperation: Error executing query, currentState RUNNING, org.apache.spark.sql.AnalysisException: org.apache.hadoop.hive.q...
Navicat Connecting to MySQL Database: A Comprehensive Guide to Connection Diagnostic Tools for Fast ...
# 1. Overview of Navicat Connection to MySQL Database ... This chapter will outline the principles and methods of connecting MySQL with Navicat, providing a comprehensive understanding for re
System Error Codes/系统错误代码
weixin_30666401的博客
08-10 4469
在windows上程序或脚本运行突然出现未知错误,没有错误信息只有一个code,怎样知道究竟是怎么回事呢?如果知道这个code的意思是多么重要的.这时错误代码(System Error Codes)可以帮上你的忙。 从MSDN 上找到关于如下信息(http://msdn.microsoft.com/en-us/library/ms681381.aspx),页面的build dat...
IBM DB2 SQL error code list
weixin_30426957的博客
08-25 2028
SQL return codes that are preceded by a minus sign (-) indicate that the SQL statement execution was unsuccessful. IBM DB2 SQL error code list 官方文档地址:https://www.ibm.com/support/knowledgecente...
HDFS源码解析之HDFS写数据流程(九)
百看不如一RUN
07-12 1671
1. 当我们向HDFS写文件会发生什么? 测试代码 /** * Copyright (c) 2019 leyou ALL Rights Reserved * Project: hadoop-main * Package: org.apache.hadoop * Version: 1.0 * * @author qingzhi.wu * @date 2020/7/6 20:05 */ public class TestHDFS { public static void main(S
探寻hdfs-audit log -2
qq_36108146的博客
02-22 843
从SQL层面上分析: insert 操作: 2019-02-18 18:14:35,396 INFO FSNamesystem.audit: allowed=true   ugi=hive (auth:SIMPLE)  ip=/ip.151        cmd=delete      src=/user/hive/.staging/job_1544610861281_0006      d...
MR解析hdfs操作日志文件示例
Gavin博客专栏
06-04 3040
针对如下样例文件:2016-04-03 22:53:19,912 INFO FSNamesystem.audit: allowed=true ugi=hdfs (auth:SIMPLE) ip=/192.168.0.4 cmd=getfileinfo src=/tmp dst=null perm=null proto=rpc 2016-04-03 22:53:26,141 IN
最近跑hadoop遇到的一些问题
weixin_33763244的博客
09-22 244
一、 [#|2013-09-16T18:19:02.663+0800|INFO|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=23364;_ThreadName=Thread-2;|2013-09-1618:19:02,663 WARN DataStreamerExc...
Hadoop KMS 使用
eyoulc123的博客
09-26 3749
Hadoop KMS配置以hdfs的单机环境为例说明搭建过程1. hdfs配置1) 下载hadoop 2.6以上的版本,解压之后,配置HADOOP_HOMEexport HADOOP_HOME=/root/hadoop-2.7.4 export PATH=${PATH}:${HADOOP_HOME}/bin 2) 配置core-site.xml与hdfs-site.xml core-site.x
修复pyhdfs无法获取hadoop文件的问题
天灵狐的小岛
05-30 3433
1.pyhdfs命令import pyhdfs fs=pyhdfs.HdfsClient(hosts="172.10.10.2") f=fs.open("/1.txt")2.报错Traceback (most recent call last): File "&lt;pyshell#2&gt;", line 1, in &lt;module&gt; f=fs.open("/test/1...
HDFS书笔记---5.2 文件读操作与输入流(5.2.2)---上
weixin_39935887的博客
11-22 830
5.2.2 读操作--DFSInputStream实现    HDFS目前实现的读操作有三个层次,分别是网络读、短路读(short circuit read)以及零拷贝(zero copy read),它们的读取效率一次递增。 网络读: 网络读是最基本的一种HDFS读,DFSClient和Datanode通过建立Socket连接传输数据。 短路读: 当DFSClient和保存目标数据块的...
Hadoop3.2.1 【 HDFS 】源码分析 : Standby Namenode解析
张伯毅的专栏
09-28 7418
一. 前言 在同一个HA HDFS集群中, 将会同时运行两个Namenode实例, 其中一个为Active Namenode,用于实时处理所有客户端请求; 另一个为Standby Namenode, StandbyNamenode的命名空间与ActiveNamenode是完全保持一致的。 所以当ActiveNamenode出现故障时, Standby Namenode可以立即切换成Active状态。 二.checkpoint操作 为了让Standby Namenode的命名空间与Active Na
Hadoop3.2.1 【 HDFS 】源码分析 : Secondary Namenode解析
张伯毅的专栏
09-28 7583
一. 前言 在非HA部署环境下, 合并FSImage操作是由Secondary Namenode来执行的。 Namenode会触发一次合并FSImage操作: ①超过了配置的检查点操作时长(dfs.namenode.checkpoint.period配置项配置,默认值: 1小时) ; ②从上一次检查点操作后, 发生的事务(transaction) 数超过了配置(dfs.namenode.checkpoint.txns配置项配置,默认值:100万) 。 二.流程说明 流程示意图: ...
1.What are the essential ingredients of a symmetric cipher?
最新发布
04-01
The essential ingredients of a symmetric cipher are: 1. Key: A secret key that is used to encrypt and decrypt the message. 2. Algorithm: A mathematical formula or process that is used to encrypt and decrypt the message. 3. Plaintext: The original message that is to be encrypted. 4. Ciphertext: The encrypted message that is produced by applying the algorithm to the plaintext using the key. 5. Encryption process: The process of converting the plaintext into ciphertext using the key and algorithm. 6. Decryption process: The process of converting the ciphertext back into plaintext using the key and algorithm. 7. Security: The ability of the cipher to prevent unauthorized access to the plaintext by ensuring that the key is kept secret and that the algorithm is strong enough to resist attacks.
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值