zk节点
一、zk节点属性解释
节点属性 | 解释 |
---|---|
cZxid | 创建节点的事务ID |
ctime | 节点的创建时间 |
mZxid | 最后一次节点修改时的事务ID |
mtime | 节点最后一次修改时的时间 |
pZxid | 数据子节点最后一次被修改时的事务ID |
cversion | 子节点的数据版本号 |
dataVersion | 当前节点的数据版本号 |
aclVersion | acl权限控制版本号 |
ephemeralOwner | ephemeralOwner是0时表示是持久化节点,如果是临时节点该值是一个sessionID. |
ephemeralOwner | 节点数据长度 |
numChildren | 子节点的个数 |
二、 create path 数据 创建一个持久化点
create /dd "data"
get path [watch]获取一个节点的数据加属性 [watch] 带上watch 表示注册此节点,
get /dd “cpdd”
[zk: localhost:2181(CONNECTED) 8] get /dd
cpdd
cZxid = 0x8
ctime = Sat May 01 15:52:12 CST 2021
mZxid = 0x9
mtime = Sat May 01 15:53:01 CST 2021
pZxid = 0x8
cversion = 0
dataVersion = 1
aclVersion = 0
ephemeralOwner = 0x0
dataLength = 4
numChildren = 0
三、 set path data [version] 修改节点 数据
[version] 可选 修改对应版本号的数据
set /dd "富婆dd"
[zk: localhost:2181(CONNECTED) 9] set /dd "富婆dd"
cZxid = 0x8
ctime = Sat May 01 15:52:12 CST 2021
mZxid = 0xa
mtime = Sat May 01 15:54:55 CST 2021
pZxid = 0x8
cversion = 0
dataVersion = 2
aclVersion = 0
ephemeralOwner = 0x0
dataLength = 8
numChildren = 0
四、 stat path [watch] 查看节点属性 带上watch 表示注册此节点,他与get的区别在于get 能拿到节点的数据
[zk: localhost:2181(CONNECTED) 1] stat /dd
cZxid = 0x8
ctime = Sat May 01 15:52:12 CST 2021
mZxid = 0xa
mtime = Sat May 01 15:54:55 CST 2021
pZxid = 0x8
cversion = 0
dataVersion = 2
aclVersion = 0
ephemeralOwner = 0x0
dataLength = 8
numChildren = 0
五、 ls path [watch] 查看子节点 watch注册监听子节点
[zk: localhost:2181(CONNECTED) 11] ls /dd
[cpdd, mmdd]
六、 ls2 path [watch] 查看子节点 watch注册监听子节点且包含属性
[zk: localhost:2181(CONNECTED) 12] ls2 /dd
[cpdd, mmdd]
cZxid = 0x8
ctime = Sat May 01 15:52:12 CST 2021
mZxid = 0xa
mtime = Sat May 01 15:54:55 CST 2021
pZxid = 0xf
cversion = 2
dataVersion = 2
aclVersion = 0
ephemeralOwner = 0x0
dataLength = 8
numChildren = 2
七、 Acl 节点权限控制
1 、getAcl path 查看节点权限
[zk: localhost:2181(CONNECTED) 3] getAcl /dd/cpdd
'world,'anyone
: cdrwa
权限解释cdrwa含义 | |
---|---|
c | 创建权限 |
d | 删除权限 |
r | 读权限 |
w | 写权限 |
a | Acl控制权限 |
2 、 设置acl权限
world授权模式式 设置允许任何人访问
setAcl /dd word:any:cdrwa
[zk: localhost:2181(CONNECTED) 4] setAcl /dd/cpdd world:anyone:crwa
cZxid = 0xe
ctime = Sat May 01 16:20:11 CST 2021
mZxid = 0xe
mtime = Sat May 01 16:20:11 CST 2021
pZxid = 0xe
cversion = 0
dataVersion = 0
aclVersion = 2
ephemeralOwner = 0x0
dataLength = 4
numChildren = 0
[zk: localhost:2181(CONNECTED) 5] getAcl /dd/cpdd
'world,'anyone
: crwa
[zk: localhost:2181(CONNECTED) 6]
ip授权模式
#授权一个ip地址的权限
[zk: localhost:2181(CONNECTED) 7] setAcl /dd/cpdd ip:81.69.23.250:cdrwa
cZxid = 0xe
ctime = Sat May 01 16:20:11 CST 2021
mZxid = 0xe
mtime = Sat May 01 16:20:11 CST 2021
pZxid = 0xe
cversion = 0
dataVersion = 0
aclVersion = 3
ephemeralOwner = 0x0
dataLength = 4
numChildren = 0
#授权一个ip地址的权限
setAcl /dd/cpdd ip:81.69.23.250:cdrwa,ip:81.69.23.230:cdrwa
auth授权模式
[zk: localhost:2181(CONNECTED) 14] setAcl /mm auth:ys:cdrwa
cZxid = 0x23
ctime = Sat May 01 19:00:39 CST 2021
mZxid = 0x23
mtime = Sat May 01 19:00:39 CST 2021
pZxid = 0x23
cversion = 0
dataVersion = 0
aclVersion = 1
ephemeralOwner = 0x0
dataLength = 4
numChildren = 0
#用zookeeper用户去读已经没有权限了
[zk: localhost:2181(CONNECTED) 0] getAcl /mm
Authentication is not valid : /mm
#用ys用户去读此时是可以的
[zk: localhost:2181(CONNECTED) 1] addauth digest ys:ys
[zk: localhost:2181(CONNECTED) 2] getAcl /mm
'digest,'ys:0x70Hxo+Ws5F7bcqAC0uGu4fP/M=
: cdrwa
digest授权模式
与auth 的区别在于digest 不用先进行授权用户的添加
#直接将密码转义的密文带上进行授权
setAcl /mm digest:ys:sdasdwwa21ewdsadasdSdsd=:cdrwa