写在前面
ambari+hdp 安装集群的时候密码修改太简单,出于安全考虑,做各用户的密码修改。
1 mysql 用户管理表字段
CREATE TABLE `user` (
`Host` char(60) COLLATE utf8_bin NOT NULL DEFAULT '',
`User` char(32) COLLATE utf8_bin NOT NULL DEFAULT '',
`Select_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Insert_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Update_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Delete_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Create_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Drop_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Reload_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Shutdown_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Process_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`File_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Grant_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`References_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Index_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Alter_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Show_db_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Super_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Create_tmp_table_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Lock_tables_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Execute_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Repl_slave_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Repl_client_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Create_view_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Show_view_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Create_routine_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Alter_routine_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Create_user_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Event_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Trigger_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Create_tablespace_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`ssl_type` enum('','ANY','X509','SPECIFIED') CHARACTER SET utf8 NOT NULL DEFAULT '',
`ssl_cipher` blob NOT NULL,
`x509_issuer` blob NOT NULL,
`x509_subject` blob NOT NULL,
`max_questions` int(11) unsigned NOT NULL DEFAULT '0',
`max_updates` int(11) unsigned NOT NULL DEFAULT '0',
`max_connections` int(11) unsigned NOT NULL DEFAULT '0',
`max_user_connections` int(11) unsigned NOT NULL DEFAULT '0',
`plugin` char(64) COLLATE utf8_bin NOT NULL DEFAULT 'mysql_native_password',
`authentication_string` text COLLATE utf8_bin,
`password_expired` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`password_last_changed` timestamp NULL DEFAULT NULL,
`password_lifetime` smallint(5) unsigned DEFAULT NULL,
`account_locked` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
PRIMARY KEY (`Host`,`User`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='Users and global privileges'
2 root用户修改密码
mysql -uroot -p
use mysql;
update user set authentication_string='1VQK&Jp5z4' where user='root';
GRANT ALL PRIVILEGES ON *.* TO root@'localhost' IDENTIFIED BY '1VQK&Jp5z4';
GRANT ALL PRIVILEGES ON *.* TO root@'%' IDENTIFIED BY '1VQK&Jp5z4';
FLUSH PRIVILEGES;
exit;
3 hive 用户修改密码
USE mysql;
UPDATE USER SET authentication_string='VQK&Jp5zhive' WHERE USER='hive';
GRANT ALL PRIVILEGES ON *.* TO hive@'%' IDENTIFIED BY 'VQK&Jp5zhive';
FLUSH PRIVILEGES;
ambari可以测试连接如图:
4 azkaban用户修改密码
UPDATE USER SET authentication_string='VQK&Jp5zazkaban' WHERE USER='azkaban';
GRANT ALL PRIVILEGES ON *.* TO azkaban@'%' IDENTIFIED BY 'VQK&Jp5zazkaban';
GRANT ALL PRIVILEGES ON *.* TO azkaban@'localhost' IDENTIFIED BY 'VQK&Jp5zazkaban';
FLUSH PRIVILEGES;
注意:
修改azkaban每个节点的azkaban.properties文件里的密码。然后重启。重启注意事项请关注本人之前已发布的关于azkaban安装文档。
5 ambari用户修改密码
UPDATE USER SET authentication_string='VQK&Jp5zazkaban' WHERE USER='ambari';
GRANT ALL PRIVILEGES ON *.* TO ambari@'%' IDENTIFIED BY 'VQK&Jp5zambari';
GRANT ALL PRIVILEGES ON *.* TO ambari@'localhost' IDENTIFIED BY 'VQK&Jp5zambari';
FLUSH PRIVILEGES;
重启MySQL
service mysqld restart
重启ambari server
ambari-server restart
报错
Ambari database consistency check started...
Server PID at: /var/run/ambari-server/ambari-server.pid
Server out at: /var/log/ambari-server/ambari-server.out
Server log at: /var/log/ambari-server/ambari-server.log
tail -f /var/log/ambari-server/ambari-server.log
#显示映射ip mysql 无法连接
解决:
先改mysql里ambari用户的密码,然后改ambari-server配置密码
cd /etc/ambari-server/conf
[root@node104 conf]# ll
-rwxr-xr-x 1 root root 7424 Sep 8 11:19 ambari.properties
-rwxr-xr-x 1 root root 286 Sep 19 2018 krb5JAASLogin.conf
-rwxr-xr-x 1 root root 4871 Aug 10 2020 log4j.properties
-rwxr-xr-x 1 root root 2725 Sep 19 2018 metrics.properties
-rw-r----- 1 root root 18 Sep 8 11:19 password.dat
#修改ambari-server配置密码
vim password.dat
6 配置文件路径
1.Ambari安装Hive组件,配置文件在/etc/hive/
2.Ambari安装Hadoop组件在/etc/hadoop/
3.安装的组件的配置文件都是在/etc/中可以找到