上一篇简单记录了springboot+Kerberos认证+连接hadoop+hive
地址:
https://blog.csdn.net/u011165335/article/details/108344732
这次记录一下java如何连接Hbase;
查看用户列表:cat /etc/passwd
注意:谁认证,那么当前的用户就是谁
比如,你用appuser.keytab认证,那么当前hbase用户就是appuser
你用hbase.keytab认证,那么当前hbase用户就是hbase
所以要注意用谁来认证;
注意登录用户为hbase的数据库用户;
1.配置
##Kerberos认证配置##
dmp.Kerberos.flag=true
dmp.keytab.userpath=D:/keyTab/appuser.keytab
dmp.keytab.hbasepath=D:/keyTab/hbase.keytab
dmp.krb5.path=src/main/resources/krb5-test.conf
####Hbase#########
hbase.zookeeper.quorum=xx.cntaiping.com,xx.cntaiping.com,xx.cntaiping.com,xx.cntaiping.com,xx.cntaiping.com
hbase.zookeeper.property.clientPort: 2181
zookeeper.znode.parent: /hbase
hbase.master=whtpicdmapp01.cntaiping.com:16000
2.代码
参数的配置:参考hbase-site.xml配置文件就可以了
/**
* 返回是否登录成功 hbase
*
* @param conf
* @return
* @throws IOException
*/
@Value("${dmp.Kerberos.flag}")
private boolean kerberosFlag;
@Value("${dmp.keytab.userpath}")
private String userpath;
@Value("${dmp.keytab.hbasepath}")
private String hbasepath;
@Value("${dmp.krb5.path}")
private String krb5Path;
public boolean KerberosHbase(org.apache.hadoop.conf.Configuration conf) {
//Kerberos认证
if (conf == null) {
conf = HBaseConfiguration.create();
}
try {
if (kerberosFlag) {
//System.setProperty("sun.security.krb5.debug", "true");
System.setProperty("java.security.krb5.conf", krb5Path);
conf.set("hadoop.security.authentication", "Kerberos");
conf.set("hbase.security.authentication", "kerberos");
// 这个hbase.keytab也是从远程服务器上copy下来
// 这个可以理解成用户名信息,也就是Principal,下面3个配置缺一不可,从hbase-site.xml中获取
conf.set("kerberos.principal", "hbase/_HOST@CNTAIPING.COM");
conf.set("hbase.master.kerberos.principal", "hbase/_HOST@CNTAIPING.COM");
conf.set("hbase.regionserver.kerberos.principal", "hbase/_HOST@CNTAIPING.COM");
UserGroupInformation.setConfiguration(conf);
//该用户为hbase的数据库用户
UserGroupInformation.loginUserFromKeytab("hbase", hbasepath);
logger.info("hbase认证成功-----------");
}
} catch (IOException e) {
logger.error("认证失败->", e);
e.printStackTrace();
}
return kerberosFlag;
}
因为加了开关,所以把认证的部分单独作为了一个方法
下面是调用: Kerberoslogin.KerberosHbase就是上面的KerberosHbase方法
package com.cntaiping.tpi.dmp.config;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.client.Connection;
import org.apache.hadoop.hbase.client.ConnectionFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.io.IOException;
@Configuration
public class HBaseConfig {
@Value("${hbase.zookeeper.quorum}")
private String zookeeperQuorum;
@Value("${hbase.zookeeper.property.clientPort}")
private String clientPort;
@Value("${zookeeper.znode.parent}")
private String znodeParent;
@Value("${hbase.master}")
private String hbaseMaster;
@Autowired
Kerberoslogin Kerberoslogin;
@Bean
public Connection connection() throws IOException {
//String os = System.getProperty("os.name");
//if(os.toLowerCase().startsWith("win")){
// System.setProperty("hadoop.home.dir", "C:\\hadoop");
//}
org.apache.hadoop.conf.Configuration conf = HBaseConfiguration.create();
conf.set("hbase.zookeeper.quorum", zookeeperQuorum);
conf.set("hbase.zookeeper.property.clientPort", clientPort);
conf.set("zookeeper.znode.parent", znodeParent);
conf.set("hbase.master", hbaseMaster);
Kerberoslogin.KerberosHbase(conf);
Connection connection = ConnectionFactory.createConnection(conf);
return connection;
}
}
参考:
https://www.jianshu.com/p/fb9ff42170ad
6427
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
