去集群机器上拷贝4个文件:
- core-site.xml (hadoop核心配置)
- hbase-site.xml (hbase配置)
- emr.keytab (kerberos密钥信息)
- krb5.conf (kerberos认证服务器信息)
java代码
import lombok.Data;
import lombok.extern.slf4j.Slf4j;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.client.Admin;
import org.apache.hadoop.hbase.client.Connection;
import org.apache.hadoop.hbase.client.ConnectionFactory;
import org.apache.hadoop.security.UserGroupInformation;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Lazy;
import java.io.IOException;
@ConfigurationProperties(prefix = "spring.hbase")
@Configuration
@Data
@Slf4j
public class HbaseConfiguration {
private String kerberosKeytab;
private String kerberosUserName;
private String kerberosConf;
private String coreSitePath;
private String hbaseSitePath;
public org.apache.hadoop.conf.Configuration configuration() throws IOException {
org.apache.hadoop.conf.Configuration conf = HBaseConfiguration.create();
System.setProperty("java.security.krb5.conf", kerberosConf);
System.setProperty("sun.security.krb5.debug", "true");
conf.set("hadoop.security.authentication", "kerberos");
conf.addResource(new Path(coreSitePath));
conf.addResource(new Path(hbaseSitePath));
UserGroupInformation.setConfiguration(conf);
UserGroupInformation.loginUserFromKeytab(kerberosUserName, kerberosKeytab);
return conf;
}
@Bean
@Lazy
public Admin admin() {
Admin admin = null;
try {
Connection connection = ConnectionFactory.createConnection(configuration());
admin = connection.getAdmin();
} catch (IOException e) {
log.error("hbase admin init error:".concat(e.getMessage()), e);
}
return admin;
}
}
配置文件
spring:
hbase:
kerberosKeytab: /home/kerberos/emr-test.keytab
kerberosUserName: hadoop/10.16.0.74@EMR-G2RIQ4HC
kerberosConf: /home/kerberos/krb5-test.conf
coreSitePath: /home/kerberos/core-site-test.xml
hbaseSitePath: /home/kerberos/hbase-site-test.xml
这里注意下,kerberosUserName属性里是hbase-site.xml里边的hbase.master.hostname与hbase.master.kerberos.principal组合起来的值,不要搞错
pom.xml配置,把resource目录下的kerberos文件移动到指定目录,方便在dockerfile文件操作打包镜像,不要直接使用resource下边的文件,程序很容易识别不到,避免出错,少踩坑
<build>
<finalName>${project.name}</finalName>
<resources>
<resource>
<directory>src/main/resources</directory>
<excludes>
<exclude>kerberos/</exclude>
</excludes>
<filtering>true</filtering>
</resource>
</resources>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<!--资源管理插件-->
<artifactId>maven-resources-plugin</artifactId>
<executions>
<execution>
<id>copy-resources</id>
<phase>package</phase>
<goals>
<goal>copy-resources</goal>
</goals>
<configuration>
<resources>
<resource>
<!--源文件目录-->
<directory>src/main/resources/kerberos</directory>
</resource>
</resources>
<!--输出的资源目录-->
<outputDirectory>${project.build.directory}/kerberos</outputDirectory>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
备注:有的人不喜欢用这种xml方式,喜欢用最简配置去搞,从xml里边获取部分参数,直接在代码里边写,这种也没有问题,缺点的话可能缺少某些配置需要重复去测试,浪费时间
601
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
