others linux服务器运维 django3 监控 k8s golang 数据库 大数据 前端 devops 理论基础 java oracle 运维日志

启用kerberos的hdp集群 hue 配置hbase

访问量:1596 创建时间:2020-09-21

修改hbase配置文件(未启用kerberos的集群不用配置)

增加以下内容,hbase/_HOST@_____xxx.com.cn替换为你的kerberos信息,可以手动配置也可以在ambari中配置Custom hbase-site

[root@name1 ~]# vim /etc/hbase/conf/hbase-site.xml
    <property>
      <name>hbase.thrift.keytab.file</name>
      <value>/etc/security/keytabs/hbase.service.keytab</value>
    </property>

    <property>
      <name>hbase.thrift.kerberos.principal</name>
      <value>hbase/_HOST@_____xxx.com.cn</value>
    </property>

启动hbase-thrift(因为我的9090端口被其他程序占用(可在hbase-site.xml文件中添加、修改:hbase.thrift.info.port ,默认值是9090;如果你的hbase master机器的端口没占用,可以省略--infoport 9096 -p 9097),指定内部端口9096(默认为9095),外部端口为9097(默认为9090))

[hbase@name1 ~]$ /usr/hdp/current/hbase-client/bin/hbase-daemon.sh start thrift --infoport 9096 -p 9097
[root@name1 ~]# netstat -tunlp | grep 9097
tcp6       0      0 :::9097                 :::*                    LISTEN      25340/java          
[root@name1 ~]# netstat -tunlp | grep 9096
tcp6       0      0 :::9096                 :::*                    LISTEN      25340/java

修改hue配置文件

[root@name1 hue-4.7.1]# vim desktop/conf/hue.ini
[hbase]
  # Comma-separated list of HBase Thrift servers for clusters in the format of '(name|host:port)'.
  # Use full hostname. If hbase.thrift.ssl.enabled in hbase-site is set to true, https will be used otherwise it will use http
  # If using Kerberos we assume GSSAPI SASL, not PLAIN.
  #hbase_clusters=(Cluster|172.16.96.105:9090),端口是默认9090,因为我的thrift启动在9097上.
  hbase_clusters=(Cluster|172.16.96.105:9097)

  # HBase configuration directory, where hbase-site.xml is located.
  hbase_conf_dir=/etc/hbase/conf

  # Hard limit of rows or columns per row fetched before truncating.
  ## truncate_limit = 500

  # Should come from hbase-site.xml, do not set. 'framed' is used to chunk up responses, used with the nonblocking server in Thrift but is not supported in Hue.
  # 'buffered' used to be the default of the HBase Thrift Server. Default is buffered when not set in hbase-site.xml.
  # thrift_transport=buffered

  # Choose whether Hue should validate certificates received from the server.
  ## ssl_cert_ca_verify=true

在ambari中配置hbase一下参数,并重启集群。

    <property>
      <name>hadoop.proxyuser.hbase.groups</name>
      <value>*</value>
    </property>

    <property>
      <name>hadoop.proxyuser.hbase.hosts</name>
      <value>*</value>
    </property>

    <property>
      <name>hbase.regionserver.thrift.compact</name>
      <value>false</value>
    </property>

    <property>
      <name>hbase.regionserver.thrift.framed</name>
      <value>false</value>
    </property>

    <property>
      <name>hbase.regionserver.thrift.http</name>
      <value>true</value>
    </property>

    <property>
      <name>hbase.thrift.support.proxyuser</name>
      <value>true</value>
    </property>

    <property>
      <name>hbase.thrift.kerberos.principal</name>
      <value>hbase/_HOST@aaaaaaaaaxxxccc.com.cn</value>
    </property>

    <property>
      <name>hbase.thrift.keytab.file</name>
      <value>/etc/security/keytabs/hbase.service.keytab</value>
    </property>

重启hbase集群和hue

最后登陆hue(创建hue中的hbase用户)查看:

<< 上一章节
登陆评论: 使用GITHUB登陆