集群外druid对接MRS kerberos集群
1. 环境准备
1) 已有元数据库如MySQL,且网络与部署druid节点互通。
2) 已有MRS开启kerberos集群,且网络与部署druid节点互通。
3) 参考https://support.huaweicloud.com/usermanual-mrs/mrs_01_0091.html下载客户端到部署druid节点。
2. 操作流程
(1) 登录https://druid.apache.org/downloads.html,选择相关druid版本下载,如0.19.0,并解压。
(2) 复制MRS集群/opt/client/KrbClient/kerberos/var/krb5kdc/krb5.conf和/opt/Bigdata/MRS_2.1.0/install/FusionInsight-Hive-3.1.0/hive-3.1.0/bin/HTTP.keytab到druid节点/etc目录下。
(3) 复制/opt/client/HDFS/hadoop/etc/hadoop中core-site.xml,hdfs-site.xml,mapred-site.xml,yarn-site.xml到apache-druid-0.19.0/conf/druid/single-server/micro-quickstart /_common。
(4) 修改apache-druid-0.19.0/conf/druid/single-server/micro-quickstart/_common/common.runtime.properties:
| druid.extensions.loadList=["druid-hdfs-storage", "druid-kerberos", "mysql-metadata-storage"] druid.hadoop.security.kerberos.principal=HTTP@node-masterxxx.COM (使用klist –kt /etc/HTTP.keytab中的HTTP HTTP@node-masterxxx.COM) druid.hadoop.security.kerberos.keytab=/etc/HTTP.keytab druid.host=<node_ip> # Zookeeper# druid.zk.service.host=<node_ip>:2181 druid.zk.paths.base=/druid # For MySQL (make sure to include the MySQL JDBC driver on the classpath): druid.metadata.storage.type=mysql druid.metadata.storage.connector.connectURI=jdbc:mysql://<node_ip>:3306/druid druid.metadata.storage.connector.user=root druid.metadata.storage.connector.password=xxxxxx # For HDFS: druid.storage.type=hdfs druid.storage.storageDirectory=/druid/segments |
(5) 复制MRS集群/opt/share/mysql-connector-java-5.1.47/mysql-connector-java-5.1.47.jar到apache-druid-0.19.0 /extensions/mysql-metadata-storage。
(6) 替换apache-druid-0.19.0/extensions/druid-hdfs-storage中jar包为MRS客户端/opt/client/HDFS/hadoop/share/hadoop中的jar包。
(7) 移除apache-druid-0.19.0/hadoop-dependencies/hadoop-client/2.8.5目录,创建apache-druid-0.19.0/hadoop-dependencies/hadoop-client/3.1.1目录,并复制/opt/client/HDFS/hadoop/share/hadoop中的jar包。
(8) 从https://github.com/apache/druid/releases下载druid源码,修改druid-druid-0.19.0\extensions-core\druid-kerberos\src\main\java\org\apache\druid\security\kerberos\DruidKerberosUtil.java:
| // GSS name for server // GSSName serverName = manager.createName("HTTP@" + server, GSSName.NT_HOSTBASED_SERVICE); String nameStr = "HTTP/node-masterxxx.COM"; GSSName serverName = manager.createName(nameStr, GSSName.NT_HOSTBASED_SERVICE); |
(9) 编译druid-kerberos模块,并替换节点上druid-kerberos-0.19.0.jar。
(10) 在MRS集群创建hdfs目录/druid,并设置权限允许HTTP用户读写。
(11) 执行source /opt/client/bigdata_env后,执行./apache-druid-0.19.0/bin/start-cluster-master-with-zk-server启动druid。
3. FAQ
druid启动失败
问题详情:druid客户端日志报错: 
MRS服务端日志报错:
问题根因:druid使用节点hostname拼接生成GSSName,该hostname不属于MRS集群,不受信任。
解决方案:修改druid-druid-0.19.0\extensions-core\druid-kerberos\src\main\java\org\apache
\druid\security\kerberos\DruidKerberosUtil.java:
| // GSS name for server // GSSName serverName = manager.createName("HTTP@" + server, GSSName.NT_HOSTBASED_SERVICE); String nameStr = "HTTP/node-masterxxx.COM"; GSSName serverName = manager.createName(nameStr, GSSName.NT_HOSTBASED_SERVICE); |
(也可修改为设置配置项,通过配置项配置)
- 点赞
- 收藏
- 关注作者
评论(0)