下载最新的稳定版zookeeper
/dyn//zookeeper/
进入zookeeper/conf将zoo_sample.cfg重命令为
修改 dataDir=/tmp/zookeeper到自定义位置
zookeeper/bin/ start 启动
zookeeper/bin/ 进入命令行
输入ls / 查看当前位置节点, 默认只有zookeeper节点
[zk: localhost:2181(CONNECTED) 0] ls /
[zookeeper]
创建pomelo的master节点,在命令行下输入
[zk: localhost:2181(CONNECTED) 1] create /pomelo pomelo
Created /pomleo
[zk: localhost:2181(CONNECTED) 2] create /pomelo/master pomelomaster
Created /pomleo/master
[zk: localhost:2181(CONNECTED) 3] ls /
[pomleo, zookeeper]
现在当master断开时,在启动master,提示
[2013-07-18 18:55:28.003] [WARN] console - on promote!
[2013-07-18 18:55:28.005] [INFO] /node_modules/pomelo/lib/master/ - server : "master-server-1" now is promoted to master!
有个小问题:我现在是断开master以后,以文档的第二种方式启动的节点, 但是我看文档时可以自动切换是如何实现?
默认zookeeper无权限认证功能, 修改些代码实现认证
zookeeper包括四个内置的scheme,包括world,auth,digest,ip,默认为world,权限相当于任何人可操作。我们现在要做的是加入一种认证方式,使用digest这种username:password方式比较适合我们。 但是zookeeper带的在设置Acl时,如果scheme为digest密码采用明文会有问题
经过研究发现digest的密码生成方式是Sha1摘要的base64形式,所以我们可以用其它语言生成密码摘要然后操作。
在cli下使用getAcl查看权限, 使用setAcl为/加权限,操作有权限的节点要先使用
[zk: localhost:2181(CONNECTED) 21] setAcl /pomelo digest:pomelo:zOL5mkauOP5kV9xnATsWSNNqEdw=:cdrwa
cZxid = 0x271
ctime = Thu Jul 18 18:54:57 CST 2013
mZxid = 0x271
mtime = Thu Jul 18 18:54:57 CST 2013
pZxid = 0x272
cversion = 1
dataVersion = 0
aclVersion = 1
ephemeralOwner = 0x0
dataLength = 6
numChildren = 1
[zk: localhost:2181(CONNECTED) 22] getAcl /pomelo
'digest,'pomelo:zOL5mkauOP5kV9xnATsWSNNqEdw=
: cdrwa
[zk: localhost:2181(CONNECTED) 23] getAcl /
'world,'anyone
: cdrwa
[zk: localhost:2181(CONNECTED) 25] ls /pomelo
Authentication is not valid : /pomelo
[zk: localhost:2181(CONNECTED) 26] addauth digest pomelo:pomelo
[zk: localhost:2181(CONNECTED) 27] ls /pomelo
[master]
[zk: localhost:2181(CONNECTED) 28]
修改pomelo 配置, 如果配置setACL: true在连接时会自动为path下的节点设置密码。如果要访问的节点原来有权限的话可以设置为setACL: false
('masterHA');
('masterHAConfig',
{
server : '127.0.0.1:2181',
path : '/pomelo/master',
setACL: true,
username : 'pomelo',
password : 'pomelo'
});
修改/pomelo/lib/master/
var logger = require('pomelo-logger').getLogger(__filename);
var crypto = require('crypto');
var zookeeperClient = null;
function getClient(app) {
if (!zookeeperClient) {
zookeeperClient = new Zookeeper(app);
}
return zookeeperClient;
}
function Zookeeper(app, opts) {
= app;
var config = ('masterHAConfig');
var timeout = || 5000;
= || '127.0.0.1:2181';
= || '/pomelo/master';
= || 'pomelo';
= || 'pomelo';
= ;
= + '/lock';
= + '/' + + '-';
= null;
= false;
= + ':' + ;
var shaDigest = ('sha1').update().digest('base64');
= [
new (
,
new ('digest', +':'+shaDigest)
)
];
= (, {sessionTimeout: timeout});
var self = this;
('connected', function () {
if() {
('digest', new Buffer());
(, , -1, function (error, stat) {
if (error) {
('Failed to set ACL: %s.', error);
return;
}
('ACL is set to: %j', );
});
}
watchNode(, , (self));
});
();
}
代码已提交到github上
相关文章
- zookeeper addauth
- Zookeeper集群选举机制
- zookeeper部署教程
- kafka 3.5 如何选择启用kraft还是ZooKeeper(选择哪个server实现,不涉及到server具体的初始化)
- Storm在zookeeper上的目录结构
- 架构设计 | 分布式系统调度,Zookeeper集群化管理
- zookeeper 分布式锁原理:
- zookeeper服务器主动断开与客户端的连接问题
- zookeeper 入坑二: Opening socket connection to server localhost/127.0.0.1:2181. Will not attempt to aut
- Dubbo,zookeeper,Spring Cloud,eureka