Zookeeper 常见问题FAQ
1.Zookeeper设置权限之坑
大家都知道,zookeeper创建节点默认的权限为:world:anyone:crdwa
设置权限时,当不小心设置成只读r,那么是不能删除的,不论是使用delete /demo1/d1
还是rmr /demo1
如:
create /demo1 d
create /demo1/d1 d1
setAcl /demo1 world:anyone:c
解决办法:
启用super超级管理员权限
1.使用DigestAuthenticationProvider.generateDigest(String)得到加密之后的信息:
1 public static void main(String[] args) throws NoSuchAlgorithmException { 2 String result = DigestAuthenticationProvider.generateDigest("super:123456"); 3 System.out.println("super:123456"+"加密之后:"+result); 4 }
如,输入super:123456得到super:BBO7K8dPkoek/JxIHqXxM75QRpI=
或者执行如下java命令:
java -Djava.ext.dirs=/mk/soft/zookeeper-3.4.10/lib -cp /mk/soft/zookeeper-3.4.10/zookeeper-3.4.10.jar org.apache.zookeeper.server.auth.DigestAuthenticationProvider super:123456
2.修改zkServer.sh或zkServer.cmd脚本
如果是zkServer.sh:找到
nohup $JAVA "-Dzookeeper.log.dir=${ZOO_LOG_DIR}" "-Dzookeeper.root.logger=${ZOO_LOG4J_PROP}"
在里面增加:
"-Dzookeeper.DigestAuthenticationProvider.superDigest=super:BBO7K8dPkoek/JxIHqXxM75QRpI="
修改以后的命令变为:
nohup $JAVA "-Dzookeeper.log.dir=${ZOO_LOG_DIR}" "-Dzookeeper.root.logger=${ZOO_LOG4J_PROP}" "-Dzookeeper.DigestAuthenticationProvider.superDigest=super:BBO7K8dPkoek/JxIHqXxM75QRpI="
-cp "$CLASSPATH" $JVMFLAGS $ZOOMAIN "$ZOOCFG" > "$_ZOO_DAEMON_OUT" 2>&1 < /dev/null &
如果是zkServer.cmd:找到
call %JAVA% "-Dzookeeper.log.dir=%ZOO_LOG_DIR%" "-Dzookeeper.root.logger=%ZOO_LOG4J_PROP%" -cp "%CLASSPATH%" %ZOOMAIN% "%ZOOCFG%" %*
在里面增加:
"-Dzookeeper.DigestAuthenticationProvider.superDigest= super:BBO7K8dPkoek/JxIHqXxM75QRpI="
修改以后的命令变为:
call %JAVA% "-Dzookeeper.log.dir=%ZOO_LOG_DIR%" "-Dzookeeper.root.logger=%ZOO_LOG4J_PROP%" "-Dzookeeper.DigestAuthenticationProvider.superDigest=super:BBO7K8dPkoek/JxIHqXxM75QRpI=" -cp "%CLASSPATH%" %ZOOMAIN% "%ZOOCFG%" %*
3.重新zk,使用super:123456登陆
addauth digest super:123456
4.再执行delete或rmr就成功了
