我需要安排与安全hbase交互的oozie Java操作,因此我需要为Java操作提供hbase凭据。我使用的是安全的hortonworks 2.2环境,我的工作流XML如下所示
<workflow-app xmlns="uri:oozie:workflow:0.4" name="solr-wf">
<credentials>
<credential name="hbase" type="hbase">
</credential>
</credentials>
<start to="java-node"/>
<action name="java-node" cred="hbase">
<java>
<job-tracker>${jobTracker}</job-tracker>
<name-node>${nameNode}</name-node>
<main-class>com.test.hbase.TestHBaseSecure</main-class>
<arg>${arg1}</arg>
</java>
<ok to="end"/>
<error to="fail"/>
</action>
<kill name="fail">
<message>Java failed, error message[${wf:errorMessage(wf:lastErrorNode())}]</message>
</kill>
<end name="end"/>
</workflow-app>
我还修改了oozie属性以包含HbaseCredentials Class
oozie.credentials.credentialclasses=hcat=org.apache.oozie.action.hadoop.HCatCredentials,hbase=org.apache.oozie.action.hadoop.HbaseCredentials
但是我无法运行它抛出错误的工作,下面是stacktrace
java.lang.NoClassDefFoundError: org/apache/hadoop/hbase/HBaseConfiguration
at org.apache.oozie.action.hadoop.HbaseCredentials.copyHbaseConfToJobConf(HbaseCredentials.java:60)
at org.apache.oozie.action.hadoop.HbaseCredentials.addtoJobConf(HbaseCredentials.java:49)
at org.apache.oozie.action.hadoop.JavaActionExecutor.setCredentialTokens(JavaActionExecutor.java:1054)
at org.apache.oozie.action.hadoop.JavaActionExecutor.submitLauncher(JavaActionExecutor.java:913)
at org.apache.oozie.action.hadoop.JavaActionExecutor.start(JavaActionExecutor.java:1135)
at org.apache.oozie.command.wf.ActionStartXCommand.execute(ActionStartXCommand.java:228)
at org.apache.oozie.command.wf.ActionStartXCommand.execute(ActionStartXCommand.java:63)
at org.apache.oozie.command.XCommand.call(XCommand.java:281)
at org.apache.oozie.service.CallableQueueService$CompositeCallable.call(CallableQueueService.java:323)
at org.apache.oozie.service.CallableQueueService$CompositeCallable.call(CallableQueueService.java:252)
at org.apache.oozie.service.CallableQueueService$CallableWrapper.run(CallableQueueService.java:174)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
其他工作运行良好,它只是hbase交互失败的工作。我已经在我的lib目录中包含了所有的hbase jar,我无法弄清楚这个问题。
更新了workflow.xml:
<workflow-app xmlns="uri:oozie:workflow:0.4" name="${appName}">
<credentials>
<credential name="hbase-cred" type="hbase">
<property>
<name>hbase.master.kerberos.principal</name>
<value>hbase/_HOST@ABC.COM</value>
</property>
<property>
<name>hbase.master.keytab.file</name>
<value>/etc/security/keytabs/hbase.service.keytab</value>
</property>
<property>
<name>hbase.regionserver.kerberos.principal</name>
<value>hbase/_HOST@ABC.COM</value>
</property>
<property>
<name>hbase.regionserver.keytab.file</name>
<value>/etc/security/keytabs/hbase.service.keytab</value>
</property>
<property>
<name>hbase.security.authentication</name>
<value>kerberos</value>
</property>
<property>
<name>hbase.zookeeper.quorum</name>
<value>dev1-dn2,dev1-dn3,dev1-dn1</value>
</property>
<property>
<name>zookeeper.znode.parent</name>
<value>/hbase-secure</value>
</property>
</credential>
</credentials>
<start to="java-node" />
<action name="java-node" cred='hbase-cred'>
<java>
<job-tracker>${jobTracker}</job-tracker>
<name-node>${nameNode}</name-node>
<main-class>com.test.hbase.TestHBaseSecure</main-class>
</java>
<ok to="end" />
<error to="fail" />
</action>
<kill name="fail">
<message>Java failed, error message[${wf:errorMessage(wf:lastErrorNode())}]</message>
</kill>
<end name="end" />
</workflow-app>
答案 0 :(得分:5)
在HDP2.2.8上测试该溶液:
复制到以下jars的/usr/hdp/current/oozie-server/oozie-server/webapps/oozie/WEB-INF/lib:
重启Oozie服务器。
答案 1 :(得分:2)
这些“凭据”由 Oozie服务管理,而不是由您的工作管理。
所以,如果HortonWorks在包装发行版方面做得不错......
hbase-common-*-hadoop2.jar将部署在
安装/usr/hdp/current/oozie-client/libserver/ 我们的Prod群集上安装的HDP2.2.4并非如此。 Arghh。 那该死的东西在该死的释放中被打破了。您必须自己管理Kerberos票证,从HDFS下载密钥表<file>并在实际连接到HBase之前创建TGT。我们去过那里。
请查看that post,了解有关如何完成的一些见解。