hadoop生态搭建(3节点)-08.kafka配置
如果之前没有安装jdk和zookeeper,安装了的请直接跳过
# https://www.oracle.com/technetwork/java/javase/downloads/java-archive-javase8-2177648.html
# ==================================================================安装 jdk
mkdir -p /usr/java tar -zxvf ~/jdk-8u111-linux-x64.tar.gz -C /usr/java rm -r ~/jdk-8u111-linux-x64.tar.gz
# http://archive.apache.org/dist/zookeeper/
# ==================================================================安装 zookeeper
# zookeeper集群搭建要至少3台服务器,服务器都要部署zookeeper
tar -zxvf ~/zookeeper-3.4.12.tar.gz -C /usr/local rm -r ~/zookeeper-3.4.12.tar.gz
# https://www.scala-lang.org/download/2.12.4.html
# ==================================================================安装 scala
tar -zxvf ~/scala-2.12.4.tgz -C /usr/local rm –r ~/scala-2.12.4.tgz
# http://archive.apache.org/dist/kafka/0.10.2.1/
# ==================================================================安装 kafka
tar -zxvf ~/kafka_2.12-0.10.2.1.tgz -C /usr/local rm –r ~/kafka_2.12-0.10.2.1.tgz
# 环境变量
# ==================================================================node1 node2 node3
vi /etc/profile # 在export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE HISTCONTROL下添加 export JAVA_HOME=/usr/java/jdk1.8.0_111 export ZOOKEEPER_HOME=/usr/local/zookeeper-3.4.12 export HADOOP_HOME=/usr/local/hadoop/hadoop-2.7.6 export MYSQL_HOME=/usr/local/mysql export HBASE_HOME=/usr/local/hbase-1.2.4 export HIVE_HOME=/usr/local/hive-2.1.1 export SCALA_HOME=/usr/local/scala-2.12.4 export KAFKA_HOME=/usr/local/kafka_2.12-0.10.2.1 export PATH=$PATH:$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$ZOOKEEPER_HOME/bin:$HADOOP_HOME/bin:$HADOOP_HOME/sbin:$MYSQL_HOME/bin:$HBASE_HOME/bin:$HIVE_HOME/bin:$SCALA_HOME/bin:$KAFKA_HOME/bin export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar export HADOOP_INSTALL=$HADOOP_HOME export HADOOP_MAPRED_HOME=$HADOOP_HOME export HADOOP_COMMON_HOME=$HADOOP_HOME export HADOOP_HDFS_HOME=$HADOOP_HOME export YARN_HOME=$HADOOP_HOME export HADOOP_COMMON_LIB_NATIVE_DIR=$HADOOP_HOME/lib/native
# ==================================================================node1
# 使环境变量生效 source /etc/profile # 查看配置结果 echo $KAFKA_HOME
# ==================================================================node2 node3
mkdir -p /usr/java
# ==================================================================node1
# jdk
# zookeeper
# https://www.cnblogs.com/zcf5522/p/9753539.html
# scala scp -r $SCALA_HOME node2:/usr/local/ scp -r $SCALA_HOME node3:/usr/local/ # ==================================================================配置 kafka mkdir $KAFKA_HOME/logs # 配置 kafka server.properties vi $KAFKA_HOME/config/server.properties broker.id=1 delete.topic.enable=true auto.create.topics.enable=true listeners=PLAINTEXT://node1:9092 #listeners=SASL_PLAINTEXT://node1:9092 log.dirs=/usr/local/kafka_2.12-0.10.2.1/logs zookeeper.connect=node1:2181,node2:2181,node3:2181/kafka # 配置ACL入口类 #authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer # 本例使用SASL_PLAINTEXT #security.inter.broker.protocol=SASL_PLAINTEXT #sasl.mechanism.inter.broker.protocol=PLAIN #sasl.enabled.mechanisms=PLAIN # 设置本例中admin为超级用户 #super.users=User:admin;User:kafka scp -r $KAFKA_HOME node2:/usr/local/ scp -r $KAFKA_HOME node3:/usr/local/
# ==================================================================node2 node3
# 使环境变量生效 source /etc/profile # 查看配置结果 echo $KAFKA_HOME
# ==================================================================node2
vi $KAFKA_HOME/config/server.properties broker.id=2 listeners=PLAINTEXT://node2:9092 #listeners=SASL_PLAINTEXT://node2:9092
# ==================================================================node3
vi $KAFKA_HOME/config/server.properties broker.id=3 listeners=PLAINTEXT://node3:9092 #listeners=SASL_PLAINTEXT://node3:9092
# kafka集群启动
# ==================================================================node1 node2 node3 # 启动zookeeper zkServer.sh start zkServer.sh status # zkServer.sh stop # ==================================================================node1 # 需要手动在ZooKeeper中创建路径/kafka,使用如下命令连接到任意一台ZooKeeper服务器 zkCli.sh create /kafka '' # ==================================================================node1 node2 node3 # 启动 kafka kafka-server-start.sh -daemon $KAFKA_HOME/config/server.properties # kafka-server-start.sh $KAFKA_HOME/config/server.properties & # 验证启动进程 jps # ==================================================================kafka集群测试1 # kafka-topics.sh --delete --zookeeper node1:2181,node2:2181,node3:2181/kafka --topic clustertopic1 # 创建topic kafka-topics.sh --create --zookeeper node1:2181,node2:2181,node3:2181/kafka --replication-factor 3 --partitions 1 --topic clustertopic1 # 查看topic列表 kafka-topics.sh --list --zookeeper node1:2181,node2:2181,node3:2181/kafka # 查询topic状态 kafka-topics.sh --describe --zookeeper node1:2181,node2:2181,node3:2181/kafka --topic clustertopic1 # 生产消息 kafka-console-producer.sh --broker-list node1:9092,node2:9092,node3:9092 --topic clustertopic1 > This is a message > This is another message # 消费消息 kafka-console-consumer.sh --bootstrap-server node1:9092,node2:9092,node3:9092 --from-beginning --topic clustertopic1 # 停止 kafka-server-stop.sh zkServer.sh stop # ==================================================================kafka集群测试2 # kafka-topics.sh --delete --zookeeper node1:2181,node2:2181,node3:2181/kafka --topic clustertopic2 # 创建topic kafka-topics.sh --create --zookeeper node1:2181,node2:2181,node3:2181/kafka --replication-factor 3 --partitions 3 --topic clustertopic2 # 查看topic列表 kafka-topics.sh --list --zookeeper node1:2181/kafka # 查询topic状态 kafka-topics.sh --describe --zookeeper node1:2181,node2:2181,node3:2181/kafka --topic clustertopic2 # 生产消息 在一台服务器上创建一个生产者 kafka-console-producer.sh --broker-list node1:9092,node2:9092,node3:9092 --topic clustertopic2 > This is a message > This is another message # 消费消息,在另外一个节点启动消费进程 kafka-console-consumer.sh --bootstrap-server node1:9092,node2:9092,node3:9092 --from-beginning --topic clustertopic2 # 停止 kafka-server-stop.sh zkServer.sh stop shutdown -h now # 快照 kafka
# 以下配置可以暂时不用配置
# ==================================================================使用 SASL/PLAIN 认证
# ==================================================================node1
# 配置kafka server端(每个broker)
vi $KAFKA_HOME/config/server.properties
broker.id=1
delete.topic.enable=true
auto.create.topics.enable=true
#listeners=PLAINTEXT://node1:9092
listeners=SASL_PLAINTEXT://node1:9092
log.dirs=/usr/local/kafka_2.12-0.10.2.1/logs
zookeeper.connect=node1:2181,node2:2181,node3:2181/kafka
# SASL机制
security.inter.broker.protocol=SASL_PLAINTEXT
sasl.mechanism.inter.broker.protocol=PLAIN
sasl.enabled.mechanisms=PLAIN
# 完成身份验证的类
authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer
# 如果没有找到ACL(访问控制列表)配置,则允许任何操作。
allow.everyone.if.no.acl.found=true
# 设置admin为超级用户
super.users=User:admin;User:kafka
# ==================================================================node2
vi $KAFKA_HOME/config/server.properties
broker.id=2
delete.topic.enable=true
auto.create.topics.enable=true
#listeners=PLAINTEXT://node2:9092
listeners=SASL_PLAINTEXT://node2:9092
log.dirs=/usr/local/kafka_2.12-0.10.2.1/logs
zookeeper.connect=node1:2181,node2:2181,node3:2181/kafka
# SASL机制
security.inter.broker.protocol=SASL_PLAINTEXT
sasl.mechanism.inter.broker.protocol=PLAIN
sasl.enabled.mechanisms=PLAIN
# 完成身份验证的类
authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer
# 如果没有找到ACL(访问控制列表)配置,则允许任何操作。
allow.everyone.if.no.acl.found=true
# 设置admin为超级用户
super.users=User:admin;User:kafka
# ==================================================================node3
vi $KAFKA_HOME/config/server.properties
broker.id=3
delete.topic.enable=true
auto.create.topics.enable=true
#listeners=PLAINTEXT://node3:9092
listeners=SASL_PLAINTEXT://node3:9092
log.dirs=/usr/local/kafka_2.12-0.10.2.1/logs
zookeeper.connect=node1:2181,node2:2181,node3:2181/kafka
# SASL机制
security.inter.broker.protocol=SASL_PLAINTEXT
sasl.mechanism.inter.broker.protocol=PLAIN
sasl.enabled.mechanisms=PLAIN
# 完成身份验证的类
authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer
# 如果没有找到ACL(访问控制列表)配置,则允许任何操作。
allow.everyone.if.no.acl.found=true
# 设置admin为超级用户
super.users=User:admin;User:kafka
# ==================================================================node1
# user_userName必须配置admin用户
vi $KAFKA_HOME/config/kafka_server_jaas.conf
KafkaServer {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="admin"
password="Admin*123456"
user_admin="Admin*123456"
user_kafka="Kafka*123456"
user_producer="Producer*123456"
user_consumer="Consumer*123456";
};
# 这个配置定义了3个用户(kafka、producer和consumer)。在KafkaServer部分,username和password是broker用于初始化连接到其他的broker,
# 在这个例子中,kafka用户为broker间的通讯,useruserName定义了所有连接到broker和broker验证的所有的客户端连接包括其他broker的用户密码。
# useruserName必须配置admin用户,否则报错(useruserName必须配置kafka用户未验证)
# JAAS文件作为每个broker的jvm参数,在kafka-server-start.sh脚本中增加如下配置
vi $KAFKA_HOME/bin/kafka-server-start.sh
if [ "x$KAFKA_OPTS" = "x" ]; then
export KAFKA_OPTS="-Djava.security.auth.login.config=/usr/local/kafka_2.12-0.10.2.1/config/kafka_server_jaas.conf"
fi
# 配置kafka client端 PLAIN机制下kafka生产者/消费者如何生产/消费
# kafka_client_jaas 可以分别建立不同如 producer_jaas.conf 和 consumer_jaas.conf
vi $KAFKA_HOME/config/kafka_client_jaas.conf
KafkaClient {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="kafka"
password="Kafka*123456";
};
# vi $KAFKA_HOME/config/producer_jaas.conf
#KafkaClient {
# org.apache.kafka.common.security.plain.PlainLoginModule required
# username="producer"
# password="Producer*123456";
#};
#vi $KAFKA_HOME/config/consumer_jaas.conf
#KafkaClient {
# org.apache.kafka.common.security.plain.PlainLoginModule required
# username="consumer"
# password="Consumer*123456";
#};
# KafkaClient部分,username和password是客户端用来配置客户端连接broker的用户,在这个例子中,客户端使用kafka 用户连接到broker。
# 修改 producer 和 consumer 的配置文件(配置注意空格不然报错)
vi $KAFKA_HOME/config/producer.properties
security.protocol=SASL_PLAINTEXT
sasl.mechanism=PLAIN
vi $KAFKA_HOME/config/consumer.properties
security.protocol=SASL_PLAINTEXT
sasl.mechanism=PLAIN
# 在启动 producer 和 consumer 时,分别添加jvm参数
vi $KAFKA_HOME/bin/kafka-console-consumer.sh
if [ "x$KAFKA_OPTS" = "x" ]; then
export KAFKA_OPTS="-Djava.security.auth.login.config=/usr/local/kafka_2.12-0.10.2.1/config/kafka_client_jaas.conf"
fi
vi $KAFKA_HOME/bin/kafka-console-producer.sh
if [ "x$KAFKA_OPTS" = "x" ]; then
export KAFKA_OPTS="-Djava.security.auth.login.config=/usr/local/kafka_2.12-0.10.2.1/config/kafka_client_jaas.conf"
fi
# 在启动 producer 和 consumer 时,分别添加jvm参数
#vi $KAFKA_HOME/bin/kafka-console-producer.sh
#if [ "x$KAFKA_OPTS" = "x" ]; then
# export KAFKA_OPTS="-Djava.security.auth.login.config=/usr/local/kafka_2.12-0.10.2.1/config/producer_jaas.conf"
#fi
#vi $KAFKA_HOME/bin/kafka-console-consumer.sh
#if [ "x$KAFKA_OPTS" = "x" ]; then
# export KAFKA_OPTS="-Djava.security.auth.login.config=/usr/local/kafka_2.12-0.10.2.1/config/consumer_jaas.conf"
#fi
# ==================================================================node1
scp -r $KAFKA_HOME/config/kafka_server_jaas.conf node2:$KAFKA_HOME/config/
scp -r $KAFKA_HOME/config/kafka_client_jaas.conf node2:$KAFKA_HOME/config/
scp -r $KAFKA_HOME/config/producer.properties node2:$KAFKA_HOME/config/
scp -r $KAFKA_HOME/config/consumer.properties node2:$KAFKA_HOME/config/
scp -r $KAFKA_HOME/bin/kafka-server-start.sh node2:$KAFKA_HOME/bin/
scp -r $KAFKA_HOME/bin/kafka-console-consumer.sh node2:$KAFKA_HOME/bin/
scp -r $KAFKA_HOME/bin/kafka-console-producer.sh node2:$KAFKA_HOME/bin/
scp -r $KAFKA_HOME/config/kafka_server_jaas.conf node3:$KAFKA_HOME/config/
scp -r $KAFKA_HOME/config/kafka_client_jaas.conf node3:$KAFKA_HOME/config/
scp -r $KAFKA_HOME/config/producer.properties node3:$KAFKA_HOME/config/
scp -r $KAFKA_HOME/config/consumer.properties node3:$KAFKA_HOME/config/
scp -r $KAFKA_HOME/bin/kafka-server-start.sh node3:$KAFKA_HOME/bin/
scp -r $KAFKA_HOME/bin/kafka-console-consumer.sh node3:$KAFKA_HOME/bin/
scp -r $KAFKA_HOME/bin/kafka-console-producer.sh node3:$KAFKA_HOME/bin/
# 启动
# ==================================================================node1 node2 node3
zkServer.sh start
zkServer.sh status
kafka-server-start.sh -daemon $KAFKA_HOME/config/server.properties
# ==================================================================node1
# kafka-topics.sh --delete --zookeeper node1:2181/kafka --topic sasltopic1
# 创建topic
kafka-topics.sh --create --zookeeper node1:2181/kafka --replication-factor 1 --partitions 1 --topic sasltopic1
# 查看topic列表
kafka-topics.sh --list --zookeeper node1:2181/kafka
# 查询topic状态
kafka-topics.sh --describe --zookeeper node1:2181/kafka --topic sasltopic1
# 生产者授权
kafka-acls.sh --authorizer kafka.security.auth.SimpleAclAuthorizer --authorizer-properties zookeeper.connect=node1:2181/kafka --add --allow-principal User:kafka --operation Write --topic sasltopic1
# 生产者
kafka-console-producer.sh --broker-list node1:9092 --topic sasltopic1 --producer.config $KAFKA_HOME/config/producer.properties
> This is a message
> This is another message
# 消费者 主题Read授权
kafka-acls.sh --authorizer kafka.security.auth.SimpleAclAuthorizer --authorizer-properties zookeeper.connect=node1:2181/kafka --add --allow-principal User:kafka --operation Read --topic sasltopic1
# 消费者 组Read授权
kafka-acls.sh --authorizer kafka.security.auth.SimpleAclAuthorizer --authorizer-properties zookeeper.connect=node1:2181/kafka --add --allow-principal User:kafka --operation Read --group sasltopic1group1
# 消费者
kafka-console-consumer.sh --bootstrap-server node2:9092 --topic sasltopic1 --from-beginning --consumer.config $KAFKA_HOME/config/consumer.properties
# 停止
kafka-server-stop.sh
zkServer.sh stop
# 启动
# ==================================================================node1 node2 node3
zkServer.sh start
zkServer.sh status
kafka-server-start.sh -daemon $KAFKA_HOME/config/server.properties
# ==================================================================node1
# kafka-topics.sh --delete --zookeeper node1:2181/kafka --topic sasltopic2
# 创建topic
kafka-topics.sh --create --zookeeper node1:2181,node2:2181,node3:2181/kafka --replication-factor 3 --partitions 3 --topic sasltopic2
# 查看topic列表
kafka-topics.sh --list --zookeeper node1:2181/kafka
# 查询topic状态
kafka-topics.sh --describe --zookeeper node1:2181,node2:2181,node3:2181/kafka --topic sasltopic2
# 生产者授权
kafka-acls.sh --authorizer kafka.security.auth.SimpleAclAuthorizer --authorizer-properties zookeeper.connect=node1:2181,node2:2181,node3:2181/kafka --add --allow-principal User:kafka --operation Write --topic sasltopic2
# 生产者
kafka-console-producer.sh --broker-list node1:9092,node2:9092,node3:9092 --topic sasltopic2 --producer.config $KAFKA_HOME/config/producer.properties
> This is a message
> This is another message
# 消费者 主题Read授权
kafka-acls.sh --authorizer kafka.security.auth.SimpleAclAuthorizer --authorizer-properties zookeeper.connect=node1:2181,node2:2181,node3:2181/kafka --add --allow-principal User:kafka --operation Read --topic sasltopic2
# 消费者 组Read授权
kafka-acls.sh --authorizer kafka.security.auth.SimpleAclAuthorizer --authorizer-properties zookeeper.connect=node1:2181,node2:2181,node3:2181/kafka --add --allow-principal User:kafka --operation Read --group sasltopic2group2
# 消费者
kafka-console-consumer.sh --bootstrap-server node1:9092,node2:9092,node3:9092 --topic sasltopic2 --from-beginning --consumer.config $KAFKA_HOME/config/consumer.properties
# 停止
kafka-server-stop.sh
zkServer.sh stop
shutdown -h now
# 快照 kafka_saslplain
# ==================================================================多节点zookeeper下认证 SASL认证配置
# ==================================================================node1
vi $ZOOKEEPER_HOME/conf/zoo.cfg
authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
requireClientAuthScheme=sasl
jaasLoginRenew=3600000
# ==================================================================node2
vi $ZOOKEEPER_HOME/conf/zoo.cfg
authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
requireClientAuthScheme=sasl
jaasLoginRenew=3600000
# ==================================================================node3
vi $ZOOKEEPER_HOME/conf/zoo.cfg
authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
requireClientAuthScheme=sasl
jaasLoginRenew=3600000
# ==================================================================node1
vi $KAFKA_HOME/config/kafka_zoo_jaas.conf
ZKServer {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="kafka"
password="Kafka*123456"
user_kafka="Kafka*123456";
};
vi $KAFKA_HOME/bin/zookeeper-server-start.sh
if [ "x$KAFKA_OPTS" = "x" ]; then
export KAFKA_OPTS="-Djava.security.auth.login.config=/usr/local/kafka_2.12-0.10.2.1/config/kafka_zoo_jaas.conf -Dzookeeper.sasl.serverconfig=ZKServer"
fi
scp -r $KAFKA_HOME/config/kafka_zoo_jaas.conf node2:$KAFKA_HOME/config/
scp -r $KAFKA_HOME/config/kafka_zoo_jaas.conf node3:$KAFKA_HOME/config/
scp -r $KAFKA_HOME/bin/zookeeper-server-start.sh node2:$KAFKA_HOME/bin/
scp -r $KAFKA_HOME/bin/zookeeper-server-start.sh node3:$KAFKA_HOME/bin/
# 启动
# ==================================================================node1 node2 node3
zkServer.sh start
zkServer.sh status
kafka-server-start.sh -daemon $KAFKA_HOME/config/server.properties
# ==================================================================node1
# kafka-topics.sh --delete --zookeeper node1:2181/kafka --topic sasltopic3
# 创建topic
kafka-topics.sh --create --zookeeper node1:2181,node2:2181,node3:2181/kafka --replication-factor 3 --partitions 3 --topic sasltopic3
# 查看topic列表
kafka-topics.sh --list --zookeeper node1:2181/kafka
# 查询topic状态
kafka-topics.sh --describe --zookeeper node1:2181,node2:2181,node3:2181/kafka --topic sasltopic3
# 生产者授权
kafka-acls.sh --authorizer kafka.security.auth.SimpleAclAuthorizer --authorizer-properties zookeeper.connect=node1:2181,node2:2181,node3:2181/kafka --add --allow-principal User:kafka --operation Write --topic sasltopic3
# 生产者
kafka-console-producer.sh --broker-list node1:9092,node2:9092,node3:9092 --topic sasltopic3 --producer.config $KAFKA_HOME/config/producer.properties
> This is a message
> This is another message
# 消费者 主题Read授权
kafka-acls.sh --authorizer kafka.security.auth.SimpleAclAuthorizer --authorizer-properties zookeeper.connect=node1:2181,node2:2181,node3:2181/kafka --add --allow-principal User:kafka --operation Read --topic sasltopic3
# 消费者 组Read授权
kafka-acls.sh --authorizer kafka.security.auth.SimpleAclAuthorizer --authorizer-properties zookeeper.connect=node1:2181,node2:2181,node3:2181/kafka --add --allow-principal User:kafka --operation Read --group sasltopic3group3
# 消费者
kafka-console-consumer.sh --bootstrap-server node1:9092,node2:9092,node3:9092 --topic sasltopic3 --from-beginning --consumer.config $KAFKA_HOME/config/consumer.properties
# 停止
kafka-server-stop.sh
zkServer.sh stop
shutdown -h now
# 快照 kafka_morezookeeper_saslplain
