2. 部署指南

trinodb 集群部署 安装部署 大数据 docker

集群节点

       主机名                            ip                          role
slave1192.168.1.11  coordinator 
slave2192.168.1.12      worker


# slave1:


vim /data/docker/mysql/trino/node.properties

node.environment=dockernode.id=ffffffff-ffff-ffff-ffff-11node.data-dir=/data/trino

node.id=ffffffff-ffff-ffff-ffff-11

-注意node.id在整个集群必须唯一,值可以随便填,没有固定格式


vim  /data/docker/mysql/trino/jvm.config

-server-Xmx1G-XX:-UseBiasedLocking-XX:+UseG1GC-XX:G1HeapRegionSize=32M-XX:+ExplicitGCInvokesConcurrent-XX:+HeapDumpOnOutOfMemoryError-XX:+ExitOnOutOfMemoryError-XX:-OmitStackTraceInFastThrow-XX:ReservedCodeCacheSize=256M-XX:PerMethodRecompilationCutoff=10000-XX:PerBytecodeRecompilationCutoff=10000-Djdk.attach.allowAttachSelf=true-Djdk.nio.maxCachedBufferSize=2000000

-调小了jvm内存,-Xmx


vim  /data/docker/mysql/trino/config.properties

coordinator=true
node-scheduler.include-coordinator=false
http-server.http.port=8080
discovery.uri=http://slave1:8080


vim  /data/docker/mysql/trino/log.properties

# Enable verbose logging from Trino#io.trino=DEBUGio.trino=DEBUG


vim  /data/docker/mysql/trino/catalog/mysql.properties


# slave2

vim  /data/docker/mysql/trino/config.properties

coordinator=false

http-server.http.port=8080

discovery.uri=http://slave1:8080

-和coordinator不一样的是coordinator=false,代表这是一个worker节点


vim /data/docker/mysql/trino/node.properties

node.environment=docker

node.id=ffffffff-ffff-ffff-ffff-12

node.data-dir=/data/trino


# 启动集群

-在所有的节点上执行如下命令,一般情况下先启动coordinator,再启动worker

./bin/launcher start


# 日志

ll  /data/presto/var/log/


# 集成kerberos安全认证

---集成kerberos,只需要在coordinator上进行配置, 在coordinator 节点上进行修改, worker节点保持不变

---coordinator节点上安装kerberos client

yum install krb5-libs.x86_64 krb5-workstation.x86_64 krb5

vi /etc/krb5.conf 

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log
[libdefaults]
 default_realm = XIAOMI.PRESTO
 dns_lookup_realm = false
 dns_lookup_kdc = false
 ticket_lifetime = 24h
 renew_lifetime = 7d
 forwardable = true
[realms]
 XIAOMI.PRESTO = {
  kdc = xiaobin
  admin_server = xiaobin
 }
[domain_realm]
 .xiaomi.presto = XIAOMI.PRESTO
 xiaomi.presto = XIAOMI.PRESTO

---生成keytab,在slave1节点上执行如下命令,生成qun.keytab

kadmin -p admin/admin -q "addprinc -randkey qun@XIAOMI.PRESTO"

kadmin -p admin/admin -q "addprinc -randkey qun/slave1@XIAOMI.PRESTO"

kadmin -p admin/admin -q "ktadd -k /etc/qun.keytab qun@XIAOMI.PRESTO"

kadmin -p admin/admin -q "ktadd -k /etc/qun.keytab qun/slave1@XIAOMI.PRESTO"

---生成keystore

-需要注意的是alias需要和启动presto的用户名一样

keytool -genkeypair -alias qun -keyalg RSA -keystore qunkeystore.jks

---配置jdk,Java Cryptography Extension Policy Files

wget http://download.oracle.com/otn-pub/java/jce/8/jce_policy-8.zip

将解压的jar放到如下目录中,主要是local_policy.jar和US_export_policy.jar

$JAVA_HOME/jre/lib/security/

---vim  /data/docker/mysql/trino/config.properties

coordinator=true
node-scheduler.include-coordinator=false
http-server.http.port=8080
discovery.uri=http://slave1:8080

http-server.authentication.type=KERBEROS
http.server.authentication.krb5.service-name=qun
http.server.authentication.krb5.keytab=/home/qun/presto-server-0.181/qun.keytab
http.authentication.krb5.config=/home/qun/presto-server-0.181/krb5.conf
http-server.https.enabled=true
http-server.https.port=7778
http-server.https.keystore.path=/home/qun/presto-server-0.181/qunkeystore.jks
http-server.https.keystore.key=keystorepd

---vim  /data/docker/mysql/trino/jvm.config

-server
-Xmx1G
-XX:-UseBiasedLocking
-XX:+UseG1GC
-XX:G1HeapRegionSize=32M
-XX:+ExplicitGCInvokesConcurrent
-XX:+HeapDumpOnOutOfMemoryError
-XX:+ExitOnOutOfMemoryError
-XX:-OmitStackTraceInFastThrow
-XX:ReservedCodeCacheSize=256M
-XX:PerMethodRecompilationCutoff=10000
-XX:PerBytecodeRecompilationCutoff=10000
-Djdk.attach.allowAttachSelf=true
-Djdk.nio.maxCachedBufferSize=2000000
-Dsun.security.krb5.debug=true
-Dlog.enable-console=true

---重启coordinator节点


---连接presto集群

-这个是debug方式,利于找错误,有大量日志输出

java -jar presto-cli-0.181-executable.jar \
--server https://slave1:7778   \
--enable-authentication   \
--krb5-config-path /etc/krb5.conf   \
--krb5-principal qun@XIAOMI.PRESTO   \
--krb5-keytab-path /home/qun/presto-server-0.181/qun.keytab   \
--krb5-remote-service-name qun   \
--keystore-path /home/qun/presto-server-0.181/qunkeystore.jks  \
--keystore-password keystorepd
presto> select count(*) from mysql.test.user;

or

./presto-cli  \

  --server https://slave1:7778 \

  --enable-authentication \

  --krb5-config-path /etc/krb5.conf \

  --krb5-principal qun@XIAOMI.PRESTO \

  --krb5-keytab-path /home/qun/qun.keytab \

  --krb5-remote-service-name qun \

  --keystore-path /home/qun/qunkeystore.jks \

  --keystore-password keystorepd 

presto> select count(*) from mysql.test.user;



签名:这个人很懒,什么也没有留下!
收藏的用户(0 X
正在加载信息~
猜你喜欢:
最新回复 (0)
返回
发新帖
作者最近主题:
热门主题: