Hadoop sshfence(权限被拒绝)

【问题标题】:Hadoop sshfence (Permission denied)Hadoop sshfence(权限被拒绝)
【发布时间】:2014-01-22 20:45:03
【问题描述】:

我正在尝试 HDFS 的 Hadoop 2 高可用性。我在用户 hafence 下的 NameNode 之间建立了无密码 ssh 连接。我验证了 - 它有效。但是,在使用此 sshfence 设置时,我得到了关注(权限被拒绝)。

2014-01-20 12:54:47,101 INFO  ha.NodeFencer (NodeFencer.java:fence(91)) - ====== Beginning Service Fencing Process... ======
2014-01-20 12:54:47,101 INFO  ha.NodeFencer (NodeFencer.java:fence(94)) - Trying method 1/1: org.apache.hadoop.ha.SshFenceByTcpPort(hafence:22)
2014-01-20 12:54:47,101 WARN  ha.SshFenceByTcpPort (SshFenceByTcpPort.java:tryFence(93)) - Unable to create SSH session
com.jcraft.jsch.JSchException: java.io.FileNotFoundException: /home/hafence/.ssh/id_rsa (Permission denied)
    at com.jcraft.jsch.IdentityFile.newInstance(IdentityFile.java:98)
    at com.jcraft.jsch.JSch.addIdentity(JSch.java:206)
    at com.jcraft.jsch.JSch.addIdentity(JSch.java:192)
    at org.apache.hadoop.ha.SshFenceByTcpPort.createSession(SshFenceByTcpPort.java:122)
    at org.apache.hadoop.ha.SshFenceByTcpPort.tryFence(SshFenceByTcpPort.java:91)
    at org.apache.hadoop.ha.NodeFencer.fence(NodeFencer.java:97)
    at org.apache.hadoop.ha.ZKFailoverController.doFence(ZKFailoverController.java:521)
    at org.apache.hadoop.ha.ZKFailoverController.fenceOldActive(ZKFailoverController.java:494)
    at org.apache.hadoop.ha.ZKFailoverController.access$1100(ZKFailoverController.java:59)
    at org.apache.hadoop.ha.ZKFailoverController$ElectorCallbacks.fenceOldActive(ZKFailoverController.java:837)
    at org.apache.hadoop.ha.ActiveStandbyElector.fenceOldActive(ActiveStandbyElector.java:900)
    at org.apache.hadoop.ha.ActiveStandbyElector.becomeActive(ActiveStandbyElector.java:799)
    at org.apache.hadoop.ha.ActiveStandbyElector.processResult(ActiveStandbyElector.java:415)
    at org.apache.zookeeper.ClientCnxn$EventThread.processEvent(ClientCnxn.java:596)
    at org.apache.zookeeper.ClientCnxn$EventThread.run(ClientCnxn.java:495)
Caused by: java.io.FileNotFoundException: /home/hafence/.ssh/id_rsa (Permission denied)
    at java.io.FileInputStream.open(Native Method)
    at java.io.FileInputStream.<init>(FileInputStream.java:138)
    at java.io.FileInputStream.<init>(FileInputStream.java:97)
    at com.jcraft.jsch.IdentityFile.newInstance(IdentityFile.java:83)
    ... 14 more
2014-01-20 12:54:47,102 WARN  ha.NodeFencer (NodeFencer.java:fence(108)) - Fencing method org.apache.hadoop.ha.SshFenceByTcpPort(hafence:22) was unsuccessful.
2014-01-20 12:54:47,102 ERROR ha.NodeFencer (NodeFencer.java:fence(111)) - Unable to fence service by any configured method.
2014-01-20 12:54:47,102 WARN  ha.ActiveStandbyElector (ActiveStandbyElector.java:becomeActive(807)) - Exception handling the winning of election

我在 hdfs-site.xml 中的配置如下:

  <property>
    <name>dfs.ha.fencing.methods</name>
    <value>sshfence(hafence:22)</value>
  </property>
  <property>
    <name>dfs.ha.fencing.ssh.private-key-files</name>
    <value>/home/hafence/.ssh/id_rsa</value>
  </property>
  <property>
    <name>dfs.ha.fencing.ssh.connect-timeout</name>
    <value>30000</value>
  </property>

  <property>
    <name>dfs.ha.automatic-failover.enabled</name>
    <value>true</value>
  </property>

为了使 sshfence 正常工作,需要哪些权限要求、用户等?

【问题讨论】:

    标签: hadoop hdfs high-availability


    【解决方案1】:

    因为 hadoop 是从 RPM 包安装的。我们使用 hdfs 用户(包括无密码身份验证)进行 sshfence,然后 sshfence 开始工作。

    【讨论】:

      【解决方案2】:

      检查/home/hafence/.ssh/id_rsa 的权限。我有这个问题。检查 id_rsa 的权限。您的用户应该具有读写权限。

      【讨论】:

      • 我有 rw 权限 - 模式 600,但没有帮助
      猜你喜欢
      • 1970-01-01
      • 1970-01-01
      • 2022-08-20
      • 2016-05-04
      • 1970-01-01
      • 1970-01-01
      • 2015-08-30
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode