目录
Zookeeper --------操作命令篇
1、基础命令操作
2、watch机制命令操作
3、ACL权限控制操作
服务端常见命令:
(1)启动服务命令:./zkServer.sh start
[root@localhost bin]# ./zkServer.sh start
ZooKeeper JMX enabled by default
Using config: /usr/local/zookeeper/bin/../conf/zoo.cfg
Starting zookeeper ... STARTED //表示启动服务成功
(2)查看服务状态:./zkServer.sh status
[root@localhost bin]# ./zkServer.sh status
ZooKeeper JMX enabled by default
Using config: /usr/local/zookeeper/bin/../conf/zoo.cfg
Mode: standalone //代表是单集群状态
(3)关闭服务:./zkServer.sh stop
客户端常见命令:
(1)连接服务器: ./zkCli.sh
[root@localhost bin]# ./zkCli.sh
Connecting to localhost:2181
2020-04-18 17:40:31,026 [myid:] - INFO [main:Environment@100] - Client environment:zookeeper.version=3.4.11-。。。。。。。。
WATCHER::
WatchedEvent state:SyncConnected type:None path:null //连接服务器成功
(2)查询帮助命令:help
[zk: localhost:2181(CONNECTED) 0] help
ZooKeeper -server host:port cmd args
stat path [watch] //查询某节点的状态信息
set path data [version] //设置某个节点的值
ls path [watch] //查看某个路径下的节点
delquota [-n|-b] path
ls2 path [watch] //ls命令和stat命令的整合
setAcl path acl //设置某个节点的权限
setquota -n|-b val path
history
redo cmdno
printwatches on|off
delete path [version] //删除某个节点
sync path
listquota path
rmr path
get path [watch] //获取某个节点的值
create [-s] [-e] path data acl //创建某个节点 -s表示顺序创建 -e表示创建一个临时节点
addauth scheme auth //新加用户
quit //退出当前客户端
getAcl path //获取某个节点的权限信息
close
connect host:port //连接某个主机
(3)查看路径下的节点:ls path
[zk: localhost:2181(CONNECTED) 1] ls / //查看根路径下的节点
[zookeeper, imooc]
(4)获取某个节点的信息: get path
[zk: localhost:2181(CONNECTED) 2] get /imooc //获取imooc节点的值
123 //值为123
cZxid = 0x19 //创建节点的id
ctime = Fri Apr 17 20:37:16 CST 2020 //节点的创建时间
mZxid = 0x19 //修改节点的id
mtime = Fri Apr 17 20:37:16 CST 2020 //修改节点的时间
pZxid = 0x32 //子节点的id
cversion = 9 //子节点的版本
dataVersion = 0 //当前节点数据的版本
aclVersion = 0 //权限的版本
ephemeralOwner = 0x0 //判断是否是临时节点
dataLength = 3 //数据的长度
numChildren = 1 //子节点的数量
关于watcher
机制大体的理解可以为,当每个节点发生变化,都会触发watcher
事件,类似于mysql
的触发器。zk
中 watcher
是一次性的,触发后立即销毁。
由help命令可以知道可以设置watch事件的有以下四种:
stat path [watch]
get path [watch]ls path [watch]
ls2 path [watch]
例如: stat path [watch] 设置watch事件
[zk: localhost:2181(CONNECTED) 16] ls /
[zookeeper]
[zk: localhost:2181(CONNECTED) 17] stat /imooc watch
Node does not exist: /imooc
[zk: localhost:2181(CONNECTED) 18] create /imooc 123WATCHER::
WatchedEvent state:SyncConnected type:NodeCreated path:/imooc
Created /imooc
[zk: localhost:2181(CONNECTED) 19]
get path [watch] 设置watch事件(该方式创建时,只有该节点的变化才会触发watch;其路径上的子节点的一切变化都不会触发事件)
[zk: localhost:2181(CONNECTED) 19] get /imooc watch
123
cZxid = 0x3e
ctime = Sat Apr 18 19:26:41 CST 2020
mZxid = 0x3e
mtime = Sat Apr 18 19:26:41 CST 2020
pZxid = 0x3e
cversion = 0
dataVersion = 0
aclVersion = 0
ephemeralOwner = 0x0
dataLength = 3
numChildren = 0
[zk: localhost:2181(CONNECTED) 20] set /imooc 456WATCHER::
WatchedEvent state:SyncConnected type:NodeDataChanged path:/imooc
cZxid = 0x3e
ctime = Sat Apr 18 19:26:41 CST 2020
mZxid = 0x3f
mtime = Sat Apr 18 19:29:15 CST 2020
pZxid = 0x3e
cversion = 0
dataVersion = 1
aclVersion = 0
ephemeralOwner = 0x0
dataLength = 3
numChildren = 0
[zk: localhost:2181(CONNECTED) 21]
ls path [watch]
ZK的节点有5种操作权限:CREATE、READ、WRITE、DELETE、ADMIN 也就是 增、删、改、查、管理权限,这5种权限简写为crwda(即:每个单词的首字符缩写)。
注:这5种权限中,delete是指对子节点的删除权限,其它4种权限指对自身节点的操作权限
身份的认证有4种方式:
(1)world:默认方式,相当于全世界都能访问
(2)auth:代表已经认证通过的用户(cli中可以通过addauth digest user:pwd 来添加当前上下文中的授权用户)
(3)digest:即用户名:密码这种方式认证,这也是业务系统中最常用的
(4)ip:使用Ip地址认证
使用 [scheme:id:permissions] 来表示acl权限
(1)getAcl:获取某个节点的acl权限信息
[zk: localhost:2181(CONNECTED) 36] getAcl /imooc
'world,'anyone
: cdrwa
[zk: localhost:2181(CONNECTED) 37]
(2)setAcl:设置某个节点的acl权限
[zk: localhost:2181(CONNECTED) 37] setAcl /imooc world:anyone:cdwa //设置权限为cdwa,即不可以读该节点
cZxid = 0x3e
ctime = Sat Apr 18 19:26:41 CST 2020
mZxid = 0x45
mtime = Sat Apr 18 19:39:00 CST 2020
pZxid = 0x47
cversion = 4
dataVersion = 3
aclVersion = 1
ephemeralOwner = 0x0
dataLength = 3
numChildren = 0
[zk: localhost:2181(CONNECTED) 38] getAcl /imooc
'world,'anyone
: cdwa
[zk: localhost:2181(CONNECTED) 39] get /imooc
Authentication is not valid : /imooc //权限不够,读该节点失败
[zk: localhost:2181(CONNECTED) 40]
(3)acl Auth 密码明文设置
[zk: localhost:2181(CONNECTED) 48] getAcl /imooc
'world,'anyone
: cdrwa
[zk: localhost:2181(CONNECTED) 49] setAcl /imooc auth:lisi:123:cdrwa
cZxid = 0x3e
ctime = Sat Apr 18 19:26:41 CST 2020
mZxid = 0x45
mtime = Sat Apr 18 19:39:00 CST 2020
pZxid = 0x47
cversion = 4
dataVersion = 3
aclVersion = 3
ephemeralOwner = 0x0
dataLength = 3
numChildren = 0
[zk: localhost:2181(CONNECTED) 50] getAcl /imooc
'digest,'lisi:a1lTJf90grZbyldpZ2TMqcoQheU=
: cdrwa
[zk: localhost:2181(CONNECTED) 51]
(4)acl digest 密码密文设置,他跟第(3)的区别就是:一个是明文输入,一个是密文输入
[zk: localhost:2181(CONNECTED) 52] ls /imooc
[]
[zk: localhost:2181(CONNECTED) 53] ls
[zk: localhost:2181(CONNECTED) 54] create /imooc/test 123
Created /imooc/test
[zk: localhost:2181(CONNECTED) 55] getAcl /imooc/test
'world,'anyone
: cdrwa
[zk: localhost:2181(CONNECTED) 56] setAcl /imooc/test digest:lisi:a1lTJf90grZbyldpZ2TMqcoQheU:cdraw
cZxid = 0x50
ctime = Sat Apr 18 20:06:13 CST 2020
mZxid = 0x50
mtime = Sat Apr 18 20:06:13 CST 2020
pZxid = 0x50
cversion = 0
dataVersion = 0
aclVersion = 1
ephemeralOwner = 0x0
dataLength = 3
numChildren = 0
[zk: localhost:2181(CONNECTED) 57] getAcl /imooc/test
'digest,'lisi:a1lTJf90grZbyldpZ2TMqcoQheU
: cdrwa
[zk: localhost:2181(CONNECTED) 58]
(5)acl ip 控制客户端
[zk: localhost:2181(CONNECTED) 62] getAcl /imooc/test
'world,'anyone
: cdrwa
[zk: localhost:2181(CONNECTED) 63] setAcl /imooc/test ip:192.138.137.3:cdraw
cZxid = 0x54
ctime = Sat Apr 18 20:24:36 CST 2020
mZxid = 0x54
mtime = Sat Apr 18 20:24:36 CST 2020
pZxid = 0x54
cversion = 0
dataVersion = 0
aclVersion = 1
ephemeralOwner = 0x0
dataLength = 3
numChildren = 0
[zk: localhost:2181(CONNECTED) 64] getAcl /imooc/test
'ip,'192.138.137.3
: cdrwa
[zk: localhost:2181(CONNECTED) 65]
(6)acl super超级管理员