zookeeper有watch事件,是一次性觸發的,當watch監視的數據發生變化時,通知設置了該watch的client,即watcher。
同樣,其watcher是監聽數據發送了某些變化,那就一定會有相應的事件類型和狀態類型
事件類型:
- EventType.NodeCreated 節點創建
- EventType.NodeDeleted節點刪除
- EventType.NodeDataChanged節點數據改變
- EventType.NodeChildChanged子節點改變
狀態類型
- KeeperState.Disconnected
- KeeperState.SyncConnected
- KeeperState.AuthFailed
- KeeperState.Expired
watcher簡單示例
/**
* Zookeeper Wathcher
* 本類就是一個Watcher類(實現了org.apache.zookeeper.Watcher類)
*/
public class ZooKeeperWatcher implements Watcher {
/** 定義原子變量 */
AtomicInteger seq = new AtomicInteger();
/** 定義session失效時間 */
private static final int SESSION_TIMEOUT = 10000;
/** zookeeper服務器地址 */
private static final String CONNECTION_ADDR = "192.168.252.132:2181";
/** zk父路徑設置 */
private static final String PARENT_PATH = "/testWatch";
/** zk子路徑設置 */
private static final String CHILDREN_PATH = "/testWatch/children";
/** 進入標識 */
private static final String LOG_PREFIX_OF_MAIN = "【Main】";
/** zk變量 */
private ZooKeeper zk = null;
/** 信號量設置,用於等待zookeeper連接建立之後 通知阻塞程序繼續向下執行 */
private CountDownLatch connectedSemaphore = new CountDownLatch(1);
/**
* 創建ZK連接
* @param connectAddr ZK服務器地址列表
* @param sessionTimeout Session超時時間
*/
public void createConnection(String connectAddr, int sessionTimeout) {
this.releaseConnection();
try {
zk = new ZooKeeper(connectAddr, sessionTimeout, this);
System.out.println(LOG_PREFIX_OF_MAIN + "開始連接ZK服務器");
connectedSemaphore.await();
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* 關閉ZK連接
*/
public void releaseConnection() {
if (this.zk != null) {
try {
this.zk.close();
} catch (InterruptedException e) {
e.printStackTrace();
}
}
}
/**
* 創建節點
* @param path 節點路徑
* @param data 數據內容
* @return boolean
*/
public boolean createPath(String path, String data) {
try {
//watcher是一次性的
//設置監控(由於zookeeper的監控都是一次性的所以 每次必須設置監控)
this.zk.exists(path, true);
System.out.println(LOG_PREFIX_OF_MAIN + "節點創建成功, Path: " +
this.zk.create( /**路徑*/
path,
/**數據*/
data.getBytes(),
/**所有可見*/
Ids.OPEN_ACL_UNSAFE,
/**永久存儲*/
CreateMode.PERSISTENT ) +
", content: " + data);
} catch (Exception e) {
e.printStackTrace();
return false;
}
return true;
}
/**
* 讀取指定節點數據內容
* @param path 節點路徑
* @return
*/
public String readData(String path, boolean needWatch) {
try {
return new String(this.zk.getData(path, needWatch, null));
} catch (Exception e) {
e.printStackTrace();
return "";
}
}
/**
* 更新指定節點數據內容
* @param path 節點路徑
* @param data 數據內容
* @return
*/
public boolean writeData(String path, String data) {
try {
System.out.println(LOG_PREFIX_OF_MAIN + "更新數據成功,path:" + path + ", stat: " +
this.zk.setData(path, data.getBytes(), -1));
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
/**
* 刪除指定節點
*
* @param path
* 節點path
*/
public void deleteNode(String path) {
try {
this.zk.delete(path, -1);
System.out.println(LOG_PREFIX_OF_MAIN + "刪除節點成功,path:" + path);
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* 判斷指定節點是否存在
* @param path 節點路徑
*/
public Stat exists(String path, boolean needWatch) {
try {
return this.zk.exists(path, needWatch);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
/**
* 獲取子節點
* @param path 節點路徑
*/
private List<String> getChildren(String path, boolean needWatch) {
try {
return this.zk.getChildren(path, needWatch);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
/**
* 刪除所有節點
*/
public void deleteAllTestPath() {
if(this.exists(CHILDREN_PATH, false) != null){
this.deleteNode(CHILDREN_PATH);
}
if(this.exists(PARENT_PATH, false) != null){
this.deleteNode(PARENT_PATH);
}
}
/**
* 收到來自Server的Watcher通知後的處理。
*/
@Override
public void process(WatchedEvent event) {
System.out.println("進入 process 。。。。。event = " + event);
try {
Thread.sleep(200);
} catch (InterruptedException e) {
e.printStackTrace();
}
if (event == null) {
return;
}
// 連接狀態
KeeperState keeperState = event.getState();
// 事件類型
EventType eventType = event.getType();
// 受影響的path
String path = event.getPath();
String logPrefix = "【Watcher-" + this.seq.incrementAndGet() + "】";
System.out.println(logPrefix + "收到Watcher通知");
System.out.println(logPrefix + "連接狀態:\t" + keeperState.toString());
System.out.println(logPrefix + "事件類型:\t" + eventType.toString());
if (KeeperState.SyncConnected == keeperState) {
// 成功連接上ZK服務器
if (EventType.None == eventType) {
System.out.println(logPrefix + "成功連接上ZK服務器");
connectedSemaphore.countDown();
}
//創建節點
else if (EventType.NodeCreated == eventType) {
System.out.println(logPrefix + "節點創建");
try {
Thread.sleep(100);
} catch (InterruptedException e) {
e.printStackTrace();
}
this.exists(path, true);
}
//更新節點
else if (EventType.NodeDataChanged == eventType) {
System.out.println(logPrefix + "節點數據更新");
System.out.println("我看看走不走這裏........");
try {
Thread.sleep(100);
} catch (InterruptedException e) {
e.printStackTrace();
}
System.out.println(logPrefix + "數據內容: " + this.readData(PARENT_PATH, true));
}
//更新子節點
else if (EventType.NodeChildrenChanged == eventType) {
System.out.println(logPrefix + "子節點變更");
try {
Thread.sleep(3000);
} catch (InterruptedException e) {
e.printStackTrace();
}
System.out.println(logPrefix + "子節點列表:" + this.getChildren(PARENT_PATH, true));
}
//刪除節點
else if (EventType.NodeDeleted == eventType) {
System.out.println(logPrefix + "節點 " + path + " 被刪除");
}
else ;
}
else if (KeeperState.Disconnected == keeperState) {
System.out.println(logPrefix + "與ZK服務器斷開連接");
}
else if (KeeperState.AuthFailed == keeperState) {
System.out.println(logPrefix + "權限檢查失敗");
}
else if (KeeperState.Expired == keeperState) {
System.out.println(logPrefix + "會話失效");
}
else ;
System.out.println("--------------------------------------------");
}
/**
* <B>方法名稱:</B>測試zookeeper監控<BR>
* <B>概要說明:</B>主要測試watch功能<BR>
* @param args
* @throws Exception
*/
public static void main(String[] args) throws Exception {
//建立watcher
ZooKeeperWatcher zkWatch = new ZooKeeperWatcher();
//創建連接
zkWatch.createConnection(CONNECTION_ADDR, SESSION_TIMEOUT);
//System.out.println(zkWatch.zk.toString());
Thread.sleep(1000);
// 清理節點
zkWatch.deleteAllTestPath();
if (zkWatch.createPath(PARENT_PATH, System.currentTimeMillis() + "")) {
Thread.sleep(1000);
// 讀取數據
System.out.println("---------------------- read parent ----------------------------");
zkWatch.readData(PARENT_PATH, true);
// 讀取子節點
System.out.println("---------------------- read children path ----------------------------");
zkWatch.getChildren(PARENT_PATH, true);
// 更新數據
zkWatch.writeData(PARENT_PATH, System.currentTimeMillis() + "");
Thread.sleep(1000);
// 創建子節點
zkWatch.createPath(CHILDREN_PATH, System.currentTimeMillis() + "");
Thread.sleep(1000);
zkWatch.writeData(CHILDREN_PATH, System.currentTimeMillis() + "");
}
Thread.sleep(50000);
// 清理節點
zkWatch.deleteAllTestPath();
Thread.sleep(1000);
zkWatch.releaseConnection();
}
}
Zookeeper中的Access Control(ACL)
概述
傳統的文件系統中,ACL分爲兩個維度,一個是屬組,一個是權限,子目錄/文件默認繼承父目錄的ACL。而在Zookeeper中,node的ACL是沒有繼承關係的,是獨立控制的。Zookeeper的ACL,可以從三個維度來理解:一是scheme; 二是user; 三是permission,通常表示爲scheme:id:permissions, 下面從這三個方面分別來介紹:
scheme: scheme對應於採用哪種方案來進行權限管理,zookeeper實現了一個pluggable的ACL方案,可以通過擴展scheme,來擴展ACL的機制。zookeeper-3.4.4缺省支持下面幾種scheme:
world: 它下面只有一個id, 叫anyone, world:anyone代表任何人,zookeeper中對所有人有權限的結點就是屬於world:anyone的
auth: 它不需要id, 只要是通過authentication的user都有權限(zookeeper支持通過kerberos來進行authencation, 也支持username/password形式的authentication)
digest: 它對應的id爲username:BASE64(SHA1(password)),它需要先通過username:password形式的authentication
ip: 它對應的id爲客戶機的IP地址,設置的時候可以設置一個ip段,比如ip:192.168.1.0/16, 表示匹配前16個bit的IP段
super: 在這種scheme情況下,對應的id擁有超級權限,可以做任何事情(cdrwa)
sasl: sasl的對應的id,是一個通過sasl authentication用戶的id,zookeeper-3.4.4中的sasl authentication是通過kerberos來實現的,也就是說用戶只有通過了kerberos認證,才能訪問它有權限的node.
2 . id: id與scheme是緊密相關的,具體的情況在上面介紹scheme的過程都已介紹,這裏不再贅述。
3. permission: zookeeper目前支持下面一些權限:
CREATE(c): 創建權限,可以在在當前node下創建child node DELETE(d): 刪除權限,可以刪除當前的node
READ(r): 讀權限,可以獲取當前node的數據,可以list當前node所有的child nodes WRITE(w):
寫權限,可以向當前node寫數據 ADMIN(a): 管理權限,可以設置當前node的permission
digest模式下的示例
public class ZookeeperAuth implements Watcher {
/** 連接地址 */
final static String CONNECT_ADDR = "192.168.252.132:2181";
/** 測試路徑 */
final static String PATH = "/testAuth";
final static String PATH_DEL = "/testAuth/delNode";
/** 認證類型 */
final static String authentication_type = "digest";
/** 認證正確方法 */
final static String correctAuthentication = "123456";
/** 認證錯誤方法 */
final static String badAuthentication = "654321";
static ZooKeeper zk = null;
/** 計時器 */
AtomicInteger seq = new AtomicInteger();
/** 標識 */
private static final String LOG_PREFIX_OF_MAIN = "【Main】";
private CountDownLatch connectedSemaphore = new CountDownLatch(1);
@Override
public void process(WatchedEvent event) {
try {
Thread.sleep(200);
} catch (InterruptedException e) {
e.printStackTrace();
}
if (event==null) {
return;
}
// 連接狀態
KeeperState keeperState = event.getState();
// 事件類型
EventType eventType = event.getType();
// 受影響的path
String path = event.getPath();
String logPrefix = "【Watcher-" + this.seq.incrementAndGet() + "】";
System.out.println(logPrefix + "收到Watcher通知");
System.out.println(logPrefix + "連接狀態:\t" + keeperState.toString());
System.out.println(logPrefix + "事件類型:\t" + eventType.toString());
if (KeeperState.SyncConnected == keeperState) {
// 成功連接上ZK服務器
if (EventType.None == eventType) {
System.out.println(logPrefix + "成功連接上ZK服務器");
connectedSemaphore.countDown();
}
} else if (KeeperState.Disconnected == keeperState) {
System.out.println(logPrefix + "與ZK服務器斷開連接");
} else if (KeeperState.AuthFailed == keeperState) {
System.out.println(logPrefix + "權限檢查失敗");
} else if (KeeperState.Expired == keeperState) {
System.out.println(logPrefix + "會話失效");
}
System.out.println("--------------------------------------------");
}
/**
* 創建ZK連接
*
* @param connectString
* ZK服務器地址列表
* @param sessionTimeout
* Session超時時間
*/
public void createConnection(String connectString, int sessionTimeout) {
this.releaseConnection();
try {
zk = new ZooKeeper(connectString, sessionTimeout, this);
//添加節點授權
zk.addAuthInfo(authentication_type,correctAuthentication.getBytes());
System.out.println(LOG_PREFIX_OF_MAIN + "開始連接ZK服務器");
//倒數等待
connectedSemaphore.await();
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* 關閉ZK連接
*/
public void releaseConnection() {
if (this.zk!=null) {
try {
this.zk.close();
} catch (InterruptedException e) {
}
}
}
/**
*
* <B>方法名稱:</B>測試函數<BR>
* <B>概要說明:</B>測試認證<BR>
* @param args
* @throws Exception
*/
public static void main(String[] args) throws Exception {
ZookeeperAuth testAuth = new ZookeeperAuth();
testAuth.createConnection(CONNECT_ADDR,2000);
List<ACL> acls = new ArrayList<ACL>(1);
for (ACL ids_acl : Ids.CREATOR_ALL_ACL) {
acls.add(ids_acl);
}
try {
zk.create(PATH, "init content".getBytes(), acls, CreateMode.PERSISTENT);
System.out.println("使用授權key:" + correctAuthentication + "創建節點:"+ PATH + ", 初始內容是: init content");
} catch (Exception e) {
e.printStackTrace();
}
try {
zk.create(PATH_DEL, "will be deleted! ".getBytes(), acls, CreateMode.PERSISTENT);
System.out.println("使用授權key:" + correctAuthentication + "創建節點:"+ PATH_DEL + ", 初始內容是: init content");
} catch (Exception e) {
e.printStackTrace();
}
// 獲取數據
getDataByNoAuthentication();
getDataByBadAuthentication();
getDataByCorrectAuthentication();
// 更新數據
updateDataByNoAuthentication();
updateDataByBadAuthentication();
updateDataByCorrectAuthentication();
// 刪除數據
deleteNodeByBadAuthentication();
deleteNodeByNoAuthentication();
deleteNodeByCorrectAuthentication();
//
Thread.sleep(1000);
deleteParent();
//釋放連接
testAuth.releaseConnection();
}
/** 獲取數據:採用錯誤的密碼 */
static void getDataByBadAuthentication() {
String prefix = "[使用錯誤的授權信息]";
try {
ZooKeeper badzk = new ZooKeeper(CONNECT_ADDR, 2000, null);
//授權
badzk.addAuthInfo(authentication_type,badAuthentication.getBytes());
Thread.sleep(2000);
System.out.println(prefix + "獲取數據:" + PATH);
System.out.println(prefix + "成功獲取數據:" + badzk.getData(PATH, false, null));
} catch (Exception e) {
System.err.println(prefix + "獲取數據失敗,原因:" + e.getMessage());
}
}
/** 獲取數據:不採用密碼 */
static void getDataByNoAuthentication() {
String prefix = "[不使用任何授權信息]";
try {
System.out.println(prefix + "獲取數據:" + PATH);
ZooKeeper nozk = new ZooKeeper(CONNECT_ADDR, 2000, null);
Thread.sleep(2000);
System.out.println(prefix + "成功獲取數據:" + nozk.getData(PATH, false, null));
} catch (Exception e) {
System.err.println(prefix + "獲取數據失敗,原因:" + e.getMessage());
}
}
/** 採用正確的密碼 */
static void getDataByCorrectAuthentication() {
String prefix = "[使用正確的授權信息]";
try {
System.out.println(prefix + "獲取數據:" + PATH);
System.out.println(prefix + "成功獲取數據:" + zk.getData(PATH, false, null));
} catch (Exception e) {
System.out.println(prefix + "獲取數據失敗,原因:" + e.getMessage());
}
}
/**
* 更新數據:不採用密碼
*/
static void updateDataByNoAuthentication() {
String prefix = "[不使用任何授權信息]";
System.out.println(prefix + "更新數據: " + PATH);
try {
ZooKeeper nozk = new ZooKeeper(CONNECT_ADDR, 2000, null);
Thread.sleep(2000);
Stat stat = nozk.exists(PATH, false);
if (stat!=null) {
nozk.setData(PATH, prefix.getBytes(), -1);
System.out.println(prefix + "更新成功");
}
} catch (Exception e) {
System.err.println(prefix + "更新失敗,原因是:" + e.getMessage());
}
}
/**
* 更新數據:採用錯誤的密碼
*/
static void updateDataByBadAuthentication() {
String prefix = "[使用錯誤的授權信息]";
System.out.println(prefix + "更新數據:" + PATH);
try {
ZooKeeper badzk = new ZooKeeper(CONNECT_ADDR, 2000, null);
//授權
badzk.addAuthInfo(authentication_type,badAuthentication.getBytes());
Thread.sleep(2000);
Stat stat = badzk.exists(PATH, false);
if (stat!=null) {
badzk.setData(PATH, prefix.getBytes(), -1);
System.out.println(prefix + "更新成功");
}
} catch (Exception e) {
System.err.println(prefix + "更新失敗,原因是:" + e.getMessage());
}
}
/**
* 更新數據:採用正確的密碼
*/
static void updateDataByCorrectAuthentication() {
String prefix = "[使用正確的授權信息]";
System.out.println(prefix + "更新數據:" + PATH);
try {
Stat stat = zk.exists(PATH, false);
if (stat!=null) {
zk.setData(PATH, prefix.getBytes(), -1);
System.out.println(prefix + "更新成功");
}
} catch (Exception e) {
System.err.println(prefix + "更新失敗,原因是:" + e.getMessage());
}
}
/**
* 不使用密碼 刪除節點
*/
static void deleteNodeByNoAuthentication() throws Exception {
String prefix = "[不使用任何授權信息]";
try {
System.out.println(prefix + "刪除節點:" + PATH_DEL);
ZooKeeper nozk = new ZooKeeper(CONNECT_ADDR, 2000, null);
Thread.sleep(2000);
Stat stat = nozk.exists(PATH_DEL, false);
if (stat!=null) {
nozk.delete(PATH_DEL,-1);
System.out.println(prefix + "刪除成功");
}
} catch (Exception e) {
System.err.println(prefix + "刪除失敗,原因是:" + e.getMessage());
}
}
/**
* 採用錯誤的密碼刪除節點
*/
static void deleteNodeByBadAuthentication() throws Exception {
String prefix = "[使用錯誤的授權信息]";
try {
System.out.println(prefix + "刪除節點:" + PATH_DEL);
ZooKeeper badzk = new ZooKeeper(CONNECT_ADDR, 2000, null);
//授權 使用錯誤的授權碼badAuthentication
badzk.addAuthInfo(authentication_type,badAuthentication.getBytes());
Thread.sleep(2000);
Stat stat = badzk.exists(PATH_DEL, false);
if (stat!=null) {
badzk.delete(PATH_DEL, -1);
System.out.println(prefix + "刪除成功");
}
} catch (Exception e) {
System.err.println(prefix + "刪除失敗,原因是:" + e.getMessage());
}
}
/**
* 使用正確的密碼刪除節點
*/
static void deleteNodeByCorrectAuthentication() throws Exception {
String prefix = "[使用正確的授權信息]";
try {
System.out.println(prefix + "刪除節點:" + PATH_DEL);
Stat stat = zk.exists(PATH_DEL, false);
if (stat!=null) {
zk.delete(PATH_DEL, -1);
System.out.println(prefix + "刪除成功");
}
} catch (Exception e) {
System.out.println(prefix + "刪除失敗,原因是:" + e.getMessage());
}
}
/**
* 使用正確的密碼刪除節點
*/
static void deleteParent() throws Exception {
try {
Stat stat = zk.exists(PATH_DEL, false);
if (stat == null) {
zk.delete(PATH, -1);
}
} catch (Exception e) {
e.printStackTrace();
}
}
}