0 課程地址
https://coding.imooc.com/lesson/201.html#mid=12807
1 重點關注
1.1 本節內容
curator新增節點時附帶權限(遞歸給所有子節點權限)
curator修改節點的權限
1.2 關鍵代碼
- curator新增節點時附帶權限
String nodePath = "/acl/father/child/sub"; List<ACL> acls = new ArrayList<ACL>(); Id imooc1 = new Id("digest", AclUtils.getDigestUserPwd("imooc1:123456")); Id imooc2 = new Id("digest", AclUtils.getDigestUserPwd("imooc2:123456")); acls.add(new ACL(Perms.ALL, imooc1)); acls.add(new ACL(Perms.READ, imooc2)); acls.add(new ACL(Perms.DELETE | Perms.CREATE, imooc2)); //遞歸創建子節點creatingParentsIfNeeded() //遞歸給子節點權限 withACL(acls, true) // 創建節點 byte[] data = "spiderman".getBytes(); cto.client.create().creatingParentsIfNeeded() .withMode(CreateMode.PERSISTENT) .withACL(acls, true) .forPath(nodePath, data);
- curator修改節點的權限
cto.client.setACL().withACL(acls).forPath("/acl/father/child/sub");
2 課程內容
3 Coding
3.1 curator新增節點時附帶權限(遞歸給所有子節點權限)
- 啓動服務端
進入到
cd /usr/local/zookeeper/bin
重啓zookeeper服務端
./zkServer.sh restart
- 主類
package com.imooc.curator; import java.util.ArrayList; import java.util.List; import org.apache.curator.RetryPolicy; import org.apache.curator.framework.CuratorFramework; import org.apache.curator.framework.CuratorFrameworkFactory; import org.apache.curator.retry.RetryNTimes; import org.apache.zookeeper.CreateMode; import org.apache.zookeeper.ZooDefs.Ids; import org.apache.zookeeper.ZooDefs.Perms; import org.apache.zookeeper.data.ACL; import org.apache.zookeeper.data.Id; import com.imooc.utils.AclUtils; public class CuratorAcl { public CuratorFramework client = null; public static final String zkServerPath = "172.26.139.4:2181"; public CuratorAcl() { RetryPolicy retryPolicy = new RetryNTimes(3, 5000); client = CuratorFrameworkFactory.builder().authorization("digest", "imooc1:123456".getBytes()) .connectString(zkServerPath) .sessionTimeoutMs(10000).retryPolicy(retryPolicy) .namespace("workspace").build(); client.start(); } public void closeZKClient() { if (client != null) { this.client.close(); } } public static void main(String[] args) throws Exception { // 實例化 CuratorAcl cto = new CuratorAcl(); boolean isZkCuratorStarted = cto.client.isStarted(); System.out.println("當前客戶的狀態:" + (isZkCuratorStarted ? "連接中" : "已關閉")); String nodePath = "/acl/father/child/sub"; List<ACL> acls = new ArrayList<ACL>(); Id imooc1 = new Id("digest", AclUtils.getDigestUserPwd("imooc1:123456")); Id imooc2 = new Id("digest", AclUtils.getDigestUserPwd("imooc2:123456")); acls.add(new ACL(Perms.ALL, imooc1)); acls.add(new ACL(Perms.READ, imooc2)); acls.add(new ACL(Perms.DELETE | Perms.CREATE, imooc2)); // 創建節點 byte[] data = "spiderman".getBytes(); cto.client.create().creatingParentsIfNeeded() .withMode(CreateMode.PERSISTENT) .withACL(acls, true) .forPath(nodePath, data); //cto.client.setACL().withACL(acls).forPath("/curatorNode"); // 更新節點數據 // byte[] newData = "batman".getBytes(); // cto.client.setData().withVersion(0).forPath(nodePath, newData); // 刪除節點 // cto.client.delete().guaranteed().deletingChildrenIfNeeded().withVersion(0).forPath(nodePath); // 讀取節點數據 // Stat stat = new Stat(); // byte[] data = cto.client.getData().storingStatIn(stat).forPath(nodePath); // System.out.println("節點" + nodePath + "的數據爲: " + new String(data)); // System.out.println("該節點的版本號爲: " + stat.getVersion()); cto.closeZKClient(); boolean isZkCuratorStarted2 = cto.client.isStarted(); System.out.println("當前客戶的狀態:" + (isZkCuratorStarted2 ? "連接中" : "已關閉")); } }
- linux客戶端驗證子節點權限
--啓動linux客戶端 zkCli.sh [zk: localhost:2181(CONNECTED) 5] getAcl /workspace 'world,'anyone : cdrwa --開始驗證 [zk: localhost:2181(CONNECTED) 4] getAcl /workspace/acl 'digest,'imooc1:ee8R/pr2P4sGnQYNGyw2M5S5IMU= : cdrwa 'digest,'imooc2:eBdFG0gQw0YArfEFDCRP3LzIp6k= : r 'digest,'imooc2:eBdFG0gQw0YArfEFDCRP3LzIp6k= : cd [zk: localhost:2181(CONNECTED) 6] getAcl /workspace/acl/father 'digest,'imooc1:ee8R/pr2P4sGnQYNGyw2M5S5IMU= : cdrwa 'digest,'imooc2:eBdFG0gQw0YArfEFDCRP3LzIp6k= : r 'digest,'imooc2:eBdFG0gQw0YArfEFDCRP3LzIp6k= : cd [zk: localhost:2181(CONNECTED) 7] getAcl /workspace/acl/father/child 'digest,'imooc1:ee8R/pr2P4sGnQYNGyw2M5S5IMU= : cdrwa 'digest,'imooc2:eBdFG0gQw0YArfEFDCRP3LzIp6k= : r 'digest,'imooc2:eBdFG0gQw0YArfEFDCRP3LzIp6k= : cd [zk: localhost:2181(CONNECTED) 8] getAcl /workspace/acl/father/child/sub 'digest,'imooc1:ee8R/pr2P4sGnQYNGyw2M5S5IMU= : cdrwa 'digest,'imooc2:eBdFG0gQw0YArfEFDCRP3LzIp6k= : r 'digest,'imooc2:eBdFG0gQw0YArfEFDCRP3LzIp6k= : cd [zk: localhost:2181(CONNECTED) 9]
3.2 curator修改節點權限
- 啓動服務端
進入到
cd /usr/local/zookeeper/bin
重啓zookeeper服務端
./zkServer.sh restart
- 主類
package com.imooc.curator; import java.util.ArrayList; import java.util.List; import org.apache.curator.RetryPolicy; import org.apache.curator.framework.CuratorFramework; import org.apache.curator.framework.CuratorFrameworkFactory; import org.apache.curator.retry.RetryNTimes; import org.apache.zookeeper.CreateMode; import org.apache.zookeeper.ZooDefs.Ids; import org.apache.zookeeper.ZooDefs.Perms; import org.apache.zookeeper.data.ACL; import org.apache.zookeeper.data.Id; import com.imooc.utils.AclUtils; public class CuratorAcl { public CuratorFramework client = null; public static final String zkServerPath = "172.26.139.4:2181"; public CuratorAcl() { RetryPolicy retryPolicy = new RetryNTimes(3, 5000); client = CuratorFrameworkFactory.builder().authorization("digest", "imooc1:123456".getBytes()) .connectString(zkServerPath) .sessionTimeoutMs(10000).retryPolicy(retryPolicy) .namespace("workspace").build(); client.start(); } public void closeZKClient() { if (client != null) { this.client.close(); } } public static void main(String[] args) throws Exception { // 實例化 CuratorAcl cto = new CuratorAcl(); boolean isZkCuratorStarted = cto.client.isStarted(); System.out.println("當前客戶的狀態:" + (isZkCuratorStarted ? "連接中" : "已關閉")); String nodePath = "/acl/father/child/sub"; List<ACL> acls = new ArrayList<ACL>(); Id imooc1 = new Id("digest", AclUtils.getDigestUserPwd("imooc1:123456")); Id imooc2 = new Id("digest", AclUtils.getDigestUserPwd("imooc2:123456")); acls.add(new ACL(Perms.ALL, imooc1)); //acls.add(new ACL(Perms.READ, imooc2)); //acls.add(new ACL(Perms.DELETE | Perms.CREATE, imooc2)); // 創建節點 // byte[] data = "spiderman".getBytes(); // cto.client.create().creatingParentsIfNeeded() // .withMode(CreateMode.PERSISTENT) // .withACL(acls, true) // .forPath(nodePath, data); cto.client.setACL().withACL(acls).forPath("/acl/father/child/sub"); // 更新節點數據 // byte[] newData = "batman".getBytes(); // cto.client.setData().withVersion(0).forPath(nodePath, newData); // 刪除節點 // cto.client.delete().guaranteed().deletingChildrenIfNeeded().withVersion(0).forPath(nodePath); // 讀取節點數據 // Stat stat = new Stat(); // byte[] data = cto.client.getData().storingStatIn(stat).forPath(nodePath); // System.out.println("節點" + nodePath + "的數據爲: " + new String(data)); // System.out.println("該節點的版本號爲: " + stat.getVersion()); cto.closeZKClient(); boolean isZkCuratorStarted2 = cto.client.isStarted(); System.out.println("當前客戶的狀態:" + (isZkCuratorStarted2 ? "連接中" : "已關閉")); } }
- linux客戶端驗證子節點權限
--啓動linux客戶端 zkCli.sh --開始驗證 [zk: localhost:2181(CONNECTED) 9] getAcl /workspace/acl/father/child/sub 'digest,'imooc1:ee8R/pr2P4sGnQYNGyw2M5S5IMU= : cdrwa [zk: localhost:2181(CONNECTED) 10]