背景
在生产环境中使用Clickhouse被检查出zookeeper无认证,需要添加认证以保证安全。
操作过程
首先在官方文档中查找,在配置参数设置 找到相关配置。
<zookeeper>
<node>
<host>example1</host>
<port>2181</port>
</node>
<node>
<host>example2</host>
<port>2181</port>
</node>
<session_timeout_ms>30000</session_timeout_ms>
<operation_timeout_ms>10000</operation_timeout_ms>
<!-- Optional. Chroot suffix. Should exist. -->
<root>/path/to/zookeeper/node</root>
<!-- 这里密码是明文 -->
<!-- Optional. Zookeeper digest ACL string. -->
<identity>user:password</identity>
</zookeeper>官方参数定义:
session_timeout — Maximum timeout for the client session in milliseconds.
root — The znode that is used as the root for znodes used by the ClickHouse server. Optional.
identity — User and password, that can be required by ZooKeeper to give access to requested znodes. Optional.常见问题
- zookeeper 是否添加相关权限
# 添加账号密码 addauth digest clickhouse:myPassword # 授权 setAcl / auth:clickhouse:myPassword:cdrwa - 配置问题
- 是否正确配置账号密码
- 配置完成需要重启才生效