ZooKeeper之常用命令大全
1. Linux开启客户端使用的命令./zkCli.sh[root@centos7 bin]# ./zkCli.sh..........[zk: localhost:2181(CONNECTED) 0]2. ls与ls2的区别ls:是只查看节点ls2;是查看节点和状态信息,新版本zookeeper使用命令:`ls -s path` 取代ls2命令。[zk: localhost:2181(CONNE
1. Linux开启客户端使用的命令
./zkCli.sh
[root@centos7 bin]# ./zkCli.sh
..........
[zk: localhost:2181(CONNECTED) 0]
2. ls与ls2的区别
ls:是只查看节点
ls2;是查看节点和状态信息,新版本zookeeper使用命令:`ls -s path` 取代ls2命令。
[zk: localhost:2181(CONNECTED) 7] ls /
[zookeeper]
[zk: localhost:2181(CONNECTED) 9] ls -s /
[zookeeper]
cZxid = 0x0
ctime = Thu Jan 01 08:00:00 CST 1970
mZxid = 0x0
mtime = Thu Jan 01 08:00:00 CST 1970
pZxid = 0x0
cversion = -1
dataVersion = 0
aclVersion = 0
ephemeralOwner = 0x0
dataLength = 0
numChildren = 1
3. get与stat命令
stat:它是status单词的缩写,主要是查看节点的状态信息。
get:取出当前节点的数据。
[zk: localhost:2181(CONNECTED) 10] stat /
cZxid = 0x0
ctime = Thu Jan 01 08:00:00 CST 1970
mZxid = 0x0
mtime = Thu Jan 01 08:00:00 CST 1970
pZxid = 0x0
cversion = -1
dataVersion = 0
aclVersion = 0
ephemeralOwner = 0x0
dataLength = 0
numChildren = 1
[zk: localhost:2181(CONNECTED) 11] get /
cZxid = 0x0
ctime = Thu Jan 01 08:00:00 CST 1970
mZxid = 0x0
mtime = Thu Jan 01 08:00:00 CST 1970
pZxid = 0x0
cversion = -1
dataVersion = 0
aclVersion = 0
ephemeralOwner = 0x0
dataLength = 0
numChildren = 1
状态信息说明:
- cZxid:ZooKeeper为节点分配的id;
- ctime:节点的创建时间;
- mZxid:修改ZooKeeper分配的id;
- mtime:节点的修改时间;
- pZxid:子节点的id;
- cversion:子节点的version;
- dataversion:当前节点数据的版本号;
- aclversion:指权限版本的变化;
- ephemeralOwner:如果值为0x0则节点为持久节点,反之则为临时节点;
- dataLength:指数据的长度;
- numChildren:当前节点下有多少个子节点。
4. ZK特性之session基本原理
- 客户端与服务端之间的连接存在会话
- 每个会话都会可以设置一个超时时间
- 心跳结束,session则过期
- Session过期,则临时节点znode会被抛弃
- 心跳机制:客户端向服务端的ping包请求
5. create命令
创建操作
create [-s] [-e] path data acl
选参说明:
- -s:创建顺序节点
- -e:创建临时节点
创建默认节点语法:
create /节点路径 节点数据
[zk: localhost:2181(CONNECTED) 1] create /test test-data
Created /test
创建临时节点语法:
create -e /节点路径 节点数据
[zk: localhost:2181(CONNECTED) 3] create -e /test/test2 test-data2
Created /test/test2
[zk: localhost:2181(CONNECTED) 4] get /test/test2
test-data2
创建顺序节点语法:
create -s /节点路径 节点数据
设置的节点路径会被重命名为序列数
[zk: localhost:2181(CONNECTED) 5] create -s /test/sec seq
Created /test/sec0000000001
[zk: localhost:2181(CONNECTED) 8] get /test/sec0000000001
seq
如何删除临时节点?
如果客户端不与服务端连接,则节点的心跳机制也会停止(心跳机制也有时间段的,不是说客户端不与服务端连接就马上停止,得过了心跳机制设置的时间才会停止),ZooKeeper也会自动删除临时节点。
6. set命令
修改操作
set path data [version]
[zk: localhost:2181(CONNECTED) 9] get /test
test-data
[zk: localhost:2181(CONNECTED) 10] set /test new-data
[zk: localhost:2181(CONNECTED) 12] get /test
new-data
7. delete命令
删除操作
delete path [version]
[zk: localhost:2181(CONNECTED) 21] delete /test/sec0000000001
[zk: localhost:2181(CONNECTED) 22] ls /test
[test2]
8. ZK特性之watch机制
- 针对每个节点的操作,都会有一个监督者→wathcer
- 当监控的某个对象( znode )发生了变化,则触发watcher事件
- zk中的watcher是一次性的,触发后立即销毁(可以设置为永久型)
- 父节点,子节点增删改都能够触发其watcher
- 针对不同类型的操作,触发的watcher事件也不同︰
1.(子)节点创建事件
2.(子)节点删除事件
3.(子)节点数据变化事件
9. Watch命令
通过get path [watch]设置watcher
9.1 父节点操作
创建父节点触发:NodeCreated
[zk: localhost:2181(CONNECTED) 4] stat /test2 watch
'stat path [watch]' has been deprecated. Please use 'stat [-w] path' instead.
Node does not exist: /test2
[zk: localhost:2181(CONNECTED) 5] create /test2 123
WATCHER::
WatchedEvent state:SyncConnected type:NodeCreated path:/test2
Created /test2
修改父节点数据触发:NodeDataChanged
[zk: localhost:2181(CONNECTED) 13] get /test2 watch
'get path [watch]' has been deprecated. Please use 'get [-s] [-w] path' instead.
123
[zk: localhost:2181(CONNECTED) 14] set /test2 789
WATCHER::
WatchedEvent state:SyncConnected type:NodeDataChanged path:/test2
删除父节点触发:NodeDeleted
[zk: localhost:2181(CONNECTED) 15] get /test2 watch
'get path [watch]' has been deprecated. Please use 'get [-s] [-w] path' instead.
789
[zk: localhost:2181(CONNECTED) 16] delete /test2
WATCHER::
WatchedEvent state:SyncConnected type:NodeDeleted path:/test2
9.2 子节点操作
ls 为父节点设置watcher,创建子节点触发∶NodeChildrenChanged
[zk: localhost:2181(CONNECTED) 0] ls /
[test, zookeeper]
[zk: localhost:2181(CONNECTED) 1] ls /test
[]
[zk: localhost:2181(CONNECTED) 2] ls /test watch
'ls path [watch]' has been deprecated. Please use 'ls [-w] path' instead.
[]
[zk: localhost:2181(CONNECTED) 4] create /test/abc 88
WATCHER::
WatchedEvent state:SyncConnected type:NodeChildrenChanged path:/test
Created /test/abc
ls 为父节点设置watcher,删除子节点触发:NodeChildrenChanged
[zk: localhost:2181(CONNECTED) 6] ls /test watch
'ls path [watch]' has been deprecated. Please use 'ls [-w] path' instead.
[abc]
[zk: localhost:2181(CONNECTED) 7] delete /test/abc
WATCHER::
WatchedEvent state:SyncConnected type:NodeChildrenChanged path:/test
Is 为父节点设置watcher,修改子节点不触发事件
下面例子,我们是把xyz当成子节点来设置
[zk: localhost:2181(CONNECTED) 9] create /test/xyz 99
Created /test/xyz
[zk: localhost:2181(CONNECTED) 10] ls /test watch
'ls path [watch]' has been deprecated. Please use 'ls [-w] path' instead.
[xyz]
[zk: localhost:2181(CONNECTED) 11] set /test/xyz 9090
[zk: localhost:2181(CONNECTED) 13] get /test/xyz
9090
下面例子,我们是把xyz当成父节点来设置,这样就可以触发子节点
[zk: localhost:2181(CONNECTED) 15] get /test/xyz watch
'get path [watch]' has been deprecated. Please use 'get [-s] [-w] path' instead.
9090
[zk: localhost:2181(CONNECTED) 17] set /test/xyz 8080
WATCHER::
WatchedEvent state:SyncConnected type:NodeDataChanged path:/test/xyz
9.3 Watcher使用场景
- 统一资源配置
10. ACL
ACL(access control lists)权限控制
- 针对节点可以设置相关读写等权限,目的为了保障数据安全性
- 权限permissions可以指定不同的权限范围以及角色
11. ACL命令
11.1 acl语法
- getAcl:获取某个节点的acl权限信息
- setAcl :设置某个节点的acl权限信息
- addauth :输入认证授权信息,注册时输入明文密码(登录)但是在zk的系统里,密码是以加密的形式存在的
查看默认的形式:
[zk: localhost:2181(CONNECTED) 4] create /test/abc 123
Created /test/abc
[zk: localhost:2181(CONNECTED) 6] getAcl /test/abc
'world,'anyone
: cdrwa
11.2 acl总体构成
zk的acl通过[scheme : id : permissions]来构成权限列表
- scheme :代表采用的某种权限机制
- id:代表允许访问的用户
- permissions:权限组合字符串
11.3 acl的构成-scheme与id
-
scheme:
- world : world下只有一个id,即只有一个用户,也就是anyone,那么组合的写法就是world:anyone:[permissions]
- auth :代表认证登录,需要注册用户有权限就可以,使用的是明文密码,形式为auth:user:password:[permissions]
- digest :需要对密码加密才能访问,使用的是加密密码,组合形式为
digest: username:BASE64(SHA1(password)) :[permissions] - ip :当设置为ip指定的ip地址,此时限制ip进行访问,比如ip:192.168.1.1:[permissions]
- super:代表超级管理员,拥有所有的权限
-
id:
- 默认为anyone
11.3.1 word
查看默认权限
[zk: localhost:2181(CONNECTED) 2] create /test/ab 888
Created /test/ab
[zk: localhost:2181(CONNECTED) 3] getAcl /test/ab
'world,'anyone
: cdrwa
设置word
[zk: localhost:2181(CONNECTED) 9] setAcl /test/ab world:anyone:crwa
[zk: localhost:2181(CONNECTED) 10] getAcl /test/ab
'world,'anyone
: crwa
[zk: localhost:2181(CONNECTED) 11] create /test/ab/xyz 123
Created /test/ab/xyz
[zk: localhost:2181(CONNECTED) 12] delete /test/ab/xyz
Insufficient permission : /test/ab/xyz
[zk: localhost:2181(CONNECTED) 15] setAcl /test/ab world:anyone:rda
[zk: localhost:2181(CONNECTED) 16] getAcl /test/ab
'world,'anyone
: dra
[zk: localhost:2181(CONNECTED) 17] delete /test/ab/xyz
[zk: localhost:2181(CONNECTED) 19] setAcl /test/ab world:anyone:a
[zk: localhost:2181(CONNECTED) 20] set /test/ab 123
Insufficient permission : /test/ab
[zk: localhost:2181(CONNECTED) 21] setAcl /test/ab world:anyone:wa
[zk: localhost:2181(CONNECTED) 22] getAcl /test/ab
'world,'anyone
: wa
[zk: localhost:2181(CONNECTED) 23] set /test/ab 123
[zk: localhost:2181(CONNECTED) 24] get /test/ab
Insufficient permission : /test/ab
[zk: localhost:2181(CONNECTED) 26] setAcl /test/ab world:anyone:rwa
[zk: localhost:2181(CONNECTED) 27] get /test/ab
123
11.3.2 auth
[zk: localhost:2181(CONNECTED) 2] create /names
Created /names
[zk: localhost:2181(CONNECTED) 3] create /names/test test
Created /names/test
[zk: localhost:2181(CONNECTED) 4] getAcl /names/test
'world,'anyone
: cdrwa
[zk: localhost:2181(CONNECTED) 5] setAcl /names/test auth:test:test:crdwa
Acl is not valid : /names/test
[zk: localhost:2181(CONNECTED) 6] addauth digest test:test
[zk: localhost:2181(CONNECTED) 7] setAcl /names/test auth:test:test:crdwa
[zk: localhost:2181(CONNECTED) 8] getAcl /names/test
'digest,'test:V28q/NynI4JI3Rk54h0r8O5kMug=
: cdrwa
[zk: localhost:2181(CONNECTED) 11] setAcl /names/test auth:wer:wer:crdwa
#此时发现这里的密码跟上次是一样的,主要是系统是按照默认的设置来的,即addauth digest test:test
[zk: localhost:2181(CONNECTED) 12] getAcl /names/test
'digest,'test:V28q/NynI4JI3Rk54h0r8O5kMug=
: cdrwa
[zk: localhost:2181(CONNECTED) 13] setAcl /names/test auth::crdwa #可以采用匿名的方式设置,按照默认值来处理
[zk: localhost:2181(CONNECTED) 14] getAcl /names/test
'digest,'test:V28q/NynI4JI3Rk54h0r8O5kMug=
: cdrwa
11.3.3 digest
[zk: localhost:2181(CONNECTED) 3] ls /names
[]
[zk: localhost:2181(CONNECTED) 4] create /names/test ttt
Created /names/test
[zk: localhost:2181(CONNECTED) 5] getAcl /names/test
'world,'anyone
: cdrwa
[zk: localhost:2181(CONNECTED) 9] setAcl /names/test digest:test:V28q/NynI4JI3Rk54h0r8O5kMug=:crda
[zk: localhost:2181(CONNECTED) 12] getAcl /names/test
Insufficient permission : /names/test
[zk: localhost:2181(CONNECTED) 15] addauth digest test:test
[zk: localhost:2181(CONNECTED) 16] getAcl /names/test
'digest,'test:V28q/NynI4JI3Rk54h0r8O5kMug=
: cdra
11.3.4 ip
[zk: localhost:2181(CONNECTED) 6] create /names/ip ip
Created /names/ip
[zk: localhost:2181(CONNECTED) 7] get /names/ip
ip
[zk: localhost:2181(CONNECTED) 8] getAcl /names/ip
'world,'anyone
: cdrwa
[zk: localhost:2181(CONNECTED) 9] setAcl /names/ip ip:192.168.1.X:crwda
[zk: localhost:2181(CONNECTED) 10] getAcl /names/ip
Insufficient permission : /names/ip
11.3.5 super
使用super命令前需要设置:
- 1、修改zkServer.sh增加super管理员
- 2、重启zkServer.sh
"zookeeper.DigestAuthenticationProvider.superDigest=test:V28q/NynI4JI3Rk54h0r8O5kMug="
[root@centos7 bin]# vim zkServer.sh
......
[root@centos7 bin]# ./zkServe.sh restart
[zk: localhost:2181(CONNECTED) 0] ls /
[names, test, zookeeper]
[zk: localhost:2181(CONNECTED) 1] ls /names/ip
Insufficient permission : /names/ip
[zk: localhost:2181(CONNECTED) 2] get /names/ip
Insufficient permission : /names/ip
[zk: localhost:2181(CONNECTED) 3] getAcl /names/ip
Insufficient permission : /names/ip
[zk: localhost:2181(CONNECTED) 4] addauth digest test:test
[zk: localhost:2181(CONNECTED) 5] ls /names/ip
[]
[zk: localhost:2181(CONNECTED) 6] get /names/ip
ip
[zk: localhost:2181(CONNECTED) 7] getAcl /names/ip
'ip,'192.168.1.X
: cdrwa
11.4 acl的构成-permissions
权限字符串缩写crdwa
- CREATE:创建子节点
- READ:获取节点/子节点
- DELETE:删除子节点
- WRITE:设置节点数据
- ADMIN:设置权限
11.5 ACL使用场景
- 开发/测试环境分离,开发者无权操作测试库的节点,只能看
- 生产环境上控制指定ip的服务可以访问相关节点,防止混乱
12.ZooKeeper四字命令
- zk可以通过它自身提供的简写命令来和服务器进行交互
- 需要使用到nc命令,安装:yum install nc
echo [commond] | nc [ip] [port]
官网了解四字命令:https://zookeeper.apache.org/doc/r3.7.0/zookeeperAdmin.html#sc_4lw
12.1 stat命令
- [stat]查看zk的状态信息,以及是否mode
[root@centos7 ~]# echo stat | nc 192.168.XX.XX 2181
stat is not executed because it is not in the whitelist.
出现上面这个问题表示有可能配置中未开启四字命令
在/conf/zoo.fig配置
[root@centos7 conf]# vim zoo.cfg
......
#开启四字命令
4lw.commands.whitelist=*
记得重启服务!
[root@centos7 bin]# echo stat | nc 192.168.1.21 2181
Zookeeper version: 3.6.3--6401e4ad2087061bc6b9f80dec2d69f2e3c8660a, built on 04/08/2021 16:35 GMT
Clients:
/192.168.1.21:37778[0](queued=0,recved=1,sent=0)
Latency min/avg/max: 0/0.0/0
Received: 1
Sent: 0
Connections: 1
Outstanding: 0
Zxid: 0x54
Mode: standalone
Node count: 10
12.2 ruok命令
- [ruok]查看当前zkserver是否启动,返回imok
[root@centos7 ~]# echo ruok | nc localhost 2181
imok[root@centos7 ~]#
12.3 dump命令
- [dump]列出未经处理的会话和临时节点
[root@centos7 ~]# echo dump | nc localhost 2181
SessionTracker dump:
Session Sets (1)/(1):
1 expire at Sun Jun 06 17:45:03 CST 2021:
0x100014251cf0001
ephemeral nodes dump:
Sessions with Ephemerals (0):
Connections dump:
Connections Sets (3)/(2):
0 expire at Sun Jun 06 17:44:45 CST 2021:
1 expire at Sun Jun 06 17:44:55 CST 2021:
ip: /0:0:0:0:0:0:0:1:39030 sessionId: 0x0
1 expire at Sun Jun 06 17:45:05 CST 2021:
ip: /0:0:0:0:0:0:0:1:39028 sessionId: 0x100014251cf0001
在客户端创建临时节点,用dump命令查看:
[root@centos7 ~]# echo dump | nc localhost 2181
SessionTracker dump:
Session Sets (4)/(1):
0 expire at Sun Jun 06 17:46:47 CST 2021:
0 expire at Sun Jun 06 17:46:55 CST 2021:
0 expire at Sun Jun 06 17:47:05 CST 2021:
1 expire at Sun Jun 06 17:47:11 CST 2021:
0x100014251cf0001
ephemeral nodes dump:
Sessions with Ephemerals (1):
0x100014251cf0001:
/names/rom
/names/tmp-dump
Connections dump:
Connections Sets (3)/(2):
0 expire at Sun Jun 06 17:46:55 CST 2021:
1 expire at Sun Jun 06 17:47:05 CST 2021:
ip: /0:0:0:0:0:0:0:1:39032 sessionId: 0x0
1 expire at Sun Jun 06 17:47:15 CST 2021:
ip: /0:0:0:0:0:0:0:1:39028 sessionId: 0x100014251cf0001
12.4 conf命令
- [conf] 查看服务器配置
[root@centos7 ~]# echo conf | nc localhost 2181
clientPort=2181
secureClientPort=-1
dataDir=/usr/local/zookeeper/dataDir/version-2
dataDirSize=268435520
dataLogDir=/usr/local/zookeeper/dataLogDir/version-2
dataLogSize=3105
tickTime=2000
maxClientCnxns=60
minSessionTimeout=4000
maxSessionTimeout=40000
clientPortListenBacklog=-1
serverId=0
12.5 cons命令
- [cons]展示连接到服务器的客户端信息
[root@centos7 ~]# echo cons | nc localhost 2181
/0:0:0:0:0:0:0:1:39028[1](queued=0,recved=35,sent=35,sid=0x100014251cf0001,lop=PING,est=1622972672134,to=30000,lcxid=0x3,lzxid=0x59,lresp=21984638,llat=0,minlat=0,avglat=1,maxlat=14)
/0:0:0:0:0:0:0:1:39036[0](queued=0,recved=1,sent=0)
12.6 envi命令
- [envi] 环境变量
[root@centos7 ~]# echo envi | nc localhost 2181
Environment:
zookeeper.version=3.6.3--6401e4ad2087061bc6b9f80dec2d69f2e3c8660a, built on 04/08/2021 16:35 GMT
host.name=ec2-3-223-115-185.compute-1.amazonaws.com
java.version=1.8.0_60
java.vendor=Oracle Corporation
java.home=/usr/java/jdk1.8.0_60/jre
......
12.7 mntr命令
- [mntr]监控zk健康信息
[root@centos7 ~]# echo mntr | nc localhost 2181
zk_version 3.6.3--6401e4ad2087061bc6b9f80dec2d69f2e3c8660a, built on 04/08/2021 16:35 GMT
zk_server_state standalone
zk_ephemerals_count 2
zk_num_alive_connections 2
zk_avg_latency 1.6491
zk_outstanding_requests 0
zk_znode_count 12
zk_global_sessions 1
zk_non_mtls_remote_conn_count 0
zk_last_client_response_size 16
zk_packets_sent 66
zk_packets_received 67
zk_max_client_response_size 118
zk_connection_drop_probability 0.0
zk_watch_count 0
......
12.8 wchs命令
- [wchs]展示watch的信息
[root@centos7 ~]# echo wchs | nc localhost 2181
0 connections watching 0 paths
Total watches:0
12.9 wchc与wchp命令
- [wchc] 与[wchp] :session与watch及 path与watch信息
[root@centos7 ~]# echo wchc | nc localhost 2181
[root@centos7 ~]# echo wchp | nc localhost 2181
更多推荐
所有评论(0)