用户权限
用户权限
Hubble用户密码采用htpasswd用于创建、更新储存用户名和密码文件。
用户添加
进入conf/目录下执行
htpasswd -B -C 10 hubble_password user2[hubble@hubble01 conf]$ htpasswd -B -C 10 hubble_password user2
New password:
Re-type new password:
Adding password for user user2
[hubble@hubble01 conf]$ cat hubble_password
hubble:$2y$10$MTQ6cSV.yw83/0G1XyTRHOWTB7Fw9EbTb3oeIlMqb2RKNJ.X9a9q6
zhaol:$2y$10$vg26N3hypG9S2Qmq.n6TK.gLb8LGeIZT2QZAht5BhosaxoAXUvJpq
user2:$2y$10$YpVD3wiuUZXxJVX8PqHJ9ehn.J1l4/0bz9o50Me33t9bUpLV0cSZ6
[hubble@hubble01 conf]$
注意:
修改密码执行上面语句,则可以直接更新密码
删除用户,执行删除hubble_password中对应的的记录
给用户授权
授权统一使用conf/hubble_access.json进行权限管控,默认管控权限由hubble账户来执行。
{
"schemas": [
{
"user": "hubble",
"catalog":".*",
"schema": ".*",
"owner": true
},
{
"user": "zhaol",
"catalog":"(hubble|system)",
"schema": "zl",
"owner": true
},
{
"user": "(user1|user2|user3)",
"catalog":"(hubble|system)",
"schema": "zl2",
"owner": true
}
],
"tables": [
{
"user": "hubble",
"catalog":".*",
"schema": ".*",
"table": ".*",
"privileges": ["SELECT","INSERT"," DELETE", "UPDATE", "OWNERSHIP","GRANT_SELECT"]
},
{
"user": "(user1|user2|user3)",
"catalog":"hubble",
"schema": "zl2",
"table": ".*",
"privileges": ["SELECT", "INSERT", "DELETE","UPDATE", "OWNERSHIP","GRANT_SELECT"]
},
{
"user": "zhaol",
"catalog":"hubble",
"schema": "(zl|zl3)",
"table": ".*",
"privileges": ["SELECT","INSERT"," DELETE", "UPDATE", "OWNERSHIP","GRANT_SELECT"]
},
{
"user": "(zhaol|user1|user2|user3)",
"catalog":"system",
"schema": ".*",
"table": ".*",
"privileges": ["SELECT"]
}
]
}授权参考user 中的配置 user1 或者zhaol
资源管理
{
"rootGroups": [
{
"name": "hubble_g",
"softMemoryLimit": "80%",
"maxQueued": 100,
"hardConcurrencyLimit": 20,
"schedulingPolicy": "query_priority",
"jmxExport": true
},
{
"name": "zhaol_g",
"softMemoryLimit": "30%",
"maxQueued": 5,
"hardConcurrencyLimit": 2,
"schedulingPolicy": "query_priority",
"jmxExport": true
},
{
"name": "zzfx",
"softMemoryLimit": "30%",
"maxQueued": 1000,
"hardConcurrencyLimit": 50,
"schedulingPolicy": "query_priority",
"jmxExport": true
},
{
"name": "any",
"softMemoryLimit": "20%",
"maxQueued": 1000,
"hardConcurrencyLimit": 50,
"schedulingPolicy": "query_priority",
"jmxExport": true
}
],
"selectors": [
{
"user": "hubble",
"group": "hubble_g"
},
{
"user": "zhaol",
"group": "zhaol_g"
},
{
"user": "user1",
"group": "zzfx"
},
{
"group": "any"
}
]
}rootGroups 为资源控制 ,资源池可用的内存多少,以及任务并行度和队列
"name": "hubble_g", --资源组名 "softMemoryLimit": "20%", --资源组可使用的最大分配内存 "maxQueued": 100, --最大队列数 "hardConcurrencyLimit": 20, --最多任务并行数 "schedulingPolicy": "query_priority", --优先级 保持默认 "jmxExport": trueselectors 为选择器规则 指定用户可以访问什么资源
{ "user": "hubble", --用户 "group": "hubble_g" --资源组名 }{ "group": "any" }
该选择器,用于未指定的用户使用