Hadoop 1.2.1 安装笔记01 : Linux 与免密码
目标: 配置一个hadoop 1.2.1 测试环境
用的JDK是: jdk-7u65-linux-x64.gz
选的hadoop 是: hadoop-1.2.1.tar.gz
均来源Apache和oracle网站
主机规划:
Linux版本 : Centos 6.5 x64位
/boot:用来存放与Linux系统启动有关的程序,比如启动引导装载程序等,建议大小为100MB。
/usr:用来存放Linux系统中的应用程序,其相关数据较多,建议大于3GB以上。
/var:用来存放Linux系统中经常变化的数据以及日志文件,建议大于1GB以上。
/home:存放普通用户的数据,是普通用户的宿主目录,建议大小为剩下的空间。
/:Linux系统的根目录,所有的目录都挂在这个目录下面,建议大小为5GB以上。
/tmp:将临时盘在独立的分区,可避免在文件系统被塞满时影响到系统的稳定性。建议大小为500MB以上。
swap:实现虚拟内存,建议大小是物理内存的1~2倍。
Boot Loader密码是 D*****2014
安装选择 Basic Server 不然所有的包得一个个打,确实很麻烦.
配置sudo ,赋予hadoop用户权限 ,并配置sudo免密
useradd hadoop
passwd hadoop
vi /etc/sudoers
root ALL=(ALL) ALL
hadoop ALL=(ALL) ALL 添加一行
hadoop ALL=(ALL) NOPASSWD: ALL 添加一行免密码
配置本机的解析
[hadoop@master /]$ cat /etc/hosts
10.15.5.200 master.hadoop
10.15.5.201 slave01.hadoop
10.15.5.202 slave02.hadoop
配置主机名
vi etc/sysconfig/network
HOSTNAME=master.hadoop
配置IP 地址
[hadoop@master /]$ cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
UUID=721f9261-45d5-4335-9b47-64459173b2a9
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
HWADDR=00:50:56:82:00:0F
IPADDR=10.15.5.200
PREFIX=24
GATEWAY=10.15.5.1
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
NAME="System eth0"
挂载 安装盘,以便所需要的安装包。打上ftp包 方便安装软件
[root@master home]# mount -t auto /dev/cdrom /home/cdrom
mount: block device /dev/sr0 is write-protected, mounting read-only
[root@master Packages]# rpm -ivh ftp-0.17-54.el6.x86_64.rpm
warning: ftp-0.17-54.el6.x86_64.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Preparing... ########################################### [100%]
1:ftp ########################################### [100%]
目标: master和slaves hadoop账户无密码互访
原理:
可以粗糙的理解为,我制造一把钥匙,把样子发给你,你在门禁系统里记下我钥匙的样子,我拿这把钥匙去开门时候你的门禁系统直接放行。
Master上,登录hadoop用户,并在/home/hadoop目录下操作
[hadoop@master ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/hadoop/.ssh/id_rsa):
Created directory ‘/home/hadoop/.ssh‘.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/hadoop/.ssh/id_rsa.
Your public key has been saved in /home/hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
8d:81:09:c8:45:3f:c0:fb:3b:a0:cf:95:b6:dd:e9:b1 [email protected]
The key‘s randomart image is:
+--[ RSA 2048]----+
| . == |
| o .+ o |
| .= . |
| . . + |
| . S . |
| . .. |
| . .+. . |
| .. ooo . + |
| .o ....E |
+-----------------+
该隐藏文件夹下,生成了一个 id_rsa.pub文件
[hadoop@master .ssh]$ ls -al /home/hadoop/.ssh
total 16
drwx------. 2 hadoop hadoop 4096 Jul 30 22:09 .
drwx------. 3 hadoop hadoop 4096 Jul 30 22:09 ..
-rw-------. 1 hadoop hadoop 1671 Jul 30 22:09 id_rsa
-rw-r--r--. 1 hadoop hadoop 402 Jul 30 22:09 id_rsa.pub
[hadoop@master .ssh]$ cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAugxDdYElWX8URmERVTPsNtSW2mZoEMZyzmIKEe3UQjMbgYOCx0jV15/vtnOXJf4K+S6hccajih2oemcC4BmMI99nFWcyd9zcrvfJvn/DZHnw0Yog6MyMd9Qw2BQWUL265dhW2FNCaECuyG2U1CxR0W9wZlVz54JlToCRX6yUvWZzzGqUw/oR3ZWE7pUpQiOHV0ZNypUtbWEw/zj7N01LbVskNLqyY164APIVfZBONPMXjs/H6B8/VcxsA0lDwAqndnMxJ1iQHFkMntNgqcLkhs8oAmvl+/A6NH2I0ZBW+VOCUIjbNKNRO9BKwGvUQUZGcKthEPU0jK5ErsS6RPBrmQ== [email protected]
把这个文件的内容,追加到 authorized_keys 的文件里
[hadoop@master .ssh]$ cat id_rsa.pub >> authorized_keys
[hadoop@master .ssh]$ ls
authorized_keys id_rsa id_rsa.pub
[hadoop@master .ssh]$ cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAugxDdYElWX8URmERVTPsNtSW2mZoEMZyzmIKEe3UQjMbgYOCx0jV15/vtnOXJf4K+S6hccajih2oemcC4BmMI99nFWcyd9zcrvfJvn/DZHnw0Yog6MyMd9Qw2BQWUL265dhW2FNCaECuyG2U1CxR0W9wZlVz54JlToCRX6yUvWZzzGqUw/oR3ZWE7pUpQiOHV0ZNypUtbWEw/zj7N01LbVskNLqyY164APIVfZBONPMXjs/H6B8/VcxsA0lDwAqndnMxJ1iQHFkMntNgqcLkhs8oAmvl+/A6NH2I0ZBW+VOCUIjbNKNRO9BKwGvUQUZGcKthEPU0jK5ErsS6RPBrmQ== [email protected]
此时需要修改authorized_keys的文件权限 ,不安全的设置安全设置,会让你不能使用RSA功能
[hadoop@master .ssh]$ ls -al
total 20
drwx------. 2 hadoop hadoop 4096 Jul 30 22:20 .
drwx------. 3 hadoop hadoop 4096 Jul 30 22:09 ..
-rw-rw-r--. 1 hadoop hadoop 402 Jul 30 22:20 authorized_keys
-rw-------. 1 hadoop hadoop 1671 Jul 30 22:09 id_rsa
-rw-r--r--. 1 hadoop hadoop 402 Jul 30 22:09 id_rsa.pub
[hadoop@master .ssh]$ sudo chmod 600 authorized_keys
[hadoop@master .ssh]$ ls -al
total 20
drwx------. 2 hadoop hadoop 4096 Jul 30 22:20 .
drwx------. 3 hadoop hadoop 4096 Jul 30 22:09 ..
-rw-------. 1 hadoop hadoop 402 Jul 30 22:20 authorized_keys
-rw-------. 1 hadoop hadoop 1671 Jul 30 22:09 id_rsa
-rw-r--r--. 1 hadoop hadoop 402 Jul 30 22:09 id_rsa.pub
修改 /etc/ssh/sshd_config 并且确认其中三个选项 然后sudo service sshd restart 服务
[hadoop@master .ssh]$ sudo cat /etc/ssh/sshd_config
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
在所有Slave上建立 .ssh文件夹,改变权限
[hadoop@slave02 ~]$ mkdir .ssh
[hadoop@slave02 ~]$ ls -al
total 32
drwx------. 3 hadoop hadoop 4096 Jul 30 22:47 .
drwxr-xr-x. 4 root root 4096 Jul 30 20:10 ..
-rw-------. 1 hadoop hadoop 401 Jul 30 20:58 .bash_history
-rw-r--r--. 1 hadoop hadoop 18 Jul 18 2013 .bash_logout
-rw-r--r--. 1 hadoop hadoop 176 Jul 18 2013 .bash_profile
-rw-r--r--. 1 hadoop hadoop 124 Jul 18 2013 .bashrc
drwxrwxr-x. 2 hadoop hadoop 4096 Jul 30 22:47 .ssh
-rw-------. 1 hadoop hadoop 557 Jul 30 20:28 .viminfo
[hadoop@slave02 ~]$ sudo chmod 700 .ssh
[hadoop@slave02 ~]$ ls -al
total 32
drwx------. 3 hadoop hadoop 4096 Jul 30 22:47 .
drwxr-xr-x. 4 root root 4096 Jul 30 20:10 ..
-rw-------. 1 hadoop hadoop 401 Jul 30 20:58 .bash_history
-rw-r--r--. 1 hadoop hadoop 18 Jul 18 2013 .bash_logout
-rw-r--r--. 1 hadoop hadoop 176 Jul 18 2013 .bash_profile
-rw-r--r--. 1 hadoop hadoop 124 Jul 18 2013 .bashrc
drwx------. 2 hadoop hadoop 4096 Jul 30 22:47 .ssh
-rw-------. 1 hadoop hadoop 557 Jul 30 20:28 .viminfo
[hadoop@slave02 ~]$
把id_rsa.pub发送给slaves
[hadoop@master .ssh]$ scp id_rsa.pub [email protected]:/home/hadoop/.ssh/id_rsa_frommaster.pub
The authenticity of host ‘slave01.hadoop (10.15.5.201)‘ can‘t be established.
RSA key fingerprint is 76:14:2f:f9:d9:03:07:17:7c:d1:ad:1e:af:55:45:00.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘slave01.hadoop,10.15.5.201‘ (RSA) to the list of known hosts.
[email protected]‘s password:
id_rsa.pub 100% 402 0.4KB/s 00:00
[hadoop@master .ssh]$ scp id_rsa.pub [email protected]:/home/hadoop/.ssh/id_rsa_frommaster.pub
The authenticity of host ‘slave02.hadoop (10.15.5.202)‘ can‘t be established.
RSA key fingerprint is 76:14:2f:f9:d9:03:07:17:7c:d1:ad:1e:af:55:45:00.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘slave02.hadoop,10.15.5.202‘ (RSA) to the list of known hosts.
[email protected]‘s password:
id_rsa.pub 100% 402 0.4KB/s 00:00
把这个值追加到slaves上的authorized_keys里面,并修改安全权限
[hadoop@slave02 .ssh]$ cat id_rsa_frommaster.pub >> authorized_keys
[hadoop@slave02 .ssh]$ sudo chmod 600 authorized_keys
修改slaves主机上的 /etc/ssh/sshd_config内容,并重启sshd服务
[hadoop@slave01 .ssh]$ sudo cat /etc/ssh/sshd_config
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
[hadoop@slave01 .ssh]$ sudo service sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
最终验证方法
[hadoop@master .ssh]$ ssh slave01.hadoop
Last login: Wed Jul 30 23:00:25 2014 from master.hadoop
[hadoop@slave01 ~]$ logout
Connection to slave01.hadoop closed.
[hadoop@master .ssh]$ ssh slave02.hadoop
[hadoop@slave02 ~]$ logout
Connection to slave02.hadoop closed.
同理: 从slaves 到master
slaves 生成公钥
把slaves把Slave的公钥追加到Master的".ssh"文件夹下的"authorized_keys"中
[hadoop@slave01 .ssh]$ cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqkRUrgiyD3W36WPRpL9ifJjgnVe+1R4x4mRhimKXOfmW+D3dcbi9FwE2j0/H+NaMdLWjQYw685ITdfHni0X5La7YXy6EIe0FQB/NxDKVslc44RuzJQJKQkosqSY/HGVfefF7OzIFCEcqVQDqN+OpWlrbXNtmO1UUhG2TFvj3MsbgwWHf7fc+uSN7Y7bMzLJpKhAVEjljjyTaHekJ8WMNzgT160vgr0mIZawDlRxKRlS2HtWQnndf74ZJDCeQKgJA6RUKuqBLop5x/0lvHBbUkn3MADnJUlIzd5pJW/aFEVySypfkGZTspj3+m8gNfQkqYJiB6sBfFgUYt1iPL/GNRw== [email protected]
[hadoop@slave02 ~]$ cat .ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3mHGmqOGjIkC/Elc/4CopgvKCQ7AdtqV87dhQPWnDdlljePVY/GbCWYqp4h8CmtmsMNreTva8RLBPSIP3jGMrbvNDCCuMo+mZGa034yR6JwekI9zVikzYscCTqWCk6w5Hs3u/pnb1Ym6a46ho+DNEm42qIaYzrhRn9Fc1F9Hd3/dXRq0KZlO/5xMKuhFt1GKy+gs+l7MiK6y7pTISx+ox/mDjDQfzxfpguRO68XX54+dD0gONSb/MaVVMdqiWK3Fh88ouN23sKi/cnzD1vLSm55kpT6ZRo792qcFmMe7CIYc6dwdkKZBgkdheayWy5PPfsZrGfDd/erVCWrmofDhiw== [email protected]
可以用cat >>的方式追加,或者vi直接写入。钥匙么,让master知道就行了.
郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。