本页介绍了如何在 Dataproc with Ranger 集群上备份和恢复 Ranger 架构。
准备工作
如果需要,创建存储桶。您必须有权限访问 Cloud Storage 存储桶,并使用该存储桶来存储和恢复 Ranger 架构。
要创建存储桶,请按以下步骤操作:
- In the Google Cloud console, go to the Cloud Storage Buckets page.
- Click Create.
- On the Create a bucket page, enter your bucket information. To go to the next
step, click Continue.
-
In the Get started section, do the following:
- Enter a globally unique name that meets the bucket naming requirements.
- To add a
bucket label,
expand the Labels section (),
click add_box
Add label, and specify a
keyand avaluefor your label.
-
In the Choose where to store your data section, do the following:
- Select a Location type.
- Choose a location where your bucket's data is permanently stored from the Location type drop-down menu.
- If you select the dual-region location type, you can also choose to enable turbo replication by using the relevant checkbox.
- To set up cross-bucket replication, select
Add cross-bucket replication via Storage Transfer Service and
follow these steps:
Set up cross-bucket replication
- In the Bucket menu, select a bucket.
In the Replication settings section, click Configure to configure settings for the replication job.
The Configure cross-bucket replication pane appears.
- To filter objects to replicate by object name prefix, enter a prefix that you want to include or exclude objects from, then click Add a prefix.
- To set a storage class for the replicated objects, select a storage class from the Storage class menu. If you skip this step, the replicated objects will use the destination bucket's storage class by default.
- Click Done.
-
In the Choose how to store your data section, do the following:
- Select a default storage class for the bucket or Autoclass for automatic storage class management of your bucket's data.
- To enable hierarchical namespace, in the Optimize storage for data-intensive workloads section, select Enable hierarchical namespace on this bucket.
- In the Choose how to control access to objects section, select whether or not your bucket enforces public access prevention, and select an access control method for your bucket's objects.
-
In the Choose how to protect object data section, do the
following:
- Select any of the options under Data protection that you
want to set for your bucket.
- To enable soft delete, click the Soft delete policy (For data recovery) checkbox, and specify the number of days you want to retain objects after deletion.
- To set Object Versioning, click the Object versioning (For version control) checkbox, and specify the maximum number of versions per object and the number of days after which the noncurrent versions expire.
- To enable the retention policy on objects and buckets, click the Retention (For compliance) checkbox, and then do the following:
- To enable Object Retention Lock, click the Enable object retention checkbox.
- To enable Bucket Lock, click the Set bucket retention policy checkbox, and choose a unit of time and a length of time for your retention period.
- To choose how your object data will be encrypted, expand the Data encryption section (), and select a Data encryption method.
- Select any of the options under Data protection that you
want to set for your bucket.
-
In the Get started section, do the following:
- Click Create.
备份 Ranger 架构
使用 SSH 连接到包含 Ranger 架构的集群的 Dataproc 主节点。在主节点上运行的 SSH 终端会话中运行本部分中的命令。
设置环境变量。
BUCKET_NAME=bucket name \ MYSQL_PASSWORD=MySQL password SCHEMA_FILE=schema filename
替换以下内容:
MySQL password:您可以在集群的主节点上打开
/etc/mysql/my.cnf来复制 MySQL 密码。bucket name:用于存储 Ranger 架构的 Cloud Storage 存储桶名称。
schema filename:指定文件名,不含
.sql文件扩展名。Ranger 架构会保存到主节点上的此文件中,然后保存到 Cloud Storage 中的 bucket name。
停止 Hive 服务。
sudo systemctl stop hive-metastore.service sudo systemctl stop hive-server2.service
防止对 Ranger 架构表的更改。
mysql -u root -p${MYSQL_PASSWORD} REVOKE ALL PRIVILEGES ON ranger.* from 'rangeradmin'@'localhost'; GRANT SELECT ON ranger.* TO 'rangeradmin'@'localhost'; FLUSH PRIVILEGES; SHOW GRANTS FOR 'rangeradmin'@'localhost'; exit;将 Ranger 架构保存到
.sql文件中。mysqldump -u root -p${MYSQL_PASSWORD} ranger > ${SCHEMA_FILE}.sql重置 Ranger 权限。
mysql -u root -p${MYSQL_PASSWORD} REVOKE SELECT ON ranger.* from 'rangeradmin'@'localhost'; GRANT ALL PRIVILEGES ON ranger.* to 'rangeradmin'@'localhost'; FLUSH PRIVILEGES; SHOW GRANTS FOR 'rangeradmin'@'localhost'; exit;重启 Hive 和 Ranger 服务。
sudo systemctl start hive-metastore.service sudo systemctl start hive-server2.service sudo systemctl restart ranger-admin.service sudo systemctl restart ranger-usersync.service
将 Ranger 架构复制到 Cloud Storage。
gcloud storage cp ${SCHEMA_FILE}.sql gs://${BUCKET_NAME}
恢复 Ranger 架构
使用 SSH 连接到您要恢复集群架构的集群的 Dataproc 主节点。在主节点上运行的 SSH 终端会话中运行本部分中的命令。
设置环境变量。
BUCKET_NAME=bucket name \ MYSQL_PASSWORD=MySQL password SCHEMA_FILE=schema filename
替换以下内容:
MySQL password:您可以在集群的主节点上打开
/etc/mysql/my.cnf来复制 MySQL 密码。bucket name:包含已保存 Ranger 架构的 Cloud Storage 存储桶名称。
schema filename:Ranger 架构文件名(不带
.sql文件扩展名),保存在 Cloud Storage 中的 bucket name 中。
停止 Hive 服务。
sudo systemctl stop hive-metastore.service sudo systemctl stop hive-server2.service
防止对 Ranger 架构表的更改。
mysql -u root -p${MYSQL_PASSWORD} REVOKE ALL PRIVILEGES ON ranger.* from 'rangeradmin'@'localhost'; GRANT SELECT ON ranger.* TO 'rangeradmin'@'localhost'; FLUSH PRIVILEGES; SHOW GRANTS FOR 'rangeradmin'@'localhost'; exit;将 Cloud Storage 中的 Ranger 架构
.sql文件复制到集群的主节点。gcloud storage cp ${BUCKET_NAME}/${SCHEMA_FILE}.sql .恢复 Ranger 架构。此步骤会覆盖现有 Ranger 架构的内容。
mysqldump -u root -p${MYSQL_PASSWORD} ranger < ${SCHEMA_FILE}.sql重置 Ranger 权限。
mysql -u root -p${MYSQL_PASSWORD} REVOKE SELECT ON ranger.* from 'rangeradmin'@'localhost'; GRANT ALL PRIVILEGES ON ranger.* to 'rangeradmin'@'localhost'; FLUSH PRIVILEGES; SHOW GRANTS FOR 'rangeradmin'@'localhost'; exit;更新 Ranger 配置文件。在以下文件中将 Ranger DB 主机更改为具有以下属性的新数据库主机名:
文件 属性 ranger-hdfs-security.xmlranger.plugin.hdfs.policy.rest.urlranger-yarn-security.xmlranger.plugin.yarn.policy.rest.url重启 Hive 和 Ranger 服务。
sudo systemctl start hive-metastore.service sudo systemctl start hive-server2.service sudo systemctl restart ranger-admin.service sudo systemctl restart ranger-usersync.service