如何通过Spark即服务笔记本连接到在BigInsights on Cloud上运行的远程配置单元?
[英]How to connect to remote hive running on BigInsights on Cloud from a Spark as a Service notebook?
问题描述
I would like to connect to a hive service running on BigInsights from a spark notebook using jdbc. 
我想使用jdbc从Spark笔记本连接到在BigInsights上运行的配置单元服务。 The jdbc url format is: jdbc网址格式为:
jdbc:hive2://${env.hostname}:10000/default;ssl=true;sslTrustStore=./truststore.jks;trustStorePassword=mypassword;
As you can see from the url, this connection requires a truststore. 从url中可以看到,此连接需要一个信任库。 How should I make the truststore available to spark as a service? 我应该如何使信任库可用于火花即服务?
Update 1: 更新1:
- The certificate is not issued by a well known CA. 该证书不是由众所周知的CA颁发的。
- Tenants have no access to the JRE/JDK on the service. 租户无法访问该服务上的JRE / JDK。
Update 2: 更新2:
I can add the certificate and truststore using the following: 我可以使用以下方法添加证书和信任库:
with open('certificate', 'w') as f:
f.write('''
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
''')
!keytool -import -trustcacerts -alias biginsights -file certificate -keystore truststore.jks -storepass mypassword -noprompt
The final part of the question now is how to add a jar to python notebook on bluemix spark? 现在问题的最后一部分是如何在bluemix spark上向python笔记本添加一个jar?
2 个解决方案
解决方案1
1 2016-05-09 17:18:20
Here is one of the may be odd way around(Not tried):- 这是一种可能很奇怪的方法之一(未尝试):
In Notebook, If you are already not in python shell, then switch to python shell and then if you have your truststore available to be downloaded from URL , you can download it this way and run cell:- !wget 在Notebook中,如果您尚未使用python shell,请切换到python shell,然后如果可以从URL下载信任库,则可以通过这种方式下载并运行cell:-!wget
if biginsights server lets you use SSH to access the keystore, use !scp to download the truststore. 如果biginsights服务器允许您使用SSH访问密钥库,请使用!scp下载信任库。
Once downloaded, i would suggest try to use !pwd which will give you path /gpfs/fs01/user/s027-20bcfe6e4297e8-2c631c8ff999/notebook/notebooks 下载后,我建议尝试使用!pwd,它会为您提供路径/ gpfs / fs01 / user / s027-20bcfe6e4297e8-2c631c8ff999 / notebook / notebooks
If you do !ls, you can see your downloaded trustore file. 如果您这样做,则可以看到已下载的trustore文件。 See if you can give the FULL Absolute path to trustore in JDBC URL. 看看是否可以在JDBC URL中提供FULL Absolute路径来信任。
Thanks, Charles. 谢谢,查尔斯。
解决方案2
0 2016-05-09 15:54:08
First find out if the SSL certificate is issued by a "well-known" CA authority. 首先确定SSL证书是否由“知名” CA机构颁发。 By "well-known", I meant those CA authorities whose signing certificates are already included in the jdk truststore. “知名”是指那些签名证书已包含在jdk信任库中的CA权威。 If yes, find out from the jdk documentation the location and name of the truststore and provided that in the sslTrustStore parameter. 如果是,请从jdk文档中找到信任库的位置和名称,并在sslTrustStore参数中提供。 If no, then has to download the cert, add to a truststore and upload the truststore to a location accessible by spark as a service. 如果否,则必须下载证书,将其添加到信任库,然后将信任库上载到Spark即服务可访问的位置。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.