Hadoop sshfence（權限被拒絕）

Question

我正在嘗試HDFS的Hadoop 2高可用性。我在用戶hafence下的NameNode中設置了無密碼的ssh連接。我證實了 - 它的工作原理。不過，當使用此sshfence設置時，我正在關注（權限被拒絕）。

2014-01-20 12:54:47,101 INFO ha.NodeFencer (NodeFencer.java:fence(91)) - ====== Beginning Service Fencing Process... ====== 
2014-01-20 12:54:47,101 INFO ha.NodeFencer (NodeFencer.java:fence(94)) - Trying method 1/1: org.apache.hadoop.ha.SshFenceByTcpPort(hafence:22) 
2014-01-20 12:54:47,101 WARN ha.SshFenceByTcpPort (SshFenceByTcpPort.java:tryFence(93)) - Unable to create SSH session 
com.jcraft.jsch.JSchException: java.io.FileNotFoundException: /home/hafence/.ssh/id_rsa (Permission denied) 
    at com.jcraft.jsch.IdentityFile.newInstance(IdentityFile.java:98) 
    at com.jcraft.jsch.JSch.addIdentity(JSch.java:206) 
    at com.jcraft.jsch.JSch.addIdentity(JSch.java:192) 
    at org.apache.hadoop.ha.SshFenceByTcpPort.createSession(SshFenceByTcpPort.java:122) 
    at org.apache.hadoop.ha.SshFenceByTcpPort.tryFence(SshFenceByTcpPort.java:91) 
    at org.apache.hadoop.ha.NodeFencer.fence(NodeFencer.java:97) 
    at org.apache.hadoop.ha.ZKFailoverController.doFence(ZKFailoverController.java:521) 
    at org.apache.hadoop.ha.ZKFailoverController.fenceOldActive(ZKFailoverController.java:494) 
    at org.apache.hadoop.ha.ZKFailoverController.access$1100(ZKFailoverController.java:59) 
    at org.apache.hadoop.ha.ZKFailoverController$ElectorCallbacks.fenceOldActive(ZKFailoverController.java:837) 
    at org.apache.hadoop.ha.ActiveStandbyElector.fenceOldActive(ActiveStandbyElector.java:900) 
    at org.apache.hadoop.ha.ActiveStandbyElector.becomeActive(ActiveStandbyElector.java:799) 
    at org.apache.hadoop.ha.ActiveStandbyElector.processResult(ActiveStandbyElector.java:415) 
    at org.apache.zookeeper.ClientCnxn$EventThread.processEvent(ClientCnxn.java:596) 
    at org.apache.zookeeper.ClientCnxn$EventThread.run(ClientCnxn.java:495) 
Caused by: java.io.FileNotFoundException: /home/hafence/.ssh/id_rsa (Permission denied) 
    at java.io.FileInputStream.open(Native Method) 
    at java.io.FileInputStream.<init>(FileInputStream.java:138) 
    at java.io.FileInputStream.<init>(FileInputStream.java:97) 
    at com.jcraft.jsch.IdentityFile.newInstance(IdentityFile.java:83) 
    ... 14 more 
2014-01-20 12:54:47,102 WARN ha.NodeFencer (NodeFencer.java:fence(108)) - Fencing method org.apache.hadoop.ha.SshFenceByTcpPort(hafence:22) was unsuccessful. 
2014-01-20 12:54:47,102 ERROR ha.NodeFencer (NodeFencer.java:fence(111)) - Unable to fence service by any configured method. 
2014-01-20 12:54:47,102 WARN ha.ActiveStandbyElector (ActiveStandbyElector.java:becomeActive(807)) - Exception handling the winning of election 

我的配置是按照HDFS-site.xml中：

<property> 
    <name>dfs.ha.fencing.methods</name> 
    <value>sshfence(hafence:22)</value> 
    </property> 
    <property> 
    <name>dfs.ha.fencing.ssh.private-key-files</name> 
    <value>/home/hafence/.ssh/id_rsa</value> 
    </property> 
    <property> 
    <name>dfs.ha.fencing.ssh.connect-timeout</name> 
    <value>30000</value> 
    </property> 

    <property> 
    <name>dfs.ha.automatic-failover.enabled</name> 
    <value>true</value> 
    </property> 

哪些權限要求，用戶等，以使sshfence工作？

Answer 1

由於hadoop是從RPM軟件包安裝的。我們對sshfence使用了hdfs用戶（包括密碼較少的認證），然後sshfence開始工作。

Answer 2

檢查/home/hafence/.ssh/id_rsa的權限。我有這個問題。檢查id_rsa上的權限。您的用戶應具有讀寫權限。