【Dolphinscheduler】docker搭建dolphinscheduler集群并与安全的CDH集成
1 文档编写目的
Apache DolphinScheduler(以下简称 DS)是一个分布式、去中心化、易扩展的可视化 DAG 工作流任务调度平台,致力于解决数据处理流程中复杂的依赖关系,使调度系统开箱即用。本篇文档主要介绍如何在 CDH 安全集群环境中部署 DolphinScheduler 集群。
高可靠性
采用去中心化架构,Master 与 Worker 节点对等部署,避免单点瓶颈和性能压力。内置任务缓冲队列,有效应对高并发任务,确保系统稳定运行。
简单易用
提供可视化 DAG 流程定义界面,支持拖拽式任务编排,实时监控任务状态。支持通过 API 与外部系统集成,实现一键部署与自动化调度。
丰富的使用场景
支持多租户隔离、任务暂停与恢复操作,深度集成大数据生态系统,内置支持 Spark、Hive、MapReduce、Python、Shell、SubProcess 等近 20 种任务类型,覆盖多种数据处理需求。
高扩展性
调度器采用分布式架构,具备良好的横向扩展能力,Master 和 Worker 节点可动态扩缩容。支持自定义任务插件,满足多样化业务场景的调度需求。
2 部署环境说明
1.CM和CDH版本为6.3.2
2.DolphinScheduler版本为3.1.9
3.Zookeeper为3.7.1
本次使用3个节点来部署DolphinScheduler集群,搭建一个具备高可用性的集群,具体部署节点及角色分配如下:
| IP | 主机名 | 备注 |
|---|---|---|
| 172.10.0.2 | cm.hadoop | Master/Worker/API/Altert/ZK |
| 172.10.0.3 | cdh01.hadoop | Master/Worker/API |
| 172.10.0.4 | cdh02.hadoop | Master/Worker |
3 前置条件准备
安装zookeeper
由于cdh集群中的zookeepr是给cdh定制使用的是3.4.5版本无法满足dolphinscheduler3.1.9的使用要求(最低 3.5),所以需要单独安装
1、下载:
wget https://downloads.apache.org/zookeeper/zookeeper-3.7.1/apache-zookeeper-3.7.1-bin.tar.gz
2、快速启动(单机):
tar -zxvf apache-zookeeper-3.7.1-bin.tar.gz
cd apache-zookeeper-3.7.1-bin
mkdir data
echo "tickTime=2000
dataDir=./data
clientPort=2181
initLimit=5
syncLimit=2" > conf/zoo.cfgbin/zkServer.sh start
然后配置 DolphinScheduler 指向这个 ZooKeeper。
4 安装DolphinScheduler
4.1 环境准备
1.准备最新的DolphinScheduler安装包地址如下:
https://dolphinscheduler.apache.org/zh-cn/download/download.html
将下载好的安装包上传至cm节点的/root目录下。
2.分别在CDH3台服务器上执行以下命令,配置java环境变量:
sudo bash -c 'cat >> /etc/profile <<EOFexport JAVA_HOME=/usr/java/jdk1.8.0_181-cloudera/
export PATH=\$JAVA_HOME/bin:\$PATH
export CLASSPATH=\$JAVA_HOME/lib/dt.jar:\$JAVA_HOME/lib/tool.jar:\$CLASSPATHEOF'
source /etc/profile
3.确保集群所有节点安装了psmisc包,安装命令如下:
yum -y install psmisc
4.创建DS的部署用户和集群所有节点的hosts映射,在集群所有节点配置/etc/hosts映射文件,内容如下:
5.在集群所有节点使用root用户执行如下命令,向操作系统添加一个dolphin用户,设置用户密码为dolphin123,并为该用户配置sudo免密权限
useradd dolphin
echo "dolphin123" | passwd --stdin dolphin
echo 'dolphin ALL=(ALL) NOPASSWD: NOPASSWD: ALL' >> /etc/sudoers
sed -i 's/Defaults requirett/#Defaults requirett/g' /etc/sudoers
在所有节点执行如下命令切换只dolphin用户下验证sudo免密权限配置是否成功
su - dolphin
sudo ls /root/
注意:此处必须创建部署用户dolphin,且为该用户配置sudo免密,否则该用户无法通过sudo -u的方式切换不同的Linux用户的方式来实现多租户运行作业。
6.选择cm.hadoop节点作为主节点,配置cm节点本机ssh免密登录及到01和02节点的免密登录(这里使用dolphin用户配置)
在集群所有节点执行如下命令为dolphin用户生成秘钥文件(一路回车即可):
su - dolphin
ssh-keygen -t rsa
将dolphin用户/home/dolphin/.ssh目录下的公钥文件内容添加到authorized_keys文件中,并修改文件权限为600
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
ll ~/.ssh/authorized_keys
测试cm节点免密登录配置是否成功
ssh localhost
将cm节点生成的authorized_keys文件拷贝至其他节点的/home/dolphin/.ssh目录下(密码为:dolphin123):
scp ~/.ssh/authorized_keys dolphin@cdh01:/home/dolphin/.ssh/
scp ~/.ssh/authorized_keys dolphin@cdh02:/home/dolphin/.ssh/
完成上述操作后,验证01到其他节点的免密登录配置是否成功,不需要配置密码则表示配置成功。
7.将上传到cm节点的DolphinScheduler安装包拷贝解压至/home/dolphin目录下
将宿主机dolphin文件上传到cm容器
docker cp apache-dolphinscheduler-3.1.9-bin.tar.gz cm.hadoop:/home/dolphin/
cd /home/dolphin
tar -zxvf apache-dolphinscheduler-3.1.9-bin.tar.gz
chown -R dolphin. apache-dolphinscheduler-3.1.9-bin
4.2 配置dolphinscheduler_env.sh
修改./bin/env/dolphinscheduler_env.sh 配置文件,配置DolphinScheduler的环境变量:
1.mysql配置:
vim ./bin/env/dolphinscheduler_env.sh
2.jdk配置:
修改JAVA_HOME:
3.hadoop相关配置:
因为我们的hadoop的相关服务是使用cdh搭建的所以目录全都在/opt/cloudera/parcels/CDH/lib目录下,下面是具体的配置:
export HADOOP_HOME=${HADOOP_HOME:-/opt/cloudera/parcels/CDH-6.3.2-1.cdh6.3.2.p0.1605554/lib/hadoop}
export HADOOP_CONF_DIR=${HADOOP_CONF_DIR:-/opt/cloudera/parcels/CDH-6.3.2-1.cdh6.3.2.p0.1605554/lib/hadoop/etc/hadoop}
export SPARK_HOME1=${SPARK_HOME1:-/opt/cloudera/parcels/CDH-6.3.2-1.cdh6.3.2.p0.1605554/lib/spark}
export SPARK_HOME2=${SPARK_HOME2:-/opt/cloudera/parcels/CDH-6.3.2-1.cdh6.3.2.p0.1605554/lib/spark}
export PYTHON_HOME=${PYTHON_HOME:-/opt/soft/python}
export HIVE_HOME=${HIVE_HOME:-/opt/cloudera/parcels/CDH-6.3.2-1.cdh6.3.2.p0.1605554/lib/hive}
export FLINK_HOME=${FLINK_HOME:-/opt/soft/flink}
export DATAX_HOME=${DATAX_HOME:-/opt/software/datax/datax}
export SEATUNNEL_HOME=${SEATUNNEL_HOME:-/opt/soft/seatunnel}
export CHUNJUN_HOME=${CHUNJUN_HOME:-/opt/soft/chunjun}
4.3 配置common.properties
修改 api-server/conf/ 和 worker-server/conf/ ⽬录下的这个⽂件,该⽂件主要⽤来配置资源上传相关参数,⽐如将海豚的资源上传到 hdfs 等,文件内容如下:
# user data local directory path, please make sure the directory exists and have read write permissions
data.basedir.path=/tmp/dolphinscheduler# resource view suffixs
#resource.view.suffixs=txt,log,sh,bat,conf,cfg,py,java,sql,xml,hql,properties,json,yml,yaml,ini,js# resource storage type: HDFS, S3, OSS, NONE
resource.storage.type=HDFS
# resource store on HDFS/S3 path, resource file will store to this base path, self configuration, please make sure the directory exists on hdfs and have read write permissions. "/dolphinscheduler" is recommended
resource.storage.upload.base.path=/dolphinscheduler# The AWS access key. if resource.storage.type=S3 or use EMR-Task, This configuration is required
resource.aws.access.key.id=minioadmin
# The AWS secret access key. if resource.storage.type=S3 or use EMR-Task, This configuration is required
resource.aws.secret.access.key=minioadmin123
# The AWS Region to use. if resource.storage.type=S3 or use EMR-Task, This configuration is required
resource.aws.region=cn-north-1
# The name of the bucket. You need to create them by yourself. Otherwise, the system cannot start. All buckets in Amazon S3 share a single namespace; ensure the bucket is given a unique name.
resource.aws.s3.bucket.name=dolphinscheduler
# You need to set this parameter when private cloud s3. If S3 uses public cloud, you only need to set resource.aws.region or set to the endpoint of a public cloud such as S3.cn-north-1.amazonaws.com.cn
resource.aws.s3.endpoint=http://192.168.1.39:10020# alibaba cloud access key id, required if you set resource.storage.type=OSS
resource.alibaba.cloud.access.key.id=<your-access-key-id>
# alibaba cloud access key secret, required if you set resource.storage.type=OSS
resource.alibaba.cloud.access.key.secret=<your-access-key-secret>
# alibaba cloud region, required if you set resource.storage.type=OSS
resource.alibaba.cloud.region=cn-hangzhou
# oss bucket name, required if you set resource.storage.type=OSS
resource.alibaba.cloud.oss.bucket.name=dolphinscheduler
# oss bucket endpoint, required if you set resource.storage.type=OSS
resource.alibaba.cloud.oss.endpoint=https://oss-cn-hangzhou.aliyuncs.com# if resource.storage.type=HDFS, the user must have the permission to create directories under the HDFS root path
resource.hdfs.root.user=hdfs
# if resource.storage.type=S3, the value like: s3a://dolphinscheduler; if resource.storage.type=HDFS and namenode HA is enabled, you need to copy core-site.xml and hdfs-site.xml to conf dir
resource.hdfs.fs.defaultFS=hdfs://cm:8020# whether to startup kerberos
hadoop.security.authentication.startup.state=false# java.security.krb5.conf path
java.security.krb5.conf.path=/opt/krb5.conf# login user from keytab username
login.user.keytab.username=hdfs-mycluster@ESZ.COM# login user from keytab path
login.user.keytab.path=/opt/hdfs.headless.keytab# kerberos expire time, the unit is hour
kerberos.expire.time=2# resourcemanager port, the default value is 8088 if not specified
resource.manager.httpaddress.port=8088
# if resourcemanager HA is enabled, please set the HA IPs; if resourcemanager is single, keep this value empty
yarn.resourcemanager.ha.rm.ids=192.168.xx.xx,192.168.xx.xx
# if resourcemanager HA is enabled or not use resourcemanager, please keep the default value; If resourcemanager is single, you only need to replace ds1 to actual resourcemanager hostname
yarn.application.status.address=http://cm:%s/ws/v1/cluster/apps/%s
# job history status url when application number threshold is reached(default 10000, maybe it was set to 1000)
yarn.job.history.status.address=http://cm:19888/ws/v1/history/mapreduce/jobs/%s# datasource encryption enable
datasource.encryption.enable=false# datasource encryption salt
datasource.encryption.salt=!@#$%^&*# data quality option
data-quality.jar.name=dolphinscheduler-data-quality-dev-SNAPSHOT.jar#data-quality.error.output.path=/tmp/data-quality-error-data# Network IP gets priority, default inner outer# Whether hive SQL is executed in the same session
support.hive.oneSession=false# use sudo or not, if set true, executing user is tenant user and deploy user needs sudo permissions; if set false, executing user is the deploy user and doesn't need sudo permissions
sudo.enable=true
setTaskDirToTenant.enable=false# network interface preferred like eth0, default: empty
#dolphin.scheduler.network.interface.preferred=# network IP gets priority, default: inner outer
#dolphin.scheduler.network.priority.strategy=default# system env path
#dolphinscheduler.env.path=dolphinscheduler_env.sh# development state
development.state=false# rpc port
alert.rpc.port=50052# set path of conda.sh
conda.path=/opt/anaconda3/etc/profile.d/conda.sh# Task resource limit state
task.resource.limit.state=false# mlflow task plugin preset repository
ml.mlflow.preset_repository=https://github.com/apache/dolphinscheduler-mlflow
# mlflow task plugin preset repository version
ml.mlflow.preset_repository_version="main"
api-server修改成功之后可以直接将它的文件复制到worker-server中,因为他们的内容都是一样的
使用命令:
cp ./api-server/conf/common.properties ./worker-server/conf/
4.4 配置mysql
1.初始化DolphinScheduler数据库
由于数据库选择的是MySQL,在初始化前,需要将mysql(8.x)驱动分别放到./api-server/libs、./alert-server/libs、./master-server/libs、./worker-server/libs、./tools/libs、./standalone-server/libs、`` 目录下
cd /home/dolphin/apache-dolphinscheduler-3.1.9-bin;
wget -O /home/dolphin/apache-dolphinscheduler-3.1.9-bin/mysql-connector-j-8.0.33.tar.gz \
https://downloads.mysql.com/archives/get/p/3/file/mysql-connector-j-8.0.33.tar.gz \
&& tar -zxvf mysql-connector-j-8.0.33.tar.gz
cp ./mysql-connector-j-8.0.33/mysql-connector-j-8.0.33.jar ./api-server/libs/
cp ./mysql-connector-j-8.0.33/mysql-connector-j-8.0.33.jar ./alert-server/libs/
cp ./mysql-connector-j-8.0.33/mysql-connector-j-8.0.33.jar ./master-server/libs/
cp ./mysql-connector-j-8.0.33/mysql-connector-j-8.0.33.jar ./standalone-server/libs/
cp ./mysql-connector-j-8.0.33/mysql-connector-j-8.0.33.jar ./worker-server/libs/
cp ./mysql-connector-j-8.0.33/mysql-connector-j-8.0.33.jar ./tools/libs/
2.使用root用户登录,执行如下SQL语句创建DS的数据库
由于cdh安装的mysql是5.7版本所以我们需要更新,mysql客户端
yum install -y https://dev.mysql.com/get/mysql80-community-release-el7-11.noarch.rpm \
&& yum install -y mysql-community-client
mysql -h mysql -uroot -p123456Aa.
CREATE DATABASE dolphinscheduler DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
CREATE USER IF NOT EXISTS 'dolphins'@'%' IDENTIFIED BY '123456Aa.';
GRANT ALL PRIVILEGES ON dolphinscheduler.* TO 'dolphins'@'%';ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY '123456Aa.';
flush privileges;
最后执行
bash tools/bin/upgrade-schema.sh
执行结果大概就是这样
4.5 更换dolphinscheduler连接hive jar包
由于cdn6.3.2的hive版本是2.1.1,耳dolphinscheduler3.1.9自带的版本比较高会导致连不上hive的问题,所以这里需要降级处理
1.先上传至docker容器内
docker cp hive-common-2.1.1.jar cm.hadoop1:/opt
docker cp hive-jdbc-2.1.1.jar cm.hadoop1:/opt
docker cp hive-metastore-2.1.1.jar cm.hadoop1:/opt
docker cp hive-orc-2.1.1.jar cm.hadoop1:/opt
docker cp hive-serde-2.1.1.jar cm.hadoop1:/opt
docker cp hive-service-2.1.1.jar cm.hadoop1:/opt
docker cp hive-service-rpc-2.1.1.jar cm.hadoop1:/opt
docker cp hive-storage-api-2.1.1.jar cm.hadoop1:/opt
2.删除原有的jar包
cd /home/dolphin/dolphinscheduler3.1.9/rm -rf ./api-server/libs/hive-*
rm -rf ./alert-server/libs/hive-*
rm -rf ./worker-server/libs/hive-*
rm -rf ./tools/libs/hive-*
3.将上传至容器的jar复制到对应的服务中
cp /opt/hive-* ./api-server/libs/
cp /opt/hive-* ./alert-server/libs/
cp /opt/hive-* ./worker-server/libs/
cp /opt/hive-* ./tools/libs/
执行安装脚本
bash bin/install.sh
安装后会自动启动
浏览器访问
http:[IP]:12345/dolphinscheduler
