seabox hbaconf

seabox hbaconf

设置SeaboxMPP数据库用户连接的配置参数

语法

``` bash seabox hbaconf [OPTIONS]

Options: -t, –type TEXT set seabox connection authentication type -d, –database TEXT set seabox connection authentication database -u, –user TEXT set seabox connection authentication user -i, –ip_address TEXT set seabox connection authentication address. it can be a host name, or it is made up of an ip address and a CIDR mask that is an integer (between 0 and 32 (ipv4) or 128 (ipv6) inclusive) that specifies the number of significant bits in the mask

-h, –host TEXT set all ip-address on the specified host -m, –method TEXT set seabox connection password authentication method –add add seabox connection authentication configuration –remove remove seabox connection authentication configuration -?, –help show this help, then exit

```

描述

添加或者删除连接认证配置，包括5个参数：type，database，user，ip_address，method

• 注意：如有注意事项，补充

选项

该命令支持选项说明如下：

Options

命令支持的选项

-t, --type

使用该选项时表示设置连接方式，后面跟指定的连接方式。连接方式有6种：local, host, hostssl, hostnossl, hostgssenc 和 hostnogssenc

-d, --database

使用该选项时表示设置要匹配的数据库，后面跟指定的数据库。可以是"all", "sameuser", "samerole", "replication"，也可以是其它数据库名称，多个数据库用“,”隔开。all表示所有，但不包括replication

-u, --user

使用该选项时表示设置用户名，后面跟指定的用户名。可以为"all"，表示所有，也可以具体指定一个用户，也可以用前缀+指定一个用户组。多个用户用“,”隔开

-i, --ip_address

使用该选项时表示设置主机地址，后面跟指定的主机地址。可以为一个主机名，或者由IP地址和CIDR掩码组成。掩码可以为0-32（IPv4）或者0-128（IPv6）间的一个整数，32表示子网掩码为255.255.255.255，24表示子网掩码为255.255.255.0。以 .开头的主机名匹配那些具有相同后缀的主机名。samehost匹配服务器自己所有的IP地址，samenet匹配服务器直接接入的子网

-h, --host

使用该选项时表示将指定主机上所有的ip地址都添加认证配置，后面跟指定的主机名称

-m, --method

使用该选项时表示设置加密方式，后面跟指定的加密方式。可以为"trust", "reject", "md5", "password", "scram-sha-256", "gss", "sspi", "ident", "peer", "pam", "ldap", "radius" or "cert"

--add

使用该选项时表示添加集群连接认证配置

--remove

使用该选项时表示删除集群连接认证配置

-?, --help

使用该选项时返回seabox hbaconf命令的帮助信息

注解

如有具体的使用限制及注意事项，在这部分列出。

• 注1：seabox hbaconf命令对选项的组合使用有严格限制，若输入的不支持的选项组合，则会报错退出。所有支持的选项组合说明如下：

• –add选项支持的组合如下：

  seabox hbaconf --add -u <user_name> {-i <ip_addr> | -h <hostname> } [-t <type_name>] [-d <db_name>] [-m <method_name>]
  

  -i和-h选项必须指定其一；-t选项可不指定，默认为host；-d选项可不指定，默认为all；-m选项可不指定，默认为md5

• –remove选项支持的组合如下：

  seabox hbaconf --remove -u <user_name> {-i <ip_addr> | -h <hostname> } -t <type_name> -d <db_name> -m <method_name>
  

  -i和-h选项必须指定其一；其他选项必须都指定

• 注2： seabox hbaconf命令要求使用SeaboxMPP数据库集群安装用户seabox，或root用户，且需通过以下命令设置正确的环境变量：

source $SDHOME/seaboxmpp_path.sh

其中，$SDHOME为安装SeaboxMPP数据库服务的主目录。

示例

以下是seabox hbaconf --help的执行结果：

[seabox@mpp-test-1 bin]$ seabox hbaconf --help
set seabox connection authentication configuration.

Usage: 
  seabox hbaconf [OPTIONS]

Options:
  -t, --type TEXT        set seabox connection authentication type
  -d, --database TEXT    set seabox connection authentication database
  -u, --user TEXT        set seabox connection authentication user
  -i, --ip_address TEXT  set seabox connection authentication address.  it can
                          be a host name, or it is made up of an ip address and
                          a CIDR mask that is an integer  (between 0 and 32
                          (ipv4) or 128 (ipv6) inclusive) that specifies the
                          number of significant  bits in the mask

  -h, --host TEXT        set all ip-address on the specified host
  -m, --method TEXT      set seabox connection password authentication method
  --add                  add seabox connection authentication configuration
  --remove               remove seabox connection authentication configuration
  -?, --help             show this help, then exit

以下命令可添加认证配置

[seabox@master_regress1 sdsql]$ seabox hbaconf --add -u zhangsan -i 127.0.0.1 
2022-07-07 09:24:23 CST [153192] seabox_hbaconf master_regress1:seabox INFO: add 'host all zhangsan 127.0.0.1 md5' on host master_regress1 for coordinator dbid 1
2022-07-07 09:24:23 CST [153192] seabox_hbaconf master_regress1:seabox INFO: add 'host all zhangsan 127.0.0.1 md5' on host node1_regress1 for coordinator dbid 2

[seabox@master_regress1 sdsql]$ seabox hbaconf --add -u zhangsan -h master_regress1 
2022-07-07 09:57:42 CST [163803] seabox_hbaconf master_regress1:seabox INFO: add all records with host master_regress1's addresses on host master_regress1 for coordinator dbid 1
2022-07-07 09:57:43 CST [163900] scconfig_helper.py default INFO: add 'host all zhangsan 172.25.0.2 md5' to file /home/seabox/seabox-data-directory/coordinatordd/0/sd_hba.conf
2022-07-07 09:57:43 CST [163900] scconfig_helper.py default INFO: add 'host all zhangsan fe80::42:acff:fe19:2 md5' to file /home/seabox/seabox-data-directory/coordinatordd/0/sd_hba.conf
2022-07-07 09:57:43 CST [163803] seabox_hbaconf master_regress1:seabox INFO: add all records with host master_regress1's addresses on host node1_regress1 for coordinator dbid 2
2022-07-07 09:57:43 CST [136111] scconfig_helper.py default INFO: add 'host all zhangsan 172.25.0.2 md5' to file /home/seabox/seabox-data-directory/coordinatordd/1/sd_hba.conf
2022-07-07 09:57:43 CST [136111] scconfig_helper.py default INFO: add 'host all zhangsan fe80::42:acff:fe19:2 md5' to file /home/seabox/seabox-data-directory/coordinatordd/1/sd_hba.conf

以下命令可删除认证配置

[seabox@master_regress1 sdsql]$ seabox hbaconf --remove -u zhangsan -i 127.0.0.1 -t host -d all -m md5
2022-07-07 09:59:22 CST [164416] seabox_hbaconf master_regress1:seabox INFO: remove 'host all zhangsan 127.0.0.1 md5' on host master_regress1 for coordinator dbid 1
2022-07-07 09:59:22 CST [164416] seabox_hbaconf master_regress1:seabox INFO: remove 'host all zhangsan 127.0.0.1 md5' on host node1_regress1 for coordinator dbid 2

[seabox@master_regress1 sdsql]$ seabox hbaconf --remove -u zhangsan -h master_regress1 -t host -d all -m md5
2022-07-07 10:00:11 CST [164798] seabox_hbaconf master_regress1:seabox INFO: remove all records with host master_regress1's addresses on host master_regress1 for coordinator dbid 1
2022-07-07 10:00:11 CST [164872] scconfig_helper.py default INFO: remove 'host all zhangsan 172.25.0.2 md5' from file /home/seabox/seabox-data-directory/coordinatordd/0/sd_hba.conf
2022-07-07 10:00:11 CST [164872] scconfig_helper.py default INFO: remove 'host all zhangsan fe80::42:acff:fe19:2 md5' from file /home/seabox/seabox-data-directory/coordinatordd/0/sd_hba.conf
2022-07-07 10:00:11 CST [164798] seabox_hbaconf master_regress1:seabox INFO: remove all records with host master_regress1's addresses on host node1_regress1 for coordinator dbid 2
2022-07-07 10:00:12 CST [136889] scconfig_helper.py default INFO: remove 'host all zhangsan 172.25.0.2 md5' from file /home/seabox/seabox-data-directory/coordinatordd/1/sd_hba.conf
2022-07-07 10:00:12 CST [136889] scconfig_helper.py default INFO: remove 'host all zhangsan fe80::42:acff:fe19:2 md5' from file /home/seabox/seabox-data-directory/coordinatordd/1/sd_hba.conf

相关命令

无