我需要破解一个单节点 Hadoop“集群”(cloudera 伪分布式)以便能够远程访问它。我已成功安装 Hadoop,并已将配置中的本地主机标识符更新为机器的 IP 地址。我可以运行,hadoop fs -ls /一切正常。我已创建无密码密钥,可以 SSH 到 Hadoop 机器。
连接建立如下:
ssh -vvvv -i .ssh/hadoop_rsa -o ConnectTimeout=10 -o ServerAliveInterval=60 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null-N -D 6666 [email protected]
当我hadoop fs -ls /在远程机器上运行时,ssh 输出是:
debug1: Connection to port 6666 forwarding to socks port 0 requested.
debug2: fd 6 setting TCP_NODELAY
debug2: fd 6 setting O_NONBLOCK
debug3: fd 6 is O_NONBLOCK
debug1: channel 2: new [dynamic-tcpip]
debug2: channel 2: pre_dynamic: have 0
debug2: channel 2: pre_dynamic: have 4
debug2: channel 2: decode socks5
debug2: channel 2: socks5 auth done
debug2: channel 2: pre_dynamic: need more
debug2: channel 2: pre_dynamic: have 0
debug2: channel 2: pre_dynamic: have 10
debug2: channel 2: decode socks5
debug2: channel 2: socks5 post auth
debug2: channel 2: dynamic request: socks5 host 151.84.13.73 port 8020 command 1
channel 2: open failed: administratively prohibited: open failed
debug2: channel 2: zombie
debug2: channel 2: garbage collecting
debug1: channel 2: free: direct-tcpip: listening port 6666 for 151.84.13.73 port 8020, connect from 127.0.0.1 port 50703, nchannels 3
debug3: channel 2: status: The following connections are open:
重点是administratively prohibited我已确保 Hadoop 机器上的端口 8020 和 8021 已打开(151.84.13.73)
sudo ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
munin-node ALLOW Anywhere
5666/tcp ALLOW Anywhere
8021 ALLOW Anywhere
8020 ALLOW Anywhere
和
sudo iptables -L
.
.
ACCEPT udp -- anywhere anywhere udp dpt:8021
ACCEPT tcp -- anywhere anywhere tcp dpt:8020
ACCEPT udp -- anywhere anywhere udp dpt:8020
.
还有什么其他原因channel 2: open failed?
编辑 1:看来 Hadoop 正在监听正确的端口:
.netstat -ant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:4949 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN
tcp 0 0 151.84.13.73:22 10.10.42.74:54777 ESTABLISHED
tcp 0 0 151.84.13.73:38547 15.184.32.197:5667 TIME_WAIT
tcp 0 0 151.84.13.73:38549 15.184.32.197:5667 TIME_WAIT
tcp 0 0 151.84.13.73:55729 15.185.12.213:636 ESTABLISHED
tcp 0 0 151.84.13.73:22 15.184.4.3:56649 ESTABLISHED
tcp 0 0 151.84.13.73:55727 15.185.12.213:636 ESTABLISHED
tcp 0 0 151.84.13.73:55728 15.185.12.213:636 ESTABLISHED
tcp 0 0 151.84.13.73:55834 15.185.12.213:636 ESTABLISHED
tcp 0 0 151.84.13.73:38548 15.184.32.197:5667 TIME_WAIT
tcp 0 0 151.84.13.73:55835 15.185.12.213:636 ESTABLISHED
tcp6 0 0 151.84.13.73:8020 :::* LISTEN
tcp6 0 0 151.84.13.73:8021 :::* LISTEN
tcp6 0 0 :::50070 :::* LISTEN
tcp6 0 0 :::35574 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 :::50010 :::* LISTEN
tcp6 0 0 :::50075 :::* LISTEN
tcp6 0 0 :::50020 :::* LISTEN
tcp6 0 0 :::34340 :::* LISTEN
tcp6 0 0 127.0.0.1:59241 :::* LISTEN
tcp6 0 0 :::50090 :::* LISTEN
tcp6 0 0 :::50060 :::* LISTEN
tcp6 0 0 :::54956 :::* LISTEN
tcp6 0 0 :::35725 :::* LISTEN
tcp6 0 0 :::50030 :::* LISTEN
tcp6 0 0 151.84.13.73:8021 151.84.13.73:46151 ESTABLISHED
tcp6 0 0 151.84.13.73:46151 151.84.13.73:8021 ESTABLISHED
tcp6 0 0 151.84.13.73:8020 151.84.13.73:45886 ESTABLISHED
tcp6 0 0 151.84.13.73:45886 151.84.13.73:8020 ESTABLISHED
nmap 显示两个端口都打开了。
还有其他身份验证正在进行吗?