本頁面由 Cloud Translation API 翻譯而成。

備份及還原 Ranger 結構定義

本頁說明如何在 Dataproc 中使用 Ranger 叢集備份及還原 Ranger 結構定義。

事前準備

視需要建立值區。您必須具備 Cloud Storage 值區存取權，才能儲存及還原 Ranger 結構定義。

如要建立值區，請按照下列指示操作：
1. In the Google Cloud console, go to the Cloud Storage Buckets page.
  Go to Buckets
2. Click Create.
3. On the Create a bucket page, enter your bucket information. To go to the next step, click Continue.
  1. In the Get started section, do the following:
    - Enter a globally unique name that meets the bucket naming requirements.
    - To add a bucket label, expand the Labels section (), click Add label, and specify a key and a value for your label.
  2. In the Choose where to store your data section, do the following:
    1. Select a Location type.
    2. Choose a location where your bucket's data is permanently stored from the Location type drop-down menu.
      - If you select the dual-region location type, you can also choose to enable turbo replication by using the relevant checkbox.
    3. To set up cross-bucket replication, select Add cross-bucket replication via Storage Transfer Service and follow these steps:
      Set up cross-bucket replication
      
      In the Bucket menu, select a bucket.
      
      In the Replication settings section, click Configure to configure settings for the replication job.
      
      The Configure cross-bucket replication pane appears.
      
      To filter objects to replicate by object name prefix, enter a prefix that you want to include or exclude objects from, then click Add a prefix.
      
      To set a storage class for the replicated objects, select a storage class from the Storage class menu. If you skip this step, the replicated objects will use the destination bucket's storage class by default.
      
      Click Done.
  3. In the Choose how to store your data section, do the following:
    1. Select a default storage class for the bucket or Autoclass for automatic storage class management of your bucket's data.
    2. To enable hierarchical namespace, in the Optimize storage for data-intensive workloads section, select Enable hierarchical namespace on this bucket.
      Note: You cannot enable hierarchical namespace in existing buckets.
  4. In the Choose how to control access to objects section, select whether or not your bucket enforces public access prevention, and select an access control method for your bucket's objects.
    Note: You cannot change the Prevent public access setting if this setting is enforced at an organization policy.
  5. In the Choose how to protect object data section, do the following:
    - Select any of the options under Data protection that you want to set for your bucket.
      - To enable soft delete, click the Soft delete policy (For data recovery) checkbox, and specify the number of days you want to retain objects after deletion.
      - To set Object Versioning, click the Object versioning (For version control) checkbox, and specify the maximum number of versions per object and the number of days after which the noncurrent versions expire.
      - To enable the retention policy on objects and buckets, click the Retention (For compliance) checkbox, and then do the following:
        
        To enable Object Retention Lock, click the Enable object retention checkbox.
        
        To enable Bucket Lock, click the Set bucket retention policy checkbox, and choose a unit of time and a length of time for your retention period.
    - To choose how your object data will be encrypted, expand the Data encryption section (), and select a Data encryption method.
4. Click Create.

備份 Ranger 結構定義

使用 SSH 連線至叢集的 Dataproc 主節點，並使用 Ranger 結構定義。在主要節點上執行 SSH 終端機工作階段，並執行本節中的指令。
設定環境變數。
```
BUCKET_NAME=bucket name \
  MYSQL_PASSWORD=MySQL password
  SCHEMA_FILE=schema filename
```
更改下列內容：
- MySQL password：您可以在叢集主節點上開啟 /etc/mysql/my.cnf，複製 MySQL 密碼。
- bucket name：用於儲存 Ranger 結構描述的 Cloud Storage 值區名稱。
- schema filename：指定檔案名稱，不含 .sql 副檔名。Ranger 結構定義會儲存至主節點上的這個檔案，然後儲存在 Cloud Storage 的 bucket name 中。

停止 Hive 服務。

sudo systemctl stop hive-metastore.service
sudo systemctl stop hive-server2.service

禁止變更 Ranger 結構定義資料表。

mysql -u root -p${MYSQL_PASSWORD}
REVOKE ALL PRIVILEGES ON ranger.* from 'rangeradmin'@'localhost';
GRANT SELECT ON ranger.* TO 'rangeradmin'@'localhost';
FLUSH PRIVILEGES;
SHOW GRANTS FOR 'rangeradmin'@'localhost';
exit;

將 Ranger 結構定義儲存至 .sql 檔案。

mysqldump -u root -p${MYSQL_PASSWORD} ranger > ${SCHEMA_FILE}.sql

重設 Ranger 權限。

mysql -u root -p${MYSQL_PASSWORD}
REVOKE SELECT ON ranger.* from 'rangeradmin'@'localhost';
GRANT ALL PRIVILEGES ON ranger.* to 'rangeradmin'@'localhost';
FLUSH PRIVILEGES;
SHOW GRANTS FOR 'rangeradmin'@'localhost';
exit;

重新啟動 Hive 和 Ranger 服務。

sudo systemctl start hive-metastore.service
  sudo systemctl start hive-server2.service
  sudo systemctl restart ranger-admin.service
  sudo systemctl restart ranger-usersync.service

將 Ranger 結構定義複製到 Cloud Storage。

gcloud storage cp ${SCHEMA_FILE}.sql gs://${BUCKET_NAME}

還原 Ranger 結構定義

使用 SSH 連線至叢集的 Dataproc 主節點，以便還原叢集結構定義。在主要節點上執行 SSH 終端機工作階段，並執行本節中的指令。
設定環境變數。
```
BUCKET_NAME=bucket name \
  MYSQL_PASSWORD=MySQL password
  SCHEMA_FILE=schema filename
```
更改下列內容：
- MySQL password：您可以在叢集主節點上開啟 /etc/mysql/my.cnf，複製 MySQL 密碼。
- bucket name：包含儲存 Ranger 結構描述的 Cloud Storage 值區名稱。
- schema filename：Ranger 結構定義檔案名稱的名稱 (不含 .sql 檔案副檔名)，儲存在 Cloud Storage 的 bucket name 中。