Connecting to an HBase Security Cluster Using the HBase Shell

You can enable security channel encryption to encrypt data transmission. This section describes how to enable a secure channel for an HBase cluster.

Constraints

Enabling a security channel may deteriorate the cluster performance.
The HBase security channel can be enabled only when a cluster is created.
The HBase cluster and the ECS must be in the same region, AZ, and VPC.
The HBase cluster and the ECS must be in the same security group.
The IP address of the local host has been added to the ECS security group.

Creating a Cluster and Enabling the Security Channel

Log in to the CloudTable console.
Select a region in the upper left corner.
Click Create Cluster in the upper right corner.
Check whether Security Channel is toggled on (default).
Set the parameters and click Next.
Confirm the cluster information and click Submit. After the cluster is created, go to its details page to view its security channel status.

Connecting to an HBase Security Cluster

Log in to the CloudTable console.
Select a region in the upper left corner.
Choose Help and click Download the HBase2.x Client to download the client.
Prepare an ECS and install the client.
Use the SSH login tool (such as PuTTY) to log in to the Linux ECS through the EIP.

For details about how to log in to the ECS, see Logging In to a Linux ECS > Logging In to a Linux ECS Using an SSH Password in the Elastic Cloud Server User Guide.
Install the client downloaded in Step 3. For details, see Install the client and verify the client..
Go to the client installation directory and modify the hbase-env.sh file.
- Go to the hbase-client folder and view the conf folder.
```
cd hbase-client
```
- Go to the conf folder and edit the hbase-env.sh file.
  - Go to the conf folder.
```
cd conf/
```
  - Edit the hbase-env.sh file.
```
vi hbase-env.sh
```
  - Add the following content to the end of the hbase-env.sh file:
```
CLIENT_JVMFLAGS="-Dzookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty -Dzookeeper.client.secure=true"
export HBASE_OPTS="${CLIENT_JVMFLAGS} ${HBASE_OPTS}"
```
  - Press Ecs to exit the editing page.
  - Save the added content.
```
:wq
```
Go to the client installation directory to configure the client. Add the required configurations to the hbase-site.xml file in the conf directory on the client.
- Edit the hbase-site.xml file.
```
vi hbase-site.xml
```
- Add the following content to the end of the hbase-site.xml file:
```
<property>
    <name>hbase.rpc.protection</name>
    <value>privacy</value>
</property>
```
- Press Ecs to exit the editing page.
- Save the added content.
```
:wq
```
Connect to the HBase cluster.
- Configure the ZooKeeper address in the configuration file. For details, see Configure the ZooKeeper address in a configuration file.
- Start the shell to access the cluster.
  Run the bin/hbase shell command to start the shell to access the cluster.

Getting Started with HBase

This section describes common HBase shell commands. For more HBase shell commands, visit https://learnhbase.wordpress.com/2013/03/02/hbase-shell-commands/.

Obtain online help.
After you run the help command in the HBase shell, all command information as well as common command instructions and use methods will be returned.
```
hbase(main):001:0> help
```
Create a table.
Run the create command to create a table. When creating a table, you must specify the table name and column family name.
```
hbase(main):007:0> create 'cloudtable','cf'
0 row(s) in 1.5530 seconds

=> Hbase::Table - cloudtable
```

Query a table.

hbase(main):009:0> list
TABLE
cloudtable
1 row(s) in 0.0060 seconds

=> ["cloudtable"]

Insert a record to a table.
Run the put command to insert a data record to the table. You need to specify the table name, primary key, custom column, and the value to be inserted.
```
hbase(main):004:0> put 'cloudtable','row1','cf:a','value1'
0 row(s) in 0.2720 seconds
```
The parameters in the command are as follows:
- cloudtable: table name
- row1: primary key
- cf:a: custom column
- value1: value to be inserted
Scan records.
Run the scan command to scan a table. You need to specify the table name to scan the entire table or specify a scan range.
```
hbase(main):001:0> scan 'cloudtable'
ROW                                                                  COLUMN+CELL
row1                                                                column=cf:a, timestamp=1504866237162, value=value1
1 row(s) in 0.2420 seconds
```
- If the TTL of a cell is set when data is inserted, the TTL attribute cannot be viewed. However, you can check whether the TTL takes effect.
- If the TTL of a cell is not set when data is inserted, the system automatically inserts the current time as the timestamp.

Query a single record.

Run the get command to query a single record. You must specify the name and the primary key of the table.

hbase(main):001:0> get 'cloudtable','row1'
COLUMN                                                               CELL
cf:a                                                                timestamp=1504866237162, value=value1
1 row(s) in 0.2280 seconds

Disable a table.
Before modifying or deleting a table, you need to disable the table. Run the disable command to disable the table. When you perform operations on a disabled table, ERROR is displayed, indicating that the table is disabled.
```
hbase(main):002:0> disable 'cloudtable'
0 row(s) in 2.3550 seconds
```
Enable a table.
If you want to use a table that has been disabled, run the enable command to enable it.
```
hbase(main):004:0> enable 'cloudtable'
0 row(s) in 1.2500 seconds
```
Delete a table.
Run the drop command to delete a table that is no longer needed. Before deleting a table, disable it first. Otherwise, ERROR will be displayed, indicating that the table is enabled. Deleting a table will cause data loss. Exercise caution when deleting a table.
```
hbase(main):007:0> disable 'cloudtable'
0 row(s) in 2.2380 seconds

hbase(main):008:0> drop 'cloudtable'
0 row(s) in 1.2600 seconds
```
Exit the HBase shell.
Run the quit command to exit the HBase shell.
```
hbase(main):009:0> quit
```