Halaman ini belum tersedia dalam bahasa lokal Anda. Kami berusaha keras untuk menambahkan lebih banyak versi bahasa. Terima kasih atas dukungan Anda.
CloudTable Service
CloudTable Service
- Service Overview
- Billing
- Getting Started
-
User Guide
-
HBase User Guide
-
HBase Cluster Management
- Overview
- Managing Clusters
- Preparing an ECS
- Using HBase
- HBase Cold and Hot Data Separation
- HBase Thrift Server
- HBase Security Channel Encryption
- HBase Batch Data Import
- HBase Monitoring Clusters
- Self-Healing from HBase Hotspotting
- Global Secondary Indexes
-
HBase Cluster Management
-
ClickHouse User Guide
-
ClickHouse Cluster Management
- Overview
- Managing ClickHouse Clusters
- Using ClickHouse
- Migrating ClickHouse Data
- ClickHouse User Management
- ClickHouse Role Management
- ClickHouse Slow Query Management
- Configuring Secure Channel Encryption for ClickHouse Clusters
- Application of ClickHouse Cold and Hot Data Separation
- ClickHouse Monitoring Clusters
-
ClickHouse Cluster Management
- Permissions Management
- Audit Logs
- Cluster Log Management
-
HBase User Guide
-
Developer Guide
- HBase Application Development Guide
- ClickHouse Application Development Guide
-
FAQs
-
General
- What Services Does a CloudTable Cluster Provide?
- Why Do I Choose CloudTable Service?
- How Do I Prepare for Creating a CloudTable HBase Cluster?
- What Should I Pay Attention to When Using CloudTable Service?
- What Compression Algorithms Are Supported by CloudTable HBase Clusters?
- Can I Stop CloudTable Service?
- Which Programming Languages Are Supported by HBase External APIs in CloudTable?
- How Do I Determine the Number of Faulty RegionServers?
- What Special Characters Does CloudTable HBase Support?
- What Can I Do If the Index Table Does Not Match the Data Table After CloudTable Data Is Deleted?
- What Should I Do If Concurrent Tasks Run Slowly When Python Accesses CloudTable Through Thrift?
- How do I view the TTL attribute of HBase shell?
- Why Are My Server Resources Released?
- How Do I Delete a Cluster?
- How Do I Stop Services and Release Resources?
-
Connection and Access
- How Do I Access a CloudTable Cluster?
- Can I Use SSH to Access Computing Nodes of CloudTable?
- Why Can't I Access HBase After the ZK Address Is Configured?
- Why Is the Error "Will not attempt to authenticate using SASL (unknown error)" Reported When Connecting to HBase?
- How Do I View the IP Address Corresponding to a Domain Name in a CloudTable Link?
- How Do I Access CloudTable from Other Cloud Services?
- Can I Configure the hbase-site.xml File?
- How Do I Query the Creation Time of a Table in CloudTable HBase?
-
Data Read/Write
- Is Raw Data Stored in CloudTable HBase?
- Why Can't I Write Data to HBase?
- What Is the Maximum Size of Data Written to the HBase Cluster?
- How Do I Check the Daily Incremental Data in HBase Tables?
- What Should I Do If an Error Is Reported When I Access the CloudTable HBase Cluster?
- How Do I Delete the Backup Table of the ZooKeeper Node in the ClickHouse Cluster?
- What Should I Do If a Database Missing Error Occurs When a Table Is Created in the ClickHouse Cluster?
- Billing FAQs
-
General
- General Reference
On this page
Help Center/
CloudTable Service/
User Guide/
ClickHouse User Guide/
ClickHouse Cluster Management/
Configuring Secure Channel Encryption for ClickHouse Clusters
Copied.
Configuring Secure Channel Encryption for ClickHouse Clusters
You can enable secure channel encryption to encrypt data transmission. This section describes how to enable HTTPS for a ClickHouse cluster.
Enabling Channel Encryption
- Log in to the CloudTable console.
- Click
in the upper left corner to select a region. - Click Buy Cluster in the upper right corner.
- Check whether Enable Channel Encryption (which is toggled on by default) is toggled on after completing other configurations.
Figure 1 Enabling channel encryption
NOTE:
- Disabling HTTPS will pose risks to enterprise services.
- The HTTPS option is enabled during cluster creation and cannot be disabled later.
- If the HTTPS option is not enabled during cluster creation, it cannot be enabled later.
- Complete the parameter setting and click Next.
- Confirm the cluster specification order information on the displayed page and submit the order. After the cluster is created, go to its details page to view the channel status.
Enabling Secure and Non-Secure Channels
- Log in to the CloudTable console.
- Click
in the upper left corner to select a region. - Click Buy Cluster in the upper right corner.
- Complete the parameter setting and click Next.
- On the displayed page, confirm the cluster specification order information and click Submit. The cluster creation task is submitted.
- After the cluster is created, go to its details page and toggle Enable Secure and Non-secure Channels on. In the displayed dialog box, confirm the information and click OK.
NOTE:
- The cluster restarts after the secure channels are enabled on the cluster details page.
- The secure and non-secure channels cannot be disabled after being enabled concurrently.
Connecting to a Security Cluster
- Click the name of the target security cluster to download the certificates on its details page.
- Connect to the client and specify the configuration file.
./clickhouse client --host Private IP address of the cluster --port port --user admin --password Password --secure --config-file /root/config.xml
Configure files.
<config> <secure>true</secure> <openSSL> <client> <caConfig>/etc/ssl/certificate.crt</caConfig> </client> </openSSL> </config>NOTE:
- <caConfig>/etc/ssl/certificate.crt</caConfig> indicates the path where certificates are stored.
- root indicates the path for storing the configuration file.
- Certificates can be downloaded only once per minute.
HTTPS Connection
- Click the name of the target security cluster to download the certificates on its details page.
- Specify the path for storing the certificates.
- Execute the sample SQL statement through HTTPS.
echo 'select 1' | curl -H 'X-ClickHouse-User: user' -H 'X-ClickHouse-Key: password' --cacert /clickhouse/client/client/bin/certificate.crt 'https://host:port/?' --data-binary @-
- select 1 indicates the executed SQL statement.
- user indicates the username.
- password indicates the password created during cluster creation.
- /clickhouse/client/client/bin/certificate.crt indicates the path for storing the certificates.
-
host indicates the private IP address and port indicates the HTTPS port.
JDBC Connection
public void run()
throws InterruptedException {
final ClickHouseProperties clickHouseProperties = new ClickHouseProperties();
// There will be security risks if the password used for authentication is directly written into code. Encrypt the password in the configuration file or environment variables for storage;
// In this example, the password is stored in environment variables for identity authentication. Before running the code in this example, configure environment variable CK_PASSWORD.
String password = System.getenv("CK_PASSWORD");
clickHouseProperties.setSslRootCertificate("/etc/ssl/certificate.crt");
clickHouseProperties.setSsl(true);
clickHouseProperties.setSslMode("strict");
clickHouseProperties.setUser("test");
clickHouseProperties.setPassword(password);
clickHouseProperties.setSocketTimeout(2 * 3600 * 1000);
final BalancedClickhouseDataSource dataSource = new BalancedClickhouseDataSource("xxxx.mycloudtable.com:8443/default?ssl=true", clickHouseProperties);
try {
final ClickHouseConnection conn = dataSource.getConnection();
conn.createStatement().executeQuery("select now()");
} catch (Throwable e) {
e.printStackTrace();
}
}NOTE:
/etc/ssl/certificate.crt in clickHouseProperties.setSslRootCertificate("/etc/ssl/certificate.crt"); indicates the path for storing the certificates.
Parent topic: ClickHouse Cluster Management
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
