tongke6
commented
2 days ago Sorry, 我没有理解你的问题,能否具体描述一下?
比如,alice/bob 可以对另外一方数据进行授权,是什么意思?目前只有数据 owner 可以对数据进行授权,不存在你说的问题。
Closed gurenwangyue closed 2 days ago
tongke6
commented
2 days ago Sorry, 我没有理解你的问题,能否具体描述一下?
比如,alice/bob 可以对另外一方数据进行授权,是什么意思?目前只有数据 owner 可以对数据进行授权,不存在你说的问题。
gurenwangyue
commented
2 days ago 我使用P2P模式创建了两个节点(各一台机器),其中alice是10.83.179.9,bob是10.83.179.12,在任意一个节点都可以执行以下全部操作,这样是没问题的吗: ==============Alice创建项目并邀请Bob加入=================
./brokerctl create project --project-id "demo" --host http://10.83.179.9:8180 ./brokerctl get project --host http://10.83.179.9:8180 ./brokerctl invite bob --project-id "demo" --host http://10.83.179.9:8180
./brokerctl get invitation --host http://10.83.179.12:8180 ./brokerctl process invitation 1 --response "accept" --project-id "demo" --host http://10.83.179.12:8180 ./brokerctl get project --host http://10.83.179.12:8180
./brokerctl create table ta --project-id "demo" --columns "ID string, credit_rank int, income int, age int" --ref-table alice.user_credit --db-type mysql --host http://10.83.179.9:8180 ./brokerctl get table ta --host http://10.83.179.9:8180 --project-id "demo"
./brokerctl create table tb --project-id "demo" --columns "ID string, order_amount double, is_active int" --ref-table bob.user_stats --db-type mysql --host http://10.83.179.12:8180 ./brokerctl get table tb --host http://10.83.179.12:8180 --project-id "demo"
=========================授权CCL===========================
./brokerctl grant alice PLAINTEXT --project-id "demo" --table-name ta --column-name ID --host http://10.83.179.9:8180 ./brokerctl grant alice PLAINTEXT --project-id "demo" --table-name ta --column-name credit_rank --host http://10.83.179.9:8180 ./brokerctl grant alice PLAINTEXT --project-id "demo" --table-name ta --column-name income --host http://10.83.179.9:8180 ./brokerctl grant alice PLAINTEXT --project-id "demo" --table-name ta --column-name age --host http://10.83.179.9:8180
./brokerctl grant bob PLAINTEXT_AFTER_JOIN --project-id "demo" --table-name ta --column-name ID --host http://10.83.179.9:8180 ./brokerctl grant bob PLAINTEXT_AFTER_GROUP_BY --project-id "demo" --table-name ta --column-name credit_rank --host http://10.83.179.9:8180 ./brokerctl grant bob PLAINTEXT_AFTER_AGGREGATE --project-id "demo" --table-name ta --column-name income --host http://10.83.179.9:8180 ./brokerctl grant bob PLAINTEXT_AFTER_COMPARE --project-id "demo" --table-name ta --column-name age --host http://10.83.179.9:8180 ./brokerctl grant bob PLAINTEXT --project-id "demo" --table-name tb --column-name ID --host http://10.83.179.12:8180 ./brokerctl grant bob PLAINTEXT --project-id "demo" --table-name tb --column-name order_amount --host http://10.83.179.12:8180 ./brokerctl grant bob PLAINTEXT --project-id "demo" --table-name tb --column-name is_active --host http://10.83.179.12:8180
./brokerctl grant alice PLAINTEXT_AFTER_JOIN --project-id "demo" --table-name tb --column-name ID --host http://10.83.179.12:8180 ./brokerctl grant alice PLAINTEXT_AFTER_COMPARE --project-id "demo" --table-name tb --column-name is_active --host http://10.83.179.12:8180 ./brokerctl grant alice PLAINTEXT_AFTER_AGGREGATE --project-id "demo" --table-name tb --column-name order_amount --host http://10.83.179.12:8180
tongke6
commented
2 days ago 这是用一个上帝视角模拟两个机构。在实际的部署情况下,alice 是无法访问 bob 的 broker intra 端口的,也就是 broker intra 服务只能域内访问。
gurenwangyue
commented
2 days ago 那在实际部署中通过哪个或者哪些参数来避免Alice/bob无法互相访问对方的broker intra端口的呢
tongke6
commented
2 days ago 这个是经典的端口或者网络隔离问题呀。intra 有自己的端口,不开放给域外访问就行。
gurenwangyue
commented
2 days ago 哦哦 明白了 感谢 我这个运维小白问了一些低端问题哈 非常感谢哈
gurenwangyue
commented
1 day ago 我把 两边conf.yml文件修改intra-server的host的参数:
重启docker-compo
se后,报这个错,该如何解决啊
tongke6
commented
1 day ago 容器里的 localhost 地址无法 published 到 host 上给外面访问?可以尝试 google 一下看看 docker 端口 bind 的问题哈
gurenwangyue
commented
1 day ago 好的 谢谢大佬
Issue Type
CCL
Have you searched for existing issues?
Yes
Link to Relevant Documentation
No response
Question Details