Iceberg Catalog 使用 MinIO 作为存储时, 读写权限报错

Viewed 5
catalog 4.0 3.1

Iceberg Catalog: LakeKeeper 0.11.2
MinIO: minio/minio:RELEASE.2024-10-29T16-01-48Z
Doris: 3.1.4/4.0.3

当使用 vended-credentials-enabled 时, 无论是读表还是写表都会报权限错误

failed to read from : AccessDenied Access Denied. code=FORBIDDEN, type=15, request_id=1895A6DC4C0D2E01failed to read. cur path: s3://iceberg/019c7515-e794-79b2-93a0-44a8d560d1a3/019c7557-e0f1-7232-b98b-9c7be71f7151/data/ba8c85b51c6a41fb-86a0962fecef90a9_a743038d-ce28-45d6-8131-0036c9af5991-0.zstd.parquet

fe log

java.lang.Exception: (be)[E-256]failed to read from : AccessDenied Access Denied. code=FORBIDDEN, type=15, request_id=1895A6DC4C0D2E01failed to read. cur path: s3://iceberg/019c7515-e794-79b2-93a0-44a8d560d1a3/019c7557-e0f1-7232-b98b-9c7be71f7151/data/ba8c85b51c6a41fb-86a0962fecef90a9_a743038d-ce28-45d6-8131-0036c9af5991-0.zstd.parquet
	at org.apache.doris.qe.Coordinator.getNext(Coordinator.java:1198)
	at org.apache.doris.qe.StmtExecutor.executeAndSendResult(StmtExecutor.java:1322)
	at org.apache.doris.qe.StmtExecutor.handleQueryStmt(StmtExecutor.java:1260)
	at org.apache.doris.qe.StmtExecutor.handleQueryWithRetry(StmtExecutor.java:917)
	at org.apache.doris.qe.StmtExecutor.executeByNereids(StmtExecutor.java:824)
	at org.apache.doris.qe.StmtExecutor.execute(StmtExecutor.java:541)
	at org.apache.doris.qe.StmtExecutor.queryRetry(StmtExecutor.java:500)
	at org.apache.doris.qe.StmtExecutor.execute(StmtExecutor.java:485)
	at org.apache.doris.qe.ConnectProcessor.executeQuery(ConnectProcessor.java:311)
	at org.apache.doris.qe.ConnectProcessor.handleQuery(ConnectProcessor.java:198)
	at org.apache.doris.qe.MysqlConnectProcessor.handleQuery(MysqlConnectProcessor.java:231)
	at org.apache.doris.qe.MysqlConnectProcessor.dispatch(MysqlConnectProcessor.java:259)
	at org.apache.doris.qe.MysqlConnectProcessor.processOnce(MysqlConnectProcessor.java:403)
	at org.apache.doris.mysql.ReadListener.lambda$handleEvent$0(ReadListener.java:52)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
	at java.base/java.lang.Thread.run(Thread.java:842)

当使用 vended-credentials-enabled 时, 将 MinIO 桶权限设置为 public 时, 读写无问题.

补充: 当使用静态的 ak 和 sk 时, 读表和写表会卡住一直处在查询状态, Doris 3.0.8 上没有这个问题.

0 Answers
Related Questions
Iceberg Catalog 使用 MinIO 作为存储时, 读写权限报错
写入数据错误不详细,看不出具体问题
2 answers
doris与paimon湖仓一体查询,paimon表delete操作后在doris查询记录为空
1 answers
Doris 4.0.2 Doris Catalog查询经常性挂掉
2 answers
spark 写到doris不能写指定列进去
1 answers
doris-3.1.2 flink doris connector JVM被打满
2 answers