Return-Path: X-Original-To: apmail-cassandra-user-archive@www.apache.org Delivered-To: apmail-cassandra-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 6E24CE740 for ; Mon, 18 Feb 2013 04:54:56 +0000 (UTC) Received: (qmail 44489 invoked by uid 500); 18 Feb 2013 04:54:53 -0000 Delivered-To: apmail-cassandra-user-archive@cassandra.apache.org Received: (qmail 44267 invoked by uid 500); 18 Feb 2013 04:54:53 -0000 Mailing-List: contact user-help@cassandra.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@cassandra.apache.org Delivered-To: mailing list user@cassandra.apache.org Received: (qmail 44230 invoked by uid 99); 18 Feb 2013 04:54:51 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 18 Feb 2013 04:54:51 +0000 X-ASF-Spam-Status: No, hits=-2.3 required=5.0 tests=RCVD_IN_DNSWL_MED,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of jared.biel@bolderthinking.com designates 74.125.149.76 as permitted sender) Received: from [74.125.149.76] (HELO na3sys009aog106.obsmtp.com) (74.125.149.76) by apache.org (qpsmtpd/0.29) with SMTP; Mon, 18 Feb 2013 04:54:42 +0000 Received: from mail-oa0-f71.google.com ([209.85.219.71]) (using TLSv1) by na3sys009aob106.postini.com ([74.125.148.12]) with SMTP ID DSNKUSGz+xOuaJpbV16i2q9IKZPoAo0rtb0v@postini.com; Sun, 17 Feb 2013 20:54:21 PST Received: by mail-oa0-f71.google.com with SMTP id o6so28318857oag.6 for ; Sun, 17 Feb 2013 20:54:19 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:mime-version:x-received:in-reply-to:references:date :message-id:subject:from:to:content-type:x-gm-message-state; bh=ydETcEWIt5EPoF4ra4nr92mJN50e1zTLhQ1uSyOL6do=; b=giFSuOHwRBFmoumSNX8BczTcjQDtswXMaLhHfZKJouYRj7PNqVjMyL8zazNifmsR7S MZc76FzzZJmWajKTiAAe0K3u73W2WJtCvZF6wrmoYyZaLltKDaQYD2fnTvxagl0RhQQz xkY364h/7shBCYKKayjSLqZVgH7oIQRwQXSGBRp12+HDcWhnX/BDIrGdk6bG6enPyisT PGnt2LQlhkZT7JQSIN/OFeCaIERNNbXpn3B1P69toTmSGS6KFPxQKVVumAOC/uGXXk89 w2XyT/7uQwQ3/27tGV6wMH+7c7dX0glsA35TXHImZ9CptGtvy3gs6ZvnlXaaZBa/1SxE XydQ== X-Received: by 10.60.3.193 with SMTP id e1mr5695280oee.39.1361163258971; Sun, 17 Feb 2013 20:54:18 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.60.3.193 with SMTP id e1mr5695275oee.39.1361163258761; Sun, 17 Feb 2013 20:54:18 -0800 (PST) Received: by 10.60.132.42 with HTTP; Sun, 17 Feb 2013 20:54:18 -0800 (PST) In-Reply-To: References: Date: Sun, 17 Feb 2013 22:54:18 -0600 Message-ID: Subject: Re: Nodetool doesn't shows two nodes From: Jared Biel To: user@cassandra.apache.org Content-Type: text/plain; charset=UTF-8 X-Gm-Message-State: ALoCoQkPOXPr0cX7VLnHd3SDNyRB2oY+obk9tPCLVE0iZn90lnD08fob3UOaZ9/AhiMVybgPq6Km10/V3AM/UeJ8EREnMOxrlIBqaKfD/WaOfIiTTZmbrdjoCmYbbCPqLmUZFZMerKOgxa7hq+ajpXEc2SBXs4JT+lmSP3+TmVfy4RSZL9d8it4= X-Virus-Checked: Checked by ClamAV on apache.org This is something that I found while using the multi-region snitch - it uses public IPs for communication. See the original ticket here: https://issues.apache.org/jira/browse/CASSANDRA-2452. It'd be nice if it used the private IPs to communicate with nodes that are in the same region as itself, but I do not believe this is the case. Be aware that you will be charged for external data transfer even for nodes in the same region because the traffic will not fall under their free (for same AZ) or reduced (for intra-AZ) tiers. If you continue using this snitch in the mean time, it is not necessary (or recommended) to have those ports open to 0.0.0.0/0. You'll simply need to add the public IPs of your C* servers to the correct security group(s) to allow access. There's something else that's a little strange about the EC2 snitches: "us-east-1" is (incorrectly) represented as the datacenter "us-east". Other regions are recognized and named properly (us-west-2 for example) This is kind-of covered in the ticket here: https://issues.apache.org/jira/browse/CASSANDRA-4026 I wish it could be fixed properly. Good luck! On 17 February 2013 16:16, Boris Solovyov wrote: > OK. I got it. I realized that storage_port wasn't actually open between the > nodes, because it is using the public IP. (I did find this information in > the docs, after looking more... it is in section on "Types of snitches." It > explains everything I found by try and error.) > > After opening this port 7000 to all IP addresses, the cluster boots OK and > the two nodes see each other. Now I have the happy result. But my nodes are > wide open to the entire internet on port 7000. This is a serious problem. > This obviously can't be put into production. > > I definitely need cross-continent deployment. Single AZ or single region > deployment is not going to be enough. How do people solve this in practice?