cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jonathan Haddad <...@jonhaddad.com>
Subject Re: Securing a Cassandra 2.2.6 Cluster
Date Sun, 30 Oct 2016 18:26:16 GMT
Dis you try the external IP with cqlsh?
On Sun, Oct 30, 2016 at 8:12 AM Raimund Klein <chessray77@gmail.com> wrote:

> Hi everyone,
>
> We've managed to set up a Cassandra 2.2.6 cluster of two physical nodes
> (nodetool sees both of them, so I'm quite certain the cluster is indeed
> active). My steps to create the cluster were (this applies to both
> machines):
>
>  - Empty listen_address and rpc_address.
>  - Define a cluster_name.
>  - Define both machines as seeds.
>  - Open ports 9042, 7000 and 7001 for external communication.
>
>
>
> Now I want to secure access to the cluster in all forms:
>
>  - define a different database user with a new password
>  - encrypt communication bet ween clients and the cluster including client
> verification
>  - encrypt communication between the nodes including verification
>
> What is the best order of steps and correct way to achieve this? I wanted
> to start with defining a different user, but cqlsh refuses to connect after
> enforcing user/password authentication:
>
> cqlsh -u cassandra -p cassandra
> Connection error: ('Unable to connect to any servers', {'127.0.0.1':
> error(111, "Tried connecting to [('127.0.0.1', 9042)]. Last error:
> Connection refused")})
>
>
>
> This happens when I run the command on either of the two machines. Any
> help would be greatly appreciated.
>
>

Mime
View raw message