[jira] [Commented] (CASSANDRA-18859) Update installation steps for Debian bases systems
[ https://issues.apache.org/jira/browse/CASSANDRA-18859?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17765916#comment-17765916 ] Michiel Saelen commented on CASSANDRA-18859: If you want you can combine the curl and gpg command to only create the gpg file: {code:java} sudo curl https://downloads.apache.org/cassandra/KEYS | sudo gpg -o /etc/apt/keyrings/cassandra.gpg --dearmor {code} > Update installation steps for Debian bases systems > -- > > Key: CASSANDRA-18859 > URL: https://issues.apache.org/jira/browse/CASSANDRA-18859 > Project: Cassandra > Issue Type: Improvement > Components: Documentation >Reporter: Michiel Saelen >Priority: Normal > > The current installation steps contains the following step to trust the > cassandra package: > curl https://downloads.apache.org/cassandra/KEYS | sudo apt-key add - > Instead, it would be better to use the following steps: > {code:java} > echo "deb [signed-by=/etc/apt/keyrings/cassandra.gpg] > https://debian.cassandra.apache.org 41x main" | sudo tee -a > /etc/apt/sources.list.d/cassandra.sources.list {code} > {code:java} > sudo curl https://downloads.apache.org/cassandra/KEYS -o > /etc/apt/keyrings/cassandra.asc > {code} > {code:java} > sudo gpg -o /etc/apt/keyrings/cassandra.gpg --dearmor > /etc/apt/keyrings/cassandra.asc {code} > {code:java} > sudo apt-get update > {code} > {code:java} > sudo apt-get install cassandra {code} -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Created] (CASSANDRA-18859) Update installation steps for Debian bases systems
Michiel Saelen created CASSANDRA-18859: -- Summary: Update installation steps for Debian bases systems Key: CASSANDRA-18859 URL: https://issues.apache.org/jira/browse/CASSANDRA-18859 Project: Cassandra Issue Type: Improvement Components: Documentation Reporter: Michiel Saelen The current installation steps contains the following step to trust the cassandra package: curl https://downloads.apache.org/cassandra/KEYS | sudo apt-key add - Instead, it would be better to use the following steps: {code:java} echo "deb [signed-by=/etc/apt/keyrings/cassandra.gpg] https://debian.cassandra.apache.org 41x main" | sudo tee -a /etc/apt/sources.list.d/cassandra.sources.list {code} {code:java} sudo curl https://downloads.apache.org/cassandra/KEYS -o /etc/apt/keyrings/cassandra.asc {code} {code:java} sudo gpg -o /etc/apt/keyrings/cassandra.gpg --dearmor /etc/apt/keyrings/cassandra.asc {code} {code:java} sudo apt-get update {code} {code:java} sudo apt-get install cassandra {code} -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-18693) User credentials are validated with LOCAL_QUORUM instead of with LOCAL_ONE
[ https://issues.apache.org/jira/browse/CASSANDRA-18693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17747361#comment-17747361 ] Michiel Saelen commented on CASSANDRA-18693: As by [CASSANDRA-12988] make the consistency level for user-level auth reads and writes configurable - ASF JIRA (apache.org) the implementation changed, but the documentation was not updated. So the issue is in the documentation. > User credentials are validated with LOCAL_QUORUM instead of with LOCAL_ONE > -- > > Key: CASSANDRA-18693 > URL: https://issues.apache.org/jira/browse/CASSANDRA-18693 > Project: Cassandra > Issue Type: Bug >Reporter: Michiel Saelen >Priority: Normal > Attachments: image.png > > > The documentation > ([https://cassandra.apache.org/doc/latest/cassandra/operating/security.html]) > tells us that users should be authenticated with LOCAL_ONE (except the > default user). > From logging we see it is trying with LOCAL_QUORUM.INFO > [Native-Transport-Requests-1] 2023-07-24 14:51:11,526 NoSpamLogger.java:105 - > "Cannot achieve consistency level LOCAL_QUORUM" while executing SELECT > salted_hash FROM system_auth.roles WHERE role = 'test' ALLOW FILTERING > This is detected on C* 4.1.2 (RHEL) -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Created] (CASSANDRA-18693) User credentials are validated with LOCAL_QUORUM instead of with LOCAL_ONE
Michiel Saelen created CASSANDRA-18693: -- Summary: User credentials are validated with LOCAL_QUORUM instead of with LOCAL_ONE Key: CASSANDRA-18693 URL: https://issues.apache.org/jira/browse/CASSANDRA-18693 Project: Cassandra Issue Type: Bug Reporter: Michiel Saelen Attachments: image.png The documentation ([https://cassandra.apache.org/doc/latest/cassandra/operating/security.html]) tells us that users should be authenticated with LOCAL_ONE (except the default user). >From logging we see it is trying with LOCAL_QUORUM.INFO >[Native-Transport-Requests-1] 2023-07-24 14:51:11,526 NoSpamLogger.java:105 - >"Cannot achieve consistency level LOCAL_QUORUM" while executing SELECT >salted_hash FROM system_auth.roles WHERE role = 'test' ALLOW FILTERING This is detected on C* 4.1.2 (RHEL) -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-12106) Add ability to blocklist / denylist a CQL partition so all requests are ignored
[ https://issues.apache.org/jira/browse/CASSANDRA-12106?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17652124#comment-17652124 ] Michiel Saelen commented on CASSANDRA-12106: [~smiklosovic] and [~jmckenzie] is there a follow-up ticket for the auto-deny list or was it merged into 4.1? > Add ability to blocklist / denylist a CQL partition so all requests are > ignored > --- > > Key: CASSANDRA-12106 > URL: https://issues.apache.org/jira/browse/CASSANDRA-12106 > Project: Cassandra > Issue Type: New Feature > Components: Legacy/Local Write-Read Paths, Local/Config >Reporter: Geoffrey Yu >Assignee: Josh McKenzie >Priority: Low > Fix For: 4.1-alpha1, 4.1 > > Attachments: 12106-trunk.txt > > > Sometimes reads/writes to a given partition may cause problems due to the > data present. It would be useful to have a manual way to blocklist / denylist > such partitions so all read and write requests to them are rejected. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-17948) Get warning and errors through virtual tables
[ https://issues.apache.org/jira/browse/CASSANDRA-17948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17613361#comment-17613361 ] Michiel Saelen commented on CASSANDRA-17948: Hi [~smiklosovic], Indeed for our use case, it would be beneficial if you could expose the partitions that crossed the thresholds directly into a virtual table (or have Cassandra protect itself). Blocking further inserts on Cassandra's side sounds like a good improvement to ensure more stability. To give you an example, we noticed Cassandra was struggling during compaction and then noticed we had created a partition of 50G. If the query would fail in this case, would it be possible to tell it is because of the partition size? Next to this, I still believe that making logs available through virtual tables would also be a great feature. Thanks for your input on this > Get warning and errors through virtual tables > - > > Key: CASSANDRA-17948 > URL: https://issues.apache.org/jira/browse/CASSANDRA-17948 > Project: Cassandra > Issue Type: New Feature >Reporter: Michiel Saelen >Priority: Normal > > The warnings and errors are currently only accessible through Cassandra logs. > Automating the monitoring of the nodes would be much easier/secure if we can > make use of virtual tables to get the logs. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-17948) Get warning and errors through virtual tables
[ https://issues.apache.org/jira/browse/CASSANDRA-17948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17613277#comment-17613277 ] Michiel Saelen commented on CASSANDRA-17948: [~smiklosovic], the main reason why we would like to see this implemented is that it would allow us to identify which partitions are the large ones. Currently, we can only know that there is a large partition through virtual tables, but we don't know which ones are large. If we want to investigate which ones are large we need to go through the logs (or analyze the SSTables) and take action. We would prefer if can make our data insertion smarter, so we block data from being inserted that is contributing to the large partitions that are getting too large as a protection mechanism. As our request is very specific, we made it more generic to make it more interesting for everyone. I like the idea of [~rustyrazorblade], but would also make it configurable to set how much MB you want to keep in memory, this way you could speed things up if you ask for example every time the last 5 min of logs. > Get warning and errors through virtual tables > - > > Key: CASSANDRA-17948 > URL: https://issues.apache.org/jira/browse/CASSANDRA-17948 > Project: Cassandra > Issue Type: New Feature >Reporter: Michiel Saelen >Priority: Normal > > The warnings and errors are currently only accessible through Cassandra logs. > Automating the monitoring of the nodes would be much easier/secure if we can > make use of virtual tables to get the logs. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Created] (CASSANDRA-17948) Get warning and errors through virtual tables
Michiel Saelen created CASSANDRA-17948: -- Summary: Get warning and errors through virtual tables Key: CASSANDRA-17948 URL: https://issues.apache.org/jira/browse/CASSANDRA-17948 Project: Cassandra Issue Type: New Feature Reporter: Michiel Saelen The warnings and errors are currently only accessible through SSH connection. Automating the monitoring of the nodes would be much easier/secure if we can make use of virtual tables to get the logs. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org