I always prefer to set the listen interface instead of listen adress Both nodes can be seeds. In fact, there should be more than one seed. Having your first 2 nodes as seeds is usual the correct thing to do. On Sun, Oct 30, 2016 at 8:28 AM Vladimir Yudovin <vla...@winguzone.com> wrote:
> >Empty listen_address and rpc_address. > What do you mean by "Empty"? You should set either ***_address or > ***_interface. Otherwise > Cassandra will not listen on port 9042. > > >Open ports 9042, 7000 and 7001 for external communication. > Only port 9042 should be open to the world, Port 7000 for internode > communication, and 7001 for internode SSL communication (only one of them > is used). > > >What is the best order of steps > Order doesn't really matter. > > >Define both machines as seeds. > It's wrong. Only one (started first) should be seed. > > > >nodetool sees both of them > cqlsh refuses to connect > Can you please give output of > *nodetool status* > and > *netstat -lptn | grep java* > > Best regards, Vladimir Yudovin, > > *Winguzone <https://winguzone.com?from=list> - Hosted Cloud > CassandraLaunch your cluster in minutes.* > > > ---- On Sun, 30 Oct 2016 14:11:55 -0400*Raimund Klein > <chessra...@gmail.com <chessra...@gmail.com>>* wrote ---- > > Hi everyone, > > We've managed to set up a Cassandra 2.2.6 cluster of two physical nodes > (nodetool sees both of them, so I'm quite certain the cluster is indeed > active). My steps to create the cluster were (this applies to both > machines): > > - Empty listen_address and rpc_address. > - Define a cluster_name. > - Define both machines as seeds. > - Open ports 9042, 7000 and 7001 for external communication. > > > > Now I want to secure access to the cluster in all forms: > > - define a different database user with a new password > - encrypt communication bet ween clients and the cluster including client > verification > - encrypt communication between the nodes including verification > > What is the best order of steps and correct way to achieve this? I wanted > to start with defining a different user, but cqlsh refuses to connect after > enforcing user/password authentication: > > cqlsh -u cassandra -p cassandra > Connection error: ('Unable to connect to any servers', {'127.0.0.1': > error(111, "Tried connecting to [('127.0.0.1', 9042)]. Last error: > Connection refused")}) > > > > This happens when I run the command on either of the two machines. Any > help would be greatly appreciated. > >