>Both nodes can be seeds.
Probably I misunderstood Raimund as setting each node as the only seed. If he
set both IP on both nodes it's OK.
Best regards, Vladimir Yudovin,
Winguzone - Hosted Cloud Cassandra
Launch your cluster in minutes.
---- On Sun, 30 Oct 2016 14:48:00 -0400Jonathan Haddad
<j...@jonhaddad.com> wrote ----
I always prefer to set the listen interface instead of listen adress
Both nodes can be seeds. In fact, there should be more than one seed. Having
your first 2 nodes as seeds is usual the correct thing to do.
On Sun, Oct 30, 2016 at 8:28 AM Vladimir Yudovin <vla...@winguzone.com>
wrote:
>Empty listen_address and rpc_address.
What do you mean by "Empty"? You should set either ***_address or
***_interface. Otherwise
Cassandra will not listen on port 9042.
>Open ports 9042, 7000 and 7001 for external communication.
Only port 9042 should be open to the world, Port 7000 for internode
communication, and 7001 for internode SSL communication (only one of them is
used).
>What is the best order of steps
Order doesn't really matter.
>Define both machines as seeds.
It's wrong. Only one (started first) should be seed.
>nodetool sees both of them
cqlsh refuses to connect
Can you please give output of
nodetool status
and
netstat -lptn | grep java
Best regards, Vladimir Yudovin,
Winguzone - Hosted Cloud Cassandra
Launch your cluster in minutes.
---- On Sun, 30 Oct 2016 14:11:55 -0400Raimund Klein
<chessra...@gmail.com> wrote ----
Hi everyone,
We've managed to set up a Cassandra 2.2.6 cluster of two physical nodes
(nodetool sees both of them, so I'm quite certain the cluster is indeed
active). My steps to create the cluster were (this applies to both machines):
- Empty listen_address and rpc_address.
- Define a cluster_name.
- Define both machines as seeds.
- Open ports 9042, 7000 and 7001 for external communication.
Now I want to secure access to the cluster in all forms:
- define a different database user with a new password
- encrypt communication bet ween clients and the cluster including client
verification
- encrypt communication between the nodes including verification
What is the best order of steps and correct way to achieve this? I wanted to
start with defining a different user, but cqlsh refuses to connect after
enforcing user/password authentication:
cqlsh -u cassandra -p cassandra
Connection error: ('Unable to connect to any servers', {'127.0.0.1': error(111,
"Tried connecting to [('127.0.0.1', 9042)]. Last error: Connection refused")})
This happens when I run the command on either of the two machines. Any help
would be greatly appreciated.
