One place for hosting & domains

      Cassandra

      How to Install Apache Cassandra on CentOS 8


      Updated by Linode Contributed by Linode

      After completing this guide, you will have a single-node, production-ready installation of Apache Cassandra hosted on your Linode running CentOS 8. This tutorial will cover basic configuration options, as well as how to harden and secure your database.

      Note

      In order to successfully execute the commands in this guide, you will need to run them as the root user, or log in using an account with root privileges, prefixing each command with sudo.

      Before You Begin

      1. Complete the Getting Started guide for setting up a new Linode.
      2. While it is recommended you complete the entire Securing Your Server guide, at minimum, you should add a limited user account.

      Add Repositories and GPG Keys

      1. Install the “yum-utils” package:

        sudo yum install yum-utils -y
        
      2. Add the Datastax repository so that we can install the required Cassandra software in a later step:

        sudo yum-config-manager --add-repo http://rpm.datastax.com/community
        
      3. Add the public key for the Datastax repository. Create a directory for the downloaded key:

        mkdir ~/.keys
        
      4. Navigate to the .keys directory and download the public key using curl:

        curl -o repo_key http://rpm.datastax.com/rpm/repo_key
        
      5. The key should now be contained in a file called “repo_key”. Install the key with the package manager:

        sudo rpm --import repo_key
        

      Install Cassandra and Supporting Applications

      In this section, you will update your Linux system software, install package dependencies, Java, and Cassandra.

      1. Install Cassandra, Java, and NTP:

        sudo yum update && sudo yum upgrade
        sudo yum install java dsc30 cassandra30-tools
        
      2. Install Python. The Cassandra cqlsh interpreter requires Python in order to run. You will use this interpreter in later sections of this guide.

        sudo dnf install python2
        

      Activate Cassandra

      1. Enable Cassandra on system boot and verify that it is running:

        sudo systemctl enable cassandra
        sudo systemctl start cassandra
        sudo systemctl -l status cassandra
        
      2. Check the status of the Cassandra cluster:

        nodetool status
        

        If UN is displayed in the output, the cluster is working. Your output should resemble the following:

          
        Status=Up/Down
        |/ State=Normal/Leaving/Joining/Moving
        --  Address    Load       Tokens       Owns (effective)  Host ID                               Rack
        UN  127.0.0.1  103.51 KiB  256          100.0%            c43a2db6-8e5f-4b5e-8a83-d9b6764d923d  rack1
            
        

        If you receive connection errors, open the cassandra-env.sh file in a text editor.

        sudo vim /etc/cassandra/conf/cassandra-env.sh
        

        Search for -Djava.rmi.server.hostname= in the file. Uncomment this line and add your loopback address or public IP address by replacing <public name> at the end of the line:

        CentOS /etc/cassandra/conf/cassandra-env.sh
        1
        2
        3
        4
        5
        6
        
        . . .
        
        JVM_OPTS="$JVM_OPTS -Djava.rmi.server.hostname=<public name>"
        
        . . .
            

      Configure Cassandra

      Enable Security Features

      In this section, you will enable user login authentication. You can also configure other security settings based on your project’s needs.

      1. Make a backup of the Cassandra configuration file cassandra.yaml.

        sudo cp /etc/cassandra/conf/cassandra.yaml /etc/cassandra/conf/cassandra.yaml.backup
        
      2. Open cassandra.yaml in your preferred text editor:

        Note

        Locations of the cassandra.yaml file may differ slightly between distros.

        sudo vim /etc/cassandra/conf/cassandra.yaml
        
      3. Match the following variables in the file to the values shown in the example file. If any values are commented out, uncomment them. The rest of the properties found in the cassandra.yaml file should be set based on your project’s particular requirements and how you plan to utilize Cassandra. The default configuration should work well for development.

        CentOS /etc/cassandra/conf/cassandra.yaml
         1
         2
         3
         4
         5
         6
         7
         8
         9
        10
        
        . . .
        
        authenticator: org.apache.cassandra.auth.PasswordAuthenticator
        authorizer: org.apache.cassandra.auth.CassandraAuthorizer
        role_manager: CassandraRoleManager
        roles_validity_in_ms: 0
        permissions_validity_in_ms: 0
        
        . . .
            

        More information about this file can be found in the Cassandra Configuration File guide in Apache’s official documentation.

      4. After editing the configuration file restart Cassandra.

        sudo systemctl restart cassandra
        

      Add An Administration Superuser

      1. Open the Cassandra command terminal by typing cqlsh. Log in with the credentials shown below for the default user cassandra:

        cqlsh -u cassandra -p cassandra
        
      2. Create a new superuser. Replace the brackets as well as the content inside with the applicable information:

        CREATE ROLE [new_superuser] WITH PASSWORD = '[secure_password]' AND SUPERUSER = true AND LOGIN = true;
        
      3. Log out by typing exit.

      4. Log back in with the new superuser account and replace the username and password with your new credentials:

        cqlsh -u new-super-user -p my-scecure-password
        
      5. Remove the elevated permissions from the Cassandra account:

        ALTER ROLE cassandra WITH PASSWORD = 'cassandra' AND SUPERUSER = false AND LOGIN = false;
        REVOKE ALL PERMISSIONS ON ALL KEYSPACES FROM cassandra;
        
      6. Grant all permissions to the new superuser account. Replace the brackets and contents inside with your superuser account username:

        GRANT ALL PERMISSIONS ON ALL KEYSPACES TO '[superuser]';
        
      7. Log out by typing exit.

      Edit The Console Configuration File

      The cqlshrc file holds configuration settings that influence user preferences and how Cassandra performs certain tasks.

      Note

      Ensure you complete the steps in this section using your limited user account. This account will need sudo privileges, if it does not already have them.

      Since your Cassandra username and password can be stored in plaintext, the cqlshrc file should only be accessible to your administrative user account, and is designed to be inaccessible to other accounts on your Linux system.

      Caution

      Do not complete this section as the root user. Before proceeding, fully evaluate the security risks and consequences to your node cluster before adding the [authentication] section.

      1. Create the file cqlshrc using your preferred text editor. If the ~/.cassandra directory does not exist, create it:

        sudo mkdir ~/.cassandra
        sudo vim ~/.cassandra/cqlshrc
        
      2. Copy any sections below that you wish to add to your configuration, and ensure you replace the superuser and password value in brackets with your own values. Details for this file can be found in the Configuring cqlsh From a File guide on the DataStax site.

        Note

        You can find a sample file containing all the configuration options in the example /etc/cassandra/conf/cqlshrc.sample file.

        ~/.cassandra/cqlshrc
         1
         2
         3
         4
         5
         6
         7
         8
         9
        10
        11
        12
        13
        14
        15
        16
        17
        18
        19
        20
        21
        22
        23
        24
        25
        26
        27
        28
        29
        
        ;; Options that are common to both COPY TO and COPY FROM
        
        [copy]
        ;; The string placeholder for null values
        nullval=null
        ;; For COPY TO, controls whether the first line in the CSV output file will
        ;; contain the column names.  For COPY FROM, specifies whether the first
        ;; line in the CSV file contains column names.
        header=true
        ;; The string literal format for boolean values
        boolstyle = True,False
        ;; Input login credentials here to automatically login to the Cassandra command line without entering them each time. When this
        ;; is enabled, just type "cqlsh" to start Cassandra.
        [authentication]
        username=[superuser]
        password=[password]
        
        ;; Uncomment to automatically use a certain keyspace on login
        ;; keyspace=[keyspace]
        
        [ui]
        color=on
        datetimeformat=%Y-%m-%d %H:%M:%S%z
        completekey=tab
        ;; The number of digits displayed after the decimal point
        ;; (note that increasing this to large numbers can result in unusual values)
        float_precision = 5
        ;; The encoding used for characters
        encoding = utf8
      3. Save and close the file.

      4. Update the cqlshrc file and directory with the following permissions:

        sudo chmod 440 ~/.cassandra/cqlshrc
        sudo chmod 700 ~/.cassandra
        
      5. Login by typing the command below. You will be prompted to enter your password. The cqlsh command terminal should open, and your superuser name should be visible in the command line.

        cqlsh -u superuser
        

        Note

        You can also login by providing your username and password:

        cqlsh -u superuser -p password
        

      Rename the Cluster

      In this section, you will update your default cluster name from “Test Cluster” to your desired name.

      1. Log into the cqlsh control terminal if you are not already logged in.

        cqlsh -u superuser
        
      2. Replace [new_name] with your new cluster name:

        UPDATE system.local SET cluster_name = '[new_name]' WHERE KEY = 'local';
        
      3. Type exit to return to the Linux command line.

      4. Edit the cassandra.yaml file and replace the value in the cluster_name variable with the new cluster name you just set.

        sudo vim /etc/cassandra/conf/cassandra.yaml
        
      5. Save and close.

      6. From the Linux terminal (not cqlsh) clear the system cache. This command will not disturb your node’s data.

        nodetool flush system
        
      7. Restart Cassandra:

        sudo systemctl restart cassandra
        
      8. Log in with cqlsh and verify the new cluster name is visible.

        cqlsh -u superuser
        
          
        Connected to my-cluster-name at 127.0.0.1:9042.
        [cqlsh 5.0.1 | Cassandra 4.0 | CQL spec 3.4.5 | Native protocol v4]
        Use HELP for help.
        [email protected]>
            
        

      Where To Go From Here

      Be sure to check out the links in the More Information section, which will help you further configure Cassandra to your needs, as well as provide resources to improve your understanding and ability to use Cassandra.

      To fully utilize the capabilities of Cassandra in a production setting, additional nodes should be added to your cluster. See the companion guide Adding Nodes to an Existing Cluster for more information.

      More Information

      You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.

      This guide is published under a CC BY-ND 4.0 license.



      Source link

      How to Install Apache Cassandra on Debian 9


      Updated by Linode Contributed by Linode

      After completing this guide, you will have a single-node, production-ready installation of Apache Cassandra hosted on your Linode running Debian 9. This tutorial will cover basic configuration options, as well as harden database security.

      Note

      In order to successfully execute the commands in this guide, you will need to run them as the root user, or log in using an account with root privileges, prefixing each command with sudo.

      Before You Begin

      1. Complete the Getting Started guide for setting up a new Linode.
      2. While it is recommended you complete the entire Securing Your Server guide, at minimum, you should add a limited user account.

      Install Cassandra and Supporting Applications

      In this section, you will install package dependencies, Java, Cassandra, and update your Linux system software.

      1. Update your system’s software packages:

        sudo apt update
        
      2. Install the required package dependencies:

        sudo apt install apt-transport-https ca-certificates wget dirmngr gnupg software-properties-common
        
      3. Import the repository’s GPG key using wget and add the AdoptOpenJDK APT repository:

        wget -qO - https://adoptopenjdk.jfrog.io/adoptopenjdk/api/gpg/key/public | sudo apt-key add -
        sudo add-apt-repository --yes https://adoptopenjdk.jfrog.io/adoptopenjdk/deb/
        
      4. Install Java 8:

        sudo apt update
        sudo apt install adoptopenjdk-8-hotspot
        
      5. Verify the version of Java you just installed:

        java -version
        
      6. Add Cassandra’s GPG keys:

        wget -q -O - https://www.apache.org/dist/cassandra/KEYS | sudo apt-key add -
        
      7. Add the Cassandra repository to your Debian system’s sources list:

        sudo sh -c 'echo "deb http://www.apache.org/dist/cassandra/debian 311x main" > /etc/apt/sources.list.d/cassandra.list'
        

        Note

        You may want to follow the link to the Apache repository to confirm that “40x” is the latest available version.

      8. Update your packages index and install Cassandra:

        sudo apt update
        sudo apt install cassandra
        

      Activate Cassandra

      1. Enable Cassandra on system boot and verify that it is running:

        sudo systemctl enable cassandra
        sudo systemctl start cassandra
        sudo systemctl -l status cassandra
        
      2. Check the status of the Cassandra cluster:

        nodetool status
        

        If UN is displayed in the output, the cluster is working. Your output should resemble the following:

          
        Status=Up/Down
        |/ State=Normal/Leaving/Joining/Moving
        --  Address    Load       Tokens       Owns (effective)  Host ID                               Rack
        UN  127.0.0.1  103.51 KiB  256          100.0%            c43a2db6-8e5f-4b5e-8a83-d9b6764d923d  rack1
            
        

        If you receive connection errors, open the cassandra-env.sh file in a text editor.

        sudo vim /etc/cassandra/cassandra-env.sh
        

        Search for -Djava.rmi.server.hostname= in the file. Uncomment this line and add your loopback address or public IP address by replacing <public name> at the end of the line:

        Debian /etc/cassandra/conf/cassandra-env.sh
        1
        2
        3
        4
        5
        6
        
        . . .
        
        JVM_OPTS="$JVM_OPTS -Djava.rmi.server.hostname=<public name>"
        
        . . .
            

      Configure Cassandra

      Enable Security Features

      In this section, you will enable user login authentication. You can also configure other security settings based on your project’s needs.

      1. Make a backup of the Cassandra configuration file cassandra.yaml.

        sudo cp /etc/cassandra/cassandra.yaml /etc/cassandra/cassandra.yaml.backup
        
      2. Open cassandra.yaml in your preferred text editor:

        Note

        Locations of the cassandra.yaml file may differ slightly between distros.

        sudo vim /etc/cassandra/cassandra.yaml
        
      3. Match the following variables in the file to the values shown in the example file. If any values are commented out, uncomment them. The rest of the properties found in the cassandra.yaml file should be set based on your project’s particular requirements and how you plan to utilize Cassandra. The default configuration should work well for development.

        Debian /etc/cassandra/cassandra.yaml
         1
         2
         3
         4
         5
         6
         7
         8
         9
        10
        
        . . .
        
        authenticator: org.apache.cassandra.auth.PasswordAuthenticator
        authorizer: org.apache.cassandra.auth.CassandraAuthorizer
        role_manager: CassandraRoleManager
        roles_validity_in_ms: 0
        permissions_validity_in_ms: 0
        
        . . .
            

        More information about this file can be found in the Cassandra Configuration File guide in Apache’s official documentation.

      4. After editing the configuration file restart Cassandra.

        sudo systemctl restart cassandra
        

      Add An Administration Superuser

      1. Open the Cassandra command terminal by typing cqlsh. Log in with the credentials shown below for the default user cassandra:

        cqlsh -u cassandra -p cassandra
        
      2. Create a new superuser. Replace the brackets as well as the content inside with the applicable information:

        CREATE ROLE [new_superuser] WITH PASSWORD = '[secure_password]' AND SUPERUSER = true AND LOGIN = true;
        
      3. Log out by typing exit.

      4. Log back in with the new superuser account and replace the username and password with your new credentials:

        cqlsh -u new-super-user -p my-secure-password
        
      5. Remove the elevated permissions from the Cassandra account:

        ALTER ROLE cassandra WITH PASSWORD = 'cassandra' AND SUPERUSER = false AND LOGIN = false;
        REVOKE ALL PERMISSIONS ON ALL KEYSPACES FROM cassandra;
        
      6. Grant all permissions to the new superuser account. Replace the brackets and contents inside with your superuser account username:

        GRANT ALL PERMISSIONS ON ALL KEYSPACES TO [superuser];
        
      7. Log out by typing exit.

      Edit The Console Configuration File

      The cqlshrc file holds configuration settings that influence user preferences and how Cassandra performs certain tasks.

      Note

      Ensure you complete the steps in this section using your limited user account. This account will need sudo privileges, if it does not already have them.

      Since your Cassandra username and password can be stored in plaintext, the cqlshrc file should only be accessible to your administrative user account, and is designed to be inaccessible to other accounts on your Linux system.

      Caution

      Do not complete this section as the root user. Before proceeding, fully evaluate the security risks and consequences to your node cluster before adding the [authentication] section.

      1. Create the file cqlshrc using your preferred text editor. If the ~/.cassandra directory does not exist, create it:

        sudo mkdir ~/.cassandra
        sudo vim ~/.cassandra/cqlshrc
        
      2. Copy any sections below that you wish to add to your configuration, and ensure you replace the superuser and password value in brackets with your own values. Details for this file can be found in the Configuring cqlsh From a File guide on the DataStax site.

        ~/.cassandra/cqlshrc
         1
         2
         3
         4
         5
         6
         7
         8
         9
        10
        11
        12
        13
        14
        15
        16
        17
        18
        19
        20
        21
        22
        23
        24
        25
        26
        27
        28
        29
        30
        31
        32
        33
        
        . . .
        
        ;; Options that are common to both COPY TO and COPY FROM
        
        [copy]
        ;; The string placeholder for null values
        nullval=null
        ;; For COPY TO, controls whether the first line in the CSV output file will
        ;; contain the column names.  For COPY FROM, specifies whether the first
        ;; line in the CSV file contains column names.
        header=true
        ;; The string literal format for boolean values
        boolstyle = True,False
        ;; Input login credentials here to automatically login to the Cassandra command line without entering them each time. When this
        ;; is enabled, just type "cqlsh" to start Cassandra.
        [authentication]
        username=[superuser]
        password=[password]
        
        ;; Uncomment to automatically use a certain keyspace on login
        ;; keyspace=[keyspace]
        
        [ui]
        color=on
        datetimeformat=%Y-%m-%d %H:%M:%S%z
        completekey=tab
        ;; The number of digits displayed after the decimal point
        ;; (note that increasing this to large numbers can result in unusual values)
        float_precision = 5
        ;; The encoding used for characters
        encoding = utf8
        
        . . .
      3. Save and close the file.

      4. Update the cqlshrc file and directory with the following permissions:

        sudo chmod 440 ~/.cassandra/cqlshrc
        sudo chmod 700 ~/.cassandra
        
      5. Login by typing the command below. You will be prompted to enter your password. The cqlsh command terminal should open, and your superuser name should be visible in the command line.

        cqlsh -u superuser
        

        Note

        You can also login by providing your username and password:

        cqlsh -u superuser -p password
        

      Rename the Cluster

      In this section, you will update your default cluster name from “Test Cluster” to your desired name.

      1. Log into the cqlsh control terminal if you are not already logged in.

        cqlsh -u superuser
        
      2. Replace [new_name] with your new cluster name:

        UPDATE system.local SET cluster_name = '[new_name]' WHERE KEY = 'local';
        
      3. Type exit to return to the Linux command line.

      4. Edit the cassandra.yaml file and replace the value in the cluster_name variable with the new cluster name you just set.

        sudo vim /etc/cassandra/cassandra.yaml
        
      5. Save and close.

      6. From the Linux terminal (not cqlsh) clear the system cache. This command will not disturb your node’s data.

        nodetool flush system
        
      7. Restart Cassandra:

        sudo systemctl restart cassandra
        
      8. Log in with cqlsh and verify the new cluster name is visible.

        cqlsh -u superuser
        
          
        Connected to my-cluster-name at 127.0.0.1:9042.
        [cqlsh 5.0.1 | Cassandra 4.0 | CQL spec 3.4.5 | Native protocol v4]
        Use HELP for help.
        [email protected]>
            
        

      Where To Go From Here

      Be sure to check out the links in the More Information section, which will help you further configure Cassandra to your needs, as well as provide resources to improve your understanding and ability to use Cassandra.

      To fully utilize the capabilities of Cassandra in a production setting, additional nodes should be added to your cluster. See the companion guide Adding Nodes to an Existing Cluster for more information.

      More Information

      You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.

      This guide is published under a CC BY-ND 4.0 license.



      Source link