Getting started Cassandra Access control list



Similar documents
Configuration Manual Yahoo Cloud System Benchmark (YCSB) 24-Mar-14 SEECS-NUST Faria Mehak

Contents Set up Cassandra Cluster using Datastax Community Edition on Amazon EC2 Installing OpsCenter on Amazon AMI References Contact

18.2 user guide No Magic, Inc. 2015

1. Product Information

Online Backup Client User Manual Linux

IBM WebSphere Application Server V8.5 lab Basic Liberty profile administration using the job manager

ShadowControl ShadowStream

RecoveryVault Express Client User Manual

Online Backup Linux Client User Manual

Online Backup Client User Manual

Online Backup Client User Manual

Forward proxy server vs reverse proxy server

Online Backup Client User Manual Mac OS

Online Backup Client User Manual Mac OS

StoreGrid Backup Server With MySQL As Backend Database:

Primavera P6 Professional Windows 8 Installation Instructions. Primavera P6. Installation Instructions. For Windows 8 Users

Mobile Labs Plugin for IBM Urban Code Deploy

Cassandra Installation over Ubuntu 1. Installing VMware player:

Practice Fusion API Client Installation Guide for Windows

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

AWS Schema Conversion Tool. User Guide Version 1.0

TSM for Windows Installation Instructions: Download the latest TSM Client Using the following link:

Install SQL Server 2014 Express Edition

CafePilot has 3 components: the Client, Server and Service Request Monitor (or SRM for short).

USING SSL/TLS WITH TERMINAL EMULATION

Installation Guide. Copyright (c) 2015 The OpenNMS Group, Inc. OpenNMS SNAPSHOT Last updated :19:20 EDT

Retailman POS Multi-location Setup

Using LDAP Authentication in a PowerCenter Domain

Administrator s Guide

FlexSim LAN License Server

Configuring Secure Socket Layer (SSL) for use with BPM 7.5.x

escan SBS 2008 Installation Guide

How to simulate network devices using the Verax SNMP Simulator (Linux/Windows)

You must have at least Editor access to your own mail database to run archiving.

Upgrading Your Web Server from ClientBase Browser Version 2.0 or Above to Version 2.1.1

Online Backup Client User Manual

Administrator s Guide

SDK Code Examples Version 2.4.2

Wavelink Avalanche Mobility Center Linux Reference Guide

JAMF Software Server Installation Guide for Linux. Version 8.6

Supplement I.B: Installing and Configuring JDK 1.6

Oracle Exam 1z0-102 Oracle Weblogic Server 11g: System Administration I Version: 9.0 [ Total Questions: 111 ]

Deployment of Keepit for Windows

Mesa DMS. Once you access the Mesa Document Management link, you will see the following Mesa DMS - Microsoft Internet Explorer" window:

Introweb Remote Backup Client for Mac OS X User Manual. Version 3.20

Team Foundation Server 2012 Installation Guide

13.1 Backup virtual machines running on VMware ESXi / ESX Server

Installing the Android SDK

Eclipse installation, configuration and operation

LICENSE4J FLOATING LICENSE SERVER USER GUIDE

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

Installing Oracle 12c Enterprise on Windows 7 64-Bit

Installing and Configuring DB2 10, WebSphere Application Server v8 & Maximo Asset Management

Configuring the BBj Jetty Web Server (rev10.02) for OSAS

Administrator s Upgrade Guide.

Department of Veterans Affairs VistA Integration Adapter Release Enhancement Manual

Mapping ITS s File Server Folder to Mosaic Windows to Publish a Website

NAS 253 Introduction to Backup Plan

CHAPTER 7 SSL CONFIGURATION AND TESTING

SafeNet Authentication Manager Express. Upgrade Instructions All versions

INSTALLATION GUIDE Version 1.2

Installation Instructions

Rev 7 06-OCT Site Manager Installation Guide

AlphaCard ID Suite Small Business Server Installation Guide


Novell Access Manager

User Guide Microsoft Exchange Remote Test Instructions

Oracle Fusion Middleware. 1 Oracle Team Productivity Center Server System Requirements. 2 Installing the Oracle Team Productivity Center Server

Install BA Server with Your Own BA Repository

Setting up FileMaker 10 Server

CostsMaster. CostsMaster Dongle Server User Guide

Test Automation Integration with Test Management QAComplete

FileMaker Server 8. Administrator s Guide

Setting Up Specify to use a Shared Workstation as a Database Server

CONSOLEWORKS WINDOWS EVENT FORWARDER START-UP GUIDE

How To Run Anolicense Server On A Windows 7.5 (For Free) Or 8 (For Ubuntu) Or For Free (For Microsoft) (For Linux) (Or For Free) ( For

Compiere ERP & CRM Installation Instructions Windows System - EnterpriseDB

Shakambaree Technologies Pvt. Ltd.

Jenkins on Windows with StreamBase

Fasthosts Internet Parallels Plesk 10 Manual

White Paper DEPLOYING WDK APPLICATIONS ON WEBLOGIC AND APACHE WEBSERVER CLUSTER CONFIGURED FOR HIGH AVAILABILITY AND LOAD BALANCE

WA1826 Designing Cloud Computing Solutions. Classroom Setup Guide. Web Age Solutions Inc. Copyright Web Age Solutions Inc. 1

CYAN SECURE WEB HOWTO. NTLM Authentication

Compiere 3.2 Installation Instructions Windows System - Oracle Database

IBM WebSphere Application Server Version 7.0

Getting Started. Getting Started with Time Warner Cable Business Class. Voice Manager. A Guide for Administrators and Users

FileMaker Server 7. Administrator s Guide. For Windows and Mac OS

Chapter 11 Managing Core Database Downloads

IBM. Implementing SMTP and POP3 Scenarios with WebSphere Business Integration Connect. Author: Ronan Dalton

Case Closed Installation and Setup

Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide

ACTIVE DIRECTORY DEPLOYMENT

Please note that after installation, you can configure the backup, but no backup files will be created until the Server / PC has been restarted.

Reporting for Contact Center Setup and Operations Guide. BCM Contact Center

Introduction. Before you begin. Installing efax from our CD-ROM. Installing efax after downloading from the internet

Distribution List Manager User s Manual

Alteryx Predictive Analytics for Oracle R

Creating a Java application using Perfect Developer and the Java Develo...

IIS, FTP Server and Windows

Table of Contents. Requirements and Options 1. Checklist for Server Installation 5. Checklist for Importing from CyberAudit

Transcription:

Getting started Cassandra Access control list Introduction: This document aims to provide a few easy to follow steps for the first-time user. We will cover the following subjects regarding our access control list implementation among Cassandra database: Build Cassandra code. Installation and configuration of Cassandra on Windows. Installation and configuration of Cassandra on Linux. Running a single Cassandra node. Examples of access control list usage. Extend Cassandra to multiple nodes. Build Cassandra code: Tool chain requirements: Java SDK, Ant, Git, Eclipse. 1. Install Java SDK on your machine. Version 1.6 or Latest, you can download from here: http://www.oracle.com/technetwork/java/javase/downloads/index.html 2. Install Ant on your machine. Version 1.8 or Latest, you can download from here: http://ant.apache.org/bindownload.cgi 3. Install Git on your machine. You can download from here: http://git-scm.com/downloads 4. Install Eclipse on your machine. You can download from here: http://www.eclipse.org/downloads/ 5. Follow the Cassandra wiki and build Cassandra code. This guide will take you from the setup phase to running Cassandra: You can see it here: http://wiki.apache.org/cassandra/runningcassandraineclipse 6. If Cassandra is already running on eclipse stop it from the console. Download Cassandra Acl from here: http://course.cs.tau.ac.il/secws12/ Open the zip file containing the Cassandra ACL. Copy and replace the src and conf folders from the Cassandra ACL to the Cassandra trunk location. 7. Refresh the project files on eclipse and build it again with the new src and conf folders. 8. Stop Cassandra from the eclipse console. Open terminal or command prompt and enter the following command: "Ant" use this command from the cassandra-trunk location:

Installation and configuration of Cassandra on windows: 1. Cassandra is java based application, so first of all you need to install java on your machine. Latest JRE you can download from here: http://www.oracle.com/technetwork/java/javase/downloads/index.html 2. Download Cassandra Acl from here: http://course.cs.tau.ac.il/secws12/ 3. Extract Cassandra source files. e.g. to c:\cassandra-trunk 4. Set environment variables: Go to System properties. Click on the advanced tab -> then click on Environment Variables button. Add the following new Variables and values: JAVA_HOME=c:\Program Files\Java\jre6\ This value should be path to jre directory. CASSANDRA_HOME=c:\cassandra-trunk This value should be set to the path of where you extract Cassandra-trunk.

5. Go to the conf folder inside Cassandra trunk: Edit the passwd.properties file and add yourself a username and password in the following way: <username>=<password> Edit the log4j-server.properties file. Change the log4j.appender.r.file line to point at the system log file to be created in the cassandra-trunk folder: log4j.appender.r.file=c:\cassandra-trunk\log\cassandra\system.log

6. Go to the bin folder inside Cassandra trunk: Edit the Cassandra.bat file and add the following lines at the end of the java options: -Dpasswd.properties=c:/cassandra-trunk/conf/passwd.properties^ -Daccess.properties=c:/cassandra-trunk/conf/access.properties You should set the path of the above files according to the cassandra-trunk folder. 7. Since we added new values and variables to the system environment we need to restart the computer so the changes will take place. If you want to restart your computer later you may skip to the next clause. After that it should work properly without restart. 8. Open the command prompt from the startup menu and enter the following commands: set CASSANDRA_HOME=c:\cassandra-trunk This should be the path to the Cassandra-trunk folder. set JAVA_HOME=c:\Program Files\Java\jre6\ This should be the path to the java folder.

Installation and configuration of Cassandra on Linux: 1. Cassandra is java based application, so first of all you need to install java on your machine. Latest JRE you can download from here: http://www.oracle.com/technetwork/java/javase/downloads/index.html 2. Download Cassandra Acl from here: http://course.cs.tau.ac.il/secws12/ 3. Extract Cassandra source files. e.g. to c:\cassandra-trunk 4. Set environment variables: Add the following new Variables and values to the system: setenv CASSANDRA_HOME "/specific/disk1/temp/cassandra-trunk:." This should be the path to the Cassandra-trunk folder. setenv JAVA_HOME "/usr/local/lib/jdk-6u25-ea-bin-b03:." This should be the path to the java folder. 5. Go to the conf folder inside Cassandra trunk: Edit the passwd.properties file and add yourself a username and password in the following way: <username>=<password> Edit the log4j-server.properties file. Change the log4j.appender.r.file line to point at the system log file to be created in the cassandra-trunk folder: log4j.appender.r.file= /specific/disk1/temp/cassandra-trunk/log/cassandra/system.log

Running a single Cassandra node: 1. Now we are ready to run Cassandra ACL: Enter the following command at the command prompt (or terminal) from Cassandra-trunk folder location: bin/cassandra -f -Dpasswd.properties=conf/passwd.properties -Daccess.properties=conf/access.properties 2. Cassandra ACL should go up and listen to clients: 3. If you want to stop Cassandra ACL press Control+c and the server will shut down.

Examples of access control list usage: 1. Once cassandra server is up we may bring the client shell up by: bin/cassandra-cli -host <ip address> -p 9170 -u <username> -pw <password> for example: bin/cassandra-cli -host 127.0.0.1 -p 9170 -u yosi -pw 123 2. At any time you may check the help menu by enter the command: help; 3. First we'll create a new keyspace called usertable: create keyspace usertable; 4. Next we'll use the keyspace and create a new column family called data: use usertable; create column family data; 5. lets insert a new column with and set and ACL to it: set data[utf8('yosi')][utf8('email')] = utf8('secretemail@yahoo.com:yosi,odelia rw:ainat ro'); this new column would be available to yosi and odelia as they have read and write permission they may see and change the column However Ainat have only reading permissions so she will be able only to see the value but not to change it. Finally ilia that doesn't have any permission at all. Won't be able to see, change or delete the column. Let's check that scenario: Ainat is logging in and retrieve the value: She can retrieve the value:

But she can't change it since she got only read permissions: Now ilia logs on and tries to retrieve the value: But since he doesn t have permission at all an invalid request is prompted. Finally ilia try to delete the column completely: But like the last action since he doesn t have permission at all an invalid request is prompted to him. Our cassandra ACL implementation is using the ACL we have set to the value and confirms that only yosi and odelia might see, change and delete the column:

Extend Cassandra to multiple nodes: To add a node to a Cassandra cluster one have to make a series of recurring operations on each node he would like to add to the cluster. First make sure that Cassandra is installed properly on the new node you would like to add. Perform all the steps described in the Installation and configuration section in this document. In addition you must perform the configuration steps described below before starting the edited cluster. To expand a single node to a two-node cluster as we will do in our examples in this page, you must edit the configuration file cassandra.yaml which is located in the conf folder under Cassandra directory. The following values must be specified on both the existing and new nodes: seeds the list of seeds for the cluster. rpc_address and listen_address network addresses for the nodes to listen. initial_token defining the node s token range for the load balance in the cluster. 1. Seed List: You must specify at least one node to act as the seeds for other nodes joining the ring. When additional nodes are added, the seed nodes provide information required to join the ring such as what other nodes are included in it, what are their locations, and so on. After a node joins the ring, it shares ring information through the gossip protocol, and does not make any further special contact with the seed node. There is no strict rule to determine which hosts need to be listed as seeds, but all nodes in a cluster should have the same seed list. To configure the seed list: Edit cassandra.yaml for each node and add the first node (132.67.104.197 in this example) as the seed in each. seeds: "132.67.104.197" If more than one seed node should be defined use the following pattern: seeds: "<ip-1>,<ip-2>,,<ip-n>" 2. Listen Address and RPC Address: In order for nodes to communicate via the Gossip protocol, you need to specify the interfaces on which your nodes will listen for client traffic via Thrift and inter-cluster traffic. Set the rpc_address value to an interface accessible by clients, and the listen_address value to interfaces routable from other servers in the cluster. To configure listen_adress and rpc_address settings: Edit cassandra.yaml on all nodes in the cluster and replace the default localhost entries to specify the interfaces which will listen for traffic. For the first node in this example: listen_address: 132.67.104.197... rpc_address: 132.67.104.197

And for the second node (132.67.104.238 for this example): listen_address: 132.67.104.23... rpc_address: 132.67.104.23 3. Initial Token Values: Whenever you expand the node capacity of a Cassandra cluster, you need to set explicitly each node s initial token in the cassandra.yaml. This is required for all nodes in order to balance the load evenly. The very first node in the cluster, is set properly to zero, and we will never need its initial_token value to be edited, but all other tokens must be recalculated every time you expand the cluster. To determine the correct initial token values for each node in the cluster you may see the following token configurations: One Node: Two Nodes: node 1: 85070591730234615865843651857942052864 Three Nodes: node 1: 56713727820156410577229101238628035242 node 2: 113427455640312821154458202477256070485 Four Nodes: node 1: 42535295865117307932921825928971026432 node 2: 85070591730234615865843651857942052864 node 3: 127605887595351923798765477786913079296 Five Nodes: node 1: 34028236692093846346337460743176821145 node 2: 68056473384187692692674921486353642291 node 3: 102084710076281539039012382229530463436 node 4: 136112946768375385385349842972707284582 Six Nodes: node 1: 28356863910078205288614550619314017621 node 2: 56713727820156410577229101238628035242 node 3: 85070591730234615865843651857942052864 node 4: 113427455640312821154458202477256070485 node 5: 141784319550391026443072753096570088106

Seven Nodes: node 1: 24305883351495604533098186245126300818 node 2: 48611766702991209066196372490252601636 node 3: 72917650054486813599294558735378902454 node 4: 97223533405982418132392744980505203273 node 5: 121529416757478022665490931225631504091 node 6: 145835300108973627198589117470757804909 Eight Nodes: node 1: 21267647932558653966460912964485513216 node 2: 42535295865117307932921825928971026432 node 3: 63802943797675961899382738893456539648 node 4: 85070591730234615865843651857942052864 node 5: 106338239662793269832304564822427566080 node 6: 127605887595351923798765477786913079296 node 7: 148873535527910577765226390751398592512 Nine Nodes: node 1: 18904575940052136859076367079542678414 node 2: 37809151880104273718152734159085356828 node 3: 56713727820156410577229101238628035242 node 4: 75618303760208547436305468318170713656 node 5: 94522879700260684295381835397713392071 node 6: 113427455640312821154458202477256070485 node 7: 132332031580364958013534569556798748899 node 8: 151236607520417094872610936636341427313 Ten Nodes: node 1: 17014118346046923173168730371588410572 node 2: 34028236692093846346337460743176821145 node 3: 51042355038140769519506191114765231718 node 4: 68056473384187692692674921486353642291 node 5: 85070591730234615865843651857942052864 node 6: 102084710076281539039012382229530463436 node 7: 119098828422328462212181112601118874009 node 8: 136112946768375385385349842972707284582 node 9: 153127065114422308558518573344295695155 If you would like to set up a larger cluster you may check the token calculator on: http://blog.milford.io/cassandra-token-calculator/ Finally we'll start the nodes in the cluster.

Starting a Cassandra Cluster: Start the seed node, and verify connectivity with nodetool ring as in the single node example above. Then start the remaining node. After a few minutes of pauses to exchange data all of the nodes should be up you can nodetool ring command again and it should give you something like the following: This implies the nodes are running correctly.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information