Cannot Connect Cassandra Client on Public IP - azure

Hello I am trying to set up a three node Cassandra Cluster on Azure linux VMs and connect to it from an external machine using the C# datastax client. However I am having trouble connecting via a VMs public IP from outside the network. Any help would be greatly appreciated as I am about lost now.
Here is the Java Version the machines are running.
openjdk version "1.8.0_191"
OpenJDK Runtime Environment (build 1.8.0_191-8u191-b12-0ubuntu0.18.04.1-b12)
OpenJDK 64-Bit Server VM (build 25.191-b12, mixed mode)
My cassandra version is
3.11.3
When I run the nodetool status I can see the machines on the cluster however it is shown the local ip addresses on the Azure VNetwork not their public IP addresses. I am unsure if this is correct?
Datacenter: dc1europe
=====================
Status=Up/Down
|/ State=Normal/Leaving/Joining/Moving
-- Address Load Tokens Owns (effective) Host ID Rack
DN 10.1.0.7 101.37 KiB 256 32.8% 617d3f87-cb04-4c29-9e0c-e2c712487ad5 rack1europe
UN 10.1.0.6 158.26 KiB 256 33.1% b79a1aa0-a049-46f2-8efc-679d10a097e2 rack1europe
DN 10.1.0.9 101.36 KiB 256 34.2% 58a101e5-51f2-491e-833f-cc5c49a8740a rack1europe
I can use cqlsh Internal IP Address to connect to any of the machines but when I use the cqlsh Public IP Address I get the following error:
Connection error: ('Unable to connect to any servers', {'XX.XXX.XXX.XXX': error(None, "Tried connecting to [('XX.XXX.XXX.XXX', 9042)]. Last error: timed out")})
When I run netstat -vatn it shows me that my machine is in fact listening on port 9042 but again I am unsure if this is correct:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:9042 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 10.1.0.6:7000 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:42271 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:7199 0.0.0.0:* LISTEN
tcp 0 64 10.1.0.6:22 109.76.85.23:51728 ESTABLISHED
tcp6 0 0 :::22 :::* LISTEN
I can telnet using the public IP address of the machine I am currently logged into on the cluster but when I try to telnet using the public IP address of another machine on the cluster I get the following:
Trying XX.XXX.XXX.XXX...
But a connection is never established.
Here are the relevant settings from my cassandra.yaml file which I have edited for all three nodes on the cluster
seed_provider:
- class_name: org.apache.cassandra.locator.SimpleSeedProvider
parameters:
- seeds: "10.1.0.6, 10.1.0.7"
listen_address:
# broadcast_address: 1.2.3.4
start_rpc: false
rpc_address: 0.0.0.0
broadcast_rpc_address: <PUBLIC IP OF CURRENT NODE>
I have edited the NSG in azure to allow all the required inbound ports including 7000, 7001, 7199, 9042, 9160, 9142 so this should not be a problem.
I'm unsure whether the problem is with my Azure VM/Network configuration or my Cassandra Setup. Any pointers or help would be great!
Thanks.

My setup.
Windows VM as Webserver
Ubuntu as Cassandra node.
Both in same subscription and different resource group and VNETs.
For connection from Windows machine to Cassandra.
Followed these steps and it worked :)
1) Peer VNet. This has to be done on both vnets. Initially I was not able to ping Ubuntu VM from Windows VM, after peering I was able to ping.
2) Open port 9042 on Cassandra VM you can add restriction for address range of Webserver.
3) In Ubuntu VM edit etc/cassandra/cassandra.yaml and change following settings.
IP is private ip address of Ubuntu VM
1) rpc_address: 10.0.1.5
2) listen_address: 10.0.1.5
3) seeds: "10.0.1.5"
4) Now try any test application to connect to cassandra from Webserver.
e.g
var cluster = Cluster.Builder()
.AddContactPoints("10.0.1.5")
.WithPort(9042)
.WithAuthProvider(new PlainTextAuthProvider("cassandra", "cassandra"))
.Build();
ISession session = cluster.Connect();
You should be able connect and run statements.
Cheers,
Hemant

From you description, it sounds like Nat Forwarding/Endpoint. I assume its a classic deployment so below is information to look at Endpoints.
https://learn.microsoft.com/en-us/azure/virtual-machines/linux/classic/setup-endpoints

Related

Cassandra running cqlsh fails

I am running Cassandra 2.1.15 on a virtual machine. The problem is that I cannot run the command "cqlsh" to create tables and keyspaces. It always gives me a timeout error after 2 minutes. I want to increase the timeout of cassandra. The virtual machine has 8Gb memory and 4CPUs. These are the list of things I have tried.
Creating ~/.cassandra/cqlshrc file and increasing client_timeout to 3600
Modifying the /usr/bin/cqlsh.py file and increasing DEFAULT_CONNECT_TIMEOUT_SECONDS and DEFAULT_REQUEST_TIMEOUT_SECONDS variables to 3600.
passing the argument --request-timeout 3600 --connect-timeout 3600 in cqlsh.
Using the IP in the listen address of cassandra.yaml file instead of localhost
I am aware that the performance of my virtual machine is very slow as it takes about 7 minutes to see the output of nodetool status command.
Nodetool status output:
Datacenter: site1
=================
Status=Up/Down
|/ State=Normal/Leaving/Joining/Moving
-- Address Load Tokens Owns (effective) Host ID Rack
UN 192.168.1.6 196.08 KB 256 100.0% c88cf8ec-f7e1-41e1-aad0-85742c8c3ffb RAC1
Also I can see no error logs in the system.log file and from netstat command I can see that the server is listening for requests on ports 9042 and 9160
tcp6 0 0 :::9160 :::* LISTEN 32694/java
tcp6 0 0 :::11311 :::* LISTEN 2237/astaire
tcp6 0 0 :::9042 :::* LISTEN 32694/java
tcp6 0 0 192.168.1.6:7000 :::* LISTEN 32694/java
tcp6 0 0 127.0.0.1:40895 :::* LISTEN 32694/java
tcp6 0 0 127.0.0.1:7199 :::* LISTEN 32694/java
Kindly help me out.
A 8GB+4CPU spec for C* VM is good, it should not create any bottleneck or the lag you are experiencing. One think I can think of is you HDD not having enough IO bandwidth. Try checking Disk usage in Task Manager. (I assume you are using windows as you are running a VM for C*).
There are two alternatives that you can try if disk usage is the problem.
Switch to Docker. Docker is a lightweight VM comapred to the CentOS/ Ubuntu VM you are running. Docker quickstart is here and Dockerfiles are here.
Try C* on windows directly, using CCM if possible.

How to configure Cassandra on GCE then I can access it from my local java application running on Win7?

I created a CentOS on GCE and installed dsc-cassandra 3.0. Then I changed the rpc_address from localhost to the internal ip or external ip in cassandra.yaml.
On the VM, I started cassandra and use cqlsh to access cassandra successfully. But I couldn't use cqlsh internal_ip or cqlsh external_ip.
Also, I turned on tcp:9042 port for this instance.
But I still couldn't access Cassandra from my local java app with the NoHostAvailableException(Cannot connect).
By the way, I did the same thing of my local VM running with VM VistualBox. I could access it.
Running sudo netstat -lntp | grep pid displayed:
tcp 0 0 127.0.0.1:33743 0.0.0.0:* LISTEN 1207/java
tcp 0 0 127.0.0.1:7000 0.0.0.0:* LISTEN 1207/java
tcp 0 0 127.0.0.1:7199 0.0.0.0:* LISTEN 1207/java
tcp6 0 0 127.0.0.1:9042 :::* LISTEN 1207/java
The Ip address was still 127.0.0.1. I think this is the problem.
How to configure the cassandra.yaml file?
I know where I was wrong.
I used sudo service cassandra restart to restart cassandra after editing the cassandra.yaml. The terminal showed:
Restarting cassandra (via systemctl): [ OK ]
Actually, I think it didn't really restart it. Then I used nodetool stopdaemon to stop cassandra and then start it again. The configuration of cassandra.yaml worked.
Helpful commands:
1.
ps aux | grep cassandra
sudo netstat -lntp | grep <cassandra_pid>
Using these commands to verify the ip/port of the cassandra service on remote VM.
tcp 0 0 127.0.0.1:7000 0.0.0.0:* LISTEN 5928/java
tcp 0 0 127.0.0.1:42682 0.0.0.0:* LISTEN 5928/java
tcp 0 0 127.0.0.1:7199 0.0.0.0:* LISTEN 5928/java
tcp6 0 0 10.138.0.2:9042 :::* LISTEN 5928/java
2.
telnet <cassandra_ip> 9042
Using this command to verify the ip/port of the cassandra service on local machine.

Connecting to a local network Raspberry Pi

I have a:
Rasberry Pi 2
running
Raspbian Jessie Version:November 2015
I am using Undertow (a Java http server) to serve a website. This is the code that I use to build the server.
Undertow server = Undertow.builder()
.addHttpListener(8890, "localhost")
.setHandler(Handlers.pathTemplate()
.add("/", resource(new PathResourceManager(staticFilePath, 100))
.setDirectoryListingEnabled(false))
.build();
Problem: I am unable to see the webserver from another machine on the local network despite being able to ping and SSH into the PI.
What I have done (on the Pi2):
wget localhost:8890
returns the index.html correctly
netstat -lptn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 127.0.0.1:8890 :::* LISTEN 1743/java
Chrome on my development machine 192.168.1.8:8890 gives
ERR_CONNECTION_REFUSED
wget 192.168.1.8:8890
Connecting to 192.168.1.8:8890... failed: Connection refused.
nmap 192.168.1.8
Starting Nmap 6.40 ( http://nmap.org ) at 2015-12-05 14:05 CST
Nmap scan report for 192.168.1.8
Host is up (0.039s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 1.83 seconds
It is my understanding that there is no firewall so I am baffled as to why I can't see the server from my development machine.
See:
tcp6 0 0 127.0.0.1:8890 :::* LISTEN 1743/java
Your web server listens only on localhost address (127.0.0.1). This way it couldn't be accessed from anywhere but localhost.
And your nmap scan shows the same: the only remotely accessible port is 22.
To access this service remotely you have to bind web server to any non-local address belonging to this raspberry pi (192.168.1.8) or to "any address" 0.0.0.0, as SSH service is bound.
How to do this is written in the manual of your web server. Probably, you have to start is with a "-d" param, i.e.
standalone.sh -b=0.0.0.0
standalone.sh -Djboss.bind.address=0.0.0.0
or something like this.
In listener setup code this looks like
"localhost" have to be replaced with some public name. This could be "0.0.0.0" or "192.168.1.8". We also can
cat "192.168.1.8 somename" >> /etc/hosts
and then use somename:
Undertow server = Undertow.builder() .addHttpListener(8890, "somename")

Restricting Cassandra to localhost only

I installed cassandra as a service on Ubuntu. Test Cluster is accessible on 127.0.0.1:9042. I want to restrict everything related to cassandra to localhost only, nothing open to internet. Currently, this is what I see on netstat -tulpen:
udp 0 0 130.159.223.50:123 0.0.0.0:*
udp 0 0 0.0.0.0:123 0.0.0.0:*
udp6 0 0 fe80::215:5dff:fcdf:123 :::*
udp6 0 0 ::1:123 :::*
udp6 0 0 :::123 :::*
Disclaimer: What you want to achieve can be done through configuration, but for a production cluster, it should be done using a firewall.
You need to modify a number of settings in cassanra.yaml to listen only for the loopback address (127.0.0.1)
listen_address: 127.0.0.1
rpc_address: 127.0.0.1
# make sure the broadcast address is commented out
# broadcast_address: 1.2.3.4
When running nodetool you should see the node's ip as the loopback interface ip
$ nodetool status
Datacenter: datacenter1
=======================
Status=Up/Down
|/ State=Normal/Leaving/Joining/Moving
-- Address Load Tokens Owns Host ID Rack
UN 127.0.0.1 60.62 TB 256 ? e7060cda-f99b-495c-ad55-2d380b4d452e rack1
Note: Non-system keyspaces don't have the same replication settings, effective ownership
information is meaningless
You can then verify that cassandra is innacessable over the public or private ip but only on the loopback ip with telnet:
core:cassandra core$ telnet <external ip> 9042
Trying 134.103.x.x...
telnet: connect to address 134.103.x.x: Connection refused
telnet: Unable to connect to remote host
core:cassandra core$ telnet <internal ip> 9042
Trying 10.17.x.x...
telnet: connect to address 10.17.x.x: Connection refused
telnet: Unable to connect to remote host
core:cassandra core$ telnet 127.0.0.1 9042
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
^]
telnet> Connection closed.

WSO2 CEP thrift ip address not bound to eth0/sitelocal ip address of linux machine

Standalone mode
When I start WSO2 CEP server on my linux machine, the ip address which is displayed in the logs as below
Mgt Console URL : https://<172.16.55.1>:9443/carbon/
When I run netstat on that port, as below
linux-0rla:/test/home/CEP/data # netstat -tulpn | grep 9443
tcp 0 0 :::9443 :::* LISTEN 28882/java
ifconfig on machine shows
enp0s25 Link encap:Ethernet HWaddr 64:31:50:42:93:17
inet addr:10.201.1.171 Bcast:10.201.255.255 Mask:255.255.0.0
vmnet8 Link encap:Ethernet HWaddr 00:50:56:C0:00:08
inet addr:172.16.55.1 Bcast:172.16.55.255 Mask:255.255.255.0
The ip which my machine has exposed is 10.201.1.171, so ideally CEP server should have started on this ip only. Although it is accessible from eth0 ip as well from another machine.
HA mode
Now when I setup similar 2 machines for HA setup, this time the thrift ip also had similar issue.
When I start WSO2 CEP server on my linux machine, the ip address which is displayed in the logs as below
Thrift Server started at 172.16.55.1
Thrift SSL port : 7711
Thrift port : 7611
When I run netstat on that port, as below
linux-0rla:/test/home/CEP/data # netstat -tulpn | grep 7611
tcp 0 0 172.16.55.1:7611 :::* LISTEN 28882/java
But here these 2 machines are not able to communicate with each other over thrift port for inter node transfer of events.
When I created HA setup on same machine in different folders, now it was working fine.
Is there a way to tell WSO2 CEP to start thrift and server on particular ip address ???
The problem of CEP server getting started at vmnet8 address is due to VMWare running in your machine. You can check that with:
sudo /etc/init.d/vmware status
If VMWare is running, you can stop that with:
sudo /etc/init.d/vmware stop
An then start the CEP again. Now the server will start on your machine's ip.

Resources