[jira] [Updated] (CASSANDRA-9090) Allow JMX over SSL directly from nodetool

Thu, 25 Jun 2015 07:27:57 -0700 

     [ 
https://issues.apache.org/jira/browse/CASSANDRA-9090?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jason Brown updated CASSANDRA-9090:
-----------------------------------
    Attachment: cassandra-2.1-9090-2.patch

Overall, I like the idea. However, I'm not thrilled with adding another 
properties file. I think using the well-known -D properties for JMX is ample 
enough, without needing to create a new file/syntax/ supporting code (as simple 
as that might be). I do think it is convenient to have an external file with 
the relevant -D properties already set up, which is preserved across c* upgrade.

So, I've taken the existing cassandra-2.1-9090-1.patch, simplified everything 
in NodeProbe to just look for the ssl.enable flag, and rely on the JMX system 
properties being set correctly. Additionally, in the bin/nodetool script, if 
you pass --ssl to it, we'll look for a file,  
$HOME/.cassandra/nodetool-ssl.properties, and read that for -D properties to 
pass to the JVM. it's more of a convenience than anything, but I did like that 
idea, a lot.

> Allow JMX over SSL directly from nodetool
> -----------------------------------------
>
>                 Key: CASSANDRA-9090
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-9090
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Tools
>            Reporter: Philip Thompson
>             Fix For: 3.x, 2.1.x, 2.0.x
>
>         Attachments: cassandra-2.0-9090.patch, cassandra-2.1-9090-1.patch, 
> cassandra-2.1-9090-2.patch, cassandra-2.1-9090.patch, cassandra-2.2-9090.patch
>
>
> Currently cqlsh allows users to connect via SSL to their cassandra cluster 
> via command line. 
> Nodetool only offers username/password authentication [1], and if users want 
> to use SSL, they need to use jconsole [2]. We should support nodetool 
> connecting via SSL in the same way cqlsh does.
> [1] http://wiki.apache.org/cassandra/JmxSecurity
> [2] https://www.lullabot.com/blog/article/monitor-java-jmx
> [3] 
> http://docs.oracle.com/javase/8/docs/technotes/guides/management/agent.html



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to