[
https://issues.apache.org/jira/browse/BEAM-11642?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Anup D updated BEAM-11642:
--------------------------
Description:
Apache Cassandra driver versions greater than 4.0 are required due to couple of
issues listed below.
1. Driver tries to reconnect to endpoint based on resolved IP and not on
original DNS name.
In containers, where restarts may get a new IP address, versions prior to 4.0
results in "cannot connect" errors since it is trying to connect to stale/prior
IP address. Reference driver issues:
[https://datastax-oss.atlassian.net/browse/JAVA-1522]
[https://datastax-oss.atlassian.net/browse/JAVA-1978]
2. Beam does not seem to currently support providing custom ssl options (to
supply dedicated java truststore and keystore). The only option seems to use
default system properties as listed below.
-Djavax.net.ssl.trustStore=/path/to/client.truststore
-Djavax.net.ssl.trustStorePassword=password123
If you're using client authentication:
-Djavax.net.ssl.keyStore=/path/to/client.keystore
-Djavax.net.ssl.keyStorePassword=password123
Cassandra driver 3.x provides programmatic option using withSSL() API which I
think is not supported in beam currently.
Cluster cluster =
Cluster.builder().addContactPoint("127.0.0.1").withSSL(sslOptions).build();
[https://docs.datastax.com/en/developer/java-driver/3.10/manual/ssl/]
Due to issue 1, it may be wise to upgrade cassandra driver to 4.x (as there is
an interface breaking change in driver) and add custom ssl support as stated by
driver spec.
[https://docs.datastax.com/en/developer/java-driver/4.0/manual/core/ssl/]
was:
Apache Cassandra driver versions greater than 4.0 are required due to couple of
issues listed below.
1. Driver tries to reconnect to endpoint based on resolved IP and not on
original DNS name.
In containers, where restarts may get a new IP address, versions prior to 4.0
results in "cannot connect" errors since it is trying to connect to stale/prior
IP address. Reference driver issues:
[https://datastax-oss.atlassian.net/browse/JAVA-1522]
[https://datastax-oss.atlassian.net/browse/JAVA-1978]
2. Beam does not seem to currently support providing custom ssl options (to
supply dedicated java truststore and keystore). The only option seems to use
default system properties as listed below.
-Djavax.net.ssl.trustStore=/path/to/client.truststore
-Djavax.net.ssl.trustStorePassword=password123
# If you're using client authentication:
-Djavax.net.ssl.keyStore=/path/to/client.keystore
-Djavax.net.ssl.keyStorePassword=password123
Cassandra driver 3.x provides programmatic option using withSSL() API which I
think is not supported in beam currently.
Cluster cluster =
Cluster.builder().addContactPoint("127.0.0.1").withSSL(sslOptions).build();
[https://docs.datastax.com/en/developer/java-driver/3.10/manual/ssl/]
Due to issue 1, it may be wise to upgrade cassandra driver to 4.x (as there is
an interface breaking change in driver) and add custom ssl support as stated by
driver spec.
[https://docs.datastax.com/en/developer/java-driver/4.0/manual/core/ssl/]
> Upgrade cassandra driver from 3.x to 4.x
> ----------------------------------------
>
> Key: BEAM-11642
> URL: https://issues.apache.org/jira/browse/BEAM-11642
> Project: Beam
> Issue Type: Improvement
> Components: io-java-cassandra
> Affects Versions: 2.27.0
> Reporter: Anup D
> Priority: P2
>
> Apache Cassandra driver versions greater than 4.0 are required due to couple
> of issues listed below.
> 1. Driver tries to reconnect to endpoint based on resolved IP and not on
> original DNS name.
> In containers, where restarts may get a new IP address, versions prior to 4.0
> results in "cannot connect" errors since it is trying to connect to
> stale/prior IP address. Reference driver issues:
> [https://datastax-oss.atlassian.net/browse/JAVA-1522]
> [https://datastax-oss.atlassian.net/browse/JAVA-1978]
> 2. Beam does not seem to currently support providing custom ssl options (to
> supply dedicated java truststore and keystore). The only option seems to use
> default system properties as listed below.
> -Djavax.net.ssl.trustStore=/path/to/client.truststore
> -Djavax.net.ssl.trustStorePassword=password123
> If you're using client authentication:
> -Djavax.net.ssl.keyStore=/path/to/client.keystore
> -Djavax.net.ssl.keyStorePassword=password123
> Cassandra driver 3.x provides programmatic option using withSSL() API which
> I think is not supported in beam currently.
> Cluster cluster =
> Cluster.builder().addContactPoint("127.0.0.1").withSSL(sslOptions).build();
> [https://docs.datastax.com/en/developer/java-driver/3.10/manual/ssl/]
> Due to issue 1, it may be wise to upgrade cassandra driver to 4.x (as there
> is an interface breaking change in driver) and add custom ssl support as
> stated by driver spec.
> [https://docs.datastax.com/en/developer/java-driver/4.0/manual/core/ssl/]
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
