Re: Multi Datacenter / MultiRegion on AWS Best practice ?
Hi guys, any feedback on this could be very useful for me, and I guess for more people out there. 2014-10-23 11:16 GMT+02:00 Alain RODRIGUEZ arodr...@gmail.com: Hi, We are currently wondering about the best way to configure network architecture to have a Cassandra cluster multi DC. Reading previous messages on this mailing list, I see 2 main ways to do this: 1 - 2 private VPC, joined by a VPN tunnel linking 2 regions. C* using EC2Snitch (or PropertyFileSnitch) and private IPs. 2 - 2 public VPC. C* using EC2MultiRegionSnitch (and so public IPs for seeds and broadcast, private for listen address). On solution one we are not confident on VPN tunnel about stability and performances, the rest should work just fine. On solution 2, we would need to open IPs one by one on 3 ports (7000, 9042, 9160) at least. 100 entries in a security group would allow us to have a maximum of ~30 nodes. An other issuer is that a ring describe (using astyanax let's say) would also give to clients public IPs, our clients which are also inside the VPC, would have to go to the internet before coming back to VPC, creating unnecessary latencies. What are your advices regarding best practices for a multiDC (cross region) inside AWS cloud ? And by the way, how to configure Astyanax when using EC2MultiRegionSnitch (and public IP for broadcasting) to use private IPs instead of public ones ? Alain
Re: Multi Datacenter / MultiRegion on AWS Best practice ?
Hi! 2014-10-23 11:16 GMT+02:00 Alain RODRIGUEZ arodr...@gmail.com: We are currently wondering about the best way to configure network architecture to have a Cassandra cluster multi DC. On solution 2, we would need to open IPs one by one on 3 ports (7000, 9042, 9160) at least. 100 entries in a security group would allow us to have a maximum of ~30 nodes You can also allow those ports from everywhere and then use local iptables to limit the access to only those IPs which you are actually using. You'll most certainly need some kind of configuration management system for this (Chef, puppet, salt-stack etc).
Re: Multi Datacenter / MultiRegion on AWS Best practice ?
If you decide to go the iptables route, you could try neti https://github.com/Instagram/neti (blog post here http://instagram-engineering.tumblr.com/post/100758229719/migrating-from-aws-to-aws .) On 27 October 2014 16:44, Juho Mäkinen juho.maki...@gmail.com wrote: Hi! 2014-10-23 11:16 GMT+02:00 Alain RODRIGUEZ arodr...@gmail.com: We are currently wondering about the best way to configure network architecture to have a Cassandra cluster multi DC. On solution 2, we would need to open IPs one by one on 3 ports (7000, 9042, 9160) at least. 100 entries in a security group would allow us to have a maximum of ~30 nodes You can also allow those ports from everywhere and then use local iptables to limit the access to only those IPs which you are actually using. You'll most certainly need some kind of configuration management system for this (Chef, puppet, salt-stack etc).
Multi Datacenter / MultiRegion on AWS Best practice ?
Hi, We are currently wondering about the best way to configure network architecture to have a Cassandra cluster multi DC. Reading previous messages on this mailing list, I see 2 main ways to do this: 1 - 2 private VPC, joined by a VPN tunnel linking 2 regions. C* using EC2Snitch (or PropertyFileSnitch) and private IPs. 2 - 2 public VPC. C* using EC2MultiRegionSnitch (and so public IPs for seeds and broadcast, private for listen address). On solution one we are not confident on VPN tunnel about stability and performances, the rest should work just fine. On solution 2, we would need to open IPs one by one on 3 ports (7000, 9042, 9160) at least. 100 entries in a security group would allow us to have a maximum of ~30 nodes. An other issuer is that a ring describe (using astyanax let's say) would also give to clients public IPs, our clients which are also inside the VPC, would have to go to the internet before coming back to VPC, creating unnecessary latencies. What are your advices regarding best practices for a multiDC (cross region) inside AWS cloud ? And by the way, how to configure Astyanax when using EC2MultiRegionSnitch (and public IP for broadcasting) to use private IPs instead of public ones ? Alain