No worries, Cheng! So I actually pivoted a little and adjusted my example table to use a single integer-based partition key.
aaron@cqlsh:stackoverflow> SELECT ks_name, table_name, blobAsint(key) FROM system_distributed.partition_denylist WHERE ks_name='stackoverflow' AND table_name='weather_sensor_data_by_month'; ks_name | table_name | system.blobasint(key) ---------------+------------------------------+----------------------- stackoverflow | weather_sensor_data_by_month | 202210 But even with the yaml changes, it still allows me to SELECT that partition. aaron@cqlsh:stackoverflow> SELECT * FROM weather_sensor_data_by_month WHERE month=202210 LIMIT 1; month | city | recorded_time | temp --------+----------------+---------------------------------+------ 202210 | Minneapolis,MN | 2022-10-17 11:30:00.000000+0000 | 1 Just wondering what I should do to get it to deny access? Thanks, Aaron On Wed, Oct 19, 2022 at 5:34 PM Cheng Wang <che...@netflix.com> wrote: > Hi Aaron, > > Sorry for the late reply, was dealing with a production issue (maybe > another topic for Cassandra Summit :-)). Are you running on your local > machine? Then yes, you do need to enable the config for all the following > > enable_partition_denylist: true > > enable_denylist_writes: true > enable_denylist_reads: true > enable_denylist_range_reads: true > > I am not sure enable_partition_denylist will enable for the rest of three > @Jordan > West <jord...@netflix.com> maybe you can confirm for that? But it's > better to enable for all just to be safe. > I will play by my side and get back to you soon about the composite keys. > > Thanks > Cheng > > On Wed, Oct 19, 2022 at 1:42 PM Aaron Ploetz <aaronplo...@gmail.com> > wrote: > >> Just checking, but for this to work, do I have to mess with these >> settings in the YAML at all? >> >> partition_denylist_enabled: true >> denylist_reads_enabled: true >> >> They're commented out by default. >> >> Thanks, >> >> Aaron >> >> >> On Mon, Oct 17, 2022 at 4:53 PM Aaron Ploetz <aaronplo...@gmail.com> >> wrote: >> >>> Thanks for the help with the INSERT, Cheng! I'm further along than >>> before. But it still must not be matching up quite right, because I can >>> still select that partition. >>> >>> I have several different combinations of the two keys (and I removed the >>> space) of "Minneapolis,MN" and 202210. Here's what I've got out there so >>> far: >>> >>> aaron@cqlsh:stackoverflow> select ks_name, table_name, blobAsText(key) >>> from system_distributed.partition_denylist; >>> >>> ks_name | table_name | system.blobastext(key) >>> ---------------+---------------------+-------------------------- >>> stackoverflow | weather_sensor_data | 'Minneapolis,MN', 202210 >>> stackoverflow | weather_sensor_data | 'Minneapolis,MN',202210 >>> stackoverflow | weather_sensor_data | 'Minneapolis,MN':202210 >>> stackoverflow | weather_sensor_data | Minneapolis,MN, 202210 >>> stackoverflow | weather_sensor_data | Minneapolis,MN202210 >>> stackoverflow | weather_sensor_data | Minneapolis,MN:202210 >>> >>> (6 rows) >>> >>> aaron@cqlsh:stackoverflow> SELECT * FROM weather_sensor_data WHERE >>> city='Minneapolis,MN' AND month=202210; >>> >>> city | month | recorded_time | temp >>> ----------------+--------+---------------------------------+------ >>> Minneapolis,MN | 202210 | 2022-10-17 11:30:00.000000+0000 | 1 >>> Minneapolis,MN | 202210 | 2022-10-17 11:25:00.000000+0000 | 1 >>> Minneapolis,MN | 202210 | 2022-10-17 11:20:00.000000+0000 | 1 >>> Minneapolis,MN | 202210 | 2022-10-17 11:15:00.000000+0000 | 1 >>> Minneapolis,MN | 202210 | 2022-10-17 11:10:00.000000+0000 | 2 >>> Minneapolis,MN | 202210 | 2022-10-17 11:05:00.000000+0000 | 2 >>> Minneapolis,MN | 202210 | 2022-10-17 11:00:00.000000+0000 | 2 >>> >>> (7 rows) >>> >>> As you can see, I can still select the partition. I was really hoping >>> one of those combinations would do it. >>> >>> Looking at the StorageProxyTest.java in the project, I saw that it was >>> delimited by a colon ":", which is why I tried that, too. >>> >>> Still looking for the right way to enter both of those keys. >>> >>> Thanks, >>> >>> Aaron >>> >>> >>> On Mon, Oct 17, 2022 at 4:40 PM Cheng Wang <che...@netflix.com> wrote: >>> >>>> Another approach is, instead of using $$, you can put additional pair >>>> of single quote around the 'Minneapolis, MN' >>>> >>>> cqlsh> insert into system_distributed.partition_denylist (ks_name, >>>> table_name, key) values ('stackoverflow', 'weather_sensor_data', >>>> textAsBlob('''Minneapolis, MN'', 202210')); >>>> >>>> cqlsh> select ks_name, table_name, blobAsText(key) from >>>> system_distributed.partition_denylist; >>>> >>>> >>>> ks_name | table_name | system.blobastext(key) >>>> >>>> ---------------+---------------------+--------------------------- >>>> >>>> stackoverflow | weather_sensor_data | 'Minneapolis, MN', 202210 >>>> >>>> On Mon, Oct 17, 2022 at 2:30 PM Cheng Wang <che...@netflix.com> wrote: >>>> >>>>> Hi Aaron, >>>>> >>>>> Yes, you can directly insert into the >>>>> system_distributed.partition_denylist >>>>> instead of using JMX. Jordan wrote a blog post for denylist >>>>> >>>>> https://cassandra.apache.org/_/blog/Apache-Cassandra-4.1-Denylisting-Partitions.html >>>>> >>>>> And the syntax error, one way around is to put $$ around like below >>>>> >>>>> cqlsh> insert into system_distributed.partition_denylist (ks_name, >>>>> table_name, key) values ('stackoverflow', 'weather_sensor_data', >>>>> textAsBlob($$'Minneapolis, MN', 202210$$)); >>>>> >>>>> There is post about this >>>>> >>>>> https://docs.datastax.com/en/cql-oss/3.3/cql/cql_reference/escape_char_r.html#:~:text=Column%20names%20that%20contain%20characters,using%20a%20single%20quotation%20mark >>>>> . >>>>> >>>>> and then you can verify the insert by doing >>>>> >>>>> cqlsh> select ks_name, table_name, blobAsText(key) from >>>>> system_distributed.partition_denylist; >>>>> >>>>> >>>>> ks_name | table_name | system.blobastext(key) >>>>> >>>>> ---------------+---------------------+--------------------------- >>>>> >>>>> stackoverflow | weather_sensor_data | 'Minneapolis, MN', 202210 >>>>> Pls let me know if it works for you. >>>>> >>>>> >>>>> On Mon, Oct 17, 2022 at 1:35 PM Aaron Ploetz <aaronplo...@gmail.com> >>>>> wrote: >>>>> >>>>>> I have this table definition: >>>>>> >>>>>> CREATE TABLE stackoverflow.weather_sensor_data ( >>>>>> city text, >>>>>> month int, >>>>>> recorded_time timestamp, >>>>>> temp float, >>>>>> PRIMARY KEY ((city, month), recorded_time) >>>>>> ) WITH CLUSTERING ORDER BY (recorded_time DESC) >>>>>> >>>>>> Sample data looks like this: >>>>>> >>>>>> > SELECT * FROM weather_sensor_data WHERE city='Minneapolis, MN' AND >>>>>> month=202111; >>>>>> >>>>>> city | month | recorded_time | temp >>>>>> -----------------+--------+---------------------------------+------ >>>>>> Minneapolis, MN | 202111 | 2021-11-01 08:35:00.000000+0000 | 3 >>>>>> Minneapolis, MN | 202111 | 2021-11-01 08:30:00.000000+0000 | 3 >>>>>> Minneapolis, MN | 202111 | 2021-11-01 08:25:00.000000+0000 | 2 >>>>>> Minneapolis, MN | 202111 | 2021-11-01 08:20:00.000000+0000 | 2 >>>>>> Minneapolis, MN | 202111 | 2021-11-01 08:15:00.000000+0000 | 2 >>>>>> >>>>>> (5 rows) >>>>>> >>>>>> Using JMX Term, I've tried to denylist that partition, but I must >>>>>> have the syntax for composite keys incorrect: >>>>>> >>>>>> $>bean org.apache.cassandra.db:type=StorageProxy >>>>>> $>run denylistKey stackoverflow weather_sensor_data "'Minneapolis, >>>>>> MN',202210" >>>>>> #IllegalArgumentException: Operation denylistKey with 4 parameters >>>>>> doesn't exist in bean org.apache.cassandra.db:type=StorageProxy >>>>>> >>>>>> Obviously, it's reading the space between "Minneapolis," and "MN" as >>>>>> a delimiter. What's the right way to handle commas, spaces, and >>>>>> composite >>>>>> keys for this? >>>>>> >>>>>> Also, is there another way to accomplish this without using JMX? >>>>>> >>>>>> Thanks, >>>>>> >>>>>> Aaron >>>>>> >>>>>> >>>>>> >>>>>>