You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by ja...@apache.org on 2015/06/25 19:45:31 UTC
[1/2] cassandra git commit: Allow JMX over SSL directly from nodetool
Repository: cassandra
Updated Branches:
refs/heads/cassandra-2.2 8b9c91eba -> f4449bd45
Allow JMX over SSL directly from nodetool
patch by Marcus Olsson, reviewed by jasobrown for CASSANDRA-9090
Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo
Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/628394a6
Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/628394a6
Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/628394a6
Branch: refs/heads/cassandra-2.2
Commit: 628394a6fad134dee3d1ec340b88ffcba51e67e7
Parents: d6c37bd
Author: Jason Brown <ja...@gmail.com>
Authored: Thu Jun 25 07:17:41 2015 -0700
Committer: Jason Brown <ja...@gmail.com>
Committed: Thu Jun 25 10:36:42 2015 -0700
----------------------------------------------------------------------
CHANGES.txt | 1 +
bin/nodetool | 13 +++++++++++++
conf/cassandra-env.sh | 8 ++++++++
src/java/org/apache/cassandra/tools/NodeProbe.java | 14 ++++++++++++++
4 files changed, 36 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cassandra/blob/628394a6/CHANGES.txt
----------------------------------------------------------------------
diff --git a/CHANGES.txt b/CHANGES.txt
index e8ac3e7..fded5fc 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
2.1.7
+ * Allow JMX over SSL directly from nodetool (CASSANDRA-9090)
* Fix incorrect result for IN queries where column not found (CASSANDRA-9540)
* ColumnFamilyStore.selectAndReference may block during compaction (CASSANDRA-9637)
* Fix bug in cardinality check when compacting (CASSANDRA-9580)
http://git-wip-us.apache.org/repos/asf/cassandra/blob/628394a6/bin/nodetool
----------------------------------------------------------------------
diff --git a/bin/nodetool b/bin/nodetool
index e81c59b..d211459 100755
--- a/bin/nodetool
+++ b/bin/nodetool
@@ -56,6 +56,8 @@ fi
# JMX Port passed via cmd line args (-p 9999 / --port 9999 / --port=9999)
# should override the value from cassandra-env.sh
ARGS=""
+JVM_ARGS=""
+SSL_FILE=$HOME/.cassandra/nodetool-ssl.properties
while true
do
if [ ! $1 ]; then break; fi
@@ -71,6 +73,16 @@ do
JMX_PORT=$2
shift
;;
+ --ssl)
+ if [ -f $SSL_FILE ]
+ then
+ SSL_ARGS=$(cat $SSL_FILE | tr '\n' ' ')
+ fi
+ JVM_ARGS="$JVM_ARGS -Dssl.enable=true $SSL_ARGS"
+ ;;
+ -D*)
+ JVM_ARGS="$JVM_ARGS $1"
+ ;;
*)
ARGS="$ARGS $1"
;;
@@ -91,6 +103,7 @@ esac
-Dcassandra.storagedir="$cassandra_storagedir" \
-Dlogback.configurationFile=logback-tools.xml \
-Dstorage-config="$CASSANDRA_CONF" \
+ $JVM_ARGS \
org.apache.cassandra.tools.NodeTool -p $JMX_PORT $ARGS
# vi:ai sw=4 ts=4 tw=0 et
http://git-wip-us.apache.org/repos/asf/cassandra/blob/628394a6/conf/cassandra-env.sh
----------------------------------------------------------------------
diff --git a/conf/cassandra-env.sh b/conf/cassandra-env.sh
index 2e22f7f..73217bb 100644
--- a/conf/cassandra-env.sh
+++ b/conf/cassandra-env.sh
@@ -286,6 +286,14 @@ else
JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.ssl=false"
JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.authenticate=true"
JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.password.file=/etc/cassandra/jmxremote.password"
+# JVM_OPTS="$JVM_OPTS -Djavax.net.ssl.keyStore=/path/to/keystore"
+# JVM_OPTS="$JVM_OPTS -Djavax.net.ssl.keyStorePassword=<keystore-password>"
+# JVM_OPTS="$JVM_OPTS -Djavax.net.ssl.trustStore=/path/to/truststore"
+# JVM_OPTS="$JVM_OPTS -Djavax.net.ssl.trustStorePassword=<truststore-password>"
+# JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.ssl.need.client.auth=true"
+# JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.registry.ssl=true"
+# JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.ssl.enabled.protocols=<enabled-protocols>"
+# JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.ssl.enabled.cipher.suites=<enabled-cipher-suites>"
fi
# To use mx4j, an HTML interface for JMX, add mx4j-tools.jar to the lib/
http://git-wip-us.apache.org/repos/asf/cassandra/blob/628394a6/src/java/org/apache/cassandra/tools/NodeProbe.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/tools/NodeProbe.java b/src/java/org/apache/cassandra/tools/NodeProbe.java
index da1fca0..d3bce4d 100644
--- a/src/java/org/apache/cassandra/tools/NodeProbe.java
+++ b/src/java/org/apache/cassandra/tools/NodeProbe.java
@@ -27,6 +27,8 @@ import java.lang.management.MemoryUsage;
import java.lang.management.RuntimeMXBean;
import java.net.InetAddress;
import java.net.UnknownHostException;
+import java.rmi.server.RMIClientSocketFactory;
+import java.rmi.server.RMISocketFactory;
import java.text.SimpleDateFormat;
import java.util.AbstractMap;
import java.util.ArrayList;
@@ -58,6 +60,7 @@ import javax.management.remote.JMXConnectionNotification;
import javax.management.remote.JMXConnector;
import javax.management.remote.JMXConnectorFactory;
import javax.management.remote.JMXServiceURL;
+import javax.rmi.ssl.SslRMIClientSocketFactory;
import org.apache.cassandra.concurrent.JMXEnabledThreadPoolExecutorMBean;
import org.apache.cassandra.db.ColumnFamilyStoreMBean;
@@ -182,6 +185,9 @@ public class NodeProbe implements AutoCloseable
String[] creds = { username, password };
env.put(JMXConnector.CREDENTIALS, creds);
}
+
+ env.put("com.sun.jndi.rmi.factory.socket", getRMIClientSocketFactory());
+
jmxc = JMXConnectorFactory.connect(jmxUrl, env);
mbeanServerConn = jmxc.getMBeanServerConnection();
@@ -218,6 +224,14 @@ public class NodeProbe implements AutoCloseable
mbeanServerConn, ManagementFactory.RUNTIME_MXBEAN_NAME, RuntimeMXBean.class);
}
+ private RMIClientSocketFactory getRMIClientSocketFactory() throws IOException
+ {
+ if (Boolean.parseBoolean(System.getProperty("ssl.enable")))
+ return new SslRMIClientSocketFactory();
+ else
+ return RMISocketFactory.getDefaultSocketFactory();
+ }
+
public void close() throws IOException
{
jmxc.close();
[2/2] cassandra git commit: Merge branch 'cassandra-2.1' into
cassandra-2.2
Posted by ja...@apache.org.
Merge branch 'cassandra-2.1' into cassandra-2.2
Conflicts:
CHANGES.txt
src/java/org/apache/cassandra/tools/NodeProbe.java
Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo
Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/f4449bd4
Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/f4449bd4
Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/f4449bd4
Branch: refs/heads/cassandra-2.2
Commit: f4449bd455650cacec480bb5a4d6c12f5a3a6b8e
Parents: 8b9c91e 628394a
Author: Jason Brown <ja...@gmail.com>
Authored: Thu Jun 25 10:45:02 2015 -0700
Committer: Jason Brown <ja...@gmail.com>
Committed: Thu Jun 25 10:45:02 2015 -0700
----------------------------------------------------------------------
CHANGES.txt | 2 ++
bin/nodetool | 13 +++++++++++++
conf/cassandra-env.sh | 8 ++++++++
src/java/org/apache/cassandra/tools/NodeProbe.java | 15 +++++++++++++++
4 files changed, 38 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cassandra/blob/f4449bd4/CHANGES.txt
----------------------------------------------------------------------
diff --cc CHANGES.txt
index 59f1c18,fded5fc..d2f40af
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@@ -1,20 -1,5 +1,22 @@@
-2.1.7
+2.2
+ * Allow JMX over SSL directly from nodetool (CASSANDRA-9090)
+ * Update cqlsh for UDFs (CASSANDRA-7556)
+ * Change Windows kernel default timer resolution (CASSANDRA-9634)
+ * Deprected sstable2json and json2sstable (CASSANDRA-9618)
+ * Allow native functions in user-defined aggregates (CASSANDRA-9542)
+ * Don't repair system_distributed by default (CASSANDRA-9621)
+ * Fix mixing min, max, and count aggregates for blob type (CASSANRA-9622)
+ * Rename class for DATE type in Java driver (CASSANDRA-9563)
+ * Duplicate compilation of UDFs on coordinator (CASSANDRA-9475)
+ * Fix connection leak in CqlRecordWriter (CASSANDRA-9576)
+ * Mlockall before opening system sstables & remove boot_without_jna option (CASSANDRA-9573)
+ * Add functions to convert timeuuid to date or time, deprecate dateOf and unixTimestampOf (CASSANDRA-9229)
+ * Make sure we cancel non-compacting sstables from LifecycleTransaction (CASSANDRA-9566)
+ * Fix deprecated repair JMX API (CASSANDRA-9570)
+ * Add logback metrics (CASSANDRA-9378)
+ * Update and refactor ant test/test-compression to run the tests in parallel (CASSANDRA-9583)
+Merged from 2.1:
++
* Fix incorrect result for IN queries where column not found (CASSANDRA-9540)
* ColumnFamilyStore.selectAndReference may block during compaction (CASSANDRA-9637)
* Fix bug in cardinality check when compacting (CASSANDRA-9580)
http://git-wip-us.apache.org/repos/asf/cassandra/blob/f4449bd4/conf/cassandra-env.sh
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cassandra/blob/f4449bd4/src/java/org/apache/cassandra/tools/NodeProbe.java
----------------------------------------------------------------------
diff --cc src/java/org/apache/cassandra/tools/NodeProbe.java
index 14215dc,d3bce4d..dbe1fe6
--- a/src/java/org/apache/cassandra/tools/NodeProbe.java
+++ b/src/java/org/apache/cassandra/tools/NodeProbe.java
@@@ -25,8 -27,13 +25,11 @@@ import java.lang.management.MemoryUsage
import java.lang.management.RuntimeMXBean;
import java.net.InetAddress;
import java.net.UnknownHostException;
+ import java.rmi.server.RMIClientSocketFactory;
+ import java.rmi.server.RMISocketFactory;
+ import java.text.SimpleDateFormat;
import java.util.AbstractMap;
import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
@@@ -49,8 -59,10 +52,9 @@@ import javax.management.openmbean.Tabul
import javax.management.remote.JMXConnector;
import javax.management.remote.JMXConnectorFactory;
import javax.management.remote.JMXServiceURL;
+ import javax.rmi.ssl.SslRMIClientSocketFactory;
-import org.apache.cassandra.concurrent.JMXEnabledThreadPoolExecutorMBean;
+import org.apache.cassandra.concurrent.Stage;
import org.apache.cassandra.db.ColumnFamilyStoreMBean;
import org.apache.cassandra.db.HintedHandOffManager;
import org.apache.cassandra.db.HintedHandOffManagerMBean;