New Cassandra Cluster – The pit to be filled with immediately

Role-based authentication

The business cluster is configured to enable role-based authentication by performing the following steps. The configuration steps are as follows:

Modify the authorization options of the cassandra.yaml 
file: authenticator = " The specific value is changed to PasswordAuthenticator. This option forces the role name and password to be required to access the cluster.
Restart the database.

Change the system_auth key space replication factor:


High-risk default value: By default, this role authorization table will only have one file, it has no copy, and it stores roles And permissions.


Solution:

I increased the number of copies by modifying the value of the REPLICATION field of the system_auth table.

1: Log in to cqlsh. 
2: Authorization system keyspace system_auth storage role.

Configuration command reference:

ALTER KEYSPACE system_auth
WITH REPLICATION= {'class':'NetworkTopologyStrategy',
'data_center_name': N,
'data_center_name': N};

Actual configuration example:

My cluster only has dc1, and I configure DC1\3 copies,

ALTER KEYSPACE system_auth
WITH REPLICATION= {'class':'NetworkTopologyStrategy',
'dc1': 3};

Run nodetool to repair.

nodetool repair --full system_auth

Reference documents:

https://docs.datastax.com/en/security/5.1/security/secSystemKeyspace. html
https://www.ibm.com/developerworks/cn/opensource/os-cn-apache-cassandra3x5/index.html

WordPress database error: [Table 'yf99682.wp_s6mz6tyggq_comments' doesn't exist]
SELECT SQL_CALC_FOUND_ROWS wp_s6mz6tyggq_comments.comment_ID FROM wp_s6mz6tyggq_comments WHERE ( comment_approved = '1' ) AND comment_post_ID = 2439 ORDER BY wp_s6mz6tyggq_comments.comment_date_gmt ASC, wp_s6mz6tyggq_comments.comment_ID ASC

Leave a Comment

Your email address will not be published.