Cassandra Configurations

These are the required configurations:

  • For JMX Configurations for Apache/DSE Cassandra:

    1. Open cassandra-env.sh file.

    2. To enable JMX for:

      1. local connection, under the if [ "$LOCAL_JMX" = "yes" ]; then statement, set:

        JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.authenticate=true"

      2. for remote connection, under the corresponding else statement, set:

        JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.authenticate=true"

    3. Set the path to the credentials file, jmxremote.password:

      JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.password.file=PATH TO FILE"

    4. In the jmxremote.password file, set JMX credentials to be the same as that of the database user credentials to be specified in the collector configuration:

      username password
      Note:

      You may choose to give ReadOnly JMX access to the database monitoring user by defining in the jmxremote.access file as mentioned in Enabling JMX authentication and authorization.

      Note:

      If DB and JMX have different SSL key stores, use:

      • The DB SSL properties in the Controller collector configuration
      • The system properties to set the JMX SSL properties

      Run command:

      -Djavax.net.ssl.keyStore="<path-to-clientKeyStore>" -Djavax.net.ssl.keyStorePassword=<keystore-password> -Djavax.net.ssl.trustStore="<path-to-clientTruststore>" -Djavax.net.ssl.trustStorePassword=<client-truststore-password>
      If JMX SSL is disabled, set "-Dcassandra.jmx.ssl.enabled" = false and if JMX SSL is enabled, then set "-Dcassandra.jmx.ssl.enabled" = true.

      To monitor the JMX SSL-enabled Cassandra database, add the following properties:

      Dcassandra.jmx.ssl.enabled=true -Djavax.net.ssl.trustStore="<truststore location>" -Djavax.net.ssl.trustStorePassword=<password>

      If you are using a single Database Agent to monitor multiple Cassandra clusters where each Cassandra cluster has different root CAs.

      Then, to monitor these Cassandra clusters with different keystore credentials, create one trust store that contains all root CAs of Cassandra clusters and Controller certificates.

      For example, to import two root CAs, run the following command:

      keytool -import -alias <alias-of-CA1> -file <root-CA-of-DB1> -keystore <truststore-location1> -storepass <truststore-password1>
keytool -import -alias <alias-of-CA2> -file <root-CA-of-DB2> -keystore <truststore-location1> -storepass <truststore-password1>

      For more information, see Enable SSL and SSH for Database Agent Communications.

      If you cannot create a single trust store, use different Database Agents while monitoring different Cassandra clusters.