Quantcast

what other ports than 7199 need to be open for nodetool to work?

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

what other ports than 7199 need to be open for nodetool to work?

Yiming Sun
Hi,

We opened port 7199 on a cassandra node, but were unable to get a nodetool to talk to it remotely unless we turn off the firewall entirely.  So what other ports should be opened for this -- online posts all indicate that JMX uses a random dynamic port, which would be difficult to create a firewall exception unless writing a custom java agent.  So we just wondering if cassandra nodetool uses a specific port/port range.  Thanks.

-- Y.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: what other ports than 7199 need to be open for nodetool to work?

Nick Bailey-2
You are correct about the second random dynamic port. There is a
ticket open to fix that as well as some other jmx issues:

https://issues.apache.org/jira/browse/CASSANDRA-2967

Regarding nodetool, it doesn't do anything special. Nodetool is often
used to connect to 'localhost' which generally does not have any
firewall rules at all so it usually works. It is still connecting to a
random second port though.

On Mon, Mar 26, 2012 at 2:42 PM, Yiming Sun <[hidden email]> wrote:

> Hi,
>
> We opened port 7199 on a cassandra node, but were unable to get a nodetool
> to talk to it remotely unless we turn off the firewall entirely.  So what
> other ports should be opened for this -- online posts all indicate that JMX
> uses a random dynamic port, which would be difficult to create a firewall
> exception unless writing a custom java agent.  So we just wondering if
> cassandra nodetool uses a specific port/port range.  Thanks.
>
> -- Y.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: what other ports than 7199 need to be open for nodetool to work?

Yiming Sun
Thanks Nick -- I didn't know about this ticket.  Good to know.

Yes, nodetool doesn't do anything special - but I still wish I could use nodetool to examine other nodes, instead of having to ssh to other nodes first and then nodetool each one (i am lazy :-).

-- Y.

On Mon, Mar 26, 2012 at 3:50 PM, Nick Bailey <[hidden email]> wrote:
You are correct about the second random dynamic port. There is a
ticket open to fix that as well as some other jmx issues:

https://issues.apache.org/jira/browse/CASSANDRA-2967

Regarding nodetool, it doesn't do anything special. Nodetool is often
used to connect to 'localhost' which generally does not have any
firewall rules at all so it usually works. It is still connecting to a
random second port though.

On Mon, Mar 26, 2012 at 2:42 PM, Yiming Sun <[hidden email]> wrote:
> Hi,
>
> We opened port 7199 on a cassandra node, but were unable to get a nodetool
> to talk to it remotely unless we turn off the firewall entirely.  So what
> other ports should be opened for this -- online posts all indicate that JMX
> uses a random dynamic port, which would be difficult to create a firewall
> exception unless writing a custom java agent.  So we just wondering if
> cassandra nodetool uses a specific port/port range.  Thanks.
>
> -- Y.

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: what other ports than 7199 need to be open for nodetool to work?

Edward Capriolo
I have documented some of the things you can do to make the random
port nature of JMX happy.

http://www.jointhegrid.com/highperfcassandra/?p=140

Other options are setting up mx4j or using jmxterm, or setting up a
sock proxy and tell jconsole to use your proxy.

Also there is the xwindows over vnc over ssh route.

Edward


On Mon, Mar 26, 2012 at 3:54 PM, Yiming Sun <[hidden email]> wrote:

> Thanks Nick -- I didn't know about this ticket.  Good to know.
>
> Yes, nodetool doesn't do anything special - but I still wish I could use
> nodetool to examine other nodes, instead of having to ssh to other nodes
> first and then nodetool each one (i am lazy :-).
>
> -- Y.
>
> On Mon, Mar 26, 2012 at 3:50 PM, Nick Bailey <[hidden email]> wrote:
>>
>> You are correct about the second random dynamic port. There is a
>> ticket open to fix that as well as some other jmx issues:
>>
>> https://issues.apache.org/jira/browse/CASSANDRA-2967
>>
>> Regarding nodetool, it doesn't do anything special. Nodetool is often
>> used to connect to 'localhost' which generally does not have any
>> firewall rules at all so it usually works. It is still connecting to a
>> random second port though.
>>
>> On Mon, Mar 26, 2012 at 2:42 PM, Yiming Sun <[hidden email]> wrote:
>> > Hi,
>> >
>> > We opened port 7199 on a cassandra node, but were unable to get a
>> > nodetool
>> > to talk to it remotely unless we turn off the firewall entirely.  So
>> > what
>> > other ports should be opened for this -- online posts all indicate that
>> > JMX
>> > uses a random dynamic port, which would be difficult to create a
>> > firewall
>> > exception unless writing a custom java agent.  So we just wondering if
>> > cassandra nodetool uses a specific port/port range.  Thanks.
>> >
>> > -- Y.
>
>
Loading...