2020年8月28日 星期五

[ 文章收集 ] Turn on Cassandra Authentication in Docker Container

 Source From Here

HowTo
I’ve recently been working on a project that uses a Cassandra database running in a Docker container, with this image. It works great, but it does not have authentication enabled by default. This is because unless you specify otherwise, the authenticator is set to AllowAllAuthenticator.

To enable authentication, just add this line to your Dockerfile:
  1. # Require user & pass for accessing Cassandra instance within container  
  2. RUN echo "authenticator: PasswordAuthenticator" >> /etc/cassandra/cassandra.yaml  
All this does is add a line to the cassandra.yaml file (the main config file for Cassandra) indicating that you want Cassandra to require a username and password for authentication.

Now, when you start up your Cassandra Docker container, you’ll be required to specify a username and password to access the database. The default login’s username is cassandra, and the default password is also cassandra. So, if you want to start a cqlsh session, you’ll have to execute (after starting a shell in the container, of course - see this, unless you’ve mapped the container to a host port):
# cqlsh -u cassandra -p cassandra

Extra Steps
If you have enabled password authentication, you may also want to consider following the procedure outlined here:
* Increase the replication factor of your system_auth keyspace to avoid getting locked out if your lone replica node goes down.
* Create a new superuser to replace the default cassandra one.
* Use the new superuser to demote the default one to NOSUPERUSER status and change its password from the default cassandra to something more secure.


沒有留言:

張貼留言

[Git 常見問題] error: The following untracked working tree files would be overwritten by merge

  Source From  Here 方案1: // x -----删除忽略文件已经对 git 来说不识别的文件 // d -----删除未被添加到 git 的路径中的文件 // f -----强制运行 #   git clean -d -fx 方案2: 今天在服务器上  gi...