The following steps should be taken in order to connect Fabric to Cassandra in TLS mode.
Tar and copy the Cassandra keys and certificates into all the Fabric nodes in the cluster.
tar -czvf keys.tar.gz -C $INSTALL_DIR/.cassandra_ssl .
# copy to all Fabric nodes
# 172.27.0.102 represents IP address of each node
scp keys.tar.gz fabric@172.27.0.102:/opt/apps/fabric/
In case of a Docker installation, use the following commands to copy between running containers
docker cp cassandra:/opt/apps/cassandra/keys.tar.gz ./
docker cp keys.tar.gz fabric:/usr/local/k2view/
Stop Fabric k2fabric stop
.
Extract the keys.tar.gz
file
mkdir -p $K2_HOME/.cassandra_ssl && tar -zxvf keys.tar.gz -C $K2_HOME/.cassandra_ssl
Edit the $K2_HOME/config/jvm.options
file using the appropriate passwords and certification files:
sed -i "s@#SSL=false@SSL=true@" $K2_HOME/config/config.ini
sed -i "s@#PORT=$.*@PORT=9142@" $K2_HOME/config/config.ini
sed -i "s@^USER=.*@USER=k2admin@" $K2_HOME/config/config.ini
sed -i "s@^PASSWORD=.*@PASSWORD=Q1w2e3r4t5@" $K2_HOME/config/config.ini
sed -i 's@#-Djavax.net.ssl.keyStore=.*@-Djavax.net.ssl.keyStore=$K2_HOME/.cassandra_ssl/cassandra.keystore@g' $K2_HOME/config/jvm.options
sed -i 's@#-Djavax.net.ssl.keyStorePassword=.*@-Djavax.net.ssl.keyStorePassword=Q1w2e3r4t5@g' $K2_HOME/config/jvm.options
sed -i 's@#-Djavax.net.ssl.trustStore=.*@-Djavax.net.ssl.trustStore=$K2_HOME/.cassandra_ssl/cassandra.truststore@g' $K2_HOME/config/jvm.options
sed -i 's@#-Djavax.net.ssl.trustStorePassword=.*@-Djavax.net.ssl.trustStorePassword=Q1w2e3r4t5@g' $K2_HOME/config/jvm.options
Start the Fabric service on each node: k2fabric start
.
The following steps should be taken in order to connect Fabric to Cassandra in TLS mode.
Tar and copy the Cassandra keys and certificates into all the Fabric nodes in the cluster.
tar -czvf keys.tar.gz -C $INSTALL_DIR/.cassandra_ssl .
# copy to all Fabric nodes
# 172.27.0.102 represents IP address of each node
scp keys.tar.gz fabric@172.27.0.102:/opt/apps/fabric/
In case of a Docker installation, use the following commands to copy between running containers
docker cp cassandra:/opt/apps/cassandra/keys.tar.gz ./
docker cp keys.tar.gz fabric:/usr/local/k2view/
Stop Fabric k2fabric stop
.
Extract the keys.tar.gz
file
mkdir -p $K2_HOME/.cassandra_ssl && tar -zxvf keys.tar.gz -C $K2_HOME/.cassandra_ssl
Edit the $K2_HOME/config/jvm.options
file using the appropriate passwords and certification files:
sed -i "s@#SSL=false@SSL=true@" $K2_HOME/config/config.ini
sed -i "s@#PORT=$.*@PORT=9142@" $K2_HOME/config/config.ini
sed -i "s@^USER=.*@USER=k2admin@" $K2_HOME/config/config.ini
sed -i "s@^PASSWORD=.*@PASSWORD=Q1w2e3r4t5@" $K2_HOME/config/config.ini
sed -i 's@#-Djavax.net.ssl.keyStore=.*@-Djavax.net.ssl.keyStore=$K2_HOME/.cassandra_ssl/cassandra.keystore@g' $K2_HOME/config/jvm.options
sed -i 's@#-Djavax.net.ssl.keyStorePassword=.*@-Djavax.net.ssl.keyStorePassword=Q1w2e3r4t5@g' $K2_HOME/config/jvm.options
sed -i 's@#-Djavax.net.ssl.trustStore=.*@-Djavax.net.ssl.trustStore=$K2_HOME/.cassandra_ssl/cassandra.truststore@g' $K2_HOME/config/jvm.options
sed -i 's@#-Djavax.net.ssl.trustStorePassword=.*@-Djavax.net.ssl.trustStorePassword=Q1w2e3r4t5@g' $K2_HOME/config/jvm.options
Start the Fabric service on each node: k2fabric start
.