0

我在从 Lagom 环境连接到 AWS Managed Cassandra 服务时遇到问题。这是我尝试过的,结果如何。

(1) Amazon 提供了从 Java 代码连接 AWS MCS 的说明:

https://docs.aws.amazon.com/fr_fr/mcs/latest/devguide/cqlsh.html#using_java_driver

说明的要点是您需要安装证书,然后将其传递给 JVM,如下所示:

-Djavax.net.ssl.trustStore=path_to_file/cassandra_truststore.jks 
-Djavax.net.ssl.trustStorePassword=amazon

然后,您可以使用您选择的任何 Cassandra Java 驱动程序。我的选择是 Lagom 框架提供的 DataStax 驱动程序。

我通过将以下内容添加到build.sbt

javaOptions ++= Seq(
  "-Djavax.net.ssl.trustStore=project/cassandra_truststore.jks",
  "-Djavax.net.ssl.trustStorePassword=amazon"
)

// Must enable JVM forking to use javaOptions with runAll.
fork := true

(2) 在将我的 Lagom 应用程序部署到 AWS 之前,我想在开发模式下使用它,但将它连接到 AWS MCS 而不是嵌入式 Cassandra 服务器。Lagom 提供了在开发模式下执行此操作的说明:

https://www.lagomframework.com/documentation/1.6.x/scala/Cas​​sandraServer.html#Connecting-to-a-locally-running-Cassandra-instance

说明的要点是将以下几行添加到build.sbt

lagomCassandraEnabled in ThisBuild := false
lagomUnmanagedServices in ThisBuild := Map("cas_native" -> "tcp://localhost:9042")

此示例中的 URI 假定 Cassandra 服务器在localhost:9042. 就我而言,我将其替换为cassandra.us-east-1.amazonaws.com:9142.

(3) 然而,当我运行时sbt runAll,我在尝试访问 AWS MCS 时遇到超时:

Caused by: com.datastax.driver.core.exceptions.NoHostAvailableException: All host(s) tried for query failed (tried: cassandra.us-east-1.amazonaws.com/3.83.168.143:9142 (com.datastax.driver.core.exceptions.OperationTimedOutException: [cassandra.us-east-1.amazonaws.com/3.83.168.143:9142] Operation timed out))

(4) 我通过完全绕过 Lagom 并且只编写了一段非常简单的代码来隔离问题,如下所示:

  System.setProperty("javax.net.ssl.trustStore", "redacted_absolute_file_path/cassandra_truststore.jks")
  System.setProperty("javax.net.ssl.trustStorePassword", "amazon")

  val cluster = Cluster.builder.addContactPoint("cassandra.us-east-1.amazonaws.com").withPort(9142).build()
  val session = cluster.connect()
  session.close()
  cluster.close()

这很简单。但是会发生同样的超时。我究竟做错了什么?

4

1 回答 1

2

通过查看 AWS MCS Python 文档找到了解决方案(Java 文档对此事明显保持沉默)。结果我确实需要配置 MCS 服务特定的凭据,然后在 Lagom 的application.conf文件中提供它们,如下所示:

cassandra.default {
  port = 9142

  ssl.truststore {
    path = "path/cassandra_truststore.jks"
    password = "amazon"
  }

  authentication {
    username = "service-specific username"
    password = "service-specific password"
  }
}

cassandra-journal {
  port = ${cassandra.default.port}

  ssl.truststore {
    path = ${cassandra.default.ssl.truststore.path}
    password = ${cassandra.default.ssl.truststore.password}
  }

  authentication {
    username = ${cassandra.default.authentication.username}
    password = ${cassandra.default.authentication.password}
  }
}

cassandra-snapshot-store {
  port = ${cassandra.default.port}

  ssl.truststore {
    path = ${cassandra.default.ssl.truststore.path}
    password = ${cassandra.default.ssl.truststore.password}
  }

  authentication {
    username = ${cassandra.default.authentication.username}
    password = ${cassandra.default.authentication.password}
  }
}

lagom.persistence.read-side.cassandra {
  port = ${cassandra.default.port}

  ssl.truststore {
    path = ${cassandra.default.ssl.truststore.path}
    password = ${cassandra.default.ssl.truststore.password}
  }

  authentication {
    username = ${cassandra.default.authentication.username}
    password = ${cassandra.default.authentication.password}
  }
}
于 2020-02-25T19:29:47.790 回答