Cassandra服务器上的错误:无法与任何种子闲谈 [英] Error on Cassandra server: Unable to gossip with any seeds
问题描述
我向单节点cassandra群集添加第二个节点,并在第二个节点上获取堆栈跟踪:
错误18:13:42,941启动期间遇到异常
java.lang.RuntimeException:无法使用任何种子来传送
在org.apache.cassandra.gms.Gossiper.doShadowRound(Gossiper.java:1193 )
at org.apache.cassandra.service.StorageService.checkForEndpointCollision(StorageService.java:446)
at org.apache.cassandra.service.StorageService.prepareToJoin(StorageService.java:655)
at org.apache.cassandra.service.StorageService.initServer(StorageService.java:611)
at org.apache.cassandra.service.StorageService.initServer(StorageService.java:504)
at org。 apache.cassandra.service.CassandraDaemon.setup(CassandraDaemon.java:378)
在org.apache.cassandra.service.CassandraDaemon.activate(CassandraDaemon.java:496)
在org.apache.cassandra。 service.CassandraDaemon.main(CassandraDaemon.java:585)
java.lang.RuntimeException:无法使用任何种子来讨论
org.apache.cassandra.gms.Gossiper.doShadowRound(Gossiper.java:1193 )
at org.apache.cassandra.service.StorageService.checkForEndpointCollision(StorageService.java:446)
at org.apache.cassandra.service.StorageService.prepareToJoin(StorageService.java:655)
at org.apache.cassandra.service.StorageService.initServer(StorageService.java:611)
at org.apache.cassandra.service.StorageService.initServer(StorageService.java:504)
at org。 apache.cassandra.service.CassandraDaemon.setup(CassandraDaemon.java:378)
在org.apache.cassandra.service.CassandraDaemon.activate(CassandraDaemon.java:496)
在org.apache.cassandra。 service.CassandraDaemon.main(CassandraDaemon.java:585)
启动期间遇到的异常:无法使用任何种子进行闲话
错误18:13:42,785线程中的异常Thread [StorageServiceShutdownHook,5,main]
java.lang.NullPointerException
at org.apache.cassandra.gms.Gossiper.stop(Gossiper.java:1270)
at org.apache.cassandra.service.StorageService $ 1.runMayThrow(StorageService。 java:572)
at org.apache.cassandra.utils.WrappedRunnable.run(WrappedRunnable.java:28)
at java.lang.Thread.run(Thread.java:744)
这个问题还有其他SO问题,但没有答案对我有用:
$ b。\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' $ b
我在两个节点上运行Cassandra 2.0.8和jdk 1.7.0_51。一个节点托管在DigitalOcean,另一个节点在Linode。我试过
配置它们作为同一个数据中心和不同的数据中心在cassandra-rackdc.properties,它没有
的区别。我试过listen_address和broadcast_address空白和硬编码,没有什么区别。我没有限制
密码套件列表,以停止大量关于丢失密码套件的日志消息。从库存cassandra.yaml,我更改了
以下条目,不包括与并发写入和压缩相关的条目。为了这个问题,无论
在配置中有一个硬编码的ip地址,我已经替换了。每个盒子都有一个防火墙,但我试过它
防火墙禁用。我也试过了''internode_encryption:none'',结果是一样的。我使用telnet
和netcat确认每个主机都可以连接到另一个的7000和7001端口。
在原主机上:
- seeds:< host1>
listen_address:
broadcast_address:
endpoint_snitch:GossipingPropertyFileSnitch
internode_encryption:all
cipher_suites:[TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
- 种子:
< < host1>
listen_address:
broadcast_address:
endpoint_snitch:GossipingPropertyFileSnitch
internode_encryption:all
cipher_suites:[TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
编辑:
此外,使用netstat我可以看到新服务器成功建立了一个tcp
编辑:
好的,第二天。我在两台机器上升级到java 1.7.0_60。 Gossip现在可以使用
internode_encryption:none
。我非常怀疑新的结果是与JDK的变化有关;
我已经在每个配置文件中注释了列出密码的行。 Gossip仍然以相同的方式失败,
internode_encryption:all
。种子节点的日志是干净的,但其他节点记录过滤掉TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,因为它不被套接字支持
,直到gossip失败。我认为日志条目与失败相关。为什么一个日志这个和另一个不,我不知道。他们都是debian运行相同的jdk版本。
编辑:
在两个节点上安装JCE过滤警告消失。仍然没有加密的节点间通信。
编辑:
启用调试后,种子节点日志:
DEBUG 22:44:57,409读取套接字错误d862c40 [SSL_NULL_WITH_NULL_NULL:Socket [addr = / 10.128.139.94,port = 60611,localport = 7001]]
javax.net.ssl.SSLHandshakeException:没有公共密码套件
解决方案现在使用未加密或加密的通信工作。在两台服务器上安装JCE扩展并对证书生成进行更改后,加密通信开始工作。 准备Cassandra 2.0的服务器证书的Datastax说明会丢弃这是 Cassandra 1.2说明中提供的参数。包括参数似乎有所不同。附加参数为 -keyalg RSA :
种子服务器:
keytool -genkey - 别名prod01 -keystore .keystore -keyalg RSA
keytool -export -alias prod01 -file prod01.cer -keystore .keystore -keyalg RSA
其他服务器:
keytool -genkey - alias prod00 -keystore .keystore -keyalg RSA
keytool -export -alias prod00 -file prod00.cer -keystore .keystore -keyalg RSA
然后,确保两个服务器都有这两个证书,并使用它们在两个服务器上使用这些命令创建信任存储:
keytool -import -v -trustcacerts -alias prod00 -file prod00.cer -keystore .truststore
keytool -import -v -trustcacerts -alias prod01 -file prod01.cer -keystore。 truststore
chmod go-rwx .keystore
I'm adding a second node to a single-node cassandra cluster, and getting a stack trace on the second node:
ERROR 18:13:42,841 Exception encountered during startup java.lang.RuntimeException: Unable to gossip with any seeds at org.apache.cassandra.gms.Gossiper.doShadowRound(Gossiper.java:1193) at org.apache.cassandra.service.StorageService.checkForEndpointCollision(StorageService.java:446) at org.apache.cassandra.service.StorageService.prepareToJoin(StorageService.java:655) at org.apache.cassandra.service.StorageService.initServer(StorageService.java:611) at org.apache.cassandra.service.StorageService.initServer(StorageService.java:504) at org.apache.cassandra.service.CassandraDaemon.setup(CassandraDaemon.java:378) at org.apache.cassandra.service.CassandraDaemon.activate(CassandraDaemon.java:496) at org.apache.cassandra.service.CassandraDaemon.main(CassandraDaemon.java:585) java.lang.RuntimeException: Unable to gossip with any seeds at org.apache.cassandra.gms.Gossiper.doShadowRound(Gossiper.java:1193) at org.apache.cassandra.service.StorageService.checkForEndpointCollision(StorageService.java:446) at org.apache.cassandra.service.StorageService.prepareToJoin(StorageService.java:655) at org.apache.cassandra.service.StorageService.initServer(StorageService.java:611) at org.apache.cassandra.service.StorageService.initServer(StorageService.java:504) at org.apache.cassandra.service.CassandraDaemon.setup(CassandraDaemon.java:378) at org.apache.cassandra.service.CassandraDaemon.activate(CassandraDaemon.java:496) at org.apache.cassandra.service.CassandraDaemon.main(CassandraDaemon.java:585) Exception encountered during startup: Unable to gossip with any seeds ERROR 18:13:42,885 Exception in thread Thread[StorageServiceShutdownHook,5,main] java.lang.NullPointerException at org.apache.cassandra.gms.Gossiper.stop(Gossiper.java:1270) at org.apache.cassandra.service.StorageService$1.runMayThrow(StorageService.java:572) at org.apache.cassandra.utils.WrappedRunnable.run(WrappedRunnable.java:28) at java.lang.Thread.run(Thread.java:744)
There are other SO questions with this same issue, but none of the answers have worked for me:
Apache Cassandra: Unable to gossip with any seeds
new cassandra node can't gossip with seed
Datastax Enterprise is crashing with Unable to gossip with any seeds error
I'm running Cassandra 2.0.8 and jdk 1.7.0_51 on both nodes. One node is hosted at DigitalOcean, the other at Linode. I've tried configuring them as the same datacenter and as different datacenters in cassandra-rackdc.properties, it makes no difference. I've tried listen_address and broadcast_address blank and hardcoded, makes no difference. I did limit the list of cipher suites to stop a flood of log messages about missing cipher suites. From the stock cassandra.yaml, I've changed the following entries, excluding entries related to concurrent writes and compaction. For the sake of this question, wherever there's a hardcoded ip address in the config, I've replaced those with . Each box has a firewall, but I've tried it with the firewalls disabled. I've also tried it with ''internode_encryption: none'' and the result is the same. I've used telnet and netcat to confirm that each host can connect to the other's port 7000 and 7001.
on the original host:
- seeds: "<host1>" listen_address: broadcast_address: endpoint_snitch: GossipingPropertyFileSnitch internode_encryption: all cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
on the new host:
- seeds: "<host1>" listen_address: broadcast_address: endpoint_snitch: GossipingPropertyFileSnitch internode_encryption: all cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
Edit:
Also, using netstat I can see that the new server successfully establishes a tcp connection to port 7001 of the original server.
Edit:
Okay, next day. I've upgraded to java 1.7.0_60 on both machines. Gossip now works with
internode_encryption: none
. I very much doubt the new result is related to the change in JDK; it's more likely related to some carelessness in scrubbing directories or the like.I've commented the line in each config file that lists ciphers. Gossip still fails in the same way with
internode_encryption: all
. The seed node's logs are clean, but the other node logsFiltering out TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA as it isnt supported by the socket
repeatedly until gossip fails. I think the log entry is related to the failure. Why one logs this and the other not, I don't know. They're both debian running the same jdk version.Edit:
Installing the JCE on both nodes made the filtering warning go away. Still no encrypted internode communication at this point.
Edit:
With debug turned on, the seed node logs:
DEBUG 22:44:57,409 Error reading the socket d862c40[SSL_NULL_WITH_NULL_NULL: Socket[addr=/10.128.139.94,port=60611,localport=7001]] javax.net.ssl.SSLHandshakeException: no cipher suites in common
I've pretty carefully created the certs for both servers, following the instructions at http://www.datastax.com/documentation/cassandra/2.0/cassandra/security/secureSSLCertificates_t.html?scroll=task_ds_c14_xjy_2k.
解决方案It's now working using either unencrypted or encrypted communications. Encrypted communications started working after installing the JCE extensions on both servers, and making a change in certificate generation. The Datastax instructions for preparing server certificates for Cassandra 2.0 drops a parameter that was present in their Cassandra 1.2 instructions. Including the parameter seemed to make the difference. The additional parameter is -keyalg RSA:
Seed server: keytool -genkey -alias prod01 -keystore .keystore -keyalg RSA keytool -export -alias prod01 -file prod01.cer -keystore .keystore -keyalg RSA Other server: keytool -genkey -alias prod00 -keystore .keystore -keyalg RSA keytool -export -alias prod00 -file prod00.cer -keystore .keystore -keyalg RSA
Then, make sure both servers have both certs, and use them to create a trust store using these commands on both servers:
keytool -import -v -trustcacerts -alias prod00 -file prod00.cer -keystore .truststore keytool -import -v -trustcacerts -alias prod01 -file prod01.cer -keystore .truststore chmod go-rwx .keystore
这篇关于Cassandra服务器上的错误:无法与任何种子闲谈的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!