Planning a DSE cluster on Amazon EC2

Information about deploying a production DataStax Enterprise cluster on Amazon EC2.

Before planning an Amazon Elastic Computer Cloud (Amazon EC2) cluster, read Amazon EC2 - Virtual Server Hosting.

Attention: These recommendations are guidelines:
  • To ensure your implementation meets expectations, DataStax recommends contacting the DataStax Services team.
  • Thoroughly test your configuration before deployment.
  • Amazon periodically updates its offerings. Check the Amazon EC2 documentation to determine what instances to use.

Use AMIs from trusted sources

Use only AMIs for supported platforms and from a trusted source. Random AMIs pose a security risk and may perform slower than expected due to the way the EC2 install is configured. The following are examples of trusted AMIs:

EC2 deployments for multiple regions/availability zones

For these deployments use any of the supported platform on each node:

It is best practice to use the same platform on all nodes. If your cluster was instantiated using the DataStax AMI (no longer supported), use Ubuntu for the additional nodes. Configure the cluster as a multiple datacenter cluster using the Configuring Amazon EC2 multi-region snitch.

Guidelines for EC2 production clusters

DSE requires 10,000 IOPS (Input/Ouput Operations Per Second) minimum per node. The AWS storage choices for achieving this performance level are:
EBS General Purpose SSD (gp2) volumes
To achieve IO required by DSE, you must use 3.5TB volumes, regardless of the actual space used, because gp2 provides 3 IOPS per GB.
Amazon EBS Provisioned IOPS SSD (io1) volumes
EBS io1 with 10,000 provisioned IOPS (PIOPS) provides the same performance level as gp2 using smaller volumes but at a higher cost.
Directly attached local SSDs
Also called ephemeral or instance SSDs. This storage type makes i3 instances the optimal cost versus performance choice. See pricing in Amazon AWS.
Use these guidelines for choosing the instance types:
  • Light production with only transactional nodes and very light-weight usage: m4.2xlarge (absolute minimum). Also suitable for development.
  • Moderate production: i3.4xlarge
  • Large production: i3.8xlarge
  • DSE Search and DSE Analytic nodes: i3.4xlarge or i3.8xlarge
Note: In EC2, each vCPU is a hyperthread of an Intel Xeon core, which means that two virtual cores exist on one physical core. For example, an i3.8xlarge instance type has 32vcCPUs, which is the equivalent of 16 physical cores.

EBS volumes recommended for m4 instance types

SSD-backed general purpose volumes (GP2) or provisioned IOPS volumes (io1) are suitable for production workloads when using m4 instances (transactional nodes with very light-weight usage). These volume types are designed to deliver consistent, low latency performance:
  • The best choice for most workloads and have the advantage of guaranteeing 10,000 IOPS when volumes larger than 3.5TB are attached to instances.
  • Designed to deliver single-digit millisecond latencies.
  • Designed to deliver the provisioned performance 99.0% of the time.
  • Designed to deliver single-digit millisecond latencies.
  • Designed to deliver the provisioned performance 99.9% of the time.

Disk Performance Optimization

To ensure high disk performance to mounted drives, it is recommended that you pre-warm your drives by writing once to every drive location before production use. Depending on EC2 conditions, you can get moderate to enormous increases in throughput. See Optimizing Disk Performance in the Amazon Elastic Compute Cloud Documentation.

Storage recommendations

DSE supports JBOD (just a bunch of disks). JBOD excels at tolerating partial failures in a disk array. Configure the disk_failure_policy in cassandra.yaml. See Recovering from a single disk failure using JBOD.
Note: JBOD support allows you to use standard disks. However, RAID0 may provide better throughput because it splits every block to be on another device so that writes are written in parallel fashion instead of written serially on disk.

EC2 security group

When deploying a cluster on EC2, you must create security rules that open ports to other nodes in the same security group. An EC2 Security Group acts as a firewall that allows you to choose which protocols and ports are open in your cluster. You can specify the protocols and ports either by a range of IP addresses or by security group. For more information, see the Amazon EC2 help on Security Groups.

Warning: Specifying a Source IP of opens externally accessible ports to incoming traffic from any IP address. The risk of data loss is high.

See the list of ports that should be opened to internode and client communications in the DataStax Enterprise ports table.

Note: Generally, when you have firewalls between machines, it is difficult to run JMX across a network and maintain security. This is because JMX connects on port 7199, handshakes, and then uses any port within the 1024+ range. Instead use SSH to execute commands remotely to connect to JMX locally or use the DSE OpsCenter.

Other resources