Connecting SSTableloader to a secured cluster
Steps (for a development environment) to configure the sstableloader (bulk loader) with Kerberos or SSL.
The sstableloader tool is also called bulk loader. If you run sstableloader from a DataStax Enterprise (DSE) node that has been configured for Kerberos or client-to-node/node-to-node encryption using SSL, no additional configuration is required for securing sstableloader operations. sstableloader automatically detects the configuration. On a development machine without SSL, configure Kerberos or SSL as follows:
To use SSL to connect to an unsecured DSE node from a development system, use the sstableloader script to load SSTables into a cluster with client-to-node/node-to-node SSL encryption enabled. Use the following basic options:
resources/cassandra/bin/sstableloader -d 192.168.56.102 /var/lib/cassandra/data/Keyspace1/Standard1 \ -tf org.apache.cassandra.thrift.SSLTransportFactory \ -ts path_to_node_truststore.jks \ -tspw truststore-password
If you want to configure require_client_auth=true
on the target, add
the path to the keystore and keystore password, as shown in the following
example:
resources/cassandra/bin/sstableloader -d 192.168.56.102 /var/lib/cassandra/data/Keyspace1/Standard1 \ -tf org.apache.cassandra.thrift.SSLTransportFactory \ -ts path_to_node_truststore.jks \ -tspw truststore-password \ -ks path_to_node_keystore.jks \ -kspw keystore-password