Cassandra CQL exporter with SSL and truststore
Cassandra allows you to do backups using nodetool snapshot command.
But, this snapshot is not stored in .CQL format (which lists actual CQL commands just as you'd type them via CQL command line)
I came around this great exporter: https://github.com/thangbn/cassandra-CQL-exporter
You can use it as specified in README file, but it doesn't mention anything if you're using SSL connection to connect to cassandra.
After studying the source code, it handes special parameter "-secure", which is not specified in README file.
CQL exporter has it's cql-generator.sh:
which contains:
java -jar cql-generator.1.0.jar "$@"
But, to let java recognize the SSL settings, you need to pass the javax.net.ssl.trustStore and javax.net.ssl.trustStorePassword parameters.
with OpenJDK openjdk version "1.8.0_242" OpenJDK Runtime Environment (AdoptOpenJDK)(build 1.8.0_242-b08) OpenJDK 64-Bit Server VM (AdoptOpenJDK)(build 25.242-b08, mixed mode)
specifying these parameters just via JAVA_OPTS does not work! (see: https://stackoverflow.com/questions/2011311/running-java-with-java-opts-env-variable-has-no-effect)
so, you need to modify it manually in cql-generator.sh
export JAVA_OPTS="-Djavax.net.ssl.trustStore=/etc/cassandra/cassandra.truststore -Djavax.net.ssl.trustStorePassword=..."
java $JAVA_OPTS -jar cql-generator.1.0.jar "$@"great. so now, let's run the cql-generator.sh with the hidden "secure" parameter to make sure the SSL works:
./cql-generator.sh -secure -h 12.34.46.78 -k my_keyspaceThis approach can be used to do backups which can be easily understood and restored if some part of it is needed.
You can also use it to migrate your data to ScyllaDB, which should understand the universal CQL files.
Result:
Trying connect to host "12.34.46.78"
Success!
Trying connect to port "9042"
Success!
Trying connect to keyspace "my_keyspace"
Success!
All good!
Start exporting...
Write DDL to ~/export/my_keyspace.CQL
-----------------------------------------------
Extract from my_keyspace.mytable
Total number of record: 34244
Start write "mytable" data DML to ~/export/my_keyspace.CQL
Done 0.00%
Done 20.00%
Done 40.00%
Done 60.00%
Done 79.99%
Done 99.99%
Done exporting "mytable", total number of records exported: 36296
-----------------------------------------------
Export completed after 23.97 s!
Exited.To run backup of all keyspaces :
CASSANDRA_IP=12.34.46.78
for i in `cqlsh --ssl $CASSANDRA_IP --connect-timeout=10000 -e "describe keyspaces;" | tr '\n' ' '`
do
./cql-generator.sh -secure -h $CASSANDRA_IP -k $i
done
That's it! Enjoy !
Matto
Related Posts
Author bio
Matej Koval is a Full stack senior Java developer, Scrum master of a team.
Experienced in Debian Linux administration and technologies like: Spring Boot, Quarkus, Kafka, Docker, Kubernetes, Angular.
More info about me: LinkedIn