I have an ec2 instance. I have opened a port in the security group for cassandra (9160) and have cassandra listening on it. If I use nmap on the instance, that port does not show up, and I cannot connect to the cassandra node remotely via cassandra-cli, cqlsh, or python-cql. This leads me to believe I am missing something in opening the port. So in general how does one open a port in an ec2 instance on the Ubuntu AMI?
Asked
Active
Viewed 833 times
0
-
iptables? It's set to drop anything but SSH by default. – Nathan C Jul 03 '13 at 15:46
-
iptables was empty when the instance was started. I added the following rule: `sudo iptables -A INPUT -p tcp --dport 9160 -j ACCEPT` and it is still not showing up – Charlie Andrews Jul 03 '13 at 15:47
-
Did you clicked on the "apply" button ? ... – user2299634 Jul 03 '13 at 16:19
-
Yes I hit the "apply" button – Charlie Andrews Jul 03 '13 at 16:24
-
Have you actually tried to connect to the port? – Michael Hampton Jul 03 '13 at 18:06
-
I have tried connecting a client to the cassandra database if that's what you mean. – Charlie Andrews Jul 03 '13 at 18:25
-
Go through this checklist - 1. Where have you opened the port to? Public? 2. If yes, try telnet
9160. If it connects, your port is open. If it does not, you've either not given the correct source (group, CIDR range) while opening, or there's a firewall running on the instance. – talonx Jul 04 '13 at 17:27 -
Okay telnet worked. Is there something I'm missing in the cassandra configuration? – Charlie Andrews Jul 04 '13 at 21:35
-
I think It just took some time for the security settings to be updated – Charlie Andrews Jul 05 '13 at 15:28
2 Answers
2
Cassandra uses Thrift internally for RPC and gossips which works at 7199 protocol. If your 9160 port is opened on security groups and your cassandra is a cluster instead of single machine, then there is a chance that some internal dependent ports are not opened
![](../../users/profiles/217028.webp)
user217028
- 21
- 2
1
Have you checked How can I open a port on my EC2 instance?
You basically want to open up the firewall on the OS level, you also need to open up the security group for the AMI. Otherwise the port is blocked by Amazons security policy.
![](../../users/profiles/103885.webp)
Sven Delmas
- 196
- 1
- 6