Enable Cassandra PasswordAuthenticator at up time -

Enable Cassandra PasswordAuthenticator at up time -

i have cassandra cluster (datastax open source) , there no authentication configured (i.e., using allowallauthenticator), , want utilize passwordauthenticator. official document says should follow these steps:

enable passwordauthenticator in cassandra.yaml,

restart cassandra node, create system_auth keyspace,

change system_auth replication factor,

create new user , password

however, big problem me because cluster used in production cannot have downtime. between step 2 , 4 no user has been configured yet, if client supplies username , password, request still rejected, not ideal.

i looked datastax enterprise doc, , has transitionalauthenticator class, create system_auth keyspace without rejecting requests. wonder if class can ported open source version? or if there other ways around problem? thanks

update cassandra version i'm using:

cqlsh 4.1.1 | cassandra 2.0.9 | cql spec 3.1.1 | thrift protocol 19.39.0

you should able execute steps 2-4 1 node , have 0 downtime, assuming proper client configuration, replication, , cluster capacity. then, it's rolling restart of remaining nodes.

clients should setup credentials ahead of time, , start using them nodes nodes authorizers come online (this behavior depend on driver -- seek out first).

you might able manually generate schema , info steps 3-4 before engaging cassandraauthenticator, shouldn't necessary.

what concerns downtime?

cassandra cassandra-2.0 datastax-enterprise datastax cassandra-cli