cassandra.yaml properties file

Adjust the values for Cassandra database properties in the cassandra.yaml file.

File location

install_dir\*\cassandra.yaml

Usage

The cassandra.yaml file is the main configuration file for Cassandra. Only the properties that require specific values are covered here. For complete information about all the properties and values, see the Cassandra documentation.
Important: After changing properties in the cassandra.yaml file, restart the node for the changes to take effect.

Environments

  • Linux® or UNIX
  • Windows

Authorization

Only users with administrative permissions can edit the cassandra.yaml file.

Syntax

top_option:
    sub-option1: value
    sub-option2: value

Topology configuration options

endpoint_snitch

The endpoint_snitch parameter communicates the topology information throughout the cluster.

In the earlier releases of Global Mailbox the PropertyFileSnitch value was used for endpoint_snitch. With the PropertyFileSnitch parameter, each node had to have a list of all other nodes that were stored in the cassandra-topology.properties file.

From the 6.0 release onwards, the value of the endpoint_snitch parameter is GossipingPropertyFileSnitch. For this option, the cassandra-rackdc.properties file is used to specify the data center and the rack that the local node is in. The snitch communicates the information to the other nodes in the cluster.

From the 6.0 release onwards, the cassandra-topology.properties file is removed and the cassandra-rackdc.properties file is used.

Compaction configuration options

tombstone_threshold

A ratio of garbage-collectable tombstones to all contained columns, which if exceeded by the SSTables starts compaction (with no other SSTables) to purge the tombstones. Default: 0.2 (20%).

tombstone_compaction_interval

The minimum time to wait (in seconds) after an SSTables creation time before considering the SSTables for tombstone compaction. Tombstone compaction is the compaction triggered if the SSTables has more garbage-collectable tombstones than tombstone_threshold. Default: 86400 seconds (1 day).

Batch size limit options

batch_size_fail_threshold_in_kb

Fail any batch exceeding this value. Default: 60.

Security setting options

server_encryption_options
Enable or disable inter-node encryption. You must also generate keys and provide the appropriate key and trust store locations and passwords.
internode_encryption
Enable or disable encryption of inter-node communication using the TLS_RSA_WITH_AES_128_CBC_SHA cipher suite for authentication, key exchange, and encryption of data transfers. The following inter-node options are valid:
  • all: Encrypt all inter-node communications
  • none: No encryption (Default)
  • dc: Encrypt the traffic between the data centers (server only)
  • rack: Encrypt the traffic between the racks(server only)
keystore
The location of a Java™ keystore (JKS) suitable for use with Java Secure Socket Extension (JSSE), which is the Java version of the Secure Sockets Layer (SSL), and Transport Layer Security (TLS) protocols. The keystore contains the private key that is used to encrypt outgoing messages. Default: conf/.keystore)
keystore_password
Password for the keystore. The password must match the password that is used when generating the keystore. Default: cassandra
truststore
Location of the truststore containing the trusted certificate for authenticating remote servers. Generated when the certificates are imported. Default: conf/.truststore
truststore_password
Password for the truststore. The password must match the password that is used when generating the truststore. Default: cassandra
protocol
The following values are valid:
  • Secure Sockets Layer (SSL) Default
  • Transport Layer Security (TLS)
algorithm
The key manager algorithm that defines a provider and a content type. Default: SunX509
store_type
The type of Java keystore that contains the private key used to encrypt outgoing messages. Default: JKS
cipher_suites
Specifies which cipher suites are valid. Default: TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA
require_client_auth
Whether client authorization is required. Valid values are:
  • true
  • false Default

Examples

With the default values for each parameter, the security settings section of cassandra.yaml contains the following parameters and values:
server_encryption_options:
    internode_encryption: all
    keystore: /etc/cassandra/conf/.keystore
    keystore_password: cassandra
    truststore: /etc/cassandra/conf/.truststore
    truststore_password: cassandra
    protocol: TLS
    algorithm: SunX509
    store_type: JKS
    cipher_suites: TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA
    require_client_auth: false
With the default values for each parameter, the batch size limit options section of cassandra.yaml contains the following parameter and value:
batch_size_fail_threshold_in_kb: 60