I'm having a hard time figuring out how you would setup authentication between JanusGraph and Datastax Astra. It doesn't seem like the secure connect bundle could be used in this case. Moreover, I can't find a way to set the Astra API token in order to use the Astra REST API.
Is it possible to connect JanusGraph with Datastax Astra? If so how could this be implemented?
I'm not sure if it's possible but I'd be happy to help if you're willing to try. A few months ago, I managed to get the GoCQL driver (not a DataStax driver) to connect to Astra (see post #3753) with help from the DataStax Cloud team (the team behind Astra).
First up, you will need to download the secure-connect zipped bundle for your Astra database.
Unzip your copy of secure-connect-your_astra_db.zip which will contain the following files:
ca.crt cert cert.pfx config.json cqlshrc identity.jks key trustStore.jks
The config.json file contains the following:
host - the contact point for the CQL driverport - the CQL client portkeyspace - the name of the keyspace you createdtrustStoreLocation - trustStore.jks is the truststoretrustStorePassword - your truststore passwordkeyStoreLocation - identity.jks is the keystorekeyStorePassword - your keystore passwordUsing the information above, you will need to configure the following:
storage.hostname storage.port storage.username storage.password storage.cql.keyspace storage.cql.ssl.*
Let me know how you go. Cheers!
EDIT: I removed references to storage.cassandra.ssl.* since it relates to the old Thrift protocol which was deprecated years ago.
Awesome! I'd be interested to know which bits you've tried too that didn't work. Cheers!
I'm having trouble with the ssl keystore's password in the keystore configs..
For `storage.cql.ssl.keystore.storepassword` I'm using the `keyStorePassword` from config.json in my secure bundle.
For `storage.cql.ssl.keystore.keypassword` I'm not sure what to put. I tried "changeit", after reading this post, but that didn't work. I also tried using the `keyStorePassword` from config.json in my secure bundle in here as well, but then I get:
com.datastax.driver.core.exceptions.NoHostAvailableException: All host(s) tried for query failed (tried: a3123f45-abc-123a-12ab-123a1a0001a1-us-east1.db.astra.datastax.com/12.34.567.891:12345 (com.datastax.driver.core.exceptions.TransportException: [a3123f45-abc-123a-12ab-123a1a0001a1-us-east1.db.astra.datastax.com/12.34.567.891:12345] Channel has been closed))
Any guesses what I need to put for these values?
Current config:
gremlin.graph=org.janusgraph.core.JanusGraphFactory storage.backend=cql storage.hostname=my-host-us-east1.db.astra.datastax.com storage.cql.keyspace=janusgraph storage.port=12345 storage.username=ryan storage.password=p455w0rd storage.cql.ssl.enabled=true storage.cql.ssl.client-authentication-enabled=true storage.cql.ssl.truststore.location=/home/ubuntu/projects/janus-graph-tutorial/creds/trustStore.jks storage.cql.ssl.truststore.password=value-of-trustStorePassword storage.cql.ssl.keystore.keypassword=value-of-keyStorePassword storage.cql.ssl.keystore.storepassword=value-of-keyStorePassword storage.cql.ssl.keystore.location=/home/ubuntu/projects/janus-graph-tutorial/creds/identity.jks # trying since I saw in config.json. Fails the same with or without this one. storage.cql.local-datacenter=caas-dc
Note that I'm using storage.cql rather than storage.cassandra keys since it looks like storage.cassandra is for thrift (according to the docs)
Perhaps this is affecting something as well, I just saw this exception in the logs:
6280 [JanusGraph Cluster-nio-worker-0] WARN io.netty.channel.AbstractChannelHandlerContext - An exception 'java.lang.IndexOutOfBoundsException: index 337' [enable DEBUG level for full stacktrace] was thrown by a user handler's exceptionCaught() method while handling the following exception: io.netty.handler.codec.DecoderException: com.datastax.driver.core.exceptions.FrameTooLongException: Response frame exceeded maximum allowed length
Also, for what it's worth, it looks like JanusGraph is using DataStax Java driver 3.9.0 for Apache Cassandra (at least, JanusGraph 0.5.2, which is what I'm using)
I would ignore this warning for now. My suspicion is that since the SSL handshake isn't working, the response header in the message frame is garbled so the driver doesn't know the start/end of the messages on the wire. If you're interested, I've described what the CQL native protocol message looks like in #7876 and would help you understand what I mean about the frame being garbled. Cheers!
Just wanted to link to the answer you posted here, in case someone stumbles upon this.
Thanks again!
https://community.datastax.com/articles/12264/how-to-connect-to-astra-db-from-janusgraph.html
6 People are following this question.
