How to deploy Cassandra on Openshift and open it up to remote connections

Sindhu Murugavel
4 min readNov 5, 2020

Getting your own Cassandra environment setup with open remote connections on Openshift can be achieved in 3 steps:


  • Docker is already installed on your machine
  • Image Repository already created on Quay and repository secrets added to Openshift. Follow steps 4 and 5 of this article to get this set up.

Note: The dockerfile and scripts used below can be found on github here.

Step 1: Create your Dockerfile:

A line-by-line explanation of the below Dockerfile is in order :)

Line 1: This Dockerfile uses the base image of the most stable version(3.11.8) of Cassandra from Docker hub

Line 3–4: I have updated the group level permissions of the cassandra configuration folder(/etc/cassandra) to root to make it accessible when Cassandra is started on Openshift.

The Cassandra documentation suggests that default cassandra configs can be overridden by defining environment variables. I tried that in different ways and failed miserably. So I decided to go to default configurations and update them there so that when Cassandra starts, it reads my updated configurations right there.

Line 6–8: They are the linux way of removing a line with certain words from the original configuration yaml file. We “grep” the word we are looking for and then remove the line that contains the word .We then write the entire file to a tempfile and then rename the temp into the original cassandra.yaml file. Line 6 and 7 represent removing the existing rpc_address and broadcast_rpc_address lines from the file. We need to remove these because they are set to “localhost” which means no other host outside the container can connect to it. Line 8 is to remove the default no-password-required authenticator configuration from the original yaml.

Line 10–12: After removing these lines, we append the right values for these variables. Line 10 and 11 set rpc_address and broadcast_address to the right values as per the original cassandra documentation to open it up to remote connections. Line 12 enables password authentication. The default username and password are set to “cassandra”. Adding new roles and resetting the password is not included in this article.

Line 14: This is to open JMX connections from outside by adding LOCAL_JMX=no to the top of the file.

Step 2: Build your Docker image and push it to Quay

Once the Dockerfile is created, we can leverage basic Docker commands or when you are lazy like me — put them in scripts and run them when needed.

But first, hookup docker with your registry by following the instructions from the settings of your repository. For Quay, Open the repository and goto settings and find the Docker Login option and copy paste the below command into your commandline.

I have created a couple of scripts for this.

To build the docker image locally:

To push the local docker image to a repository:

At the end of this step, you have built a customized cassandra image and pushed it to the container registry.

Step 3: Deploy Image on OpenShift as a StatefulSet

In this step, we pull the built image from the container registry and deploy it to Openshift as a statefulset.

On Openshift UI console, Click on Workloads → Stateful Sets, and create a Stateful Set.

Use the below YAML for creating the Stateful set with Cassandra.

It will automatically create pods underneath the Statefulset which will run the cassandra instance.

You can validate them by opening the pod and clicking the “Terminal” tab. We can just cqlsh in the terminal to see if it is working.

Now we create the Service using the below YAML to expose this statefulset to the outside world.

In the Openshift UI console, Click on Networking →Services and then “Create Service” and copy the above YAML.

Now you can wire anything to this cassandra instance by using the hostname like “servicename.namespace.url extension”.

I validated that this cassandra is available outside by just connecting from my computer’s terminal. Make sure you have cassandra client on your machine before you run this test.

Hope this helps.