necessary ports for Stage-free restores with Cassandra agent

Question

Hello,We’re going to deploy the commvault cassandra agent on a cluster (first time for both us and the client, as of right now they’re using medusa to manage cassandra backups) and the cassandra cluster will be in a different security zone to the commvault backend. As such, we need to make internal requests to open the necessary ports between zones.My question concerns the Staged type of restore, and ports 7000,9042/7001,9142 specifically.From what i gather from the commvault docs, the way a Staged restore works is, the tables are pulled from storage (in our case cloud storage, either S3 or DataDomain), temporarily copied to a directory on a Staging Location (where SSTableLoader runs for this type of restore) and then streamed into the Cassandra nodes. I’d like to know the following:The way i understand it, the host of the Staging Location needs to be the Media Agent. Please confirm if this is true and if not, what would be the alternatives for hosting this Staging Location.	The staging host (Media Agent or alternative) needs to be able to reach the cassandra agents on the nodes so it can stream the data into them.	The streaming is done through ports 7000,9042/7001,9142 (these are the defaults ports used by the SSTableLoader). If not, what would be the alternatives.	Our request to open these ports between the cassandra nodes and the media agent is being denied at the moment because SSTableLoader normally runs on the nodes themselves (which is true) and we need to provide proof that this is in fact necessary for the cassandra agent to perform restores.Here’s what we’re trying to open as of right now, other than the standard 8400-8423 commvault ports:Commvault Cassandra Agents → Media Agent: 111/TCP-UDP, 2049,2050/TCP - NFS/portmapper/mountd needed for Stage-Free restoresMedia Agent → Commvault Cassandra Agents: 7000,9042/7001,9142/TCP - used by SSTableLoader, needed for Staged RestoresCassandra Agents → Cassandra Agents: 7199 - used by the Priam service of the cassandra agent to connect to the JMX of the nodes.Any additions/corrections or extra information on the ports/network flows needed between the commvault backend and the cassandra cluster is much appreciated (perhaps there’s a schema for this kind of steup?). Thank you for your help,Gabi

Mohammed Ramadan · Accepted Answer

Hi GabiI hope you're having a great day ,I had a look at the docs, and you’ve understood everything really well great jobijust wanted to add a few extra points around port requirements that might help:CommServe toMedia AgentCommServe toCassandra AgentYou can find more details here here my friend :https://documentation.commvault.com/saas/network_connectivity.htmlIf you don’t want to allow direct connections between zones (as you mentioned), you can set up a Network Proxy using Commvault’s Network Gateway feature.Here’s a link with steps on how to configure it:https://documentation.commvault.com/11.42/software/configuring_cascading_network_gateway_connections_using_predefined_network_topologies.htmlIf you need help or want to go over any part of the setup, just let us knowwe’re happy to support however we can.Best Regards,Mohammed RamadanData Protection Engineer

gd31 · Answer

Thank you for answering Mohammed. In the meantime i also opened a support case and the commvault engineer also confirmed your solution.

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded