Versions Compared

Old Version 20

changes.mady.by.user Maxim Muzafarov

Saved on

compared with

New Version Current

changes.mady.by.user Maxim Muzafarov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • JMX Security Concerns: JMX can be a security risk if not properly secured, as it can potentially allow remote code execution, e.g. CASSANDRA-17921;
  • JMX Operational Complexity: Managing a large number of MBeans is complex and cumbersome, and while we can't get rid of MBeans now for the backwards compatibility, it is possible to avoid extending it every time a new command is needed;
  • JMX Classpath Awareness: Any JMX client needs to be aware of Cassandra’s classpath because the standard JMX clients don't have certain Cassandra-specific class types, or we have to pay additional attention to a management command implementation to prevent exposing Cassandra-specific types, we encounter such problems from time to time, e.g. CASSANDRA-17668;
  • Absence Management Command Metadata: The Cassandra server daemon must provide all command metadata to create a new command execution query at runtime, including but not limited to command arguments, command argument options, command description, etc. Typically, this metadata should be promoted by the server itself, rather than implemented on the `nodetool` and sidecar sides;
  • Maintenance Cost: Cassandra ships built-in command line tools for accessing and administering Cassandra: cqlsh and nodetool. The `nodetool` is used to execute Cassandra management commands and is implemented as a wrapper around the JMX client by using the now obsolete Airline library. By moving towards running management commands with the `cqlsh` we can reduce the overhead of maintaining the `nodetool`.
  • Some of the nodetool commands require a few round trips over JMX (basically a few JMX method calls) to build the desired command output. This makes the execution of certain commands slow as the number of such round trips increases, e.g. TableStats commands used to build the result as a compilation of multiple metrics. Moving everything to the server side improves performance and UX.

There is no intention to fix everything in an initial pull request, for reasons of backwards compatibility. However, once the necessary steps have been taken to support command execution via CQL will be completed, the adopted deprecation policy will be applied.

...