Issue
Customer was trying to connect using scala, but was complaining of kerberos issues. He initially provided the following error:
scala> val session=cluster.connect
com.datastax.driver.core.exceptions.NoHostAvailableException: All host(s) tried for query failed (tried: sqaz002udw11.russellreynolds.com/172.27.2.73:9042 (com.datastax.driver.core.exceptions.TransportException: [sqaz002udw11.russellreynolds.com/172.27.2.73:9042] Connection has been closed))
at com.datastax.driver.core.ControlConnection.reconnectInternal(ControlConnection.java:237)
at com.datastax.driver.core.ControlConnection.connect(ControlConnection.java:84)
at com.datastax.driver.core.Cluster$Manager.negotiateProtocolVersionAndConnect(Cluster.java:1622)
at com.datastax.driver.core.Cluster$Manager.init(Cluster.java:1540)
at com.datastax.driver.core.Cluster.init(Cluster.java:151)
at com.datastax.driver.core.Cluster.connectAsync(Cluster.java:333)
at com.datastax.driver.core.Cluster.connectAsync(Cluster.java:308)
at com.datastax.driver.core.Cluster.connect(Cluster.java:250)
... 61 elided
Since the error is NoHostAvailableException, it's probably not kerberos related.
Solution
Instead, we found the customer was using ssl for client_encryption_options, so we had to get scala working with ssl, and here's the final code base:
import io.netty.handler.ssl.SslContextBuilder
import javax.net.ssl.TrustManagerFactory
import java.security.KeyStore
import com.datastax.driver.core.RemoteEndpointAwareJdkSSLOptions
val ks = KeyStore.getInstance("JKS")
val trustStore = new java.io.FileInputStream("/path/to/truststore.jks")
ks.load(trustStore, "XXXXXXXX".toCharArray())
val tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm())
tmf.init(ks)
val sslContext = javax.net.ssl.SSLContext.getInstance("TLS")
sslContext.init(null,tmf.getTrustManagers,null)
val sslOptions = RemoteEndpointAwareJdkSSLOptions.builder().withSSLContext(sslContext).build()
import javax.security.auth.login.LoginContext
val lc = new LoginContext("DseClient")
lc.login
val subject = lc.getSubject
val hostAndPort = Seq("localhost","9042")
import com.datastax.driver.core.Cluster
import com.datastax.driver.dse.auth._
val cluster = Cluster.builder
.addContactPointsWithPorts(
new java.net.InetSocketAddress(
hostAndPort(0),hostAndPort(1).toInt))
.withAuthProvider(DseGSSAPIAuthProvider.builder().withSubject(subject).build())
.withSSL(sslOptions)
.build
val session = cluster.connect
val rs = session.execute("DROP TABLE IF EXISTS datascience.persons")
session.close
The key was moving away from RemoteEndpointAwareNettySSLOptions and toward RemoteEndpointAwareJdkSSLOptions. If using Netty, it seems there's a lot of dependencies that are required.