Apache Cassandra is an open-source distributed NoSQL database designed for handling large volumes of data across multiple servers with no single point of failure. It delivers high availability, linear scalability, and tunable consistency – making it a strong choice for applications that need to stay online and perform well under heavy write loads.
This guide walks through installing and configuring Apache Cassandra 5.0 on Rocky Linux 10 and AlmaLinux 10. We cover Java installation, adding the official Cassandra YUM repository, core configuration in cassandra.yaml, firewall rules, SELinux considerations, and basic CQL operations.
Prerequisites
- A server running Rocky Linux 10 or AlmaLinux 10 with at least 4GB RAM (8GB recommended for production)
- Root or sudo access
- Firewall ports: 7000 (inter-node), 7001 (inter-node TLS), 9042 (CQL clients)
- Java 11 or Java 17 (covered in Step 2)
Step 1: Update the System
Start by updating all packages on your Rocky Linux 10 or AlmaLinux 10 server to ensure you have the latest security patches and dependencies.
sudo dnf update -yInstall the EPEL repository – it provides extra packages that may be needed as dependencies.
sudo dnf install -y epel-releaseStep 2: Install Java 17 on Rocky Linux 10 / AlmaLinux 10
Apache Cassandra 5.0 requires Java 11 or Java 17. We will install OpenJDK 17 since it is the newer LTS release and ships in the default Rocky Linux 10 / AlmaLinux 10 repositories. If you need a full guide on installing Java on Rocky Linux / AlmaLinux, we have a dedicated article for that.
sudo dnf install -y java-17-openjdk java-17-openjdk-develConfirm that Java 17 is installed and set as the default.
java -versionThe output should show OpenJDK 17 as the active runtime:
openjdk version "17.0.14" 2025-01-21 LTS
OpenJDK Runtime Environment (Red_Hat-17.0.14.0.7-1) (build 17.0.14+7-LTS)
OpenJDK 64-Bit Server VM (Red_Hat-17.0.14.0.7-1) (build 17.0.14+7-LTS, mixed mode, sharing)If you have multiple Java versions installed, set Java 17 as the system default.
sudo alternatives --config javaSet the JAVA_HOME environment variable so Cassandra and other Java applications can locate the JDK.
echo 'export JAVA_HOME=/usr/lib/jvm/java-17-openjdk' | sudo tee /etc/profile.d/java.sh
source /etc/profile.d/java.shStep 3: Add the Apache Cassandra 5.0 Repository
Cassandra is not available in the default Rocky Linux 10 / AlmaLinux 10 repositories. The Apache project provides an official YUM repository for RPM-based distributions.
Create the repository file.
sudo vi /etc/yum.repos.d/cassandra.repoAdd the following repository configuration for Cassandra 5.0:
[cassandra]
name=Apache Cassandra
baseurl=https://redhat.cassandra.apache.org/50x/
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://downloads.apache.org/cassandra/KEYSSave the file and rebuild the DNF cache so the new repository is recognized.
sudo dnf makecacheStep 4: Install Apache Cassandra on Rocky Linux 10 / AlmaLinux 10
With the repository in place, install Cassandra using DNF.
sudo dnf install -y cassandraAccept the GPG key import when prompted. DNF will pull in Cassandra and any required dependencies automatically.
Verify the installed version.
cassandra -vYou should see the Cassandra version number confirming a successful install:
5.0.6Step 5: Configure Apache Cassandra
The main configuration file for Cassandra is /etc/cassandra/conf/cassandra.yaml. Before making changes, create a backup of the original file.
sudo cp /etc/cassandra/conf/cassandra.yaml /etc/cassandra/conf/cassandra.yaml.bakOpen the configuration file for editing.
sudo vi /etc/cassandra/conf/cassandra.yamlUpdate the following key settings. Replace the IP addresses with your server’s actual IP address:
# Name your cluster - all nodes in the same cluster must share this name
cluster_name: 'MyCluster'
# Seed nodes for bootstrapping new nodes into the cluster
# For a single-node setup, use this server's IP or localhost
seed_provider:
- class_name: org.apache.cassandra.locator.SimpleSeedProvider
parameters:
- seeds: "192.168.1.10"
# Address this node listens on for inter-node communication
listen_address: 192.168.1.10
# Address for CQL client connections
rpc_address: 192.168.1.10
# Data and commit log directories (defaults work fine for testing)
data_file_directories:
- /var/lib/cassandra/data
commitlog_directory: /var/lib/cassandra/commitlogHere is what each setting does:
- cluster_name – a logical name for your cluster. All nodes must use the same name to join.
- seeds – the initial contact points that new nodes use to discover the cluster topology.
- listen_address – the IP address used for gossip and inter-node traffic (port 7000).
- rpc_address – the IP address that CQL clients connect to (port 9042).
For a single-node development setup, you can leave listen_address and rpc_address as localhost. For production or multi-node clusters, set them to the server’s actual IP address.
Step 6: Start and Enable the Cassandra Service
Enable Cassandra to start automatically on boot, then start the service.
sudo systemctl enable cassandra
sudo systemctl start cassandraGive Cassandra about 30 seconds to fully initialize, then check the service status.
sudo systemctl status cassandraThe service should show active (running):
● cassandra.service - LSB: distributed storage system for structured data
Loaded: loaded (/etc/rc.d/init.d/cassandra; generated)
Active: active (running) since Sat 2026-03-21 10:15:30 UTC; 30s ago
Main PID: 12345 (java)
Tasks: 45
Memory: 1.8G
CGroup: /system.slice/cassandra.service
└─12345 /usr/lib/jvm/java-17-openjdk/bin/java ...Run nodetool status to confirm the node is up and running in the cluster.
nodetool statusA healthy single-node cluster shows the node in UN (Up/Normal) state:
Datacenter: datacenter1
=======================
Status=Up/Down
|/ State=Normal/Leaving/Joining/Moving
-- Address Load Tokens Owns (effective) Host ID Rack
UN 192.168.1.10 104.37 KiB 16 100.0% a1b2c3d4-e5f6-7890-abcd-ef1234567890 rack1Step 7: Configure Firewall for Cassandra
If firewalld is active on your server, you need to open the ports Cassandra uses. For a full guide on configuring firewalld on Rocky Linux 10 / AlmaLinux 10, check our dedicated article.
The key ports are:
| Port | Protocol | Purpose |
|---|---|---|
| 7000 | TCP | Inter-node cluster communication (gossip) |
| 7001 | TCP | Inter-node TLS communication |
| 9042 | TCP | CQL native client connections |
Open the required ports.
sudo firewall-cmd --permanent --add-port=7000/tcp
sudo firewall-cmd --permanent --add-port=7001/tcp
sudo firewall-cmd --permanent --add-port=9042/tcp
sudo firewall-cmd --reloadVerify the ports are open.
sudo firewall-cmd --list-portsYou should see the Cassandra ports listed in the output:
7000/tcp 7001/tcp 9042/tcpStep 8: SELinux Configuration
Rocky Linux 10 and AlmaLinux 10 ship with SELinux in enforcing mode by default. The Cassandra RPM packages are designed to work under SELinux’s default policies, so in most cases no extra SELinux configuration is needed.
Verify SELinux is in enforcing mode.
getenforceThe expected output is:
EnforcingIf Cassandra fails to start or shows permission denied errors in /var/log/cassandra/system.log, check for SELinux denials.
sudo ausearch -m avc -ts recentIf there are denials related to Cassandra, generate and apply a custom policy module.
sudo ausearch -m avc -ts recent | audit2allow -M cassandra_local
sudo semodule -i cassandra_local.pp
sudo systemctl restart cassandraFor deeper SELinux troubleshooting, see our guide on troubleshooting SELinux on Rocky Linux 10 / AlmaLinux 10.
Step 9: Connect with cqlsh and Run Basic CQL Operations
Cassandra ships with cqlsh – an interactive command-line shell for running CQL (Cassandra Query Language) queries. Connect to the local Cassandra instance.
cqlshYou should land in the CQL shell prompt:
Connected to MyCluster at 127.0.0.1:9042
[cqlsh 6.2.0 | Cassandra 5.0.6 | CQL spec 3.4.7 | Native protocol v5]
Use HELP for help.
cqlsh>Create a Keyspace
A keyspace is the top-level container in Cassandra, similar to a database in relational systems. Create a test keyspace with a replication factor of 1 (suitable for a single-node setup).
CREATE KEYSPACE test_ks WITH replication = {'class': 'SimpleStrategy', 'replication_factor': 1};
USE test_ks;Create a Table
Create a simple table to store user data.
CREATE TABLE users (
user_id UUID PRIMARY KEY,
name TEXT,
email TEXT,
created_at TIMESTAMP
);Insert Data
Insert a few records into the table.
INSERT INTO users (user_id, name, email, created_at) VALUES (uuid(), 'Alice Johnson', '[email protected]', toTimestamp(now()));
INSERT INTO users (user_id, name, email, created_at) VALUES (uuid(), 'Bob Smith', '[email protected]', toTimestamp(now()));
INSERT INTO users (user_id, name, email, created_at) VALUES (uuid(), 'Carol Davis', '[email protected]', toTimestamp(now()));Query Data
Retrieve all records from the users table.
SELECT * FROM users;The query returns all inserted rows with their auto-generated UUIDs:
user_id | created_at | email | name
--------------------------------------+---------------------------------+--------------------+---------------
f47ac10b-58cc-4372-a567-0e02b2c3d479 | 2026-03-21 10:25:00.000000+0000 | [email protected] | Alice Johnson
7c9e6679-7425-40de-944b-e07fc1f90ae7 | 2026-03-21 10:25:01.000000+0000 | [email protected] | Bob Smith
550e8400-e29b-41d4-a716-446655440000 | 2026-03-21 10:25:02.000000+0000 | [email protected] | Carol Davis
(3 rows)Check the cluster information from within cqlsh.
DESCRIBE CLUSTER;This shows the cluster name and partitioner in use:
Cluster: MyCluster
Partitioner: Murmur3Partitioner
Snitch: SimpleSnitchType exit; to leave the CQL shell when done.
Step 10: Enable Authentication (Optional)
By default, Cassandra allows unauthenticated access. For production environments, enable password-based authentication.
Open the Cassandra configuration file.
sudo vi /etc/cassandra/conf/cassandra.yamlChange the authenticator and authorizer settings:
# Change from AllowAllAuthenticator to PasswordAuthenticator
authenticator: PasswordAuthenticator
# Change from AllowAllAuthorizer to CassandraAuthorizer
authorizer: CassandraAuthorizerRestart Cassandra to apply the changes.
sudo systemctl restart cassandraLog in with the default superuser credentials.
cqlsh -u cassandra -p cassandraCreate a new admin user and disable the default account.
CREATE ROLE dbadmin WITH PASSWORD = 'StrongP@ss2026' AND SUPERUSER = true AND LOGIN = true;
ALTER ROLE cassandra WITH PASSWORD = 'cassandra' AND SUPERUSER = false AND LOGIN = false;
GRANT ALL PERMISSIONS ON ALL KEYSPACES TO dbadmin;
exit;Verify you can log in with the new admin account.
cqlsh -u dbadmin -p 'StrongP@ss2026'If you work with other databases on RHEL-based systems, you might also find our guides on installing PostgreSQL on Rocky Linux / AlmaLinux and setting up Redis on Rocky Linux useful.
Conclusion
You now have Apache Cassandra 5.0 running on Rocky Linux 10 or AlmaLinux 10 with Java 17, firewall rules in place, and basic CQL operations confirmed. For production deployments, configure TLS encryption for inter-node and client communication, set up regular snapshots using nodetool snapshot, and plan your replication strategy across multiple data centers. Check the official Cassandra documentation for cluster tuning and advanced configuration options.
