You need to set LOCAL_JMX=false It will then read the rest of this stanza: https://github.com/apache/cassandra/blob/cassandra-2.2/conf/cassandra-env.sh#L284-L288
Using the defaults above as-is, you will need to add JMX authentication. Details are here: https://docs.datastax.com/en/cassandra/2.2/cassandra/configuration/secureNodetoolSSL.html A lot of this can be controlled with system properties as well: http://docs.oracle.com/javase/8/docs/technotes/guides/management/agent.html The default config files for JMX authentication and access included in the JVM also have extensive details in the comments: $JAVA_HOME/jre/lib/management/jmxremote.access $JAVA_HOME/jre/lib/management/jmxremote.password.template On Tue, Apr 19, 2016 at 8:40 PM, Alaa Zubaidi (PDF) <alaa.zuba...@pdf.com> wrote: > Hi, > > I am trying to run nodetool remotely. but its not working: > I am running Cassandra 2.2.5 on CentOS 6. > listen_address: is set to <host IP> > rpc_address: is set to 0.0.0.0 > broadcast_rpc_address: is set to <host IP> > > I changed the following in cassadnra-env.sh > JVM_OPTS="$JVM_OPTS -Djava.rmi.server.hostname=<hostname>" > -Dcom.sun.management.jmxremote.port=7199 > -Dcom.sun.management.jmxremote.ssl=false > -Dcom.sun.management.jmxremote.authenticate=false > > "nodetool -h <hostname or ip> -p <port> status" results in: > failed to connect to 'hostname' - Connection Exception: 'Connection > refused" > > netstat -nl | grep 7199 > tcp 0 0 127.0.0.1:7199 0.0.0.0:* LISTEN > > ONLY "nodetool -h localhost" works > > Any idea how to fix it? > > Thanks, > Alaa > > > *This message may contain confidential and privileged information. If it > has been sent to you in error, please reply to advise the sender of the > error and then immediately permanently delete it and all attachments to it > from your systems. If you are not the intended recipient, do not read, > copy, disclose or otherwise use this message or any attachments to it. The > sender disclaims any liability for such unauthorized use. PLEASE NOTE that > all incoming e-mails sent to PDF e-mail accounts will be archived and may > be scanned by us and/or by external service providers to detect and prevent > threats to our systems, investigate illegal or inappropriate behavior, > and/or eliminate unsolicited promotional e-mails (“spam”). If you have any > concerns about this process, please contact us at * > *legal.departm...@pdf.com* <legal.departm...@pdf.com>*.* -- ----------------- Nate McCall Austin, TX @zznate Co-Founder & Sr. Technical Consultant Apache Cassandra Consulting http://www.thelastpickle.com