lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oakley, Craig (NIH/NLM/NCBI) [C]" <craig.oak...@nih.gov>
Subject RE: Re:Re: Implementing security.json is breaking ADDREPLICA
Date Fri, 20 Nov 2015 18:04:12 GMT
Thank you again for the reply.

Below is the Email I was about to send prior to your reply a moment ago: shall I try again
without "read" in the security.json?



The Collections API method was not discussed in the "Unleashed" class at the conference in
DC in 2014 (probably because it was not yet available), so I was using the method I knew.

I have now tried again using admin/collections?action=CREATE (using different port numbers
to avoid confusion from the failed previous attempts: the previously created nodes had been
shutdown and their core.properties files renamed so as not to be discovered), but the results
are the same:
INFO  - 2015-11-20 16:56:25.283; [c:xmpl3 s:shard1 r:core_node2 x:xmpl3_shard1_replica2] org.apache.solr.cloud.RecoveryStrategy;
Starting Replication Recovery.
INFO  - 2015-11-20 16:56:25.284; [c:xmpl3 s:shard1 r:core_node2 x:xmpl3_shard1_replica2] org.apache.solr.cloud.RecoveryStrategy;
Begin buffering updates.
INFO  - 2015-11-20 16:56:25.284; [c:xmpl3 s:shard1 r:core_node2 x:xmpl3_shard1_replica2] org.apache.solr.update.UpdateLog;
Starting to buffer updates. FSUpdateLog{state=ACTIVE, tlog=null}
INFO  - 2015-11-20 16:56:25.284; [c:xmpl3 s:shard1 r:core_node2 x:xmpl3_shard1_replica2] org.apache.solr.cloud.RecoveryStrategy;
Attempting to replicate from http://{IP-address-redacted}:4685/solr/xmpl3_shard1_replica1/.
ERROR - 2015-11-20 16:56:25.292; [c:xmpl3 s:shard1 r:core_node2 x:xmpl3_shard1_replica2] org.apache.solr.common.SolrException;
Error while trying to recover:org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException:
Error from server at http://{IP-address-redacted}:4685/solr/xmpl3_shard1_replica1: Expected
mime type application/octet-stream but got text/html. <html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<title>Error 401 Unauthorized request, Response code: 401</title>
</head>
<body><h2>HTTP ERROR 401</h2>
<p>Problem accessing /solr/xmpl3_shard1_replica1/update. Reason:
<pre>    Unauthorized request, Response code: 401</pre></p><hr><i><small>Powered
by Jetty://</small></i><hr/>

</body>
</html>

        at org.apache.solr.client.solrj.impl.HttpSolrClient.executeMethod(HttpSolrClient.java:528)
        at org.apache.solr.client.solrj.impl.HttpSolrClient.request(HttpSolrClient.java:234)
        at org.apache.solr.client.solrj.impl.HttpSolrClient.request(HttpSolrClient.java:226)
        at org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:135)
        at org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:152)
        at org.apache.solr.cloud.RecoveryStrategy.commitOnLeader(RecoveryStrategy.java:207)
        at org.apache.solr.cloud.RecoveryStrategy.replicate(RecoveryStrategy.java:147)
        at org.apache.solr.cloud.RecoveryStrategy.doRecovery(RecoveryStrategy.java:437)
        at org.apache.solr.cloud.RecoveryStrategy.run(RecoveryStrategy.java:227)

INFO  - 2015-11-20 16:56:25.292; [c:xmpl3 s:shard1 r:core_node2 x:xmpl3_shard1_replica2] org.apache.solr.update.UpdateLog;
Dropping buffered updates FSUpdateLog{state=BUFFERING, tlog=null}
ERROR - 2015-11-20 16:56:25.293; [c:xmpl3 s:shard1 r:core_node2 x:xmpl3_shard1_replica2] org.apache.solr.cloud.RecoveryStrategy;
Recovery failed - trying again... (2)
INFO  - 2015-11-20 16:56:25.293; [c:xmpl3 s:shard1 r:core_node2 x:xmpl3_shard1_replica2] org.apache.solr.cloud.RecoveryStrategy;
Wait 8.0 seconds before trying to recover again (3)


Below is a list of the steps I took.

./zkcli.sh --zkhost localhost:4545 -cmd makepath /solr/xmpl3
./zkcli.sh --zkhost localhost:4545/solr/xmpl3 -cmd putfile /security.json ~/solr/security151119a.json
./zkcli.sh --zkhost localhost:4545/solr/xmpl3 -cmd upconfig -confdir ../../solr/configsets/basic_configs/conf
-confname xmpl3
cd ../../../bin/
./solr -c -p 4695 -d ~dbman/solr/straight531outofbox/solr-5.3.1/server/ -z localhost:4545/solr/xmpl3
-s ~dbman/solr/straight531outofbox/solr-5.3.1/example/solr
./solr -c -p 4685 -d ~dbman/solr/straight531outofbox/solr-5.3.1/server/ -z localhost:4545/solr/xmpl3
-s ~dbman/solr/straight531outofbox/solr-5.3.1/server/solr
curl -u solr:SolrRocks 'http://nosqltest11:4685/solr/admin/collections?action=CREATE&name=xmpl3&numShards=1&replicationFactor=1&createNodeSet={IP-address-redacted}:4685_solr'
curl -u solr:SolrRocks 'http://nosqltest11:4685/solr/admin/collections?action=ADDREPLICA&collection=xmpl3&shard=shard1&node={IP-address-redacted}:4695_solr&wt=json&indent=true'




Can you provide a list of steps to take in an out-of-the-box directory tree whereby ADDREPLICA
_will_ work with security.json already in place?




-----Original Message-----
From: Anshum Gupta [mailto:anshum@anshumgupta.net] 
Sent: Thursday, November 19, 2015 3:44 PM
To: solr-user@lucene.apache.org
Subject: Re: Re:Re: Implementing security.json is breaking ADDREPLICA

I'll try out what you did later in the day, as soon as I get time but why
exactly are you creating cores manually? Seems like you manually create a
core and the try to add a replica. Can you try using the Collections API to
create a collection?

Starting Solr 5.0, the only supported way to create a new collection is via
the Collections API. Creating a core would lead to a collection creation
but that's not really supported. It was just something that was done when
there were no Collections API.


On Thu, Nov 19, 2015 at 12:36 PM, Oakley, Craig (NIH/NLM/NCBI) [C] <
craig.oakley@nih.gov> wrote:

> I tried again with the following security.json, but the results were the
> same:
>
> {
>   "authentication":{
>     "class":"solr.BasicAuthPlugin",
>     "credentials":{
>       "solr":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
> Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c=",
>       "solruser":"VgZX1TAMNHT2IJikoGdKtxQdXc+MbNwfqzf89YqcLEE=
> 37pPWQ9v4gciIKHuTmFmN0Rv66rnlMOFEWfEy9qjJfY="},
>     "":{"v":9}},
>   "authorization":{
>     "class":"solr.RuleBasedAuthorizationPlugin",
>     "user-role":{
>       "solr":[
>         "admin",
>         "read",
>         "xmpladmin",
>         "xmplgen",
>         "xmplsel"],
>       "solruser":[
>         "read",
>         "xmplgen",
>         "xmplsel"]},
>     "permissions":[
>       {
>         "name":"security-edit",
>         "role":"admin"},
>       {
>         "name":"xmpl_admin",
>         "collection":"xmpl",
>         "path":"/admin/*",
>         "role":"xmpladmin"},
>       {
>         "name":"xmpl_sel",
>         "collection":"xmpl",
>         "path":"/select/*",
>         "role":null},
>       {
>          "name":"all-admin",
>          "collection":null,
>          "path":"/*",
>          "role":"xmplgen"},
>       {
>          "name":"all-core-handlers",
>          "path":"/*",
>          "role":"xmplgen"}],
>     "":{"v":42}}}
>
> -----Original Message-----
> From: Oakley, Craig (NIH/NLM/NCBI) [C]
> Sent: Thursday, November 19, 2015 1:46 PM
> To: 'solr-user@lucene.apache.org' <solr-user@lucene.apache.org>
> Subject: RE: Re:Re: Implementing security.json is breaking ADDREPLICA
>
> I note that the thread called "Security Problems" (most recent post by
> Nobel Paul) seems like it may help with much of what I'm trying to do. I
> will see to what extent that may help.
>



-- 
Anshum Gupta
Mime
View raw message