Commit Graph

272 Commits

Author SHA1 Message Date
Andrzej Bialecki cf742f4596 SOLR-12847: Remove support for maxShardsPerNode. 2020-07-08 17:57:24 +02:00
Noble Paul 5154b6008f
SOLR-14634: Limit the HTTP security headers to "/solr" end point (#1655) 2020-07-07 23:16:32 +10:00
Atri Sharma 3f9cc227f1
SOLR-14588: Implement Circuit Breakers (#1626)
* SOLR-14588: Implement Circuit Breakers

This commit consists of two parts: add circuit breakers infrastructure and a "real" JVM heap memory based
circuit breaker which monitors incoming search requests and rejects them with SERVICE_TOO_BUSY error
if the defined threshold is breached, thus giving headroom to existing indexing and search requests
to complete.
2020-07-02 12:43:48 +05:30
Tomas Fernandez Lobbe 6eb7bc3b7b
SOLR-14590 : Add support for Lucene's FeatureField in Solr (#1620)
Add a new RankField type that internally creates a FeatureField
Add a new RankQParser that can create queries on the FeatureField
2020-06-30 11:15:36 -07:00
Atri Sharma 529faf1241 Revert "SOLR-14588: Implement Circuit Breakers (#1606)"
This reverts commit 7b54902f68.
2020-06-27 23:44:32 +05:30
Ishan Chattopadhyaya 20f39b9c62 Revert "SOLR-14598: Granting reflection access for using annotations in SOLR-14404"
This reverts commit e6ffa8e9e2.
2020-06-27 17:59:16 +05:30
Ishan Chattopadhyaya e6ffa8e9e2 SOLR-14598: Granting reflection access for using annotations in SOLR-14404 2020-06-27 15:59:49 +05:30
Gus Heck 455f2e6c73 SOLR-13286 Quiet down metrics logging, add a marker to allow any handler to be silenced via log4j2.xml 2020-06-26 18:00:52 -04:00
Atri Sharma 7b54902f68
SOLR-14588: Implement Circuit Breakers (#1606)
* SOLR-14588: Implement Circuit Breakers

This commit consists of two parts: initial circuit breakers infrastructure and real JVM memory based
circuit breaker which monitors incoming search requests and rejects them with SERVICE_TOO_BUSY error
if the defined threshold is breached, thus giving headroom to existing indexing and search requests
to complete.
2020-06-25 21:06:22 +05:30
Erick Erickson ea1bb9f2e9 SOLR-13268: Clean up any test failures resulting from defaulting to async logging 2020-06-23 15:35:08 -04:00
Jan Høydahl 936b9d770e
SOLR-14561 CoreAdminAPI's parameters instanceDir and dataDir are now validated (#1572) 2020-06-18 16:13:52 +02:00
Uwe Schindler 06df50e759
LUCENE-9321: Port markdown task to Gradle (#1477) 2020-05-17 14:46:26 +02:00
Tomoko Uchida f03e6aac59
SOLR-14429: Convert .txt files to properly formatted .md files (#1450) 2020-04-27 08:43:04 +09:00
Yannick Welsch 8a88dd02c6 Remove SimpleFSDirectory in favor of NIOFSDirectory 2020-03-06 00:04:25 +01:00
Jan Høydahl 62f5bd50cd
SOLR-14281: Make sharedLib configurable through SysProp (#1288) 2020-02-27 14:16:33 +01:00
Kevin Risden c4a8a77d23
SOLR-14209: Upgrade JQuery to 3.4.1
* JQuery 2.1.3 to 3.4.1
* jstree 1.0-rc1 to v3.3.8

Closes #1209

Signed-off-by: Kevin Risden <krisden@apache.org>
2020-02-08 11:57:56 -06:00
Robert Muir 63be99bf12
SOLR-14118: default embedded zookeeper port to localhost 2020-02-05 21:33:37 -05:00
Robert Muir 975df9ddd3
LUCENE-9182: add apache license headers to all .gradle files and enforce in rat task 2020-01-27 12:05:34 -05:00
Kevin Risden 9b6fc1b9fc
SOLR-14132: Upgrade Angular JS 1.3.8 to 1.7.9
* Upgrade Angular JS 1.3.8 to 1.7.9
* Upgrade Angular Chosen v1.3.0 and Chosen to v1.8.7
* Remove older jquery 1.7.2 version
* Remove non minified Angular JS files

Closes #1196

Signed-off-by: Kevin Risden <krisden@apache.org>
2020-01-23 09:20:12 -05:00
Jason Gerlowski 424ace6f5d
SOLR-14186: Enforce CRLF in Windows files with .gitattributes (#1163) 2020-01-16 08:30:39 -05:00
Dawid Weiss 3008dd9526 Merge remote-tracking branch 'origin/master' into gradle-master 2020-01-13 17:55:53 +01:00
Jason Gerlowski 5377742a62
SOLR-13985: Bind to localhost interface by default (#1154)
Prior to this commit, Solr's Jetty listened for connections on all
network interfaces. This commit changes it to only listen on localhost,
to prevent incautious administrators from accidentally exposing their
Solr deployment to the world.

Administrators who wish to override this behavior can set the
SOLR_JETTY_HOST property in their Solr include file
(solr.in.sh/solr.in.cmd) to "0.0.0.0" or some other value.

A version of this commit was previously reverted due to inconsistency
between SOLR_HOST and SOLR_JETTY_HOST.  This commit fixes this issue.
2020-01-13 09:42:30 -05:00
Dawid Weiss d7726495c5 Merge remote-tracking branch 'origin/master' into gradle-master 2020-01-09 19:22:09 +01:00
Kevin Risden 22155bf7a7
SOLR-14163: SOLR_SSL_CLIENT_HOSTNAME_VERIFICATION needs to work with Jetty server/client SSL contexts
Closes #1147

Signed-off-by: Kevin Risden <krisden@apache.org>
2020-01-09 10:28:35 -05:00
Dawid Weiss 7e4c841aa7 Merge remote-tracking branch 'origin/master' into gradle-master 2020-01-08 12:26:10 +01:00
Jason Gerlowski a17c486424 Revert "SOLR-13985: Bind to localhost interface by default"
This temporarily reverts commit 479e73 while a potentially related
networking hiccup is investigated.
2020-01-07 09:05:13 -05:00
Dawid Weiss 405d227c55 Merge remote-tracking branch 'origin/master' into gradle-master 2020-01-07 08:45:12 +01:00
Jason Gerlowski 479e736469 SOLR-13985: Bind to localhost interface by default
Prior to this commit, Solr's Jetty listened for connections on all
network interfaces.  This commit changes it to only listen on localhost,
to prevent incautious administrators from accidentally exposing their
Solr deployment to the world.

Administrators who wish to override this behavior can set the
SOLR_JETTY_HOST property in their Solr include file
(solr.in.sh/solr.in.cmd) to "0.0.0.0" or some other value.
2020-01-03 15:17:24 -05:00
Dawid Weiss 2bab5ea442 Merge remote-tracking branch 'origin/master' into gradle-master 2020-01-03 11:02:55 +01:00
Andrzej Bialecki 7d0cf0df32 SOLR-13817: Clean up config files to remove the default 'class=' attribute in
standard caches.
2020-01-02 20:58:47 +01:00
Dawid Weiss a40b3e755b Merge remote-tracking branch 'origin/master' into gradle-master 2019-12-31 10:08:07 +01:00
Jan Høydahl 33bd811fb8
SOLR-14109: Always log to stdout from server/scripts/cloud-scripts/zkcli.{bat|sh} (#1130) 2019-12-30 16:28:24 +01:00
Dawid Weiss d79b678b39 Merge remote-tracking branch 'origin/master' into gradle-master 2019-12-30 09:24:46 +01:00
Robert Muir 1cb6e35058 SOLR-14141: eliminate JKS keystore from solr ssl docs.
Currently the documentation pretends to create a JKS keystore. It is
only actually a JKS keystore on java 8: on java9+ it is a PKCS12
keystore with a .jks extension (because PKCS12 is the new java default).
It works even though solr explicitly tells the JDK
(SOLR_SSL_KEY_STORE_TYPE=JKS) that its JKS when it is in fact not, due
to how keystore backwards compatibility was implemented.

Fix docs to explicitly create a PKCS12 keystore with .p12 extension and
so on instead of a PKCS12 keystore masquerading as a JKS one. This
simplifies the SSL steps since the "conversion" step (which was doing
nothing) from .JKS -> .P12 can be removed.
2019-12-29 09:34:00 -05:00
Dawid Weiss 7350f03cd1 Reordered some lines and comments to make it easier to manually diff/ merge with gradle branch. 2019-12-25 13:29:11 +01:00
Dawid Weiss 584f564c91 Reordered some lines and comments to make it easier to manually diff/ merge with gradle branch. 2019-12-25 13:26:16 +01:00
Dawid Weiss 23f3fd2d48 Merge remote-tracking branch 'origin/master' into gradle-master 2019-12-25 13:14:57 +01:00
Robert Muir 126d6b7767
SOLR-13984: add (experimental, disabled by default) security manager support (#1082)
* SOLR-13984: add (experimental, disabled by default) security manager support.

User can set SOLR_SECURITY_MANAGER_ENABLED=true to enable security manager at runtime.

The current policy file used by tests is moved to solr/server
Additional permissions are granted for the filesystem locations set by bin/solr, and networking everywhere is enabled.

This takes advantage of the fact that permission entries are ignored if properties are not defined:
https://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyFiles.html#PropertyExp
2019-12-24 06:30:31 -08:00
Robert Muir 72c99e921c
SOLR-14136: ip whitelist/blacklist via env vars (#1111)
SOLR-14136: ip whitelist/blacklist via env vars

This makes it easy to restrict access to Solr by IP. For example SOLR_IP_WHITELIST="127.0.0.1, 192.168.0.0/24, [::1], [2000:123:4:5::]/64" would restrict access to v4/v6 localhost, the 192.168.0 ipv4 network, and 2000:123:4:5 ipv6 network. Any other IP will receive a 403 response.

Blacklisting functionality can deny access to problematic addresses or networks that would otherwise be allowed. For example SOLR_IP_BLACKLIST="192.168.0.3, 192.168.0.4" would explicitly prevent those two specific addresses from accessing solr.
2019-12-23 19:26:11 -05:00
Robert Muir 1425d6cbf8
SOLR-14138: enable request log via environ var, remove deprecated jetty class usage, respect SOLR_LOGS_DIR (#1110)
User can now set SOLR_REQUESTLOG_ENABLED=true to enable the jetty request log, instead of editing XML. The location of the request logs will respect SOLR_LOGS_DIR if that is set. The deprecated NCSARequestLog is no longer used, instead it uses CustomRequestLog with NCSA_FORMAT.
2019-12-23 10:37:31 -05:00
Dawid Weiss 5897b78572 Merge remote-tracking branch 'origin/master' into gradle-master 2019-12-20 17:35:40 +01:00
Kevin Risden aab3c5faa3
SOLR-14106: Cleanup Jetty SslContextFactory usage
Jetty 9.4.16.v20190411 and up introduced separate
client and server SslContextFactory implementations.
This split requires the proper use of of
SslContextFactory in clients and server configs.

This fixes the following
* SSL with SOLR_SSL_NEED_CLIENT_AUTH not working since v8.2.0
* Http2SolrClient SSL not working in branch_8x

Signed-off-by: Kevin Risden <krisden@apache.org>
2019-12-19 23:05:47 -05:00
Matthias Krueger 1e5100d5a5
SOLR-14091: Removing deprecated configuration of Jetty's soLingerTime option
Signed-off-by: Kevin Risden <krisden@apache.org>
2019-12-18 17:24:43 -05:00
Dawid Weiss 3aff1664e5 updateChecksums, validation of dangling unreferenced files under licenses/. Separated licenses-gradle for Solr for now (doesn't include transitive Lucene dependencies). 2019-12-13 15:07:59 +01:00
Dawid Weiss 6094d4dd13 Merge remote-tracking branch 'origin/master' into gradle-master 2019-12-12 14:16:48 +01:00
Ishan Chattopadhyaya 7097e9c41a SOLR-13978: Removed LTR from default configset 2019-12-12 15:09:21 +05:30
Ishan Chattopadhyaya dce36c10e9 SOLR-13978: Remove non-essential components from default configset
The default configset no longer has the following:
   - Library inclusions (<lib ../>) for extraction, solr-cell libs, clustering, velocity and language identifier
   - /browse, /tvrh and /update/extract handlers
   - TermVector component (if someone wants it, can be added using config APIs)
   - XSLT response writer
   - Velocity response writer
If you want to use them in your collections, please add them to your configset manually or through the Config APIs.
2019-12-12 10:43:31 +05:30
Dawid Weiss 20eaaa012d Merge remote-tracking branch 'origin/master' into gradle-master 2019-12-10 14:52:30 +01:00
Kevin Risden 12825f3642
SOLR-14039: SOLR-13987 broke multiple node /select handler due to jetty.xml whitespace
Signed-off-by: Kevin Risden <krisden@apache.org>
2019-12-09 19:29:37 -05:00
Dawid Weiss a6d7017f2e Merge remote-tracking branch 'origin/master' into gradle-master 2019-12-09 10:55:54 +01:00