GiuseppeCSI opened a new issue, #533: URL: https://github.com/apache/solr-operator/issues/533
I have installed the solr operator, and I'm now trying to install solr. To do so, I'm using the chart i found [here](https://artifacthub.io/packages/helm/apache-solr/solr). I would like to install it and have LDAP authentication, so I went for the option of providing my own security.json in a Secret. The content of the Secret stringData is as follows ``` { "authentication": { "class": "solr.HadoopAuthPlugin", "sysPropPrefix": "solr.", "type": "ldap", "authConfigs": [ "ldap.providerurl", "ldap.basedn", "ldap.enablestarttls" ], "defaultConfigs": { "ldap.providerurl": <my-ldap-url>, "ldap.basedn": <my-ldap-base-dn>, "ldap.enablestarttls": "false" } }, "authorization": { "class": "solr.RuleBasedAuthorizationPlugin", "user-role": { "solr-admin": ["admin", "k8s"], "k8s-oper": ["k8s"], "solr": ["users", "k8s"] }, "permissions": [ { "name": "k8s-probe-0", "role": null, "collection": null, "path":"/admin/info/system" }, { "name": "k8s-probe-1", "role": null, "collection": null, "path":"/admin/info/health" }, { "name": "k8s-status", "role": "k8s", "collection": null, "path":"/admin/collections" }, { "name": "k8s-metrics", "role": null, "collection": null, "path":"/admin/metrics" }, { "name": "k8s-zk", "role": "k8s", "collection": null, "path":"/admin/zookeeper/status" }, { "name": "k8s-ping", "role": "k8s", "collection": "*", "path":"/admin/ping" }, { "name": "read", "role": ["admin","users"] }, { "name": "update", "role": ["admin"] }, { "name": "security-read", "role": ["admin"] }, { "name": "security-edit", "role": ["admin"] }, { "name": "all", "role": ["admin"] } ] } } ``` I've also modified the relevant values of the helm chart in the following way ``` solrOptions security: authenticationType: Basic basicAuthSecret: solr-basic-auth probesRequireAuth: false bootstrapSecurityJson: name: security-json-secret key: security.json ``` Now, if I do not add custom probes in the podOptions section of the values, my pod gets killed because both probes return 401. I've followed the documentation found [here](https://apache.github.io/solr-operator/docs/solr-cloud/solr-cloud-crd.html#option-2-user-provided-securityjson-and-credentials-secret), but this doesn't even mention the possibility of getting a 401. I've also tried to add some custom probes as explained in [this](https://apache.github.io/solr-operator/docs/solr-cloud/solr-cloud-crd.html#liveness-and-readiness-probes) section, but they still return 401 and kill my pod. The only way I was able to have the pod survive was by adding some custom probes that make a curl with the credentials, but, as also mentioned in the docs, probes shouldn't have authentication. Am i doing something wrong? The docs explicitly tell that one can set the probes to require no auth and it seems to me I have done the necessary steps. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
