[jira] [Commented] (SOLR-12584) Add basic auth credentials configuration to the Solr exporter for Prometheus/Grafana
[ https://issues.apache.org/jira/browse/SOLR-12584?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16826544#comment-16826544 ] Dwane Hall commented on SOLR-12584: --- Nice work [~sbillet]! I can confirm this as working in Solr Cloud 7.6 as well. Nice pickup this has made cluster monitoring somewhat challenging for us so this is a very welcome discovery! There looks to be some slight config changes required to the solr-exporter-config.xml from the defaults but authentication is definitely working :) ERROR - 2019-04-26 09:48:23.921; org.apache.solr.prometheus.scraper.SolrScraper; net.thisptr.jackson.jq.exception.JsonQueryException: null cannot be parsed as a number (.cluster.collections | to_entries | .[] | . as $object | $object.key as $collection | $object.value.pullReplicas | tonumber as $value | \{("name"): "solr_collections_pull_replicas",("type"): "GAUGE",("help"): "See following URL: https://lucene.apache.org/solr/guide/collections-api.html#clusterstatus";,("label_names"): ["collection"],("label_values"): [$collection],("value"): $value}) > Add basic auth credentials configuration to the Solr exporter for > Prometheus/Grafana > -- > > Key: SOLR-12584 > URL: https://issues.apache.org/jira/browse/SOLR-12584 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: Authentication, metrics, security >Affects Versions: 7.3, 7.4 >Reporter: Dwane Hall >Priority: Minor > Labels: authentication, metrics, security > Attachments: lucene-solr.patch > > > The Solr exporter for Prometheus/Grafana provides a useful visual layer over > the solr metrics api for monitoring the state of a Solr cluster. Currently > this can not be configured and used on a secure Solr cluster with the Basic > Authentication plugin enabled. The exporter does not provide a mechanism to > configure/pass through basic auth credentials when SolrJ requests information > from the metrics api endpoints and would be a useful addition for Solr users > running a secure Solr instance. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-12860) MetricsHistoryHandler does not work with BasicAuth
[ https://issues.apache.org/jira/browse/SOLR-12860?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16769758#comment-16769758 ] Dwane Hall commented on SOLR-12860: --- There's possibly some crossover with https://issues.apache.org/jira/browse/SOLR-12584 which has a similar problem when using the BasicAuthPlugin. > MetricsHistoryHandler does not work with BasicAuth > -- > > Key: SOLR-12860 > URL: https://issues.apache.org/jira/browse/SOLR-12860 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Varun Thacker >Priority: Major > > I setup a 2 node cluster ( bin/solr start -e cloud -noprompt ) and then > uploaded the default security.json from > [http://lucene.apache.org/solr/guide/7_5/basic-authentication-plugin.html] . > > I'm seeing errors like these in the logs which would indicate that the > metrics history handler would not work with basic auth enabled? > {code:java} > 2018-10-12 22:06:43.496 WARN (MetricsHistoryHandler-12-thread-1) [ ] > o.a.s.c.s.i.SolrClientNodeStateProvider could not get tags from node > 192.168.0.8:7574_solr > org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException: Error > from server at http://192.168.0.8:7574/solr: Expected mime type > application/octet-stream but got text/html. > > > Error 401 require authentication > > HTTP ERROR 401 > Problem accessing /solr/admin/metrics. Reason: > require authentication > > > at > org.apache.solr.client.solrj.impl.HttpSolrClient.executeMethod(HttpSolrClient.java:607) > ~[solr-solrj-7.5.0.jar:7.5.0 b5bf70b7e32d7ddd9742cc821d471c5fabd4e3df - > jimczi - 2018-09-18 13:07:58] > at > org.apache.solr.client.solrj.impl.HttpSolrClient.request(HttpSolrClient.java:255) > ~[solr-solrj-7.5.0.jar:7.5.0 b5bf70b7e32d7ddd9742cc821d471c5fabd4e3df - > jimczi - 2018-09-18 13:07:58] > at > org.apache.solr.client.solrj.impl.HttpSolrClient.request(HttpSolrClient.java:244) > ~[solr-solrj-7.5.0.jar:7.5.0 b5bf70b7e32d7ddd9742cc821d471c5fabd4e3df - > jimczi - 2018-09-18 13:07:58] > at org.apache.solr.client.solrj.SolrClient.request(SolrClient.java:1219) > ~[solr-solrj-7.5.0.jar:7.5.0 b5bf70b7e32d7ddd9742cc821d471c5fabd4e3df - > jimczi - 2018-09-18 13:07:58] > at > org.apache.solr.client.solrj.impl.SolrClientNodeStateProvider$ClientSnitchCtx.invoke(SolrClientNodeStateProvider.java:342) > ~[solr-solrj-7.5.0.jar:7.5.0 b5bf70b7e32d7ddd9742cc821d471c5fabd4e3df - > jimczi - 2018-09-18 13:07:58] > at > org.apache.solr.client.solrj.impl.SolrClientNodeStateProvider.fetchReplicaMetrics(SolrClientNodeStateProvider.java:195) > ~[solr-solrj-7.5.0.jar:7.5.0 b5bf70b7e32d7ddd9742cc821d471c5fabd4e3df - > jimczi - 2018-09-18 13:07:58] > at > org.apache.solr.client.solrj.impl.SolrClientNodeStateProvider$AutoScalingSnitch.getRemoteInfo(SolrClientNodeStateProvider.java:241) > ~[solr-solrj-7.5.0.jar:7.5.0 b5bf70b7e32d7ddd9742cc821d471c5fabd4e3df - > jimczi - 2018-09-18 13:07:58] > at > org.apache.solr.common.cloud.rule.ImplicitSnitch.getTags(ImplicitSnitch.java:76) > ~[solr-solrj-7.5.0.jar:7.5.0 b5bf70b7e32d7ddd9742cc821d471c5fabd4e3df - > jimczi - 2018-09-18 13:07:58] > at > org.apache.solr.client.solrj.impl.SolrClientNodeStateProvider.fetchTagValues(SolrClientNodeStateProvider.java:139) > ~[solr-solrj-7.5.0.jar:7.5.0 b5bf70b7e32d7ddd9742cc821d471c5fabd4e3df - > jimczi - 2018-09-18 13:07:58] > at > org.apache.solr.client.solrj.impl.SolrClientNodeStateProvider.getNodeValues(SolrClientNodeStateProvider.java:128) > ~[solr-solrj-7.5.0.jar:7.5.0 b5bf70b7e32d7ddd9742cc821d471c5fabd4e3df - > jimczi - 2018-09-18 13:07:58] > at > org.apache.solr.handler.admin.MetricsHistoryHandler.collectGlobalMetrics(MetricsHistoryHandler.java:498) > ~[solr-core-7.5.0.jar:7.5.0 b5bf70b7e32d7ddd9742cc821d471c5fabd4e3df - > jimczi - 2018-09-18 13:07:55] > at > org.apache.solr.handler.admin.MetricsHistoryHandler.collectMetrics(MetricsHistoryHandler.java:371) > ~[solr-core-7.5.0.jar:7.5.0 b5bf70b7e32d7ddd9742cc821d471c5fabd4e3df - > jimczi - 2018-09-18 13:07:55] > at > org.apache.solr.handler.admin.MetricsHistoryHandler.lambda$new$0(MetricsHistoryHandler.java:231) > ~[solr-core-7.5.0.jar:7.5.0 b5bf70b7e32d7ddd9742cc821d471c5fabd4e3df - > jimczi - 2018-09-18 13:07:55] > at > java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) > [?:1.8.0_112] > at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308) > [?:1.8.0_112] > at > java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180) > [?:1.8.0_112] > at > java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294) >
[jira] [Commented] (SOLR-12583) Add basic authentication option for [subquery] document transformer
[ https://issues.apache.org/jira/browse/SOLR-12583?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16562466#comment-16562466 ] Dwane Hall commented on SOLR-12583: --- Thanks Jan a generic approach to passing the original security configuration details to the [subquery] request would definitely be the ideal outcome. > Add basic authentication option for [subquery] document transformer > --- > > Key: SOLR-12583 > URL: https://issues.apache.org/jira/browse/SOLR-12583 > Project: Solr > Issue Type: New Feature > Security Level: Public(Default Security Level. Issues are Public) > Components: Authentication, security >Affects Versions: 7.4 >Reporter: Dwane Hall >Priority: Minor > Labels: authentication, security > Attachments: jira_subquery_email.txt > > > Add the ability to use a document transformer [subquery] on a multi-node > SolrCloud cluster with the basic authentication plugin enabled > ([https://lucene.apache.org/solr/guide/7_4/transforming-result-documents.html]). > Currently the subquery request will return an > org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException Error > 401 require authentication as the [subquery] request is not made using the > logged in users basic authentication credentials. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-12583) Add basic authentication option for [subquery] document transformer
[ https://issues.apache.org/jira/browse/SOLR-12583?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dwane Hall updated SOLR-12583: -- Description: Add the ability to use a document transformer [subquery] on a multi-node SolrCloud cluster with the basic authentication plugin enabled ([https://lucene.apache.org/solr/guide/7_4/transforming-result-documents.html]). Currently the subquery request will return an org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException Error 401 require authentication as the [subquery] request is not made using the logged in users basic authentication credentials. (was: Add add the ability to use a document transformer [subquery] on a multi-node SolrCloud cluster with the basic authentication plugin enabled (https://lucene.apache.org/solr/guide/7_4/transforming-result-documents.html). Currently the subquery request will return an org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException Error 401 require authentication as the [subquery] request is not made using the logged in users basic authentication credentials.) > Add basic authentication option for [subquery] document transformer > --- > > Key: SOLR-12583 > URL: https://issues.apache.org/jira/browse/SOLR-12583 > Project: Solr > Issue Type: New Feature > Security Level: Public(Default Security Level. Issues are Public) > Components: Authentication, security >Affects Versions: 7.4 >Reporter: Dwane Hall >Priority: Minor > Labels: authentication, security > Attachments: jira_subquery_email.txt > > > Add the ability to use a document transformer [subquery] on a multi-node > SolrCloud cluster with the basic authentication plugin enabled > ([https://lucene.apache.org/solr/guide/7_4/transforming-result-documents.html]). > Currently the subquery request will return an > org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException Error > 401 require authentication as the [subquery] request is not made using the > logged in users basic authentication credentials. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-12584) Add basic auth credentials configuration to the Solr exporter for Prometheus/Grafana
[ https://issues.apache.org/jira/browse/SOLR-12584?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dwane Hall updated SOLR-12584: -- Description: The Solr exporter for Prometheus/Grafana provides a useful visual layer over the solr metrics api for monitoring the state of a Solr cluster. Currently this can not be configured and used on a secure Solr cluster with the Basic Authentication plugin enabled. The exporter does not provide a mechanism to configure/pass through basic auth credentials when SolrJ requests information from the metrics api endpoints and would be a useful addition for Solr users running a secure Solr instance. (was: The Solr exporter for Prometheus/Grafana provides a useful visual layer over the solr metrics api for monitoring the state of a Solr cluster. Currently this can not be configured and used on a secure Solr cluster with the Basic Authentication plugin enabled. The exporter does not provide a mechanism to configure/pass through basic auth credentials when SolrJ requests information from the metrics api endpoints. ) > Add basic auth credentials configuration to the Solr exporter for > Prometheus/Grafana > -- > > Key: SOLR-12584 > URL: https://issues.apache.org/jira/browse/SOLR-12584 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: Authentication, metrics, security >Affects Versions: 7.3, 7.4 >Reporter: Dwane Hall >Priority: Minor > Labels: authentication, metrics, security > > The Solr exporter for Prometheus/Grafana provides a useful visual layer over > the solr metrics api for monitoring the state of a Solr cluster. Currently > this can not be configured and used on a secure Solr cluster with the Basic > Authentication plugin enabled. The exporter does not provide a mechanism to > configure/pass through basic auth credentials when SolrJ requests information > from the metrics api endpoints and would be a useful addition for Solr users > running a secure Solr instance. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Created] (SOLR-12584) Add basic auth credentials configuration to the Solr exporter for Prometheus/Grafana
Dwane Hall created SOLR-12584: - Summary: Add basic auth credentials configuration to the Solr exporter for Prometheus/Grafana Key: SOLR-12584 URL: https://issues.apache.org/jira/browse/SOLR-12584 Project: Solr Issue Type: Improvement Security Level: Public (Default Security Level. Issues are Public) Components: Authentication, metrics, security Affects Versions: 7.4, 7.3 Reporter: Dwane Hall The Solr exporter for Prometheus/Grafana provides a useful visual layer over the solr metrics api for monitoring the state of a Solr cluster. Currently this can not be configured and used on a secure Solr cluster with the Basic Authentication plugin enabled. The exporter does not provide a mechanism to configure/pass through basic auth credentials when SolrJ requests information from the metrics api endpoints. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Created] (SOLR-12583) Add basic authentication option for [subquery] document transformer
Dwane Hall created SOLR-12583: - Summary: Add basic authentication option for [subquery] document transformer Key: SOLR-12583 URL: https://issues.apache.org/jira/browse/SOLR-12583 Project: Solr Issue Type: New Feature Security Level: Public (Default Security Level. Issues are Public) Components: Authentication, security Affects Versions: 7.4 Reporter: Dwane Hall Attachments: jira_subquery_email.txt Add add the ability to use a document transformer [subquery] on a multi-node SolrCloud cluster with the basic authentication plugin enabled (https://lucene.apache.org/solr/guide/7_4/transforming-result-documents.html). Currently the subquery request will return an org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException Error 401 require authentication as the [subquery] request is not made using the logged in users basic authentication credentials. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org