Re: Upgrading solr to 8.2

2020-01-18 Thread Zara Parst 
There has been modification in field types. I would suggest you need to
compare two schema and then may be you have to reindex it. Other than that
latest version has light footprint so it should be the case.

On Wed, Jan 15, 2020 at 9:05 PM kshitij tyagi 
wrote:

> Hi,
>
> Any suggestions from anyone?
>
> Regards,
> kshitij
>
> On Tue, Jan 14, 2020 at 4:11 PM Jan Høydahl  wrote:
>
> > Please don’t cross-post, this discussion belongs in solr-user only.
> >
> > Jan
> >
> > > 14. jan. 2020 kl. 22:22 skrev kshitij tyagi <
> kshitij.shopcl...@gmail.com
> > >:
> > >
> > > Also trie fileds have been updated to point fields, will that by any
> > chance
> > > degrade my response time by 50 percent?
> > >
> > > On Tue, Jan 14, 2020 at 1:37 PM kshitij tyagi 
> > > wrote:
> > >
> > >> Hi Team,
> > >>
> > >> I am currently upgrading my system from solr 6.6 to solr 8.2 :
> > >>
> > >> 1.  I am observing increased search time in my queries i.e. search
> > response
> > >> time is increasing along with cpu utilisation, although memory looks
> > fine,
> > >> on analysing heap dumps I figured out that queries are taking most of
> > the
> > >> time in Docstreamer.java file and method convertLuceneDocToSolrDoc.
> > >> I saw a couple of Solr jira regarding the same, example : SOLR-11891,
> > >> SOLR-1265.
> > >>
> > >> Can anyone please help me out by pointing out where I need to look out
> > and
> > >> what needs to be done in order to bring back my response time which
> was
> > >> earlier?
> > >>
> > >> Regards,
> > >> kshitij
> > >>
> >
> >
>

Please help me with solr plugin

2017-11-21 Thread Zara Parst 
Hi,

I have spent too much time learning plugin for Solr. I am about give up. If
some one has experience writing it. Please contact me. I am open to all
options. I want to learn it at any cost.

Thanks
Zara

I need Consultation/Suggestion and I am even willing to pay fee for that

2016-05-05 Thread Zara Parst 
What is in my mind!!



I have data in TB mainly educational assignments and projects which will
contain text, image and may be codes also if this is from computer
Science.  I will index all the documents into solr and I will also have
original copy of those documents. Now, I want to create a library where
user can search the content and can see few parts of relevant documents
like 5 to 10 related documents but in restricted manner.  For unrestricted
manner they have to pay for each documents.



I also want to create page for those content which has been already shown
to the user as a restricted part. So that number of page on my website keep
on increasing which will give a boost to my website for search engine
ranking. Obviously more pages mean better rank. I want everything as
automated manner with minimal manual work. Now issue that I am facing

1.  How to generate restricted part out of solr which is most relevant
( I can implement sliding window display which might serve this but if
there is already something in solr then I will prefer that one)


2.  How to create pages from that content and how to manage url of that
page on my website (one solution would be url based on query but what if
someone search almost same thing and some other document comes as first
option and how to resolve the issue of the same url, this will also create
issue of overlapping content with different url if I am implementing
sliding window)



3.  About creating page, shall I create the page from solr content or
from original content because it might have image in content so better
option would be from original content.  More suitable choice looks like
from original content, if that is the case then how to extract those part
from the original content corresponding to the solr result.



4.  Will this affect my site ranking in negative way.



5.  Can we do something for Meta keyword, Title etc. of generated page.

Re: Prevent the SSL Keystore and Truststore password from showing up in the Solr Admin and Linux processes (Solr 5.2.1)

2016-03-03 Thread Zara Parst 
Hello Katherine,

I am sorry to ask this question. But really i need some light on bellow
matter.


I want to run solr in cloud mode . So obliviously I am going to use
zookeeper.


My quorum are distributed on 3 server with static ip , lets say


server.1=xx.xx.x1:2888:3888
server.2=xx.xx.x2:2889:3889
server.3=xx.xx.x3:2890:3890


With solr pointing to this ensemble. Now my concern is how should I protect
it to other unauthorized zkClient to connect above quorum. One way could be
don't open the port for the client but then how will solr connect ?
other problem is how to safeguard  quorum interconnection.  I observed a
weird behavior  that I can point a fourth zookeeper from my local to the
above quorum (i have to know only ip and port which is not tough to find)
and it will be absorbed as a part of quorum and then I can use my local
zkClient to connect my local zoookeeper and have access to quorum which we
don't want. I want to define quorum in a way that foreign zookeeper server
is not able to
become part already configured quorum.

Again one more strange behavior about znode of zookeeper, User A can set
ACL of a znode and  user B which can connect to zookeeper but can't see the
content as it will throw ACL error that is fine but strange thing is user B
can still  delete the znode of A which he cant see. :(

I think a hell lot of things is not clear about zoookeeper security.

Please can you help me ? And don't forget my thanks in advance.





On Thu, Mar 3, 2016 at 7:32 PM, Katherine Mora  wrote:

> Hi Jeff,
>
> Are you still having the same issue or did you manage to fix it?
>
> I have the default files that come with the Solr 5.2.1 installation (I’m
> copying those below).
> I’m pretty sure my password is correct, unless the tool is generating one
> that does not match my version? I’m using the jetty jar that comes with the
> Solr installation to generate it, so I’m assuming this is not the case.
>
>
> Jetty-ssl.xml
> 
>  http://www.eclipse.org/jetty/configure_9_0.dtd;>
>
> 
> 
> 
> 
> 
>  class="org.eclipse.jetty.util.ssl.SslContextFactory">
>default="./etc/solr-ssl.keystore.jks"/>
>name="solr.jetty.keystore.password" default="secret"/>
>default="./etc/solr-ssl.keystore.jks"/>
>name="solr.jetty.truststore.password" default="secret"/>
>name="solr.jetty.ssl.needClientAuth" default="false"/>
>name="solr.jetty.ssl.wantClientAuth" default="false"/>
>   
> 
>   SSLv3
> 
>   
>   
> 
>   SSL_RSA_WITH_DES_CBC_SHA
>   SSL_DHE_RSA_WITH_DES_CBC_SHA
>   SSL_DHE_DSS_WITH_DES_CBC_SHA
>   SSL_RSA_EXPORT_WITH_RC4_40_MD5
>   SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
>   SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
>   SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
> 
>   
>
>   
>   
>   
>   
>   
>   
>class="org.eclipse.jetty.server.HttpConfiguration">
> 
> 
>class="org.eclipse.jetty.server.SecureRequestCustomizer"/>
> 
>   
>
> 
>
> jetty-https.xml
> 
>  http://www.eclipse.org/jetty/configure_9_0.dtd;>
>
> 
> 
> 
> 
> 
> 
>
>   
>   
>   
>   
>   
>   
>   
>   
>   
>   
>   
>   
> 
>   
> 
>  name="solr.jetty.ssl.acceptors" default="-1"/>
>  name="solr.jetty.ssl.selectors" default="-1"/>
> 
>   
> 
>   
> http/1.1
>  refid="sslContextFactory"/>
>   
> 
> 
>   
> 
>   
> 
>   
> 
> 
>  default="8983" />
>  default="5"/>
>  name="solr.jetty.https.soLingerTime" default="-1"/>
>  name="solr.jetty.ssl.acceptorPriorityDelta" default="0"/>
>  name="solr.jetty.ssl.selectorPriorityDelta" default="0"/>
>  name="solr.jetty.https.acceptQueueSize" default="0"/>
>   
> 
>   
> 
>
>
>
>
> -Original Message-
> From: Jeff Wu [mailto:wuhai...@gmail.com]
> Sent: Monday, February 29, 2016 12:58 PM
> To: solr-user@lucene.apache.org
> Subject: Re: Prevent the SSL Keystore and Truststore password from showing
> up in the Solr Admin and Linux processes (Solr 5.2.1)
>
> Hi Katherine, we had exact the same issue, we need to protect our password.
> Anyone who can access to solr server can do "ps -elf|grep java" to grep
> the solr commandline, and it has all the password in plain text.
>
> The /bin/solr shell will set 10 related system property:
>  SOLR_SSL_OPTS=" -Dsolr.jetty.keystore=$SOLR_SSL_KEY_STORE \
> -Dsolr.jetty.keystore.password=$SOLR_SSL_KEY_STORE_PASSWORD \
> -Dsolr.jetty.truststore=$SOLR_SSL_TRUST_STORE \
> -Dsolr.jetty.truststore.password=$SOLR_SSL_TRUST_STORE_PASSWORD \
> -Dsolr.jetty.ssl.needClientAuth=$SOLR_SSL_NEED_CLIENT_AUTH \
> -Dsolr.jetty.ssl.wantClientAuth=$SOLR_SSL_WANT_CLIENT_AUTH"
>   SOLR_SSL_OPTS+=" -Djavax.net.ssl.keyStore=$SOLR_SSL_KEY_STORE \
>

Re: I have one small question that always intrigue me

2016-02-24 Thread Zara Parst 
Very well explained, thanks Davis, Daniel really thanks.  I read your email
thoroughly and I enjoyed it while I was reading.  Though at some point my
thought partite from your view. But still I can a good perception of yours
how one can see the architectural world of lucene ecosystem. I will try to
make more sense out of it when I will implement few suggestion of yours.
For now a thanks from my side.

Note: About justifying my email, I am sorry for sending to many lists.
Actually I was chasing this question for a month or more., I invested
adequate number hours of myself to figure out and when I failed to see
insight, I started asking personally from user list but none answered.
After a while I sent same email to user list of lucene and zookeeper and
waited for a week or so but that too in vain. Finally my frustration grew
up and I sent email to as many list as I could because I was having this
feeling how could developer not faced this problem at least once if they
did what it mean ?? ignoring the genuine concern ??

Anyway really thanks.
Have a nice time.

On Wed, Feb 24, 2016 at 8:33 PM, Davis, Daniel (NIH/NLM) [C] <
daniel.da...@nih.gov> wrote:

> I've wondered about this as well.Recall that the proper architecture
> for Solr as well as ZooKeeper is as a back-end service, part of a tiered
> architecture, with web application servers in front.   Solr and other
> search engines should fit in at the same layer as RDBMS and  NoSQL, with
> the web applications in front of them.   In some larger systems, there is
> even an Enterprise SOA layer in between, but I've never worked on a project
> where I felt that was truly justified.   It is probably a matter of scale
> however.
>
> The common-case solution relies on this architecture - Solr and Zookeeper
> can be protected by IP address firewalls both off system and on system.
> The network firewalls (AWS security policy) allow only certain ip
> addresses/networks to connect to Solr and Zookeeper, and the local system
> firewalls act as a back-up to this system.   The SHA1 checksum within
> ZooKeeper and the Basic Authentication within SolrCloud then act as a way
> to fine tune access control, but they are not so much to protect Solr and
> Zookeeper but to allow a division of privileges.
>
> Some sites will find this insufficient:
> - Solr supports SSL -
> https://cwiki.apache.org/confluence/display/solr/Enabling+SSL
> - ZooKeeper supports SSL -
> https://cwiki.apache.org/confluence/display/ZOOKEEPER/ZooKeeper+SSL+User+Guide
>
> Both also at this point support custom authentication providers.
>
> My Solr is less protected that it should be, but I have mod_auth_cas
> protecting the solr admin interface, and certain request handlers can be
> accessed without this security through hand-built Apache httpd conf.d files
> for each core.There is a load-balancer (like Amazon Elastic Load
> Balancer (ELB)) in front of all Solr nodes, and since fault-tolerance is
> needed only for search, not for indexing, this is adequate. In other
> words, my Solr clients would not operate in SolrCloud mode, even if I made
> the Solr instance itself SolrCloud for ease of management.I'm having a
> little bit of a problem justifying this setup - the Role Based
> Authorization Plugin for Solr Basic Auth only scales to Enterprise use if
> you have a web front-end to manage the users, passwords, groups, and roles.
>
> Does this help?
>
> P.S. - Generally, one cross posts to another list only one when does not
> receive a good reply on the first list.   I can see how both
> u...@zookeeper.apache.org and solr-user@lucene.apache.org may be
> justified, but I don't see how you can justify more lists than this.
>
> -Original Message-
> From: Zara Parst [mailto:edotserv...@gmail.com]
> Sent: Wednesday, February 24, 2016 3:27 AM
> To: zookeeper-u...@hadoop.apache.org; f...@apache.org; AALSIHE <
> aali...@gmail.com>; u...@zookeeper.apache.org; solr-user@lucene.apache.org;
> d...@nutch.apache.org; u...@nutch.apache.org; comm...@lucene.apache.org;
> u...@lucene.apache.org
> Subject: I have one small question that always intrigue me
>
> Hi everyone,
>
> I am really need your help, please read below
>
>
> If we have to run solr in cloud mode, we are going to use zookeeper,   now
> any zookeeper client can connect to zookeeper server, Zookeeper has
> facility to protect znode however any one can see znode acl however
> password could be encrypted.  Decrypting password or guessing password is
> not a big deal. As we know password is SHA encrypted also there is no
> limitation of number of try to authorize with ACL. So my point is how to
> safegard zookeeper.
>
> I can guess few things
>
> a. Don't reveal ip of your zookeeper ( security with obscurity ) b. ip
>

I have one small question that always intrigue me

2016-02-24 Thread Zara Parst 
Hi everyone,

I am really need your help, please read below


If we have to run solr in cloud mode, we are going to use zookeeper,   now
any zookeeper client can connect to zookeeper server, Zookeeper has
facility to protect znode however any one can see znode acl however
password could be encrypted.  Decrypting password or guessing password is
not a big deal. As we know password is SHA encrypted also there is no
limitation of number of try to authorize with ACL. So my point is how to
safegard zookeeper.

I can guess few things

a. Don't reveal ip of your zookeeper ( security with obscurity )
b. ip table which is also not a very good idea
c. what else ??

My guess was if some how we can protect zookeeper server itself by asking
client to authorize them self before it can make connection to ensemble
even at root ( /) znode.

Please please at least comment on this , I really need your help.

Re: SOLR cloud startup - zookeeper ensemble

2016-02-23 Thread Zara Parst 
>From where you got this hint  of using quotes ???

use option like this

bin/solr start -e cloud localhost:2181,localhost:2182,localhost:2183

Mind it no gap between comma

Thanks
Zara



On Tue, Feb 23, 2016 at 10:32 AM, bbarani  wrote:

> Ok when I run the below command it looks like its ignoring the double
> quotes.
>
> solr start -c -z "localhost:2181,localhost:2182,localhost:2183" -e cloud
>
>
> This interactive session will help you launch a SolrCloud cluster on your
> local
> workstation.
> To begin, how many Solr nodes would you like to run in your local cluster?
> (spec
> ify 1-4 nodes) [2]:
> 2
> Ok, let's start up 2 Solr nodes for your example SolrCloud cluster.
> Please enter the port for node1 [8983]:
> 8983
> Please enter the port for node2 [7574]:
> 7573
> Solr home directory
> C:\Users\bb728a\Downloads\solr-5.5.0\solr-5.5.0\example\clou
> d\node1\solr already exists.
> C:\Users\bb728a\Downloads\solr-5.5.0\solr-5.5.0\example\cloud\node2 already
> exis
> ts.
>
> Starting up Solr on port 8983 using command:
> C:\Users\bb728a\Downloads\solr-5.5.0\solr-5.5.0\bin\solr.cmd start -cloud
> -p
> 898
> 3 -s
> "C:\Users\bb728a\Downloads\solr-5.5.0\solr-5.5.0\example\cloud\node1\solr"
> -z *localhost:2181,localhost:2182,localhost:2183*
>
>
> Invalid command-line option: localhost:2182
>
>
> Usage: solr start [-f] [-c] [-h hostname] [-p port] [-d directory] [-z
> zkHost] [
> -m memory] [-e example] [-s solr.solr.home] [-a "additional-options"] [-V]
>
>
>
>
> --
> View this message in context:
> http://lucene.472066.n3.nabble.com/SOLR-cloud-startup-zookeeper-ensemble-tp4259023p4259028.html
> Sent from the Solr - User mailing list archive at Nabble.com.
>