[jira] [Commented] (SOLR-13746) Apache jenkins needs JVM 11 upgraded to at least 11.0.3 (SSL bugs)
[ https://issues.apache.org/jira/browse/SOLR-13746?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16926763#comment-16926763 ] Hoss Man commented on SOLR-13746: - thanks steve. > Apache jenkins needs JVM 11 upgraded to at least 11.0.3 (SSL bugs) > -- > > Key: SOLR-13746 > URL: https://issues.apache.org/jira/browse/SOLR-13746 > Project: Solr > Issue Type: Task > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Hoss Man >Priority: Major > > I just realized that back in June, there was a misscommunication between > myself & Uwe (and a lack of double checking on my part!) regarding upgrading > the JVM versions on our jenkins machines... > * > [http://mail-archives.apache.org/mod_mbox/lucene-dev/201906.mbox/%3calpine.DEB.2.11.1906181434350.23523@tray%3e] > * > [http://mail-archives.apache.org/mod_mbox/lucene-dev/201906.mbox/%3C00b301d52918$d27b2f60$77718e20$@thetaphi.de%3E] > ...Uwe only updated the JVMs on _his_ policeman jenkins machines - the JVM > used on the _*apache*_ jenkins nodes is still (as of 2019-09-06) > "11.0.1+13-LTS" ... > [https://builds.apache.org/view/L/view/Lucene/job/Lucene-Solr-Tests-master/3689/consoleText] > {noformat} > ... > [java-info] java version "11.0.1" > [java-info] Java(TM) SE Runtime Environment (11.0.1+13-LTS, Oracle > Corporation) > [java-info] Java HotSpot(TM) 64-Bit Server VM (11.0.1+13-LTS, Oracle > Corporation) > ... > {noformat} > This means that even after the changes made in SOLR-12988 to re-enable SSL > testing on java11, all Apache jenkins 'master' builds, (including, AFAICT the > yetus / 'Patch Review' builds) are still SKIPping thousands of tests that use > SSL (either explicitly, or due to randomization) becauseof the logic in > SSLTestConfig to detects bad JVM versions an prevent confusion/spurious > failures. > We really need to get the jenkins nodes updated to openjdk 11.0.3 or 11.0.4 > ASAP. -- This message was sent by Atlassian Jira (v8.3.2#803003) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-13746) Apache jenkins needs JVM 11 upgraded to at least 11.0.3 (SSL bugs)
[ https://issues.apache.org/jira/browse/SOLR-13746?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16926227#comment-16926227 ] Steve Rowe commented on SOLR-13746: --- bq. Can/should we be filing an INFRA jira explicitly requesting upgraded JDKs so it's clear there is a demonstrable need? (does such an issue already exist already? can someone please link it here?) I looked and didn't find such an issue, so I created one: https://issues.apache.org/jira/browse/INFRA-19009 > Apache jenkins needs JVM 11 upgraded to at least 11.0.3 (SSL bugs) > -- > > Key: SOLR-13746 > URL: https://issues.apache.org/jira/browse/SOLR-13746 > Project: Solr > Issue Type: Task > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Hoss Man >Priority: Major > > I just realized that back in June, there was a misscommunication between > myself & Uwe (and a lack of double checking on my part!) regarding upgrading > the JVM versions on our jenkins machines... > * > [http://mail-archives.apache.org/mod_mbox/lucene-dev/201906.mbox/%3calpine.DEB.2.11.1906181434350.23523@tray%3e] > * > [http://mail-archives.apache.org/mod_mbox/lucene-dev/201906.mbox/%3C00b301d52918$d27b2f60$77718e20$@thetaphi.de%3E] > ...Uwe only updated the JVMs on _his_ policeman jenkins machines - the JVM > used on the _*apache*_ jenkins nodes is still (as of 2019-09-06) > "11.0.1+13-LTS" ... > [https://builds.apache.org/view/L/view/Lucene/job/Lucene-Solr-Tests-master/3689/consoleText] > {noformat} > ... > [java-info] java version "11.0.1" > [java-info] Java(TM) SE Runtime Environment (11.0.1+13-LTS, Oracle > Corporation) > [java-info] Java HotSpot(TM) 64-Bit Server VM (11.0.1+13-LTS, Oracle > Corporation) > ... > {noformat} > This means that even after the changes made in SOLR-12988 to re-enable SSL > testing on java11, all Apache jenkins 'master' builds, (including, AFAICT the > yetus / 'Patch Review' builds) are still SKIPping thousands of tests that use > SSL (either explicitly, or due to randomization) becauseof the logic in > SSLTestConfig to detects bad JVM versions an prevent confusion/spurious > failures. > We really need to get the jenkins nodes updated to openjdk 11.0.3 or 11.0.4 > ASAP. -- This message was sent by Atlassian Jira (v8.3.2#803003) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-13746) Apache jenkins needs JVM 11 upgraded to at least 11.0.3 (SSL bugs)
[ https://issues.apache.org/jira/browse/SOLR-13746?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16925947#comment-16925947 ] Hoss Man commented on SOLR-13746: - bq. ... No idea, there is an issue / mail thread already at ASF about AdoptOpenJDK. ... bq. ... I think we should get Infra involved, at a minimum to ask if we should be managing JDKs on a self-serve basis. ... So i'm not really clear on where we stand now... IIUC in order to upgrade past 11.0.1 (which is broken) we need to use (Adopt)OpenJDK because oracle hasn't made 11.0.(2|3|4) builds available? -- and It sounds like is there an INFRA issue or mail archive thread somewhere about being able to use OpenJDK ... can someone post a link to that? is that a discussion that's being had in public or in private? (even if it's private, can someone post a link to it so folks w/request karma can access it) Is the infra conversation something happening "in the abstract" of "if/when OpenJDK builds can/should be used", or is it concretely about the need for specific projects to switch? ... ie: Has the fact that 11.0.1 is broken and effectively unusable for a lot of Solr testing been mentioned in the context of that discussion? Can/should we be filing an INFRA jira explicitly requesting upgraded JDKs so it's clear there is a demonstrable need? (does such an issue already exist already? can someone please link it here?) Finally: is docker available on the jenkins build slaves, because worst case scenario we could tweak our apache jenkins jobs to run inside docker containers that always use the latest AdoptOpenJDK base images, ala... https://github.com/hossman/solr-jenkins-docker-tester bq. Should we also add this note to the JVM bugs page: https://cwiki.apache.org/confluence/display/lucene/JavaBugs#JavaBugs-OracleJava/SunJava/OpenJDKBugs I thought someone already did this in response to an email thread about this general topci a ffew months ago -- but maybe not? the list of known JVM SSL bugs is well documented in SOLR-12988 -- anyone who wants to take a stabe at summarizing that info in the wiki or release notes of Solr is welcome to take a stab at it (my focus has been on tests themselves and trying to figure out if there are any other SSL bugs we're overlooked ... something i'm now freaking out about more as i realized none of the apache jenkins jobs have actaully been testing SSL) > Apache jenkins needs JVM 11 upgraded to at least 11.0.3 (SSL bugs) > -- > > Key: SOLR-13746 > URL: https://issues.apache.org/jira/browse/SOLR-13746 > Project: Solr > Issue Type: Task > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Hoss Man >Priority: Major > > I just realized that back in June, there was a misscommunication between > myself & Uwe (and a lack of double checking on my part!) regarding upgrading > the JVM versions on our jenkins machines... > * > [http://mail-archives.apache.org/mod_mbox/lucene-dev/201906.mbox/%3calpine.DEB.2.11.1906181434350.23523@tray%3e] > * > [http://mail-archives.apache.org/mod_mbox/lucene-dev/201906.mbox/%3C00b301d52918$d27b2f60$77718e20$@thetaphi.de%3E] > ...Uwe only updated the JVMs on _his_ policeman jenkins machines - the JVM > used on the _*apache*_ jenkins nodes is still (as of 2019-09-06) > "11.0.1+13-LTS" ... > [https://builds.apache.org/view/L/view/Lucene/job/Lucene-Solr-Tests-master/3689/consoleText] > {noformat} > ... > [java-info] java version "11.0.1" > [java-info] Java(TM) SE Runtime Environment (11.0.1+13-LTS, Oracle > Corporation) > [java-info] Java HotSpot(TM) 64-Bit Server VM (11.0.1+13-LTS, Oracle > Corporation) > ... > {noformat} > This means that even after the changes made in SOLR-12988 to re-enable SSL > testing on java11, all Apache jenkins 'master' builds, (including, AFAICT the > yetus / 'Patch Review' builds) are still SKIPping thousands of tests that use > SSL (either explicitly, or due to randomization) becauseof the logic in > SSLTestConfig to detects bad JVM versions an prevent confusion/spurious > failures. > We really need to get the jenkins nodes updated to openjdk 11.0.3 or 11.0.4 > ASAP. -- This message was sent by Atlassian Jira (v8.3.2#803003) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-13746) Apache jenkins needs JVM 11 upgraded to at least 11.0.3 (SSL bugs)
[ https://issues.apache.org/jira/browse/SOLR-13746?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16925242#comment-16925242 ] Steve Rowe commented on SOLR-13746: --- Uwe and I have login credentials on the two ASF Jenkins nodes, and we can sudo as the jenkins user on those nodes. The {{/home/jenkins/tools/}} directory contains symlinks to the installed JDKs, so theoretically, yes, Uwe and I could overwrite those links. But AFAIK Infra manages these and other stuff in the tools directory via Puppet, so manual change there could cause trouble. I think we should get Infra involved, at a minimum to ask if we should be managing JDKs on a self-serve basis. >From the lucene1 node: {noformat} jenkins@lucene1-us-west:~$ ls -l /home/jenkins/tools/java/latest11 lrwxrwxrwx 1 root root 38 Nov 10 2018 /home/jenkins/tools/java/latest11 -> /usr/local/asfpackages/java/jdk-11.0.1 jenkins@lucene1-us-west:~$ ls -ld /usr/local/asfpackages/java/*11* drwxr-xr-x 8 root root 4096 Jul 19 18:40 /usr/local/asfpackages/java/jdk-11.0.1 -rw-r--r-- 1 root root 179758537 Nov 10 2018 /usr/local/asfpackages/java/jdk-11.0.1_linux-x64_bin.tar.gz drwxr-xr-x 8 root root 4096 Jul 19 18:39 /usr/local/asfpackages/java/jdk-11-ea+19 drwxr-xr-x 8 root root 4096 Jul 19 18:39 /usr/local/asfpackages/java/jdk-11-ea+22 drwxr-xr-x 8 root root 4096 Jul 19 18:40 /usr/local/asfpackages/java/jdk-11-ea+28 drwxr-xr-x 8 root root 4096 Jul 19 18:39 /usr/local/asfpackages/java/jdk-11-ea+8 {noformat} I see the same thing ^^ on the lucene2 node. When I go to configure the JDK on ASF Jenkins jobs, for Java11 I see a preset list that looks like the above. FYI I upgraded the JDK used by my Jenkins's lucene-solr master branch jobs to 11.0.3 a while back. > Apache jenkins needs JVM 11 upgraded to at least 11.0.3 (SSL bugs) > -- > > Key: SOLR-13746 > URL: https://issues.apache.org/jira/browse/SOLR-13746 > Project: Solr > Issue Type: Task > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Hoss Man >Priority: Major > > I just realized that back in June, there was a misscommunication between > myself & Uwe (and a lack of double checking on my part!) regarding upgrading > the JVM versions on our jenkins machines... > * > [http://mail-archives.apache.org/mod_mbox/lucene-dev/201906.mbox/%3calpine.DEB.2.11.1906181434350.23523@tray%3e] > * > [http://mail-archives.apache.org/mod_mbox/lucene-dev/201906.mbox/%3C00b301d52918$d27b2f60$77718e20$@thetaphi.de%3E] > ...Uwe only updated the JVMs on _his_ policeman jenkins machines - the JVM > used on the _*apache*_ jenkins nodes is still (as of 2019-09-06) > "11.0.1+13-LTS" ... > [https://builds.apache.org/view/L/view/Lucene/job/Lucene-Solr-Tests-master/3689/consoleText] > {noformat} > ... > [java-info] java version "11.0.1" > [java-info] Java(TM) SE Runtime Environment (11.0.1+13-LTS, Oracle > Corporation) > [java-info] Java HotSpot(TM) 64-Bit Server VM (11.0.1+13-LTS, Oracle > Corporation) > ... > {noformat} > This means that even after the changes made in SOLR-12988 to re-enable SSL > testing on java11, all Apache jenkins 'master' builds, (including, AFAICT the > yetus / 'Patch Review' builds) are still SKIPping thousands of tests that use > SSL (either explicitly, or due to randomization) becauseof the logic in > SSLTestConfig to detects bad JVM versions an prevent confusion/spurious > failures. > We really need to get the jenkins nodes updated to openjdk 11.0.3 or 11.0.4 > ASAP. -- This message was sent by Atlassian Jira (v8.3.2#803003) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-13746) Apache jenkins needs JVM 11 upgraded to at least 11.0.3 (SSL bugs)
[ https://issues.apache.org/jira/browse/SOLR-13746?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16924861#comment-16924861 ] Erick Erickson commented on SOLR-13746: --- Should we also add this note to the JVM bugs page: https://cwiki.apache.org/confluence/display/lucene/JavaBugs#JavaBugs-OracleJava/SunJava/OpenJDKBugs > Apache jenkins needs JVM 11 upgraded to at least 11.0.3 (SSL bugs) > -- > > Key: SOLR-13746 > URL: https://issues.apache.org/jira/browse/SOLR-13746 > Project: Solr > Issue Type: Task > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Hoss Man >Priority: Major > > I just realized that back in June, there was a misscommunication between > myself & Uwe (and a lack of double checking on my part!) regarding upgrading > the JVM versions on our jenkins machines... > * > [http://mail-archives.apache.org/mod_mbox/lucene-dev/201906.mbox/%3calpine.DEB.2.11.1906181434350.23523@tray%3e] > * > [http://mail-archives.apache.org/mod_mbox/lucene-dev/201906.mbox/%3C00b301d52918$d27b2f60$77718e20$@thetaphi.de%3E] > ...Uwe only updated the JVMs on _his_ policeman jenkins machines - the JVM > used on the _*apache*_ jenkins nodes is still (as of 2019-09-06) > "11.0.1+13-LTS" ... > [https://builds.apache.org/view/L/view/Lucene/job/Lucene-Solr-Tests-master/3689/consoleText] > {noformat} > ... > [java-info] java version "11.0.1" > [java-info] Java(TM) SE Runtime Environment (11.0.1+13-LTS, Oracle > Corporation) > [java-info] Java HotSpot(TM) 64-Bit Server VM (11.0.1+13-LTS, Oracle > Corporation) > ... > {noformat} > This means that even after the changes made in SOLR-12988 to re-enable SSL > testing on java11, all Apache jenkins 'master' builds, (including, AFAICT the > yetus / 'Patch Review' builds) are still SKIPping thousands of tests that use > SSL (either explicitly, or due to randomization) becauseof the logic in > SSLTestConfig to detects bad JVM versions an prevent confusion/spurious > failures. > We really need to get the jenkins nodes updated to openjdk 11.0.3 or 11.0.4 > ASAP. -- This message was sent by Atlassian Jira (v8.3.2#803003) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-13746) Apache jenkins needs JVM 11 upgraded to at least 11.0.3 (SSL bugs)
[ https://issues.apache.org/jira/browse/SOLR-13746?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16924831#comment-16924831 ] Uwe Schindler commented on SOLR-13746: -- No idea, there is an issue / mail thread already at ASF about AdoptOpenJDK. I just updated Policeman to 11.0.4 (Linux, Mac, Windows). > Apache jenkins needs JVM 11 upgraded to at least 11.0.3 (SSL bugs) > -- > > Key: SOLR-13746 > URL: https://issues.apache.org/jira/browse/SOLR-13746 > Project: Solr > Issue Type: Task > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Hoss Man >Priority: Major > > I just realized that back in June, there was a misscommunication between > myself & Uwe (and a lack of double checking on my part!) regarding upgrading > the JVM versions on our jenkins machines... > * > [http://mail-archives.apache.org/mod_mbox/lucene-dev/201906.mbox/%3calpine.DEB.2.11.1906181434350.23523@tray%3e] > * > [http://mail-archives.apache.org/mod_mbox/lucene-dev/201906.mbox/%3C00b301d52918$d27b2f60$77718e20$@thetaphi.de%3E] > ...Uwe only updated the JVMs on _his_ policeman jenkins machines - the JVM > used on the _*apache*_ jenkins nodes is still (as of 2019-09-06) > "11.0.1+13-LTS" ... > [https://builds.apache.org/view/L/view/Lucene/job/Lucene-Solr-Tests-master/3689/consoleText] > {noformat} > ... > [java-info] java version "11.0.1" > [java-info] Java(TM) SE Runtime Environment (11.0.1+13-LTS, Oracle > Corporation) > [java-info] Java HotSpot(TM) 64-Bit Server VM (11.0.1+13-LTS, Oracle > Corporation) > ... > {noformat} > This means that even after the changes made in SOLR-12988 to re-enable SSL > testing on java11, all Apache jenkins 'master' builds, (including, AFAICT the > yetus / 'Patch Review' builds) are still SKIPping thousands of tests that use > SSL (either explicitly, or due to randomization) becauseof the logic in > SSLTestConfig to detects bad JVM versions an prevent confusion/spurious > failures. > We really need to get the jenkins nodes updated to openjdk 11.0.3 or 11.0.4 > ASAP. -- This message was sent by Atlassian Jira (v8.3.2#803003) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-13746) Apache jenkins needs JVM 11 upgraded to at least 11.0.3 (SSL bugs)
[ https://issues.apache.org/jira/browse/SOLR-13746?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16924661#comment-16924661 ] Hoss Man commented on SOLR-13746: - [~thetaphi] / [~steve_rowe] - is this still something you guys have control over, or do we need to get infra involved? > Apache jenkins needs JVM 11 upgraded to at least 11.0.3 (SSL bugs) > -- > > Key: SOLR-13746 > URL: https://issues.apache.org/jira/browse/SOLR-13746 > Project: Solr > Issue Type: Task > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Hoss Man >Priority: Major > > I just realized that back in June, there was a misscommunication between > myself & Uwe (and a lack of double checking on my part!) regarding upgrading > the JVM versions on our jenkins machines... > * > [http://mail-archives.apache.org/mod_mbox/lucene-dev/201906.mbox/%3calpine.DEB.2.11.1906181434350.23523@tray%3e] > * > [http://mail-archives.apache.org/mod_mbox/lucene-dev/201906.mbox/%3C00b301d52918$d27b2f60$77718e20$@thetaphi.de%3E] > ...Uwe only updated the JVMs on _his_ policeman jenkins machines - the JVM > used on the _*apache*_ jenkins nodes is still (as of 2019-09-06) > "11.0.1+13-LTS" ... > [https://builds.apache.org/view/L/view/Lucene/job/Lucene-Solr-Tests-master/3689/consoleText] > {noformat} > ... > [java-info] java version "11.0.1" > [java-info] Java(TM) SE Runtime Environment (11.0.1+13-LTS, Oracle > Corporation) > [java-info] Java HotSpot(TM) 64-Bit Server VM (11.0.1+13-LTS, Oracle > Corporation) > ... > {noformat} > This means that even after the changes made in SOLR-12988 to re-enable SSL > testing on java11, all Apache jenkins 'master' builds, (including, AFAICT the > yetus / 'Patch Review' builds) are still SKIPping thousands of tests that use > SSL (either explicitly, or due to randomization) becauseof the logic in > SSLTestConfig to detects bad JVM versions an prevent confusion/spurious > failures. > We really need to get the jenkins nodes updated to openjdk 11.0.3 or 11.0.4 > ASAP. -- This message was sent by Atlassian Jira (v8.3.2#803003) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org