[jira] [Commented] (SOLR-13687) Enable the bin/solr script to accept a solr url to run commands

Mon, 19 Aug 2019 18:34:13 -0700 


    [ 
https://issues.apache.org/jira/browse/SOLR-13687?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16910896#comment-16910896
 ] 

Noble Paul commented on SOLR-13687:
-----------------------------------

Ideally, we should minimize access to ZK from hosts outside of of solr nodes. 
It's a security hole. If you have access to ZK , you can edit the 
{{security.json}} or any other file in zookeeper. Most of these operations do 
not need access to ZK. 

We should make usage of solr as a service that runs over HTTP. If an operation 
can be performed over HTTP, it should be. People should just be required to 
know the url of a solr node to use a solr cluster.

> Enable the bin/solr script to accept a solr url to  run commands
> ----------------------------------------------------------------
>
>                 Key: SOLR-13687
>                 URL: https://issues.apache.org/jira/browse/SOLR-13687
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>            Reporter: Noble Paul
>            Priority: Major
>
> The problem we have today with our {{bin/solr}} script is that we have to run 
> it from one of the nodes where Solr is running. This is a security issue b/c 
> only admins are usaully be allowed to login to a machine where solr is 
> running.If you have multiple cluster running in that host we don't know which 
> one it's going to use. It is much easier to write a simple script that works 
> over a url and the user has no ambiguity as to how it works. You can just 
> unpack a solr distribution to your local machine and start using the script 
> without bothering to install solr .
> The following commands can easily be executed remotely. These commands can 
> accept the base url of any solr node in the cluster and perform the opertaion
>  * healthcheck
>  * create
>  * create_core
>  * create_collection
>  * delete, version,
>  * config
>  * autoscaling



--
This message was sent by Atlassian Jira
(v8.3.2#803003)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

Reply via email to