Hi Jan, Need One small confirmation, out of curiosity! Document2 reference does not apply to you as it is Kerberos plugin. Let's assume if we try to go with Kerberos plugin, how can we effectively restart each node when we are using cluster of n nodes?
Because if we restart single node, Kerberos plugin will be enabled to only single node, but not at other nodes. Thanks and regards, Uday Kumar On Wed, Dec 27, 2023, 05:29 Uday Kumar <[email protected]> wrote: > Thanks for confirmation Jan! > > On Wed, Dec 27, 2023, 05:04 Jan Høydahl <[email protected]> wrote: > >> Document2 reference does not apply to you as it is Kerberos plugin. >> >> You only need to upload the correct security.json so zookeeper, and your >> entire cluster is immediately secured. As you have already validated on >> your test node. >> >> Jan >> >> > 26. des. 2023 kl. 18:27 skrev Uday Kumar <[email protected] >> .INVALID>: >> > >> > Hi Jan, >> > >> > It is correct that Auth changes take effect across all nodes. So that >> would >> > be your procedure, done. >> > So, you meant to say, authentication changes will be reflected to all >> nodes >> > without node restart?? >> > >> > >> > May you have looked at docs for self-managed Solr with no zookeeper? In >> > that case you must touch each node at a time. >> > I don't think I have checked docs for self-managed solr with no >> zookeeper, >> > kindly check below referred sections and let me know if I am missing >> > anything. >> > >> > *Document-1*: >> > >> https://solr.apache.org/guide/8_10/authentication-and-authorization-plugins.html#enable-plugins-with-security-json >> > >> > Section referred: Enable Plugins with security.json >> > >> > *Document-2*: >> > >> https://solr.apache.org/guide/8_10/kerberos-authentication-plugin.html#security-json >> > >> > Section referred: security.json >> > >> > Thanks and regards, >> > Uday Kumar >> > >> > >> > >> > >> > On Tue, Dec 26, 2023, 16:04 Jan Høydahl <[email protected]> wrote: >> > >> >> It is correct that Auth changes take effect across all nodes. So that >> >> would be your procedure, done. >> >> >> >> May you have looked at docs for self-managed Solr with no zookeeper? In >> >> that case you must touch each node at a time. >> >> >> >> Jan Høydahl >> >> >> >>> 26. des. 2023 kl. 08:20 skrev Uday Kumar <[email protected] >> >> .invalid>: >> >>> >> >>> Hello all, >> >>> >> >>> In our production environment, we currently utilize Solr Cloud 8.10 >> with >> >> 8 >> >>> nodes/shards (i.e., 8 different servers), without any authentication >> >> plugin. >> >>> >> >>> *Our New Requirement:* >> >>> To implement Basic Authentication on Solr Cloud to prevent >> unauthorized >> >>> access. >> >>> >> >>> Here are the steps we have undertaken in our development environment:* >> >> [we >> >>> used Single Server, but nodes/shards with 8 different ports]* >> >>> 1. Created the security.json file. >> >>> 2. Configured and created different users as required. >> >>> 3. Uploaded the security.json file to Zookeeper. >> >>> >> >>> Surprisingly, *authentication is enabled on all nodes/shards* >> immediately >> >>> after pushing the security.json file to Zookeeper. >> >>> >> >>> However, according to the Solr Documentation, a restart of each node >> is >> >>> required for authentication changes to take effect across all >> >> nodes/shards. >> >>> >> >>> Our main query is, what is the correct approach for making >> authentication >> >>> changes live on all Nodes/Shards? >> >>> >> >>> *Thanks & Regards,* >> >>> *Uday Kumar* >> >> >> >>
