[
https://issues.apache.org/jira/browse/SOLR-5776?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14074632#comment-14074632
]
Hoss Man commented on SOLR-5776:
--------------------------------
One of the comments steve made when opening SOLR-6254...
{quote}
I found some info about /dev/random problems on FreeBSD here:
https://wiki.freebsd.org/201308DevSummit/Security/DevRandom, which lead me to
/etc/rc.d/iinitrandom, which gets around the limited entropy by cat'ing a bunch
of shit to /dev/random:
...
I think we should try the same strategy in a crontab every X minutes, to see if
that addresses the test failures.
{quote}
miller's response to that specific suggestion...
bq. I think it's fine as a short term workaround, but not a great solution. We
probably should just disable SSL unless we can address it in a portable way.
Here's my straw man counter proposal:
* update the solr tests so that:
** SSL randomization only happens if a "tests.randomssl" sys prop is set -
default is false
*** NOTE: would mean updates to the "reproduce with" line formatting
*** should be updated in test-help as well
*** could be used in lucene/replicator module as well -- it already has a
"tests.jettySSL" (doh! ... not included in the reproduce line!)
** sanity check that we have at least some basic coverage of Solr w/SSL that is
*not* randomized (ie: SSLMigrationTest and at least one new test that _always_
uses SSL to bring up a few nodes, index a few docs, do a query, and shuts down)
** remove most of the \@SuppressSSL annotations currently in place (should only
be used for tests that truly *needs* to supress SSL because of the nature of
the test: ie explicitly veryfing something about non-ssl mode)
* update the jenkins boxes to:
** have cron like steve suggests
** set "tests.randomssl" to true when running builds
The end result, if everything works properly should be:
* no matter who runs the tests, some basic sanity checking of SSL is done
* on our jenkins builds, we do extensive randomized testing of SSL with all the
cloud (and lucene/replicator) functionality
* users who have enough entropy on their system can run
{{-Dtests.randomssl=true}} if they choose.
Obviously though, before putting any work into the tests framework to support
something like "tests.randomssl" as a first class sysprop, the first baby step
to see if this plan is even viable would be the cron steve mentioned to create
lots of entropy -- if that doesn't work, then the whole plan is moot.
> Look at speeding up using SSL with tests.
> -----------------------------------------
>
> Key: SOLR-5776
> URL: https://issues.apache.org/jira/browse/SOLR-5776
> Project: Solr
> Issue Type: Test
> Reporter: Mark Miller
> Assignee: Mark Miller
> Fix For: 4.9, 5.0
>
> Attachments: SOLR-5776.patch, SOLR-5776.patch
>
>
> We have to disable SSL on a bunch of tests now because it appears to sometime
> be ridiculously slow - especially in slow envs (I never see timeouts on my
> machine).
> I was talking to Robert about this, and he mentioned that there might be some
> settings we could change to speed it up.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
