No need to shut down servers. Do the configuration change in security.json. Done. What is the remaining question here?
Jan Høydahl > 29. des. 2023 kl. 18:44 skrev Uday Kumar <uday.p...@indiamart.com.invalid>: > > Hello yilmaz, > > But we cannot afford to shutdown all our servers for some time. > >> On Thu, Dec 28, 2023, 17:56 uyil...@vivaldi.net.INVALID >> <uyil...@vivaldi.net.invalid> wrote: >> >> I imagine if you could afford to shut down all the running Solr instances >> for a small amount of time, you could shut them all down, make the auth >> changes, and start them all at the same time >> >> --ufuk yilmaz >> ________________________________ >> From: Jan Høydahl <jan....@cominvent.com> >> Sent: Thursday, December 28, 2023 3:20 AM >> To: users@solr.apache.org <users@solr.apache.org> >> Subject: Re: Correct Procedure for making Basic Authentication Changes >> LIVE across Multiple Nodes in Solr Cloud 8.10 >> >> Sorry no Experience with Kerberos. >> >> Jan Høydahl >> >>> 27. des. 2023 kl. 01:13 skrev Uday Kumar <uday.p...@indiamart.com >> .invalid>: >>> >>> Hi Jan, >>> Need One small confirmation, out of curiosity! >>> >>> Document2 reference does not apply to you as it is Kerberos plugin. >>> Let's assume if we try to go with Kerberos plugin, how can we effectively >>> restart each node when we are using cluster of n nodes? >>> >>> Because if we restart single node, Kerberos plugin will be enabled to >> only >>> single node, but not at other nodes. >>> >>> Thanks and regards, >>> Uday Kumar >>> >>>> On Wed, Dec 27, 2023, 05:29 Uday Kumar <uday.p...@indiamart.com> wrote: >>>> >>>> Thanks for confirmation Jan! >>>> >>>>> On Wed, Dec 27, 2023, 05:04 Jan Høydahl <jan....@cominvent.com> wrote: >>>>> >>>>> Document2 reference does not apply to you as it is Kerberos plugin. >>>>> >>>>> You only need to upload the correct security.json so zookeeper, and >> your >>>>> entire cluster is immediately secured. As you have already validated on >>>>> your test node. >>>>> >>>>> Jan >>>>> >>>>>> 26. des. 2023 kl. 18:27 skrev Uday Kumar <uday.p...@indiamart.com >>>>> .INVALID>: >>>>>> >>>>>> Hi Jan, >>>>>> >>>>>> It is correct that Auth changes take effect across all nodes. So that >>>>> would >>>>>> be your procedure, done. >>>>>> So, you meant to say, authentication changes will be reflected to all >>>>> nodes >>>>>> without node restart?? >>>>>> >>>>>> >>>>>> May you have looked at docs for self-managed Solr with no zookeeper? >> In >>>>>> that case you must touch each node at a time. >>>>>> I don't think I have checked docs for self-managed solr with no >>>>> zookeeper, >>>>>> kindly check below referred sections and let me know if I am missing >>>>>> anything. >>>>>> >>>>>> *Document-1*: >>>>>> >>>>> >> https://solr.apache.org/guide/8_10/authentication-and-authorization-plugins.html#enable-plugins-with-security-json >>>>>> >>>>>> Section referred: Enable Plugins with security.json >>>>>> >>>>>> *Document-2*: >>>>>> >>>>> >> https://solr.apache.org/guide/8_10/kerberos-authentication-plugin.html#security-json >>>>>> >>>>>> Section referred: security.json >>>>>> >>>>>> Thanks and regards, >>>>>> Uday Kumar >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On Tue, Dec 26, 2023, 16:04 Jan Høydahl <jan....@cominvent.com> >> wrote: >>>>>> >>>>>>> It is correct that Auth changes take effect across all nodes. So that >>>>>>> would be your procedure, done. >>>>>>> >>>>>>> May you have looked at docs for self-managed Solr with no zookeeper? >> In >>>>>>> that case you must touch each node at a time. >>>>>>> >>>>>>> Jan Høydahl >>>>>>> >>>>>>>> 26. des. 2023 kl. 08:20 skrev Uday Kumar <uday.p...@indiamart.com >>>>>>> .invalid>: >>>>>>>> >>>>>>>> Hello all, >>>>>>>> >>>>>>>> In our production environment, we currently utilize Solr Cloud 8.10 >>>>> with >>>>>>> 8 >>>>>>>> nodes/shards (i.e., 8 different servers), without any authentication >>>>>>> plugin. >>>>>>>> >>>>>>>> *Our New Requirement:* >>>>>>>> To implement Basic Authentication on Solr Cloud to prevent >>>>> unauthorized >>>>>>>> access. >>>>>>>> >>>>>>>> Here are the steps we have undertaken in our development >> environment:* >>>>>>> [we >>>>>>>> used Single Server, but nodes/shards with 8 different ports]* >>>>>>>> 1. Created the security.json file. >>>>>>>> 2. Configured and created different users as required. >>>>>>>> 3. Uploaded the security.json file to Zookeeper. >>>>>>>> >>>>>>>> Surprisingly, *authentication is enabled on all nodes/shards* >>>>> immediately >>>>>>>> after pushing the security.json file to Zookeeper. >>>>>>>> >>>>>>>> However, according to the Solr Documentation, a restart of each node >>>>> is >>>>>>>> required for authentication changes to take effect across all >>>>>>> nodes/shards. >>>>>>>> >>>>>>>> Our main query is, what is the correct approach for making >>>>> authentication >>>>>>>> changes live on all Nodes/Shards? >>>>>>>> >>>>>>>> *Thanks & Regards,* >>>>>>>> *Uday Kumar* >>>>>>> >>>>> >>>>> >>
