Below are the steps to install Solr and Zookeeper on Debian 12.7.
I have these servers:
Solr Nodes:
hqew1ww-rg-p04-solr-1 172.24.122.4:8983/solr/
hqew1ww-rg-p04-solr-2 172.24.122.5:8983/solr/
hqew1ww-rg-p04-solr-3 172.24.122.6:8983/solr/
Update System
$sudo apt update && sudo apt upgrade -y
Install Java JDK
$sudo apt install default-jdk
Check Java
$java -version
Download Solr, Install, Check Services
$cd /opt/
$sudo wget https://archive.apache.org/dist/lucene/solr/8.11.2/solr-8.11.2.tgz
$sudo tar xzf solr-8.11.2.tgz
$sudo bash solr-8.11.2/bin/install_solr_service.sh solr-8.11.2.tgz
$sudo systemctl status solr
Download Zookeeper
$sudo wget https://downloads.apache.org/zookeeper/stable/apache-zookeeper-3.8.4-bin.tar.gz
$sudo tar -xvzf apache-zookeeper-3.8.4-bin.tar.gz
Rename Directory
$sudo mv apache-zookeeper-3.8.4-bin zookeeper
Create a Zookeeper User and Group
$sudo useradd -m -r -d /var/lib/zookeeper -s /bin/false zookeeper
Set Ownership and Permissions
$sudo vim /opt/zookeeper/conf/zoo.cfg
Config file content:
tickTime=2000
initLimit=10
syncLimit=5
dataDir=/var/lib/zookeeper
clientPort=2181
server.1=172.24.122.4:2888:3888
server.2=172.24.122.5:2889:3889
server.3=172.24.122.6:2890:3890
The Command Below Starts the Zookeeper (If you want to test before run as a service)
$/opt/zookeeper/bin/zkServer.sh start
The Command Below Connects to Zookeeper
$/opt/zookeeper/bin/zkCli.sh -server 127.0.0.1:2181
To Stop
$/opt/zookeeper/bin/zkServer.sh stop
Create a System Service
$sudo vim /etc/systemd/system/zookeeper.service
[Unit]
Description=Zookeeper Daemon
Documentation=http://zookeeper.apache.org
Requires=network.target
After=network.target
[Service]
Type=forking
WorkingDirectory=/opt/zookeeper
User=zookeeper
Group=zookeeper
ExecStart=/opt/zookeeper/bin/zkServer.sh start /opt/zookeeper/conf/zoo.cfg
ExecStop=/opt/zookeeper/bin/zkServer.sh stop /opt/zookeeper/conf/zoo.cfg
ExecReload=/opt/zookeeper/bin/zkServer.sh restart /opt/zookeeper/conf/zoo.cfg
TimeoutSec=30
Restart=on-failure
[Install]
WantedBy=default.target
Reload System Daemon
$sudo systemctl daemon-reload
Start the Zookeeper Service and Enable It to Start After System Reboot Using the Following Commands:
Error Encountered
I found an error when I tried to start the service due to permission issues. The reason is that I ran the command /opt/zookeeper/bin/zkServer.sh start using my root account. The directory /opt/zookeeper/logs/ did not have permission for the zookeeper user, and the directories were created when I tried to run the service to test using bash.
These Were the Errors:
hqew1ww-rg-p04-solr-1 zkServer.sh[3724919]: /opt/zookeeper/bin/zkServer.sh: line 164: /opt/zookeeper/bin/../logs/zookeeper-zookeeper-server-hqew1ww-rg-p04-solr-1.out: Permission denied
hqew1ww-rg-p04-solr-1 zkServer.sh[3724920]: /opt/zookeeper/bin/zkServer.sh: line 175: /var/lib/zookeeper/zookeeper_server.pid: Permission denied
You Can Check the Permissions:
$ls -lha /opt/zookeeper/logs/
$ls -lha /var/lib/zookeeper
Solution:
Simply delete the directories or configure the ownership. The owner should be the zookeeper user.
###
Solr Cloud (Cluster)
###
$sudo vim /etc/default/solr.in.sh
Restart Solr and Zookeeper
I had an issue with ZooKeeper when I opened Solr and checked the nodes. I received the following message:
'Only one zk allowed in standalone mode'
The issue was related to the configuration file.
server.1=172.24.122.4:2888:3888
server.2=172.24.122.5:2889:3889
server.3=172.24.122.6:2890:3890
You must use 'server' at the beginning of the line; any other value will cause your ZooKeeper to fail.
Upload the configuration to Zookeeper
Follow this article:
In one of the Solr nodes you have set up, locate the
configsetfolder under theserver\solr\configsetsand copy the_defaultfolder to a newsitecore_configsfolder.In the
sitecore_configs/solrconfig.xmlfile , set theautoCreateFieldssetting tofalse(update.autoCreateFields:false).In this new folder, open the
managed-schemafile in theconffolder and do the following:Set the value in
<uniqueKey>id</uniqueKey>to_uniqueid.In the fields section, add the following field configuration for
_uniqueid:<field name="_uniqueid" type="string" indexed="true" required="true" stored="true"/>
Important: You should upload the configuration to Zookeeper.
$solr zk upconfig -d sitecore_configs -n sitecore -z 172.24.122.4:2181,172.24.122.5:2181,172.24.122.6:2181
Create a collection
You need to run it on only one server, and Solr should be in the Linux PATH.
$solr create_collection -c sitecore_core_index -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_fxm_master_index -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_fxm_web_index -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_marketing_asset_index_master -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_marketing_asset_index_web -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_marketingdefinitions_master -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_marketingdefinitions_web -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_master_index -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_personalization_index -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_suggested_test_index -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_testing_index -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_web_index -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_xdb -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_xdb_rebuild -n sitecore -s 3 -rf 2
Enable Solr SSL
I will convert my PFX to the correct format to allow SSL to be used on Solr
$openssl pkcs12 -in SolrProd.pfx -nocerts -out solrprod-key.pem -nodes
$openssl pkcs12 -in SolrProd.pfx -clcerts -nokeys -out solrprod-cert.pem
$openssl pkcs12 -export -in solrprod-cert.pem -inkey solrprod-key.pem -out solr-prod.p12 -name solprod-ssl
Using Jave keyTool
$keytool -importkeystore -destkeystore solrprod-ssl.keystore.jks -srckeystore solr-prod.p12 -srcstoretype PKCS12 -alias solrprod-ssl
sudo vim /etc/default/solr.in.sh
SOLR_SSL_KEY_STORE=/var/solr/solrprod-ssl.keystore.jks
SOLR_SSL_KEY_STORE_PASSWORD=yourSSLpasswordXXX
SOLR_SSL_TRUST_STORE=/var/solr/solrprod-ssl.keystore.jks
SOLR_SSL_TRUST_STORE_PASSWORD=yourSSLpasswordXXX
SOLR_SSL_NEED_CLIENT_AUTH=false
SOLR_SSL_WANT_CLIENT_AUTH=false
Restart Solr
I had an issue on issue on the logs:
INFO (MetricsHistoryHandler-20-thread-1) [ ] o.a.s.c.s.i.SolrClientNodeStateProvider$ClientSnitchCtx Error on getting remote info, trying again: IOException occurred when talking to server at: http://serverIP:8983/solr
Add this to your Solr config file:
SOLR_OPTS="$SOLR_OPTS -Dsolr.ssl.checkPeerName=false"
Note: solr.ssl.checkPeerName=false in Solr, you can add this setting in the Solr configuration file to disable peer name checking for SSL connections.
I don't have the IPs in my SSL certificate. If you include the IP or hostname (if you are using a hostname in the config file) in the certificate, you can avoid using -Dsolr.ssl.checkPeerName=false
Your Solr config file should be like this (/etc/default/solr.in.sh
):
SOLR_OPTS="$SOLR_OPTS -Dsolr.ssl.checkPeerName=false"
SOLR_SSL_KEY_STORE=/var/solr/solrprod-ssl.keystore.jks
SOLR_SSL_KEY_STORE_PASSWORD=yourSSLpasswordXXX
SOLR_SSL_TRUST_STORE=/var/solr/solrprod-ssl.keystore.jks
SOLR_SSL_TRUST_STORE_PASSWORD=yourSSLpasswordXXX
SOLR_SSL_NEED_CLIENT_AUTH=false
SOLR_SSL_WANT_CLIENT_AUTH=false
If you're running SolrCloud and have collections that were created prior to enabling SSL, you'll need to modify the cluster properties to enable HTTPS.
curl -k "https://172.24.122.4:8983/solr/admin/collections?action=CLUSTERPROP&name=urlScheme&val=https"
