domingo, outubro 27, 2024

Zookeeper\Solr - Linux Installation Reference

Below are the steps to install Solr and Zookeeper on Debian 12.7.

I have these servers:

Solr Nodes:
hqew1ww-rg-p04-solr-1  172.24.122.4:8983/solr/
hqew1ww-rg-p04-solr-2  172.24.122.5:8983/solr/
hqew1ww-rg-p04-solr-3  172.24.122.6:8983/solr/

Update System

$sudo apt update && sudo apt upgrade -y 

Install Java JDK

$sudo apt install default-jdk 

Check Java

$java -version

Download Solr, Install, Check Services

$cd /opt/
$sudo wget https://archive.apache.org/dist/lucene/solr/8.11.2/solr-8.11.2.tgz
$sudo tar xzf solr-8.11.2.tgz
$sudo bash solr-8.11.2/bin/install_solr_service.sh solr-8.11.2.tgz
$sudo systemctl status solr

Download Zookeeper

$sudo wget https://downloads.apache.org/zookeeper/stable/apache-zookeeper-3.8.4-bin.tar.gz
$sudo tar -xvzf apache-zookeeper-3.8.4-bin.tar.gz

Rename Directory

$sudo mv apache-zookeeper-3.8.4-bin zookeeper

Create a Zookeeper User and Group

$sudo useradd -m -r -d /var/lib/zookeeper -s /bin/false zookeeper


Set Ownership and Permissions

$sudo mkdir -p /var/lib/zookeeper
$sudo chown -R zookeeper:zookeeper /opt/zookeeper sudo chown -R zookeeper:zookeeper /var/lib/zookeeper
 
Create a Config File

$sudo vim /opt/zookeeper/conf/zoo.cfg

Config file content:

tickTime=2000
initLimit=10
syncLimit=5
dataDir=/var/lib/zookeeper
clientPort=2181
server.1=172.24.122.4:2888:3888
server.2=172.24.122.5:2889:3889
server.3=172.24.122.6:2890:3890

The Command Below Starts the Zookeeper (If you want to test before run as a service)

$/opt/zookeeper/bin/zkServer.sh start

The Command Below Connects to Zookeeper

$/opt/zookeeper/bin/zkCli.sh -server 127.0.0.1:2181

To Stop

$/opt/zookeeper/bin/zkServer.sh stop

Create a System Service

$sudo vim /etc/systemd/system/zookeeper.service

[Unit]
Description=Zookeeper Daemon
Documentation=http://zookeeper.apache.org
Requires=network.target
After=network.target

[Service]
Type=forking
WorkingDirectory=/opt/zookeeper
User=zookeeper
Group=zookeeper
ExecStart=/opt/zookeeper/bin/zkServer.sh start /opt/zookeeper/conf/zoo.cfg
ExecStop=/opt/zookeeper/bin/zkServer.sh stop /opt/zookeeper/conf/zoo.cfg
ExecReload=/opt/zookeeper/bin/zkServer.sh restart /opt/zookeeper/conf/zoo.cfg
TimeoutSec=30
Restart=on-failure

[Install]
WantedBy=default.target

Reload System Daemon

$sudo systemctl daemon-reload

 Start the Zookeeper Service and Enable It to Start After System Reboot Using the Following Commands:

$sudo systemctl start zookeeper 
$sudo systemctl enable zookeeper

Error Encountered

I found an error when I tried to start the service due to permission issues. The reason is that I ran the command /opt/zookeeper/bin/zkServer.sh start using my root account. The directory /opt/zookeeper/logs/ did not have permission for the zookeeper user, and the directories were created when I tried to run the service to test using bash.

These Were the Errors:

hqew1ww-rg-p04-solr-1 zkServer.sh[3724919]: /opt/zookeeper/bin/zkServer.sh: line 164: /opt/zookeeper/bin/../logs/zookeeper-zookeeper-server-hqew1ww-rg-p04-solr-1.out: Permission denied
hqew1ww-rg-p04-solr-1 zkServer.sh[3724920]: /opt/zookeeper/bin/zkServer.sh: line 175: /var/lib/zookeeper/zookeeper_server.pid: Permission denied

You Can Check the Permissions:

$ls -lha /opt/zookeeper/logs/
$ls -lha /var/lib/zookeeper

Solution: 

Simply delete the directories or configure the ownership. The owner should be the zookeeper user.

###

 Solr Cloud (Cluster)

### 

$sudo vim /etc/default/solr.in.sh 

ZK_HOST="172.24.122.4:2181,172.24.122.5:2181,172.24.122.6:2181" 
SOLR_MODE="solrcloud"
 
Edit the Zookeeper configuration file and add the permissions:
 
$sudo vim /opt/zookeeper/conf/zoo.cfg
 
4lw.commands.whitelist=mntr,conf,ruok

Restart Solr and Zookeeper

I had an issue with ZooKeeper when I opened Solr and checked the nodes. I received the following message: 

'Only one zk allowed in standalone mode'

The issue was related to the configuration file.

server.1=172.24.122.4:2888:3888
server.2=172.24.122.5:2889:3889
server.3=172.24.122.6:2890:3890

You must use 'server' at the beginning of the line; any other value will cause your ZooKeeper to fail.

Upload the configuration to Zookeeper

Follow this article:


https://doc.sitecore.com/xp/en/developers/latest/platform-administration-and-architecture/walkthrough--setting-up-solrcloud.html#upload-the-configuration-to-zookeeper

  1. In one of the Solr nodes you have set up, locate the configset folder under the server\solr\configsets and copy the _default  folder to a new sitecore_configs folder.

  2. In the sitecore_configs/solrconfig.xml file , set the autoCreateFields setting to false (update.autoCreateFields:false).

  3. In this new folder, open the managed-schema file in the conf folder and do the following:

    • Set the value in <uniqueKey>id</uniqueKey> to _uniqueid.

    • In the fields section, add the following field configuration for _uniqueid:

      <field name="_uniqueid" type="string" indexed="true" required="true" stored="true"/>

 Important: You should upload the configuration to Zookeeper.

$solr zk upconfig -d sitecore_configs -n sitecore -z 172.24.122.4:2181,172.24.122.5:2181,172.24.122.6:2181

Create a collection

You need to run it on only one server, and Solr should be in the Linux PATH.

$solr create_collection -c sitecore_core_index -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_fxm_master_index -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_fxm_web_index -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_marketing_asset_index_master -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_marketing_asset_index_web -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_marketingdefinitions_master -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_marketingdefinitions_web -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_master_index -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_personalization_index -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_suggested_test_index -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_testing_index -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_web_index -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_xdb -n sitecore -s 3 -rf 2
$solr create_collection -c sitecore_xdb_rebuild -n sitecore -s 3 -rf 2


Enable Solr SSL

I will convert my PFX to the correct format to allow SSL to be used on Solr

$openssl pkcs12 -in SolrProd.pfx -nocerts -out solrprod-key.pem -nodes
$openssl pkcs12 -in SolrProd.pfx -clcerts -nokeys -out solrprod-cert.pem


$openssl pkcs12 -export -in solrprod-cert.pem -inkey solrprod-key.pem -out solr-prod.p12 -name solprod-ssl

Using Jave keyTool


$keytool -importkeystore -destkeystore solrprod-ssl.keystore.jks -srckeystore solr-prod.p12 -srcstoretype PKCS12 -alias solrprod-ssl

sudo vim /etc/default/solr.in.sh

SOLR_SSL_KEY_STORE=/var/solr/solrprod-ssl.keystore.jks
SOLR_SSL_KEY_STORE_PASSWORD=yourSSLpasswordXXX
SOLR_SSL_TRUST_STORE=/var/solr/solrprod-ssl.keystore.jks
SOLR_SSL_TRUST_STORE_PASSWORD=
yourSSLpasswordXXX
SOLR_SSL_NEED_CLIENT_AUTH=false
SOLR_SSL_WANT_CLIENT_AUTH=false

Restart Solr

I had an issue on issue on the logs:

INFO (MetricsHistoryHandler-20-thread-1) [ ] o.a.s.c.s.i.SolrClientNodeStateProvider$ClientSnitchCtx Error on getting remote info, trying again: IOException occurred when talking to server at: http://serverIP:8983/solr

Add this to your Solr config file:

SOLR_OPTS="$SOLR_OPTS -Dsolr.ssl.checkPeerName=false"

Note: solr.ssl.checkPeerName=false in Solr, you can add this setting in the Solr configuration file to disable peer name checking for SSL connections. 

I don't have the IPs in my SSL certificate. If you include the IP or hostname (if you are using a hostname in the config file) in the certificate, you can avoid using -Dsolr.ssl.checkPeerName=false

Your Solr config file should be like this (/etc/default/solr.in.sh
):

SOLR_OPTS="$SOLR_OPTS -Dsolr.ssl.checkPeerName=false"
SOLR_SSL_KEY_STORE=/var/solr/solrprod-ssl.keystore.jks
SOLR_SSL_KEY_STORE_PASSWORD=yourSSLpasswordXXX
SOLR_SSL_TRUST_STORE=/var/solr/solrprod-ssl.keystore.jks
SOLR_SSL_TRUST_STORE_PASSWORD=yourSSLpasswordXXX
SOLR_SSL_NEED_CLIENT_AUTH=false
SOLR_SSL_WANT_CLIENT_AUTH=false

If you're running SolrCloud and have collections that were created prior to enabling SSL, you'll need to modify the cluster properties to enable HTTPS.

curl -k "https://172.24.122.4:8983/solr/admin/collections?action=CLUSTERPROP&name=urlScheme&val=https"

Nenhum comentário: