lucene-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Solr Wiki] Update of "Per Steffensen/ZooKeeper protecting content" by Per Steffensen
Date Thu, 30 May 2013 10:20:33 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Solr Wiki" for change notification.

The "Per Steffensen/ZooKeeper protecting content" page has been changed by Per Steffensen:
https://wiki.apache.org/solr/Per%20Steffensen/ZooKeeper%20protecting%20content?action=diff&rev1=1&rev2=2

Comment:
Motivation

  
  == Motivation ==
  
+ A SolrCloud system uses ZooKeeper for shared information and for coordination. 
+ 
+ Changing some of the Solr-related content i ZooKeeper might do some damage to the SolrCloud
cluster
+  * Changing configuration might make it not work or behave in an unintended way
+  * Changing "clusterstate" into something wrong or inconsistent might very well make the
SolrCloud cluster behave strange
+  * Adding a delete-collection job to be carried out by the Overseer will have data deleted
from the cluster
+  * etc
+ 
+ If you are paranoid "enough" you will want to prevent those bad things from happening. Especially
if you give access to your ZooKeeper ensamble to entities you do not trust, but it might be
worth a thought anyway because the bad things might be performed by
+  * Malware that found its way into your system
+  * Other systems using the same ZooKeeper ensamble (e.g. by "accident")
+  * etc.
+ 
+ You might even want to limit read-access, if you think there is stuff in ZooKeeper that
not everyone should know about. Or you might just in general work on need-to-know-basis.
+ 
+ Protecting ZooKeeper itself could be about a lot of things. '''This page is about protecting
Solr-content in ZooKeeper'''. ZooKeeper content basically lives persisted on disk and (partly)
in memory of the ZooKeeper-processes. '''This page is not about protecting ZooKeeper data
at storage or ZooKeeper-process levels''' - thats for ZooKeeper to deal with - this is a Solr-related
page. 
+ 
+ But this content is also available to "the outside" via the ZooKeeper API. Outside processes
can connect to ZooKeeper and create/update/delete/read content - a Solr-node in a SolrCloud
cluster wants to create/update/delete/read, and a SolrJ client to a SolrCloud cluster wants
to read. It is up to the outside processes that create/update content, to setup ACLs on the
content. ACLs describe who is allowed to read, update, delete, create, etc. Default in Solr
is to add one ACL on all the content it creates - one ACL that gives anyone the permission
to do anything (in ZooKeeper terms called "the open-unsafe ACL"). '''This page is about being
able to tell Solr to add more restrictive ACLs to the ZooKeeper content it creates, and being
able to tell Solr about credentials it need to use in order to access the content in ZooKeeper.
You will have to "activate" it - default Solr behavior is still open-unsafe allover'''
+ 
  == How it works ==
  
+ == Example ==
+ 

Mime
View raw message