Solr

In a containerized deployment, Solr is configured and run from a Solr image.

Configuring Solr

Solr is configured by the solr.xml file. A default solr.xml configuration is generated by the Solr container.

To modify the solr.xml, you can modify the Dockerfile to build an image with your solr.xml file. The Dockerfile in images/solr_server contains a commented out example COPY command that copies a solr.xml into the image. By copying a solr.xml file into the image, the container does not generate a default solr.xml.

For more information about the file, see Configuring solr.xml.

Building a Solr image

The Solr image for i2 Analyze is built on top of a Solr image maintained by i2 Group on Docker Hub. The Dockerfile is modified to configure Solr for use with i2 Analyze.

Docker build command

The Solr image is built from the Dockerfile in images/solr_server. The following docker build command builds the Solr image:

docker build -t "solr_redhat:4.4.4" images/solr_server \
  --build-arg I2ANALYZE_VERSION="4.4.4"

For examples of the build commands, see build-images script.

Running a Solr container

A Solr container uses the Solr image. In the docker run command, you can use -e to pass environment variables to Solr on the container. The environment variables are described in environment variables

The container will run with a User ID and Group ID of 8983. All files in mounted directories will be created with these IDs. If files are manipulated externally these IDs must be retained or the container will not function correctly.

For more information about the command, see docker run reference.

Docker run command

The following docker run command runs a Solr server container:

docker run -d \
   --name "solr1" \
   --net "eia" \
   --net-alias "solr1.eia" \
   --init \
   -p 8983:8983 \
   -v "solr1_data:/var/solr" \
   -v "/environment-secrets/simulated-secret-store/solr1:/run/secrets" \
   -e ZK_HOST="zk1.eia:2281,zk2.eia:2281,zk3.eia:2281" \
   -e SOLR_HOST="solr1.eia" \
   -e ZOO_DIGEST_USERNAME="solr" \
   -e ZOO_DIGEST_PASSWORD_FILE="/run/secrets/ZK_DIGEST_PASSWORD" \
   -e ZOO_DIGEST_READONLY_USERNAME="readonly-user" \
   -e ZOO_DIGEST_READONLY_PASSWORD_FILE="/run/secrets/ZK_DIGEST_READONLY_PASSWORD" \
   -e SOLR_ZOO_SSL_CONNECTION=true \
   -e SERVER_SSL=true \
   -e SSL_PRIVATE_KEY_FILE="/run/secrets/server.key" \
   -e SSL_CERTIFICATE_FILE="/run/secrets/server.cer" \
   -e SSL_CA_CERTIFICATE_FILE="/run/secrets/CA.cer" \
   "solr_redhat:4.4.4"

For an example of the docker run command, see utils/server_functions.sh script. The run_solr function takes the following arguments to support running multiple Solr containers:

1. CONTAINER - The name for the container.
2. FQDN - The fully qualified domain name for the container and the Solr host.
3. VOLUME - The name for the named volume of the Solr container. For more information, see Storage.
4. HOST_PORT - The port number on the host machine that is mapped to the port on the container.

An example of running Solr container by using run_solr function:

run_solr solr1 solr1.eia solr1_data 8983

Storage

A named volume or a bind mount can be used to persist data and logs that are generated and used in the Solr container, as well as a separate volume for backups, outside of the container.

To configure the Solr container to use the volume, specify the -v option with the name of the volume and the path where the directory is mounted in the container. By setting -v option in the docker run command, a named volume is created. For Solr, the directory that must be mounted is /var/solr. For example:

-v solr1_data:/var/solr \
-v solr_backup:/backup \
-v /environment-secrets/simulated-secret-store/solr1:/run/secrets

A unique volume name must be used for each Solr container.

For more information, see How the image works.

Secrets:
A directory that contains all of the secrets that this tool requires. Specifically this includes credentials to access zookeeper and certificates used in SSL.
The directory is mounted to /run/secrets inside the container. This can then be used by other environment variables such as ZOO_DIGEST_USERNAME_FILE to locate the secrets. In a production environment, the orchestration environment can provide the secrets to the file system or the secrets can be passed in via environment variables. The mechanism that is used here simulates the orchestration system providing the secrets as files.

Environment variables

To configure Solr, you can provide environment variables to the Docker container in the docker run command.

Solr environment variables

The following table describes the supported environment variables that you can use for Solr:

Environment variable	Description
SOLR_HOST	Specifies the fully qualified domain name of the Solr container.

ZooKeeper authentication

The following environment variables are used to configure Solr to connect to ZooKeeper as a client:

Environment variable	Description
ZK_HOST	Specifies the connection string for each ZooKeeper server to connect to. To connect to more than one ZooKeeper server, the values must be in comma separated list. The connection string must be in the following format: <hostname>:<port>,<hostname>:<port>.
ZOO_DIGEST_USERNAME	The ZooKeeper administrator user name. This environment variable maps to the zkDigestUsername system property.
ZOO_DIGEST_PASSWORD	The ZooKeeper administrator password. This environment variable maps to the zkDigestPassword system property.
ZOO_DIGEST_READONLY_USERNAME	The ZooKeeper read-only user name. This environment variable maps to the zkDigestReadonlyUsername system property.
ZOO_DIGEST_READONLY_PASSWORD	The ZooKeeper read-only password. This environment variable maps to the zkDigestReadonlyPassword system property.

For more information about configuring Solr to connect to ZooKeeper, see:

• Client Configuration Parameters.
• ZooKeeper Access Control

Solr SSL

The following environment variables enable you use SSl with Solr

Environment variable	Description
SOLR_ZOO_SSL_CONNECTION	See below.
SERVER_SSL	See Secure Environment variables.
SSL_PRIVATE_KEY_FILE	See Secure Environment variables.
SSL_CERTIFICATE_FILE	See Secure Environment variables.
SSL_CA_CERTIFICATE_FILE	See Secure Environment variables.

For more information about the Solr SSL configuration, see Set Common SSL-Related System Properties.

For more information about the ZK SSL configuration, see Client Configuration Parameters.

Solr Environment Variable Mapping

The above environment variables are either passed through to the standard Solr launch script or used to construct the following Solr environment variables. For exact details see the Docker image.

• SOLR_ZK_CREDS_AND_ACLS
• SOLR_OPTS