Ansible Role apache_solr
This role installs Apache Solr 8+ (the full binary package, for all operating systems). Parallel installation of multiple versions and switching between them is supported. We do not make use of Solr’s install_solr_service.sh script due to idempotency reasons (we ported it to Ansible instead).
This Ansible role
supports Basic authentication for users with the use of the
BasicAuthPlugin,and supports Rule-based authorization with the
RuleBasedAuthorizationPlugin,but currently does not create any cores or collections.
Runs on
RHEL 8 (and compatible)
RHEL 9 (and compatible)
Mandatory Requirements
Install Java 11+. This can be done using the linuxfabrik.lfops.apps role. Java OpenJDK latest is recommended.
If you use the Apache Solr Playbook, this is automatically done for you.
Mandatory Role Variables
Variable |
Description |
|---|---|
|
String. The SHA512 checksum according to your version. See |
|
The version to install. See https://archive.apache.org/dist/solr/solr/ for Solr 9+, https://archive.apache.org/dist/lucene/solr/ for Solr 8-. |
Example:
# mandatory
# apache_solr__checksum: 'sha512:fcd1ca482744f4a72c21c59d1877f3aeeb4b8683cf89af70bb10d29fc07da1858628b2666e3c363227e4b2f7a8ef33c2b63065811ae1c2f2843fe9f09305cb59'
# apache_solr__version: '9.3.0'
apache_solr__checksum: 'sha512:7147caaec5290049b721f9a4e8b0c09b1775315fc4aa790fa7a88a783a45a61815b3532a938731fd583e91195492c4176f3c87d0438216dab26a07a4da51c1f5'
apache_solr__version: '9.4.0'
Optional Role Variables
Variable |
Description |
Default Value |
|---|---|---|
|
String. SOLR_DATA_HOME |
|
|
String. Group running the systemd service. |
|
|
String. SOLR_JETTY_HOST |
|
|
Number. SOLR_PORT |
|
|
String. Where to install Apache Solr to. |
|
|
String. LOG4J_PROPS |
|
|
String. SOLR_LOG_LEVEL |
|
|
String. SOLR_LOGS_DIR |
|
|
String. SOLR_PID_DIR |
|
|
List of dictionaries. Roles bridge the gap between users and permissions. The roles can be used with any of the authentication plugins or with a custom authentication plugin if you have created one. You will only need to ensure that logged-in users are mapped to the roles defined by the plugin. The role-to-user mappings must be defined explicitly for every possible authenticated user.
|
|
|
Bool. Enables or disables the service, analogous to |
|
|
String. Name of the systemd service. |
|
|
Number. Waiting up to $SOLR_STOP_WAIT seconds to see Solr running on port $SOLR_PORT“. |
|
|
String. Username running the systemd service. |
|
|
List of dictionaries. This Ansible role supports Basic authentication for users with the use of the
|
|
|
String. The absolute path to the Solr home directory for each Solr node. |
|
Example:
# optional
apache_solr__data_dir: '/var/solr/data'
apache_solr__group: 'solr'
apache_solr__http_bind_address: '0.0.0.0'
apache_solr__http_bind_port: 8983
apache_solr__install_dir: '/opt'
apache_solr__log4j_props: '/var/solr/log4j2.xml'
apache_solr__log_level: 'INFO'
apache_solr__logs_dir: '/var/log/solr'
apache_solr__pid_dir: '/var/solr'
apache_solr__service: 'solr'
apache_solr__service_enabled: true
apache_solr__stop_wait: 15
apache_solr__user: 'solr'
apache_solr__var_dir: '/var/solr'
apache_solr__roles__host_var:
- name: 'reader'
permissions:
- 'config-read'
- 'filestore-read'
- 'metrics-read'
- 'schema-read'
state: 'present'
- name: 'admin'
permissions:
# - collection-admin-edit
# - collection-admin-read
# - config-edit
# - config-read
# - core-admin-edit
# - core-admin-read
# - filestore-read
# - filestore-write
# - health
# - metrics-read
# - package-edit
# - read
# - schema-edit
# - schema-read
# - security-edit
# - security-read
# - update
# - zk-read
- 'all'
state: 'present'
apache_solr__users__host_var:
- username: 'solr-admin'
password:
"{{ lookup('linuxfabrik.lfops.bitwarden_item',
{
'hostname': inventory_hostname,
'purpose': 'Apache Solr',
'username': 'solr-admin',
'collection_id': lfops__bitwarden_collection_id,
'organization_id': lfops__bitwarden_organization_id,
},
)['password'] }}"
role: 'admin'
state: 'present'