2

Because of limitations, we're forced to use Windows to host and manage our Zookeeper/SolrCloud cluster.

We're using 3 Windows Server 2016 servers, in Microsoft Azure, with an Azure Load Balancer in front of it.

I was able to install and configure everything, but Zookeeper isn't communicating in SSL with SolrCloud, so none of our API calls are working when creating things like new collections, etc.

I've followed the Zookeeper documentation (https://cwiki.apache.org/confluence/display/ZOOKEEPER/ZooKeeper+SSL+User+Guide), but all of it is for Linux systems. I've adapted it to the best of my knowledge, but it's just not working.

Here's what I did:

  • Added the following to zkCli.cmd : set CLIENT_JVMFLAGS="-Dzookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty -Dzookeeper.client.secure=true -Dzookeeper.ssl.keyStore.location=C:/solr-7.2.1/server/etc/wildcard_sidlee_cloud.pfx -Dzookeeper.ssl.keyStore.password=somepassword -Dzookeeper.ssl.trustStore.location=C:/solr-7.2.1/server/etc/wildcard_sidlee_cloud.pfx -Dzookeeper.ssl.trustStore.password=somepassword"

  • Added %CLIENT_JVMFLAGS% to the Java call in zkCli.cmd

  • Added the following to zkServer.cmd: set SERVER_JVMFLAGS="-Dzookeeper.serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory -Dzookeeper.ssl.keyStore.location=C:/solr-7.2.1/server/etc/wildcard_sidlee_cloud.pfx -Dzookeeper.ssl.keyStore.password=somepassword -Dzookeeper.ssl.trustStore.location=C:/solr-7.2.1/server/etc/wildcard_sidlee_cloud.pfx -Dzookeeper.ssl.trustStore.password=somepassword"

  • Added %SERVER_JVMFLAGS% to the Java call in zkServer.cmd

  • Modified clientPort=2181 in zoo.cfg to secureClientPort=2181

Zookeeper service "starts" but there's actually nothing happening. If I start zkServer.cmd manually, it fails with the error:

java.lang.NumberFormatException: For input string: "-Dzookeeper.serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory -Dzookeeper.ssl.keyStore.location=C:/solr-7.2.1/server/etc/wildcard_sidlee_cloud.pfx -Dzookeeper.ssl.keyStore.password=somepassword -Dzookeeper.ssl.trustStore.location=C:/solr-7.2.1/server/etc/wildcard_sidlee_cloud.pfx -Dzookeeper.ssl.trustStore.password=somepassword"
        at java.lang.NumberFormatException.forInputString(Unknown Source)
        at java.lang.Integer.parseInt(Unknown Source)
        at java.lang.Integer.parseInt(Unknown Source)
        at org.apache.zookeeper.server.ServerConfig.parse(ServerConfig.java:63)
        at org.apache.zookeeper.server.ZooKeeperServerMain.initializeAndRun(ZooKeeperServerMain.java:103)
        at org.apache.zookeeper.server.ZooKeeperServerMain.main(ZooKeeperServerMain.java:64)
        at org.apache.zookeeper.server.quorum.QuorumPeerMain.initializeAndRun(QuorumPeerMain.java:128)
        at org.apache.zookeeper.server.quorum.QuorumPeerMain.main(QuorumPeerMain.java:82)

I'm really at a loss here, and don't know where to go from here!

Thanks in advance for the help!!

Alex Pilon
  • 93
  • 4
  • 12

1 Answers1

1

Iv'e encountered the same error and figured it out: When you added: %SERVER_JVMFLAGS% to the Java call in zkServer.cmd, you must of added it to the end of the line. Try Adding it next to all the arguments. before the " %* " at the end of the line. That worked for me.

call %JAVA% "-Dzookeeper.log.dir=%ZOO_LOG_DIR%" "-Dzookeeper.root.logger=%ZOO_LOG4J_PROP%" "%SERVER_JVMFLAGS%" "-Dzookeeper.log.file=%ZOO_LOG_FILE%" "-XX:+HeapDumpOnOutOfMemoryError" "-XX:OnOutOfMemoryError=cmd /c taskkill /pid %%%%p /t /f" -cp "%CLASSPATH%" %ZOOMAIN% "%ZOOCFG%" %*
Shani
  • 99
  • 6
  • Will keep that in mind for future implementations, for sure. I think I indeed did what you mentioned, but we also had an issue in the end where at the time, the latest non-Beta version of Zookeeper did not have SSL implemented properly. We did some tests with the Beta version, but with having `%SERVER_JVMFLAGS%` not at the right spot, it still wasn't working, so we ended up deploying Zookeeper and Solr in HTTP instead of HTTPS. – Alex Pilon Jan 17 '20 at 14:43