2. 技术
    3. solr部署在IPv6环境问题

    solr部署在IPv6环境问题

    技术2023-11-10  71

    solr版本8.4,问题比较多,一个个解决+更新

    问题一:UI上nodes监控不可用

    查看日志:

    请求是:https://[fec0::d910:8:5:158:5]:21101/solr/admin/info/system?nodes=fec0::d910:8:5:158:15:21101_solr

    报错是:

    2020-07-03 11:46:07,693 | ERROR | https-jsse-nio-fec0:0:0:d910:8:5:158:5-21101-exec-1 | org.apache.solr.common.SolrException: Parameter nodes has wrong format     at org.apache.solr.handler.admin.AdminHandlersProxy.maybeProxyToNodes(AdminHandlersProxy.java:84)     at org.apache.solr.handler.admin.SystemInfoHandler.handleRequestBody(SystemInfoHandler.java:136)     at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:211)     at org.apache.solr.handler.admin.InfoHandler.handle(InfoHandler.java:93)     at org.apache.solr.handler.admin.InfoHandler.handleRequestBody(InfoHandler.java:83)     at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:211)     at org.apache.solr.servlet.HttpSolrCall.handleAdmin(HttpSolrCall.java:922)     at org.apache.solr.servlet.HttpSolrCall.handleAdminRequest(HttpSolrCall.java:888)     at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:616)     at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:419)     at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:351)     at org.apache.solr.servlet.SolrAuthorizationFilter.doFilter(SolrAuthorizationFilter.java:201)     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     at com.huawei.solr.security.check.SolrParaCheckFilter.doFilter(SolrParaCheckFilter.java:201)     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     at com.huawei.solr.security.audit.AuditFilter.doFilter(AuditFilter.java:152)     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     at com.huawei.solr.security.auth.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:619)     at com.huawei.solr.security.auth.token.DelegationTokenAuthenticationFilter.doFilter(DelegationTokenAuthenticationFilter.java:270)     at com.huawei.solr.security.auth.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:575)     at com.huawei.solr.security.auth.DelegationTokenKerberosFilter.doFilter(DelegationTokenKerberosFilter.java:50)     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     at com.huawei.solr.security.auth.cas.HttpServletRequestWrapperFilterWrapper.doFilter(HttpServletRequestWrapperFilterWrapper.java:37)     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     at com.huawei.solr.security.auth.cas.Cas20ProxyReceivingTicketValidationFilterWrapper.doFilter(Cas20ProxyReceivingTicketValidationFilterWrapper.java:73)     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     at com.huawei.solr.security.auth.cas.Cas20AuthenticationFilterWrapper.doFilter(Cas20AuthenticationFilterWrapper.java:63)     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     at com.huawei.solr.security.auth.cas.LogoutFilter.doFilter(LogoutFilter.java:84)     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     at com.huawei.solr.security.auth.ServerRealmFilter.doFilter(ServerRealmFilter.java:75)     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     at com.huawei.solr.security.auth.RerouteRequestFilter.doFilter(RerouteRequestFilter.java:58)     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     at org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71)     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)     at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)     at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)     at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:798)     at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)     at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:808)     at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)     at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)     at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)     at java.lang.Thread.run(Thread.java:748)  | org.apache.solr.common.SolrException.log(SolrException.java:148)

    查看代码:

    for (String nodeName : nodes) { if (!nodeName.matches("^[^/:]+:\\d+_[\\w/]+$")) { throw new SolrException(SolrException.ErrorCode.BAD_REQUEST, "Parameter " + PARAM_NODES + " has wrong format"); }

    excuse me ??

    分析这个正则表达式:^[^/:]+:\\d+_[\\w/]+$

    根据https://www.infoq.cn/article/regular-expressions-introduction-part03,这个正则基本上是url通用的正则,但是确实不支持IPv6:port这种格式。

    第一部分:^[^/:]+,表示多个[^/:] ,[^xyz]表示匹配不包含x或y或z的任意字符串,比如可以匹配abcdefg,但是不能匹配abcdefgx,因此这部分不匹配包含/或:的任何字符,也就是说我们的IPv6地址:fec0::d910:8:5:158:5中包含了冒号,是无法匹配的。

    那么问题来了,所有的IPv6地址都可能包含冒号,因此这个/admin/info/system的API不支持IPv6:port的格式

    第二部分::\\d+ ,java中\\表示转义,这部分表示任意个数字,也就是端口号,没有问题

    第三部分:_[\\w/]+$,\\w表示任意字符,后面加上/没懂,一说表示结束

    修改正则表达式为:^[^/]+:\\d+_[\\w/]+$,替换jar包,重启服务验证OK

    Processed: 0.017, SQL: 9