You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@bigtop.apache.org by LE BOUTER Leo <le...@aphp.fr> on 2020/03/11 20:50:13 UTC
Apache Solr 8.x
Hello!
We're looking into migrating our Hadoop installation to Bigtop, but
currently we use Apache Solr 8.x - I have read inside JIRA that you are
planning to upgrade to 6.6.6 in the next release, but that is an old,
upstream unsupported version with known security vulnerabilities.
JIRA issue:
https://issues.apache.org/jira/browse/BIGTOP-3123?focusedCommentId=17038785&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-17038785
Security vulnerability:
https://issues.apache.org/jira/browse/SOLR-13669
To keep our Hadoop installation secure and benefit from the latest
features and performance improvements, we like to stay close to
upstream stable releases.
What currently prevents Apache Bigtop from distributing Apache Solr
8.x?
I think Bigtop can be a strong vendor-independent base for our
deployment. I'd like to work towards making Bigtop a good fit for our
use case.
Thank you
--
Leo Le Bouter <le...@aphp.fr>
Entrepot de Donnees de Sante (WIND)
Ingenieur Securite Infrastructure
Re: Apache Solr 8.x
Posted by Jun HE <ju...@apache.org>.
I'd love to see solr sitting on latest version. The only concern is about
inter compatibility with other Bigtop components.
So as long as the new version passes building and smoke tests it is fine
for me to bump.
By the way, I triggered your PR (https://github.com/apache/bigtop/pull/614)
on CI. Smoke test failed. Pls check the detail here:
https://ci.bigtop.apache.org/job/github-pr-check/19/DISTRO=centos-7,PLATFORM=amd64-slave/console
https://ci.bigtop.apache.org/job/github-pr-check/19/DISTRO=debian-9,PLATFORM=amd64-slave/console
Evans Ye <ev...@apache.org> 于2020年3月12日周四 下午3:39写道:
> I think Jun He would be the one to have more comprehensive answer to you.
> Also we need our RM Kengo Seki's input here.
>
> in general, I'm with you that we should upgrade to newer version of Solr.
> I'm guessing that if you can help on the contribution for the issues of
> version bumping, we'd be happy to bump it up.
>
> LE BOUTER Leo <le...@aphp.fr> 於 2020年3月12日 週四 上午4:50寫道:
>
>> Hello!
>>
>> We're looking into migrating our Hadoop installation to Bigtop, but
>> currently we use Apache Solr 8.x - I have read inside JIRA that you are
>> planning to upgrade to 6.6.6 in the next release, but that is an old,
>> upstream unsupported version with known security vulnerabilities.
>>
>> JIRA issue:
>>
>> https://issues.apache.org/jira/browse/BIGTOP-3123?focusedCommentId=17038785&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-17038785
>>
>> Security vulnerability:
>> https://issues.apache.org/jira/browse/SOLR-13669
>>
>> To keep our Hadoop installation secure and benefit from the latest
>> features and performance improvements, we like to stay close to
>> upstream stable releases.
>>
>> What currently prevents Apache Bigtop from distributing Apache Solr
>> 8.x?
>>
>> I think Bigtop can be a strong vendor-independent base for our
>> deployment. I'd like to work towards making Bigtop a good fit for our
>> use case.
>>
>
> Indeed, this is exactly what we position ourselves.
> And we're a very open community so feel free to contribute anything
> including but not limited to code, doc, bug report, question, mailing list
> participation, etc...
>
>
>>
>> Thank you
>>
>> --
>> Leo Le Bouter <le...@aphp.fr>
>> Entrepot de Donnees de Sante (WIND)
>> Ingenieur Securite Infrastructure
>>
>
Re: Apache Solr 8.x
Posted by Evans Ye <ev...@apache.org>.
I think Jun He would be the one to have more comprehensive answer to you.
Also we need our RM Kengo Seki's input here.
in general, I'm with you that we should upgrade to newer version of Solr.
I'm guessing that if you can help on the contribution for the issues of
version bumping, we'd be happy to bump it up.
LE BOUTER Leo <le...@aphp.fr> 於 2020年3月12日 週四 上午4:50寫道:
> Hello!
>
> We're looking into migrating our Hadoop installation to Bigtop, but
> currently we use Apache Solr 8.x - I have read inside JIRA that you are
> planning to upgrade to 6.6.6 in the next release, but that is an old,
> upstream unsupported version with known security vulnerabilities.
>
> JIRA issue:
>
> https://issues.apache.org/jira/browse/BIGTOP-3123?focusedCommentId=17038785&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-17038785
>
> Security vulnerability:
> https://issues.apache.org/jira/browse/SOLR-13669
>
> To keep our Hadoop installation secure and benefit from the latest
> features and performance improvements, we like to stay close to
> upstream stable releases.
>
> What currently prevents Apache Bigtop from distributing Apache Solr
> 8.x?
>
> I think Bigtop can be a strong vendor-independent base for our
> deployment. I'd like to work towards making Bigtop a good fit for our
> use case.
>
Indeed, this is exactly what we position ourselves.
And we're a very open community so feel free to contribute anything
including but not limited to code, doc, bug report, question, mailing list
participation, etc...
>
> Thank you
>
> --
> Leo Le Bouter <le...@aphp.fr>
> Entrepot de Donnees de Sante (WIND)
> Ingenieur Securite Infrastructure
>