Jul 122014
 

This post explains how to install the solr search engine in a Tomcat container

Our previous post Introduction to solr covered the installation of this search engine in the default Jetty container included in the installation package.

But in most cases, the goal of a solr installation is adding, to a previously existing service, the functionality added by solr as a search server. If the service being improved was already running under a Tomcat container, it is desirable to also run solr under the same container, to avoid incurring in an additional resource consumption by running a Jetty container concurrently with the Tomcat container.

The steps required to install a Tomcat 7 container can be reviewed in our post on Installing a Tomcat 7 container in Linux Debian

Security considerations

After a default installation, the Tomcat administration web frontend is accessible through the url http://server:8080. But it is advisable to restrict access to this interface.

In most cases, a production server includes an instance of an apache web server. The apache web server is configured to directly serve the static content (images, CSS stylesheet, javascript files,…). When the server recibes requests for dynamic content, it acts as a “reverse proxy”, sending the request to Tomcat, and relaying the response to the client.

In setup of this kind, the easiest way to increase the security of Tomcat is to add to the Tomcat configuration a restriction to allow access from local connections only, received from the localhost IP address (127.0.0.1).

Then, in the apache web server, a suitable protection mechanism can be configured to allow a controlled access to the Tomcat administration pages: username/password validation, grant access to specific IP addresses, configuring HTTPS, etc.

To limit in Tomcat access to local connections only, edit the configuration file “/usr/share/tomcat7/conf/server.xml”. Locate the definition of the HTTP connector on port 8080, and add an attribute address="127.0.0.1":

En the apache web server, configure a reverse proxy as explained in the post “Introduction to solr”:

And, configure access through the reverse proxy to the Tomcat and solr administration panels:

Besides, the role “manager-gui” need to be defined, and a user and password assigned to that role. This is done in the file “/usr/share/tomcat7/conf/tomcat-users.xml”, adding:

Optionally, additional safety measures can be configured in the apache web server, as explained in our previous post.

With this, the Tomcat administration panel can be accessed through the url http://server/tomcat/

Adding solr to Tomcat

To add solr to run under Tomcat as a webapp, in the directory “<tomcat_home>/conf/Catalina/localhost” create a file “solr.xml”, with the following content (replacing “/path/to/solr” with the actual path to solr):

Then, edit the file /path/to/solr/example/solr/solr.xml:

  • Locate the hostPort definition, and change the value to 8080, to match the port used by Tomcat to listen for incoming requests
  • Locate the hostContext definition, and change the value to “solr”

  • Copy to the “lib” subdirectory in the Tomcat installation the logging libraries used by solr

Now, the solr application can be managed in the Tomcat administration panel.

Troubleshooting

If the solr application fails to start, the Tomcat log file “/usr/share/tomcat7/logs/localhost.yyyy_mm_dd.log” can be examined to check for error messages that can help fix the problem.

For instance, if the logging libraries required by solr cannot be located, the following message will be written to the log file:

References

 Posted by at 7:38 pm

 Leave a Reply

(required)

(required)