BTW when I speak of "core level", it's core/configSet since the
configuration applies to all cores of that type and they literally run in
the context of a core.

On Tue, Dec 3, 2024 at 11:53 PM David Smiley <dsmi...@apache.org> wrote:

> No encryption isn't different from one core to the next but when you tell
> a collection to encrypt itself, you expect all cores to participate in
> this.  I don't think of this as being a factor in choosing solrconfig.xml
> registration vs Collection API.  At least core level is easily pluggable in
> Solr since forever but not the case for collection level!  (unless you say
> "Cluster Plugin" but sorry I don't want to be forced to call an API at
> runtime when it should be solr.xml)
>
> On Tue, Dec 3, 2024 at 9:15 PM Jason Gerlowski <gerlowsk...@gmail.com>
> wrote:
>
>> > There is ambiguity of the idea of a core or even collection "admin"
>> > handler.
>>
>> Ah, I see.  I've always used the terms "core admin" and "collection
>> admin" to refer to the specific endpoints exposed at those paths (i.e.
>> /admin/cores and /admin/collections). But you're right that it's
>> ambiguous - I shouldn't have assumed.
>>
>> As you guys pointed out - there's not (currently) a strong precedent
>> around whether core-registered APIs are aware of the larger cluster
>> topology.  Subactions within certain RH's enforce their own convention
>> (e.g. All CollectionsHandler "actions" know about cluster topology,
>> all CoreAdminHandler "actions" don't).  But there's no overarching
>> convention - so I wouldn't worry about running afoul of that one way
>> or another.
>>
>> > Do we mean CoreAdminHandler (registered at node level), or do we
>> > mean any handler registered *in* the core
>>
>> In terms of where APIs are registered - the main (only? am I missing
>> something?) reason I know of to register an API at the core level is
>> when you want the API to behave differently depending on the core.
>> Different default params, only having the API for some cores, etc.
>>
>> So that'd be the first question I'd try to think through for the
>> encryption case: is there a compelling need for encryption to only be
>> available to certain cores?  Or for its parameter defaults to vary
>> core-by-core?
>>
>> Best,
>>
>> Jason
>>
>> On Tue, Dec 3, 2024 at 1:12 PM David Smiley <dsmi...@apache.org> wrote:
>> >
>> > When Bruno said a "Core level handler", he meant a RequestHandler
>> > registered in solrconfig.xml and thus accessible as
>> > /solr/coreName/admin/encrypt as seen here:
>> >
>> https://github.com/apache/solr-sandbox/blob/4e1819ff8a3758becca19bf337ecd1b352dba805/encryption/src/test/resources/configs/collection1/solrconfig.xml#L54
>> > There is ambiguity of the idea of a core or even collection "admin"
>> > handler.  Do we mean CoreAdminHandler (registered at node level), or do
>> we
>> > mean any handler registered *in* the core that we characterize as being
>> > administrative in nature.
>> >
>> > Some of our handlers like SearchHandler are aware of the collection and
>> > operate over the whole collection namespace.  Most handlers (?) only
>> know
>> > about the core it's registered in, yet can nonetheless be contacted via
>> a
>> > core or collection request.
>> >
>> >
>> > On Tue, Dec 3, 2024 at 3:36 PM Jason Gerlowski <gerlowsk...@gmail.com>
>> > wrote:
>> >
>> > > I think the most common way we do stuff like this is two have an API
>> > > at both the "core" and "collection" levels, with the "collection" API
>> > > being used to orchestrate N calls to the lower-level "core" API.
>> > >
>> > > Using encryption as the example: the "core"-level API might manage the
>> > > encryption of a single core.  And then the "collection" level API
>> > > would invoke the "core" API for each part of the collection, and do
>> > > whatever other higher level logic is necessary (e.g. putting the
>> > > collection into "read only" mode, sending messages to the overseer,
>> > > etc.)
>> > >
>> > > This is a pretty common pattern among our collection operations.
>> > > "Create collection" has a collection API to bootstrap the necessary ZK
>> > > state and then uses a "core admin" API to create individual cores.
>> > > "Backup" uses a collection API to put the collection into read-only
>> > > mode, and then calls a "core admin" API for each core that needs to be
>> > > backed up. etc.
>> > >
>> > > Hopefully that helps, unless I'm misunderstanding your question?
>> > >
>> > > Best,
>> > >
>> > > Jason
>> > >
>> > > On Wed, Nov 27, 2024 at 6:10 AM Bruno Roustant <
>> bruno.roust...@gmail.com>
>> > > wrote:
>> > > >
>> > > > Generally, where should go operations on a Collection?
>> > > > At Collection admin level handler?
>> > > > At Core level handler?
>> > > > There are examples of both.
>> > > >
>> > > > I'm asking the question with the Solr encryption feature in mind (in
>> > > > solr-sandbox). A client may want to encrypt all the indexes for a
>> given
>> > > > Collection. Which handler should receive the request?
>> > > > A core level handler that would then distribute the request to all
>> the
>> > > > cores of the Collection across SolrCloud? Or a ClusterPlugin request
>> > > > handler?
>> > > >
>> > > > Bruno
>> > >
>> > > ---------------------------------------------------------------------
>> > > To unsubscribe, e-mail: dev-unsubscr...@solr.apache.org
>> > > For additional commands, e-mail: dev-h...@solr.apache.org
>> > >
>> > >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscr...@solr.apache.org
>> For additional commands, e-mail: dev-h...@solr.apache.org
>>
>>

Reply via email to