9.3(9) Release Notes
Armanda Kicks
We are pleased to announce the general availability of Rocky Linux 9.3. This release is currently available for the x86-64, aarch64, ppc64le, and s390x architectures. Please review the release notes in the Rocky Linux Documentation - These notes contain important information including known bugs and more comprehensive details about changes in this version.
Rocky Linux releases are put through thorough testing to ensure correctness and stability. Testing consists of hundreds of manual and automated checks covering all manner of environments and configurations.
We are forever grateful to the many Rocky Linux project volunteers and leaders for producing, testing, and documenting this release. We are thankful for our sponsors and partners who provide the resources to build, test, and produce Rocky.
You should also consider all changes that have been made to Solr in any version you have not upgraded to already. For example, if you are currently using Solr 8.1, you should review changes made in all subsequent 8.x releases in addition to changes for 9.0.
If using CloudSolrClient to connect to your SolrCloud cluster, SolrJ must be upgraded in all your client applications to version 8.10 or higher (8.x), before upgrading your SolrCloud cluster to version 9.0. Otherwise, SolrJ will not be able to connect to the cluster once it has upgraded to Solr 9.
If you rely on metrics, alerts, or monitors on Solr KPIs that use the "master" or "slave" terminology, please update your system for those metrics to now show up with "leader" and "follower" terminology.
Solr 8.2 recommended using Zookeeper 3.5.5 and now with Curator 5.5.0 requires Zookeeper 3.5.x or higher. This primarily affects users of hadoop-auth, but usage of Curator could affect other parts of Solr.
Solr will now automatically resolve all environment variables with SOLR_ prefix, and set the corresponding system property. This is useful for configuring more aspects of Solr through environment variables, such as for containers. Underscores are replaced with dots and strings are lowercased. For example, while you earlier had to set the system property -Dsolr.clustering.enabled=true to enable clustering, you can now set the equivalent environment variable SOLR_CLUSTERING_ENABLED=true instead.
Tracing support has received a number of quality-of-life improvements, including improved tracking of distributed collection commands and increased coverage for internal requests made with the Apache and Jetty HTTP clients.
The build in ConfigSets (_default and sample_techproducts_configs), now use a default autoSoftCommit time of 3 seconds,meaning that documents will be searchable within 3 seconds of uploading them.Please refer to the Soft Commit documentationfor more information on how this change will effect you.Upgrading existing clouds and use-cases that have custom configSets will not be affected by this change.
The default minimalFreeDiskGB value has been lowered from 20GB to 5GB when using the AffinityPlacementPlugin.Therefore, when using the default settings, nodes that were previously excluded from Replica placements due to low available disk space may be selected after upgrading.
The Circuit Breakers are now pluggable, and you can define multiple circuit breakers including custom ones. The existing CircuitBreakerManager is deprecated, and users are encouraged to switch to the new plugins. While the old CircuitBreakerManager returned HTTP 503 when a circuit breaker was tripped, the new plugins return HTTP 429.
Since Solr 8.4.1/8.5.0, the solr.jetty.ssl.verifyClientHostName sysProp and SOLR_SSL_CLIENT_HOSTNAME_VERIFICATION envVar have been used incorrectly.It has instead been used to override the solr.ssl.checkPeerName sysProp in the HTTP2SolrClient.This has been fixed, and the setting once again tells the server to check the originating client hostname against the client certificate when doing mTLS.This option is still enabled by default.
The solr.jetty.ssl.sniHostCheck option now defaults to the value of SOLR_SSL_CHECK_PEER_NAME, if it is provided.This will enable client and server hostName check settings to be governed by the same environment variable.If users want separate client/server settings, they can manually override the solr.jetty.ssl.sniHostCheck option in SOLR_OPTS.
The rid request id query parameter has been deprecated in favor of the always-on trace generation.To disable the rid generation set the system property solr.disableRequestId to true.To disable the always-on trace generation set the system property solr.alwaysOnTraceId to false.
The FieldValueFeature class now always uses DocValues when docValues=true is set. A LegacyFieldValueFeature class provides the prior behaviour of not using DocValues when the docValues=true and stored=true field attributes are both set.
Solr now comes with two binary releases and docker images, full and slim.The Installing Solr page provides information on what is included in each.Please refer to the Solr Downloads site for information on how to download these offerings.
Use of stream.file, stream.url and stream.body params are no longer enabled via configuration in solrconfig.xml, nor dynamic equivalents with the config API.Older configuration now does nothing.Instead, set an env var: SOLR_ENABLE_REMOTE_STREAMING or SOLR_ENABLE_STREAM_BODY or system property equivalents.
The method for specifying sysProps that contain sensitive information has been streamlined.Now the sysProp -Dsolr.hiddenSysProps or the envVar SOLR_HIDDEN_SYS_PROPS are available to provide a comma-separatedlist of patterns to match sysProps that should be hidden or redacted.Please see the hiddenSysProps section for more information.
The customization of the Official Solr Dockerfile has been changed.The customization options SOLR_DOWNLOAD_URL, SOLR_CLOSER_URL, SOLR_DIST_URL and SOLR_ARCHIVE_URL, have been removed.The only way to specify a custom location for the Solr binaries is through SOLR_DOWNLOAD_SERVER.If the server URL contains apache.org, then the Dockerfile will check gpg signature files.If the server URL does not contain apache.org, then the gpg signature checking will be skipped.
It is still strongly recommended to use the Dockerfile included in the Solr binary TGZs if you want to build Solr images with custom versions of Solr.The custom version of Solr will include this Dockerfile when it is built.
When Solr loads a core from a filesystem it will check for corresponding cluster state in ZooKeeper.Prior to Solr 9.3, if no corresponding entry existed the core was deleted automatically to remove the orphaned files.As of Solr 9.3 that behaviour is no longer enabled by default. See Unknown core deletion.
Solr upgraded to Jetty 10.x from 9.x due to Jetty 9.x is now end of life. Jetty 10.x has a Java 11 minimum and matches Solr 9 minimum Java version. Jetty logging has been replaced with slf4j again matching Solr. See -10-and-11-have-arrived/ for additional Jetty 10.x highlights.
Solr no longer duplicates certain Jetty "server" library dependencies between server/lib and WEB-INF/lib (jetty-util, jetty-io, etc.).This is an improvement to the binary release artifact, but Jetty does not allow web-apps (Solr) to share these libraries by default.The server/contexts/solr-jetty-context.xml now explicitly removes these restrictions, allowing Solr to share these "server" jars which now live in server/lib/ext.
When using Solr (or SolrJ) with an SSL-enabled Solr cluster using HTTP2, the default -Dsolr.ssl.checkPeerName value is now true.This is what has been documented in Enabling SSL, and matches the functionality of the original HttpSolrClient.
Streaming Expressions have been moved out of Solrj core into its own module called solrj-streaming.This change will only affect users that have used streaming expression classes in clients outsideof Solr. Streaming expressions sent to the /stream handler will still operate exactly as before.External clients using streaming expression classes will need to update their depenencies to referencethe solrj-streaming artifacts under the org.apache.solr groupId.
Zookeeper Credentials support now follows a new paradigm.Old classes, such as VMParamsAllAndReadonlyDigestZkACLProvider and VMParamsSingleSetCredentialsDigestZkCredentialsProvider, are deprecated but still supported until at least 10.0.Users are encouraged to upgrade to the non-deprecated classes before the next major version release.Please refer to deployment-guide:zookeeper-access-control.adoc#solr-to-zookeeper-acls-workflow for more information.
Implicit /terms handler now returns terms across all shards in SolrCloud instead of only the local core.Users/apps may be assuming the old behavior. A request can be modified via the standard distrib=false param to only use the local core receiving the request.
MacroExpander will no longer will expand URL parameters inside of the expr parameter (used by streaming expressions).Additionally, users are advised to use the InjectionDefense class when constructing streaming expressions that include user supplied data to avoid risks similar to SQL injection. The legacy behavior of expanding the expr parameter can be reinstated with -DStreamingExpressionMacros=true passed to the JVM at startup
solr.xml maxBooleanClauses is now enforced recursively. Users who upgrade from prior versions of Solr may find that some requests involving complex internal query structures (Example: long query strings using edismax with many qf and pf fields that include query time synonym expansion) which worked in the past now hit this limit and fail. Users in this situation are advised to consider the complexity of their queries/configuration, and increase the value of maxBooleanClauses if warranted.
The property blockUnknown in the BasicAuthPlugin and the JWTAuthPlugin now defaults to true instead of false. This change is backward incompatible. If you need the pre-9.0 default behavior, you need to explicitly set blockUnknown:false in security.json.