You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@storm.apache.org by "P. Taylor Goetz" <pt...@gmail.com> on 2013/12/12 21:52:32 UTC
Re: [storm-user] Nimbus goes out of memory
(adding dev@)
We should probably add a JIRA ticket for this. Probably fairly high priority since being able to DOS nimbus with ssh is kind of a big hole.
Cassandra had this issue and they were able to fix it: https://issues.apache.org/jira/browse/CASSANDRA-475
I’ll take a look at what they did and see if there is something we could do along those lines.
- Taylor
On Dec 12, 2013, at 3:41 PM, P. Taylor Goetz <pt...@gmail.com> wrote:
> What is the security scan doing?
>
> Here is the thread I think you were referring to: https://groups.google.com/forum/#!searchin/storm-user/ssh/storm-user/TDdVOgYT9To/u3VBDVeMck4J
>
> Is there a way to configure the scan to stay away from the nimbus host and thrift port?
>
> - Taylor
>
>
> On Dec 12, 2013, at 3:16 PM, Kiran <nk...@gmail.com> wrote:
>
>> Hi,
>>
>> I see that storm nimbus goes out memory during internal security scan. This renders any process monitors on our end ineffective. I had seen a earlier discussion which mentioned it was due to malformed request being sent on the thrift port.
>>
>> Is there fix available for this, or is there a way to quit the JVM . I am using storm version : 0.8.3
>>
>> For now i am planning to use -XX:OnOutOfMemoryError="kill -9 %p”. Has anyone already tried this out ?
>>
>> Please advice.
>>
>> Thanks.
>>
>> --
>> You received this message because you are subscribed to the Google Groups "storm-user" group.
>> To unsubscribe from this group and stop receiving emails from it, send an email to storm-user+unsubscribe@googlegroups.com.
>> For more options, visit https://groups.google.com/groups/opt_out.
>
Re: [storm-user] Nimbus goes out of memory
Posted by "P. Taylor Goetz" <pt...@gmail.com>.
Kiran,
I found a fix for this and submitted a pull request: https://github.com/apache/incubator-storm/pull/3
It should be fixed in the 0.9.1 release.
- Taylor
On Dec 12, 2013, at 4:53 PM, Kiran <nk...@gmail.com> wrote:
>
> Great! Thanks Taylor. Actually, I was referring to this thread
>
> We cant provide much information about the process. But it basically involves sending some random packets to check for vulnerabilities. It would be a tough process to get the security group add exceptions..
>
> Thanks,
> Kiran
>
> On Thursday, December 12, 2013 12:52:32 PM UTC-8, P. Taylor Goetz wrote:
> (adding dev@)
>
> We should probably add a JIRA ticket for this. Probably fairly high priority since being able to DOS nimbus with ssh is kind of a big hole.
>
> Cassandra had this issue and they were able to fix it: https://issues.apache.org/jira/browse/CASSANDRA-475
>
> I’ll take a look at what they did and see if there is something we could do along those lines.
>
> - Taylor
>
>
> On Dec 12, 2013, at 3:41 PM, P. Taylor Goetz <pt...@gmail.com> wrote:
>
>> What is the security scan doing?
>>
>> Here is the thread I think you were referring to: https://groups.google.com/forum/#!searchin/storm-user/ssh/storm-user/TDdVOgYT9To/u3VBDVeMck4J
>>
>> Is there a way to configure the scan to stay away from the nimbus host and thrift port?
>>
>> - Taylor
>>
>>
>> On Dec 12, 2013, at 3:16 PM, Kiran <nk...@gmail.com> wrote:
>>
>>> Hi,
>>>
>>> I see that storm nimbus goes out memory during internal security scan. This renders any process monitors on our end ineffective. I had seen a earlier discussion which mentioned it was due to malformed request being sent on the thrift port.
>>>
>>> Is there fix available for this, or is there a way to quit the JVM . I am using storm version : 0.8.3
>>>
>>> For now i am planning to use -XX:OnOutOfMemoryError="kill -9 %p”. Has anyone already tried this out ?
>>>
>>> Please advice.
>>>
>>> Thanks.
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups "storm-user" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an email to storm-user+...@googlegroups.com.
>>> For more options, visit https://groups.google.com/groups/opt_out.
>>
>
>
> --
> You received this message because you are subscribed to the Google Groups "storm-user" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to storm-user+unsubscribe@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
Re: [storm-user] Nimbus goes out of memory
Posted by "P. Taylor Goetz" <pt...@gmail.com>.
Kiran,
I found a fix for this and submitted a pull request: https://github.com/apache/incubator-storm/pull/3
It should be fixed in the 0.9.1 release.
- Taylor
On Dec 12, 2013, at 4:53 PM, Kiran <nk...@gmail.com> wrote:
>
> Great! Thanks Taylor. Actually, I was referring to this thread
>
> We cant provide much information about the process. But it basically involves sending some random packets to check for vulnerabilities. It would be a tough process to get the security group add exceptions..
>
> Thanks,
> Kiran
>
> On Thursday, December 12, 2013 12:52:32 PM UTC-8, P. Taylor Goetz wrote:
> (adding dev@)
>
> We should probably add a JIRA ticket for this. Probably fairly high priority since being able to DOS nimbus with ssh is kind of a big hole.
>
> Cassandra had this issue and they were able to fix it: https://issues.apache.org/jira/browse/CASSANDRA-475
>
> I’ll take a look at what they did and see if there is something we could do along those lines.
>
> - Taylor
>
>
> On Dec 12, 2013, at 3:41 PM, P. Taylor Goetz <pt...@gmail.com> wrote:
>
>> What is the security scan doing?
>>
>> Here is the thread I think you were referring to: https://groups.google.com/forum/#!searchin/storm-user/ssh/storm-user/TDdVOgYT9To/u3VBDVeMck4J
>>
>> Is there a way to configure the scan to stay away from the nimbus host and thrift port?
>>
>> - Taylor
>>
>>
>> On Dec 12, 2013, at 3:16 PM, Kiran <nk...@gmail.com> wrote:
>>
>>> Hi,
>>>
>>> I see that storm nimbus goes out memory during internal security scan. This renders any process monitors on our end ineffective. I had seen a earlier discussion which mentioned it was due to malformed request being sent on the thrift port.
>>>
>>> Is there fix available for this, or is there a way to quit the JVM . I am using storm version : 0.8.3
>>>
>>> For now i am planning to use -XX:OnOutOfMemoryError="kill -9 %p”. Has anyone already tried this out ?
>>>
>>> Please advice.
>>>
>>> Thanks.
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups "storm-user" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an email to storm-user+...@googlegroups.com.
>>> For more options, visit https://groups.google.com/groups/opt_out.
>>
>
>
> --
> You received this message because you are subscribed to the Google Groups "storm-user" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to storm-user+unsubscribe@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
Re: [storm-user] Nimbus goes out of memory
Posted by Kiran <nk...@gmail.com>.
Great! Thanks Taylor. Actually, I was referring to this thread<https://groups.google.com/forum/#!searchin/storm-user/nimbus$20out$20of$20memory/storm-user/66PFsYLLTvI/foIeofCH6CcJ>
We cant provide much information about the process. But it basically
involves sending some random packets to check for vulnerabilities. It would
be a tough process to get the security group add exceptions..
Thanks,
Kiran
On Thursday, December 12, 2013 12:52:32 PM UTC-8, P. Taylor Goetz wrote:
>
> (adding dev@)
>
> We should probably add a JIRA ticket for this. Probably fairly high
> priority since being able to DOS nimbus with ssh is kind of a big hole.
>
> Cassandra had this issue and they were able to fix it:
> https://issues.apache.org/jira/browse/CASSANDRA-475
>
> I’ll take a look at what they did and see if there is something we could
> do along those lines.
>
> - Taylor
>
>
> On Dec 12, 2013, at 3:41 PM, P. Taylor Goetz <ptg...@gmail.com<javascript:>>
> wrote:
>
> What is the security scan doing?
>
> Here is the thread I think you were referring to:
> https://groups.google.com/forum/#!searchin/storm-user/ssh/storm-user/TDdVOgYT9To/u3VBDVeMck4J
>
> Is there a way to configure the scan to stay away from the nimbus host and
> thrift port?
>
> - Taylor
>
>
> On Dec 12, 2013, at 3:16 PM, Kiran <nkir...@gmail.com <javascript:>>
> wrote:
>
> Hi,
>
> I see that storm nimbus goes out memory during internal security scan.
> This renders any process monitors on our end ineffective. I had seen a
> earlier discussion which mentioned it was due to malformed request being
> sent on the thrift port.
>
> Is there fix available for this, or is there a way to quit the JVM . I am
> using storm version : 0.8.3
>
> For now i am planning to use -XX:OnOutOfMemoryError="kill -9 %p”. Has
> anyone already tried this out ?
>
> Please advice.
>
> Thanks.
>
> --
> You received this message because you are subscribed to the Google Groups
> "storm-user" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to storm-user+...@googlegroups.com <javascript:>.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>
>