Support Questions

Find answers, ask questions, and share your expertise

Nesus scan seems to kill hbase thrift server. Has anyone seen this before ?

avatar
Explorer

I have opened a case, but was also wanting to check with the community.

When our security team runs nesus to scan hosts, it kills the hbase thrift server.

I was curious if anyone has seen this before, and might now which part of the nesus scanning is causing the hbase thrift server to die.

I was unable to find any useful information in the thrift server log.

1 ACCEPTED SOLUTION

avatar
Explorer

Cloudera Support was able to solve the case.

The thrift server is set to die from a kill -9 upon error.

The error was a java out of memory error when being scanned.

We upped the thift server heap size to 4G and all is well.

View solution in original post

5 REPLIES 5

avatar

Hi Ranks,

 

HBase Thrift Server does not authenticate requests, so it should not be used if you care about security until this issue is fixed.

 

Thanks,

Darren

avatar
Explorer

Im not a nesus expert, but our security team said they tried to turn off authentication on the scan, and that didnt stop it from crashing.

If you really think this may be the issue, I'll follow up more with them, for them to double check what they are doing.

avatar

I'm not saying that this is the reason why it was killed. I don't really know anything about nesus or why it might kill a process. It just sounds like you are doing security audits, and if so you should know that HBase Thrift server is a security hole that should fail any comprehensive security audit. In general, regardless of nesus, if you care about security in your cluster, you should not use this role.

 

Thanks,

Darren

avatar
Explorer
Thanks for the clarification, and the advice !

avatar
Explorer

Cloudera Support was able to solve the case.

The thrift server is set to die from a kill -9 upon error.

The error was a java out of memory error when being scanned.

We upped the thift server heap size to 4G and all is well.