Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Nesus scan seems to kill hbase thrift server. Has anyone seen this before ?

Solved Go to solution

Nesus scan seems to kill hbase thrift server. Has anyone seen this before ?

New Contributor

I have opened a case, but was also wanting to check with the community.

When our security team runs nesus to scan hosts, it kills the hbase thrift server.

I was curious if anyone has seen this before, and might now which part of the nesus scanning is causing the hbase thrift server to die.

I was unable to find any useful information in the thrift server log.

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Nesus scan seems to kill hbase thrift server. Has anyone seen this before ?

New Contributor

Cloudera Support was able to solve the case.

The thrift server is set to die from a kill -9 upon error.

The error was a java out of memory error when being scanned.

We upped the thift server heap size to 4G and all is well.

5 REPLIES 5

Re: Nesus scan seems to kill hbase thrift server. Has anyone seen this before ?

Hi Ranks,

 

HBase Thrift Server does not authenticate requests, so it should not be used if you care about security until this issue is fixed.

 

Thanks,

Darren

Re: Nesus scan seems to kill hbase thrift server. Has anyone seen this before ?

New Contributor

Im not a nesus expert, but our security team said they tried to turn off authentication on the scan, and that didnt stop it from crashing.

If you really think this may be the issue, I'll follow up more with them, for them to double check what they are doing.

Re: Nesus scan seems to kill hbase thrift server. Has anyone seen this before ?

I'm not saying that this is the reason why it was killed. I don't really know anything about nesus or why it might kill a process. It just sounds like you are doing security audits, and if so you should know that HBase Thrift server is a security hole that should fail any comprehensive security audit. In general, regardless of nesus, if you care about security in your cluster, you should not use this role.

 

Thanks,

Darren

Re: Nesus scan seems to kill hbase thrift server. Has anyone seen this before ?

New Contributor
Thanks for the clarification, and the advice !

Re: Nesus scan seems to kill hbase thrift server. Has anyone seen this before ?

New Contributor

Cloudera Support was able to solve the case.

The thrift server is set to die from a kill -9 upon error.

The error was a java out of memory error when being scanned.

We upped the thift server heap size to 4G and all is well.

Don't have an account?
Coming from Hortonworks? Activate your account here