![]() ![]() |
ignite_user2016 |
![]() |
Recently, we migrated ignite to JDK11, all works well except when we run our
security scan, ignite node tries to connect on that servers and result in out of memory and heap dump errors. Is it possible where we can stop that scan server connecting to ignite ? Any configuration ? help is much appreciated. And I have observed that ignite visor is also broken where it cant give us the states for nodes, memory and CPU. Thanks.. Rishi -- Sent from: http://apache-ignite-users.70518.x6.nabble.com/ |
![]() ![]() |
ezhuravlev |
![]() |
Hi, What security scan tool do you use? Evgenii пн, 21 сент. 2020 г. в 09:03, ignite_user2016 <[hidden email]>: Recently, we migrated ignite to JDK11, all works well except when we run our |
![]() ![]() |
ignite_user2016 |
![]() |
we use Nessus security tool, and the module is Tenable.sc which scans the
vulnerability on spring boot app which runs with ignite client. -- Sent from: http://apache-ignite-users.70518.x6.nabble.com/ |
![]() ![]() |
ilya.kasnacheev |
![]() |
In reply to this post by ignite_user2016
Hello! Well, you could enable SSL on all ports, in this case you can block off the security scanner. Regards, -- Ilya Kasnacheev пн, 21 сент. 2020 г. в 19:03, ignite_user2016 <[hidden email]>: Recently, we migrated ignite to JDK11, all works well except when we run our |
![]() ![]() |
ignite_user2016 |
![]() |
This post was updated on .
We never had this issue on JDK8 and it run with lower memory 2g but now switch to JDK11 and 4g memory is not sufficent.
We have SSL enabled on all servers but some how it s trying to attempt connection on SSL causing heap dumps. Is there a way to disable to external server try connecting to ignite ? 2020-09-10 22:52:47,029 WARN [grid-nio-worker-tcp-comm-3-#27%NAME_GRID%] org.apache.ignite.spi.communication.tcp.TcpCommunicationSpi Client disconnected abruptly due to network connection loss or because the connection was left open on application shutdown. [cls=class o.a.i.i.util.nio.GridNioException, msg=Failed to decode SSL data: GridSelectorNioSessionImpl [worker=DirectNioClientWorker [super=AbstractNioClientWorker [idx=3, bytesRcvd=13315002728, bytesSent=0, bytesRcvd0=18, bytesSent0=0, select=true, super=GridWorker [name=grid-nio-worker-tcp-comm-3, igniteInstanceName=WebGrid, finished=false, heartbeatTs=1599796365124, hashCode=1230825885, interrupted=false, runner=grid-nio-worker-tcp-comm-3-#27%WebGrid%]]], writeBuf=java.nio.DirectByteBuffer[pos=0 lim=32768 cap=32768], readBuf=java.nio.DirectByteBuffer[pos=18 lim=18 cap=32768], inRecovery=null, outRecovery=null, closeSocket=true, outboundMessagesQueueSizeMetric=o.a.i.i.processors.metric.impl.LongAdderMetric@69a257d1, super=GridNioSessionImpl [locAddr=/*IG_SERVER1*:47101, rmtAddr=/*SEC_SCAN* SERVER:52082, createTime=1599796365124, closeTime=0, bytesSent=0, bytesRcvd=18, bytesSent0=0, bytesRcvd0=18, sndSchedTime=1599796365124, lastSndTime=1599796365124, lastRcvTime=1599796367026, readsPaused=false, filterChain=FilterChain[filters=[GridNioCodecFilter [parser=o.a.i.i.util.nio.GridDirectParser@20ca1d6a, directMode=true], GridConnectionBytesVerifyFilter, SSL filter], accepted=true, markedForClose=false]]] -- Sent from: http://apache-ignite-users.70518.x6.nabble.com/ |
![]() ![]() |
ilya.kasnacheev |
![]() |
Hello! I don't think it should cause heap dumps. Here you are showing just a warning. This warning may be ignored. It's outside of scope of Apache Ignite to disable something else to try connecting to it. If you have invasive security port scanning, you will expect to see warnings/errors in the logs of any network application. Regards, -- Ilya Kasnacheev вт, 22 сент. 2020 г. в 16:26, ignite_user2016 <[hidden email]>: We have SSL enabled on all servers but some how it s trying to attempt |
![]() ![]() |
ezhuravlev |
![]() |
Hi,
Can you please tell what scan were you running? I want to reproduce this issue using tenable.sc. Thank you, Evgenii вт, 22 сент. 2020 г. в 06:55, Ilya Kasnacheev <[hidden email]>:
|
Free forum by Nabble | Edit this page |