I have a question about one hbase config: It seems you keep the default setting of hbase.regionserver.thrift.framed as false.
However, The official document recommends to set hbase.regionserver.thrift.framed to at least true, for security: "This is the recommended transport for thrift servers and requires a similar setting on the client side. Changing this to false will select the default transport, vulnerable to DoS when malformed requests are issued due to THRIFT-601."
It is also recommended in Cloudera's troubleshoorting page to set hbase.regionserver.thrift.framed and hbase.regionserver.thrift.compact to true to prevent the possibility of crashes due to buffer overruns.
Thanks for providing this useful container.
I have a question about one hbase config: It seems you keep the default setting of
hbase.regionserver.thrift.framedas false.However, The official document recommends to set
hbase.regionserver.thrift.framedto at leasttrue, for security: "This is the recommended transport for thrift servers and requires a similar setting on the client side. Changing this to false will select the default transport, vulnerable to DoS when malformed requests are issued due to THRIFT-601."It is also recommended in Cloudera's troubleshoorting page to set hbase.regionserver.thrift.framed and hbase.regionserver.thrift.compact to
trueto prevent the possibility of crashes due to buffer overruns.Shall we change the two settings to
true? Thanks.