[rabbitmq-discuss] OOM kill

• Previous message: [rabbitmq-discuss] OOM kill
• Next message: [rabbitmq-discuss] OOM kill
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 8 Mar 2014, at 18:54, Dmitry Andrianov <dmitry.andrianov at alertme.com> wrote:

> Well, creation of exchanges and queues we can at least control with some auth plugin so we can try protecting from these types of DOS. However with connections there seem to be no way to solve it. If no ulimit is used - we are susceptible to that OOM DOS. And if we set ulimit, it is still possible to DOS us - Rabbit won't die but won't accept connections from consumers either.
> 
> I will look into limiting connections by the means if OS or Amazon ELB but it feels like that kind of DOS protection should be part of Rabbit itself.

Services such as CloudAMQP monitor connections/channels/queues/etc over HTTP API and force close
those that use too many resources.

One can argue that you can DOS any service, e.g. MySQL, exposed to the public Internet, by flooding it with writes.
Some form of connection monitoring will likely be necessary anyway.

MK

Software Engineer, Pivotal/RabbitMQ

• Previous message: [rabbitmq-discuss] OOM kill
• Next message: [rabbitmq-discuss] OOM kill
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]