I have seen this 3 times from Dec to March - tracking this nodejs issue via 
OOM-834 (not an OOM issue) - last saw it 27th March under 1.8.10 (current 
version) - but running helm 2.6.1 (current version 2.8.2)

   Something in the infrastructure is causing this - as I have seen it on an 
idle kubernetes cluster (no onap pods installed)
   Will look again through the k8s jiras

   You are correct - it is not the .ru crypto miner that targets 10250/pods or 
the new one that targets a cluster without oauth lockdown
    Tracking anti-crypto here

    I think I will ask for 5 min to go over the lockdown of clusters with the 
security subcommittee - the oauth lockdown will cover off 10249-10255 as well.


From: onap-discuss-boun...@lists.onap.org 
[mailto:onap-discuss-boun...@lists.onap.org] On Behalf Of 
Sent: Thursday, May 17, 2018 7:28 PM
To: onap-discuss@lists.onap.org
Subject: [onap-discuss] OOM Beijing CPU utilization

I have a running OOM ONAP Beijing deployment on 2 nodes.

After a few days running OK, i noticed around 100% CPU on all 16 vCPUs on the 
1st node.

I see a process nodejs running with 815% CPU as shown below.

What is this process doing ?

I checked for mining, and there's none, and I have port 10250 blocked, I don't 
see any suspicious processes.

I had to kill the nodejs process in order to regain interactivity with my onap 


root@olc-oom-bjng:~# top
top - 22:58:14 up 13 days,  1:28,  1 user,  load average: 53.66, 49.26, 48.69
Tasks: 1181 total,   1 running, 1175 sleeping,   0 stopped,   5 zombie
%Cpu(s): 84.0 us, 14.9 sy,  0.1 ni,  0.4 id,  0.0 wa,  0.0 hi,  0.2 si,  0.3 st
KiB Mem : 10474657+total,  1037308 free, 88390000 used, 15319272 buff/cache
KiB Swap:        0 total,        0 free,        0 used. 14242952 avail Mem

20119 root      20   0 1431420  65876   1124 S 815.4  0.1  34465:04 nodjs -c 


Ce message et ses pieces jointes peuvent contenir des informations 
confidentielles ou privilegiees et ne doivent donc

pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce 
message par erreur, veuillez le signaler

a l'expediteur et le detruire ainsi que les pieces jointes. Les messages 
electroniques etant susceptibles d'alteration,

Orange decline toute responsabilite si ce message a ete altere, deforme ou 
falsifie. Merci.

This message and its attachments may contain confidential or privileged 
information that may be protected by law;

they should not be distributed, used or copied without authorisation.

If you have received this email in error, please notify the sender and delete 
this message and its attachments.

As emails may be altered, Orange is not liable for messages that have been 
modified, changed or falsified.

Thank you.
This message and the information contained herein is proprietary and 
confidential and subject to the Amdocs policy statement,

you may review at https://www.amdocs.com/about/email-disclaimer 
onap-discuss mailing list

Reply via email to