Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
Description
We had a case where a REST gateway instance was picked up by an automated security scanning tool. Many of the http requests it generated were interpreted requests against non-existent tables. The result was a flood of queries against meta, completely overrunning the priority queue of the region server hosting meta.
We need some kind of back pressure mechanism that can protect meta from a single bad actor.