Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1057654 - Extend important limits to their hard limit
Summary: Extend important limits to their hard limit
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine-setup
Version: 3.3.0
Hardware: Unspecified
OS: Unspecified
urgent
urgent
Target Milestone: ---
: 3.4.0
Assignee: Alon Bar-Lev
QA Contact: Pavel Novotny
URL:
Whiteboard: integration
Depends On:
Blocks: GSS_RHEV_33_BETA 1059585 rhev3.4beta 1142926
TreeView+ depends on / blocked
 
Reported: 2014-01-24 14:56 UTC by Tomas Dosek
Modified: 2014-09-18 12:24 UTC (History)
15 users (show)

Fixed In Version: ovirt-3.4.0-beta2
Doc Type: Bug Fix
Doc Text:
Previously, resource limits were not set to their hard limits for Red Hat Enterprise Virtualization Manager. This would result in denial of service if multiple users performed numerous login and logout actions in a short space of time. With this update, resource limits have been set to their hard limits, preventing over-consumption of resources under such circumstances.
Clone Of:
: 1059585 (view as bug list)
Environment:
Last Closed: 2014-06-09 15:01:41 UTC
oVirt Team: ---
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 699313 None None None Never
Red Hat Product Errata RHSA-2014:0506 normal SHIPPED_LIVE Moderate: Red Hat Enterprise Virtualization Manager 3.4.0 update 2014-06-09 18:55:38 UTC
oVirt gerrit 23667 None None None Never
oVirt gerrit 23743 None None None Never
oVirt gerrit 23755 None None None Never

Description Tomas Dosek 2014-01-24 14:56:05 UTC
Description of problem:
Extend importand limits to their hard limit

Current limits can cause denial of service for all engine users

Version-Release number of selected component (if applicable):
is32.2

How reproducible:
100 %

Steps to Reproduce:
1. Install rhev-m environment
2. Try to log-in-out from multiple clients at the same time repeatedly


Actual results:
500 Internal server error, users can't login to portals

Expected results:
Should not cause DoS

Comment 2 Alon Bar-Lev 2014-01-24 15:02:52 UTC
Per our discussion, it is not urgent as there is a simple workaround...

Create /etc/security/limits.d/50-ovirt.conf
---
ovirt soft nproc 29169
---

Comment 10 Pavel Novotny 2014-02-17 15:39:56 UTC
Verified in ovirt-engine-3.4.0-0.7.beta2.el6.noarch.

Verified by automation (using Selenium).
I spun up 4 Firefox browsers in parallel and each one performed login & logout on User Portal 20 times in a row.
All login/logout actions eneded up well, no problems were encountered.

Comment 11 errata-xmlrpc 2014-06-09 15:01:41 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2014-0506.html


Note You need to log in before you can comment on or make changes to this bug.