Bug 1391493

Summary: Web UI is terrible slow
Product: Red Hat Certification Program Reporter: Rainer Koenig <Rainer.Koenig>
Component: redhat-certificationAssignee: Greg Nichols <gnichols>
Status: CLOSED WORKSFORME QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 1.0CC: brose, brubisch
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-11-10 09:45:51 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Rainer Koenig 2016-11-03 12:36:44 UTC 
Description of problem:
Web-UI is not responsive on the start pages. 

Version-Release number of selected component (if applicable):
4.0

How reproducible:
Always

Steps to Reproduce:
1. Open Web-UI in browser
2. 
3.

Actual results:
You need to wait a long time until the start page with the list of the systems is loaded.

Expected results:
The page should load much faster, especially since its access from the same machine. 

Additional info:
Problem is probably caused by the "phone home" features of redhat-certification. The host running the web server is an isolated machine inside a laboratory infrastructure with practically no access to the outside internet.

A wireshark trace reveals that the machine is trying to connect to hardware.redhat.com (and probalbly other sites). This and adding that the firewall that prevents access to the internet has a DROP rule for forbidden connections (instead of REJECT) will proabably make the whole process wait until some timeouts for the connections expire. 

Solutions? Is there any "offline" config option that I can set to prevent trying to access the Internet at all? Would it help to setup a firewall rule on this system that REJECTS all connection attempts to the internet, but allows connections to the 10./8, 172.24./12 and 192.168./16 networks?
Comment 1 Rainer Koenig 2016-11-10 09:45:51 UTC 
Update: Installed some iptables rules that blocks all outgoing traffic with destinations that aren't private IPv4 adresses with "REJECT". Now the machine running the Web-UI gets an icpm-host-unreachable every time it wants to phone home and response times went down to less than a second. ;-) 

So I close this with "worksforme".