Bug 1057654 - Extend important limits to their hard limit
Summary: Extend important limits to their hard limit
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine-setup
Version: 3.3.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 3.4.0
Assignee: Alon Bar-Lev
QA Contact: Pavel Novotny
Whiteboard: integration
Depends On:
Blocks: GSS_RHEV_33_BETA 1059585 rhev3.4beta 1142926
TreeView+ depends on / blocked
Reported: 2014-01-24 14:56 UTC by Tomas Dosek
Modified: 2014-09-18 12:24 UTC (History)
15 users (show)

Fixed In Version: ovirt-3.4.0-beta2
Doc Type: Bug Fix
Doc Text:
Previously, resource limits were not set to their hard limits for Red Hat Enterprise Virtualization Manager. This would result in denial of service if multiple users performed numerous login and logout actions in a short space of time. With this update, resource limits have been set to their hard limits, preventing over-consumption of resources under such circumstances.
Clone Of:
: 1059585 (view as bug list)
Last Closed: 2014-06-09 15:01:41 UTC
oVirt Team: ---
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 699313 0 None None None Never
Red Hat Product Errata RHSA-2014:0506 0 normal SHIPPED_LIVE Moderate: Red Hat Enterprise Virtualization Manager 3.4.0 update 2014-06-09 18:55:38 UTC
oVirt gerrit 23667 0 None None None Never
oVirt gerrit 23743 0 None None None Never
oVirt gerrit 23755 0 None None None Never

Description Tomas Dosek 2014-01-24 14:56:05 UTC
Description of problem:
Extend importand limits to their hard limit

Current limits can cause denial of service for all engine users

Version-Release number of selected component (if applicable):

How reproducible:
100 %

Steps to Reproduce:
1. Install rhev-m environment
2. Try to log-in-out from multiple clients at the same time repeatedly

Actual results:
500 Internal server error, users can't login to portals

Expected results:
Should not cause DoS

Comment 2 Alon Bar-Lev 2014-01-24 15:02:52 UTC
Per our discussion, it is not urgent as there is a simple workaround...

Create /etc/security/limits.d/50-ovirt.conf
ovirt soft nproc 29169

Comment 10 Pavel Novotny 2014-02-17 15:39:56 UTC
Verified in ovirt-engine-3.4.0-0.7.beta2.el6.noarch.

Verified by automation (using Selenium).
I spun up 4 Firefox browsers in parallel and each one performed login & logout on User Portal 20 times in a row.
All login/logout actions eneded up well, no problems were encountered.

Comment 11 errata-xmlrpc 2014-06-09 15:01:41 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.