Bug 1057654 – Extend important limits to their hard limit

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 1057654 - Extend important limits to their hard limit

Summary:	Extend important limits to their hard limit

Status:	CLOSED ERRATA

Aliases:	None

Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	ovirt-engine-setup (Show other bugs)
Sub Component:
Version:	3.3.0
Hardware:	Unspecified Unspecified

Priority	urgent Severity urgent
Target Milestone:	---
Target Release:	3.4.0
Assigned To:	Alon Bar-Lev
QA Contact:	Pavel Novotny
Docs Contact:

URL:
Whiteboard:	integration
Keywords:	ZStream

Depends On:
Blocks:	GSS_RHEV_33_BETA 1059585 rhev3.4beta 1142926
	Show dependency tree / graph

Reported:	2014-01-24 09:56 EST by Tomas Dosek
Modified:	2014-09-18 08:24 EDT (History)
CC List:	15 users (show)

See Also:
Fixed In Version:	ovirt-3.4.0-beta2
Doc Type:	Bug Fix
Doc Text:	Previously, resource limits were not set to their hard limits for Red Hat Enterprise Virtualization Manager. This would result in denial of service if multiple users performed numerous login and logout actions in a short space of time. With this update, resource limits have been set to their hard limits, preventing over-consumption of resources under such circumstances.
Story Points:	---
Clone Of:
Clones:	1059585 (view as bug list)
Environment:
Last Closed:	2014-06-09 11:01:41 EDT
Type:	Bug
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Red Hat Knowledge Base (Solution)	699313	None	None	None	Never
oVirt gerrit	23667	None	None	None	Never
oVirt gerrit	23743	None	None	None	Never
oVirt gerrit	23755	None	None	None	Never
Red Hat Product Errata	RHSA-2014:0506	normal	SHIPPED_LIVE	Moderate: Red Hat Enterprise Virtualization Manager 3.4.0 update	2014-06-09 14:55:38 EDT

Groups: None (edit)

Description Tomas Dosek 2014-01-24 09:56:05 EST

Description of problem:
Extend importand limits to their hard limit

Current limits can cause denial of service for all engine users

Version-Release number of selected component (if applicable):
is32.2

How reproducible:
100 %

Steps to Reproduce:
1. Install rhev-m environment
2. Try to log-in-out from multiple clients at the same time repeatedly


Actual results:
500 Internal server error, users can't login to portals

Expected results:
Should not cause DoS

Comment 2 Alon Bar-Lev 2014-01-24 10:02:52 EST

Per our discussion, it is not urgent as there is a simple workaround...

Create /etc/security/limits.d/50-ovirt.conf
---
ovirt soft nproc 29169
---

Comment 10 Pavel Novotny 2014-02-17 10:39:56 EST

Verified in ovirt-engine-3.4.0-0.7.beta2.el6.noarch.

Verified by automation (using Selenium).
I spun up 4 Firefox browsers in parallel and each one performed login & logout on User Portal 20 times in a row.
All login/logout actions eneded up well, no problems were encountered.

Comment 11 errata-xmlrpc 2014-06-09 11:01:41 EDT

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2014-0506.html

Note You need to log in before you can comment on or make changes to this bug.