1368988 – [RFE] [rbovirt] API calls should use persistent authentication

Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1368988 - [RFE] [rbovirt] API calls should use persistent authentication

Summary: [RFE] [rbovirt] API calls should use persistent authentication

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Compute Resources - RHEV
Sub Component:
Version:	6.2.0
Hardware:	All
OS:	Linux
Priority:	high
Severity:	medium
Target Milestone:	Unspecified
Assignee:	satellite6-bugs
QA Contact:	Katello QA List
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	GSS_Sat6Beta_Tracker, GSS_Sat6_Tracker
TreeView+	depends on / blocked

Reported:	2016-08-22 09:43 UTC by Julio Entrena Perez
Modified:	2021-12-10 14:55 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2018-09-04 19:13:00 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1285015	1	None	None	None	2021-06-10 11:03:27 UTC
Red Hat Issue Tracker	SAT-6894	0	None	None	None	2021-12-10 14:55:32 UTC

Internal Links: 1285015

Description Julio Entrena Perez 2016-08-22 09:43:50 UTC

Description of problem:
rbovirt does not use persistent authentication for API calls to RHEV-M / oVirt.
When searching for a VM using the Search box in the list of VMs, each keystroke triggers 3 API calls none of which uses persistent authentication.
This results in each call having to authenticate, triggering login and logout events which result in a slow search on busy RHEV-Ms.

Version-Release number of selected component (if applicable):
Satellite 6.2.1
tfm-rubygem-rbovirt-0.0.37-1.el7sat

How reproducible:
Always

Steps to Reproduce:
1. Create a new RHEV compute resource on a busy, large RHEV-M instance.
2. On the web ui navigate to Infrastructure --> Compute Resources --> <rhev_compute_resource> --> Virtual Machines
3. Type three letters in the "Search:" box

Actual results:
9 API calls are issued to RHEV-M.
None of those calls use persistent authentication.
9 Login events are triggered.
9 Logout events are triggered.
The search takes up to 1 minute to complete.

Expected results:
API calls use persistent authentication.
A single login event is triggered.
Subsequent API calls are faster.
The search takes considerably less time to complete on large, busy RHEV-Ms.
The session should be reused for later calls if still valid.

Additional info:
- http://www.ovirt.org/develop/release-management/features/infra/restsessionmanagement/

- https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.6/html/REST_API_Guide/Authentication_Sessions.html

- On RHEV-M extend the httpd logging as per https://bugzilla.redhat.com/show_bug.cgi?id=1347631#c2

- Observe the time taken to complete each of the API calls (last value, in microseconds, this is from an internal reproducer and does not reflect the scale of the performance problem):

  10.33.9.40 - - [22/Aug/2016:09:35:02 +0100] "GET /api/datacenters?search= HTTP/1.1" 200 407 "-" "Ruby" 1457200
  10.33.9.40 - - [22/Aug/2016:09:35:02 +0100] "GET /api/datacenters?search= HTTP/1.1" 200 407 "-" "Ruby" 1768403
  10.33.9.40 - - [22/Aug/2016:09:35:02 +0100] "GET /api/datacenters?search= HTTP/1.1" 200 407 "-" "Ruby" 1824992
  10.33.9.40 - - [22/Aug/2016:09:35:04 +0100] "GET /api/datacenters/e7851520-4a55-4ac0-91ea-7342988fa12f HTTP/1.1" 200 395 "-" "Ruby" 1832987
  10.33.9.40 - - [22/Aug/2016:09:35:04 +0100] "GET /api/datacenters/e7851520-4a55-4ac0-91ea-7342988fa12f HTTP/1.1" 200 395 "-" "Ruby" 1716310
  10.33.9.40 - - [22/Aug/2016:09:35:04 +0100] "GET /api/datacenters/e7851520-4a55-4ac0-91ea-7342988fa12f HTTP/1.1" 200 395 "-" "Ruby" 2248327
  10.33.9.40 - - [22/Aug/2016:09:35:05 +0100] "GET /api/vms;max=10?search=rh+datacenter%3D%22dc36%22+page+1 HTTP/1.1" 200 4029 "-" "Ruby" 1758745
  10.33.9.40 - - [22/Aug/2016:09:35:06 +0100] "GET /api/vms;max=10?search=r+datacenter%3D%22dc36%22+page+1 HTTP/1.1" 200 4029 "-" "Ruby" 1799803
  10.33.9.40 - - [22/Aug/2016:09:35:06 +0100] "GET /api/vms;max=10?search=rhe+datacenter%3D%22dc36%22+page+1 HTTP/1.1" 200 4029 "-" "Ruby" 1937730

- Observe the contents of engine.log after typing the three characters in the search box:

  2016-08-22 09:35:03,342 INFO  [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp-/127.0.0.1:8702-6) [] Running command: LoginUserCommand internal: false.
  2016-08-22 09:35:03,457 INFO  [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp-/127.0.0.1:8702-8) [] Running command: LoginUserCommand internal: false.
  2016-08-22 09:35:03,465 INFO  [org.ovirt.engine.core.bll.aaa.LogoutSessionCommand] (ajp-/127.0.0.1:8702-8) [32132a7a] Running command: LogoutSessionCommand internal: false.
  2016-08-22 09:35:03,669 INFO  [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp-/127.0.0.1:8702-6) [] Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User admin@internal logged in.
  2016-08-22 09:35:03,674 INFO  [org.ovirt.engine.core.bll.aaa.LogoutSessionCommand] (ajp-/127.0.0.1:8702-6) [79ad01ab] Running command: LogoutSessionCommand internal: false.
  2016-08-22 09:35:03,867 INFO  [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp-/127.0.0.1:8702-10) [] Running command: LoginUserCommand internal: false.
  2016-08-22 09:35:03,872 INFO  [org.ovirt.engine.core.bll.aaa.LogoutSessionCommand] (ajp-/127.0.0.1:8702-10) [71e539e8] Running command: LogoutSessionCommand internal: false.
  2016-08-22 09:35:04,044 INFO  [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp-/127.0.0.1:8702-8) [32132a7a] Correlation ID: 32132a7a, Call Stack: null, Custom Event ID: -1, Message: User admin@internal logged out.
  2016-08-22 09:35:04,261 INFO  [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp-/127.0.0.1:8702-6) [79ad01ab] Correlation ID: 79ad01ab, Call Stack: null, Custom Event ID: -1, Message: User admin@internal logged out.
  2016-08-22 09:35:04,411 INFO  [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp-/127.0.0.1:8702-10) [71e539e8] Correlation ID: 71e539e8, Call Stack: null, Custom Event ID: -1, Message: User admin@internal logged out.
  2016-08-22 09:35:05,374 INFO  [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp-/127.0.0.1:8702-12) [] Running command: LoginUserCommand internal: false.
  2016-08-22 09:35:05,381 INFO  [org.ovirt.engine.core.bll.aaa.LogoutSessionCommand] (ajp-/127.0.0.1:8702-12) [288b6313] Running command: LogoutSessionCommand internal: false.
  2016-08-22 09:35:05,701 INFO  [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp-/127.0.0.1:8702-4) [] Running command: LoginUserCommand internal: false.
  2016-08-22 09:35:05,709 INFO  [org.ovirt.engine.core.bll.aaa.LogoutSessionCommand] (ajp-/127.0.0.1:8702-4) [73e8f64b] Running command: LogoutSessionCommand internal: false.
  2016-08-22 09:35:05,902 INFO  [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp-/127.0.0.1:8702-12) [288b6313] Correlation ID: 288b6313, Call Stack: null, Custom Event ID: -1, Message: User admin@internal logged out.
  2016-08-22 09:35:05,961 INFO  [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp-/127.0.0.1:8702-5) [] Running command: LoginUserCommand internal: false.
  2016-08-22 09:35:05,967 INFO  [org.ovirt.engine.core.bll.aaa.LogoutSessionCommand] (ajp-/127.0.0.1:8702-5) [675d2db2] Running command: LogoutSessionCommand internal: false.
  2016-08-22 09:35:06,002 INFO  [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp-/127.0.0.1:8702-4) [73e8f64b] Correlation ID: 73e8f64b, Call Stack: null, Custom Event ID: -1, Message: User admin@internal logged out.
  2016-08-22 09:35:06,684 INFO  [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp-/127.0.0.1:8702-5) [675d2db2] Correlation ID: 675d2db2, Call Stack: null, Custom Event ID: -1, Message: User admin@internal logged out.
  2016-08-22 09:35:06,836 INFO  [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp-/127.0.0.1:8702-9) [] Running command: LoginUserCommand internal: false.
  2016-08-22 09:35:06,902 INFO  [org.ovirt.engine.core.bll.aaa.LogoutSessionCommand] (ajp-/127.0.0.1:8702-9) [3c7c35bc] Running command: LogoutSessionCommand internal: false.
  2016-08-22 09:35:07,277 INFO  [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp-/127.0.0.1:8702-15) [] Running command: LoginUserCommand internal: false.
  2016-08-22 09:35:07,341 INFO  [org.ovirt.engine.core.bll.aaa.LogoutSessionCommand] (ajp-/127.0.0.1:8702-15) [5abe6c2b] Running command: LogoutSessionCommand internal: false.
  2016-08-22 09:35:07,686 INFO  [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp-/127.0.0.1:8702-9) [3c7c35bc] Correlation ID: 3c7c35bc, Call Stack: null, Custom Event ID: -1, Message: User admin@internal logged out.
  2016-08-22 09:35:07,752 INFO  [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp-/127.0.0.1:8702-8) [] Running command: LoginUserCommand internal: false.
  2016-08-22 09:35:07,817 INFO  [org.ovirt.engine.core.bll.aaa.LogoutSessionCommand] (ajp-/127.0.0.1:8702-8) [73895b23] Running command: LogoutSessionCommand internal: false.
  2016-08-22 09:35:07,828 INFO  [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp-/127.0.0.1:8702-15) [5abe6c2b] Correlation ID: 5abe6c2b, Call Stack: null, Custom Event ID: -1, Message: User admin@internal logged out.
  2016-08-22 09:35:08,646 INFO  [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp-/127.0.0.1:8702-8) [73895b23] Correlation ID: 73895b23, Call Stack: null, Custom Event ID: -1, Message: User admin@internal logged out.

- By including the session cookie API calls will be able to resume the session if the session is still valid and a new authentication won't be required.

Comment 2 Bryan Kearney 2018-09-04 19:00:49 UTC

Thank you for your interest in Satellite 6. We have evaluated this request, and we do not expect this to be implemented in the product in the foreseeable future. We are therefore closing this out as WONTFIX. If you have any concerns about this, please feel free to contact Rich Jerrido or Bryan Kearney. Thank you.

Comment 3 Bryan Kearney 2018-09-04 19:13:00 UTC

Thank you for your interest in Satellite 6. We have evaluated this request, and we do not expect this to be implemented in the product in the foreseeable future. We are therefore closing this out as WONTFIX. If you have any concerns about this, please feel free to contact Rich Jerrido or Bryan Kearney. Thank you.

Note You need to log in before you can comment on or make changes to this bug.