[RTFACT-19118] Crowd improved handling from Artifactory-side - JFrog JIRA

XML

Word

Printable

Details

Type: Performance
Status: Done
Resolution: Done
Affects Version/s: 6.10.0, 6.8.9
Fix Version/s: 6.11.0, 6.13.0
Component/s: Crowd
Labels:
None

Description

Summary:

Today the Crowd server is being addressed on every uncached authentication request every 5 minutes by default.

There is room for improvement when new and uncached requests are handled within (a very large amount) of Crowd groups.

Steps to reproduce:

1. Have a Crowd user with many (2000 was used) groups in Crowd and import them to Artifactory

2. Try to use a repeated action, e.g. deploying builds, with the same user

3. Inspect that every once every 5 minutes (authentication cache is set to 5 minutes by default), you will see slowed requests (happens because of the crowd groups fetching and handling in Artifactory)

You may lower the authentication cache time to 1 min to have this reproduced faster using:

artifactory.security.authentication.cache.idleTimeSecs=60

You may use the script below to deploy builds:

#!/bin/bash
BUILDS_NUM=$1
username=$2
password=$3
a=1
mkdir builds
while [ $a -le $BUILDS_NUM ] ; do
echo '{
"version": "1.0.1",
"name": "'a$a'",
"number": "1",
"type": "GENERIC",
"buildAgent": {
"name": "Generic",
"version": "Generic"
},
"agent": {
"name": "hudson",
"version": "2.7.4"
},
"started": "2016-09-23T08:06:37.262+0300",
"durationMillis": 2176,
"principal": "admin",
"artifactoryPrincipal": "admin",
"artifactoryPluginVersion": "2.7.2",
"url": "http://192.168.59.182:8080/job/hgj/4/",
"licenseControl": {
"runChecks": false,
"includePublishedArtifacts": false,
"autoDiscover": false,
"scopesList": "",
"licenseViolationsRecipientsList": ""
},
"buildRetention": {
"count": -1,
"deleteBuildArtifacts": true,
"buildNumbersNotToBeDiscarded": []
},
"modules": [{
"id": "hgj:4",
"artifacts": [{
"type": "gz",
"sha1": "ab078447ae3d3479b6c1a17ad30c9978dd371995",
"md5": "578a3b9c44edcadc7e9e32a576910d6f",
"name": "git-lfs-linux-amd64-1.2.0.tar.gz"
}],
"dependencies": []
}],
"buildDependencies": [],
"governance": {
"blackDuckProperties": {
"runChecks": false,
"includePublishedArtifacts": false,
"autoCreateMissingComponentRequests": false,
"autoDiscardStaleComponentRequests": false
}
}
}' > builds/buildinfo$a.json
time curl -i -Lvv -H 'Content-Type: application/json' -u $username:$password -X PUT -T builds/buildinfo$a.json localhost:8081/artifactory/api/build &
	sleep 1
        a=`expr $a + 1`
done

Use this command to run it:

bash -x deployBuilds.sh 100 {someUserWithManyPermissions} password

Do not use an admin user

Check the request log with the slowed requests:

http-nio-8081-exec-10|20190430133329|4593|REQUEST|0:0:0:0:0:0:0:1|tester|PUT|/api/build|HTTP/1.1|204|1090
http-nio-8081-exec-8|20190430133330|93|REQUEST|0:0:0:0:0:0:0:1|tester|PUT|/api/build|HTTP/1.1|204|1090
http-nio-8081-exec-3|20190430133331|4602|REQUEST|0:0:0:0:0:0:0:1|tester|PUT|/api/build|HTTP/1.1|204|1090
http-nio-8081-exec-4|20190430133332|50|REQUEST|0:0:0:0:0:0:0:1|tester|PUT|/api/build|HTTP/1.1|204|1090
http-nio-8081-exec-7|20190430133333|4321|REQUEST|0:0:0:0:0:0:0:1|tester|PUT|/api/build|HTTP/1.1|204|1090

all the typical requests will take under 100ms to be complete, after the cache gets expired, you'll see a few requests held up to more than a few seconds (depending on the number of groups)

Attachments

Activity

People

Assignee:: Shay Bagants

Reporter:: Andrei Komarov (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 01/May/19 4:26 PM

Updated:: 17/Feb/21 1:27 PM

Resolved:: 06/May/19 4:53 PM

Sync Status

Connection: RTFACT Sync

RTMID-19118 -
SYNCHRONIZED

Last Sync Date: