Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-19118

Crowd improved handling from Artifactory-side

    XMLWordPrintable

    Details

    • Type: Performance
    • Status: Done
    • Priority: 4 - Normal
    • Resolution: Done
    • Affects Version/s: 6.10.0, 6.8.9
    • Fix Version/s: 6.11.0, 6.13.0
    • Component/s: Crowd
    • Labels:
      None

      Description

      Summary:

      Today the Crowd server is being addressed on every uncached authentication request every 5 minutes by default.

      There is room for improvement when new and uncached requests are handled within (a very large amount) of Crowd groups.

      Steps to reproduce:

      1. Have a Crowd user with many (2000 was used) groups in Crowd and import them to Artifactory

      2. Try to use a repeated action, e.g. deploying builds, with the same user

      3. Inspect that every once every 5 minutes (authentication cache is set to 5 minutes by default), you will see slowed requests (happens because of the crowd groups fetching and handling in Artifactory)

      • You may lower the authentication cache time to 1 min to have this reproduced faster using:

      artifactory.security.authentication.cache.idleTimeSecs=60

      • You may use the script below to deploy builds:
      #!/bin/bash
      BUILDS_NUM=$1
      username=$2
      password=$3
      a=1
      mkdir builds
      while [ $a -le $BUILDS_NUM ] ; do
      echo '{
      "version": "1.0.1",
      "name": "'a$a'",
      "number": "1",
      "type": "GENERIC",
      "buildAgent": {
      "name": "Generic",
      "version": "Generic"
      },
      "agent": {
      "name": "hudson",
      "version": "2.7.4"
      },
      "started": "2016-09-23T08:06:37.262+0300",
      "durationMillis": 2176,
      "principal": "admin",
      "artifactoryPrincipal": "admin",
      "artifactoryPluginVersion": "2.7.2",
      "url": "http://192.168.59.182:8080/job/hgj/4/",
      "licenseControl": {
      "runChecks": false,
      "includePublishedArtifacts": false,
      "autoDiscover": false,
      "scopesList": "",
      "licenseViolationsRecipientsList": ""
      },
      "buildRetention": {
      "count": -1,
      "deleteBuildArtifacts": true,
      "buildNumbersNotToBeDiscarded": []
      },
      "modules": [{
      "id": "hgj:4",
      "artifacts": [{
      "type": "gz",
      "sha1": "ab078447ae3d3479b6c1a17ad30c9978dd371995",
      "md5": "578a3b9c44edcadc7e9e32a576910d6f",
      "name": "git-lfs-linux-amd64-1.2.0.tar.gz"
      }],
      "dependencies": []
      }],
      "buildDependencies": [],
      "governance": {
      "blackDuckProperties": {
      "runChecks": false,
      "includePublishedArtifacts": false,
      "autoCreateMissingComponentRequests": false,
      "autoDiscardStaleComponentRequests": false
      }
      }
      }' > builds/buildinfo$a.json
      time curl -i -Lvv -H 'Content-Type: application/json' -u $username:$password -X PUT -T builds/buildinfo$a.json localhost:8081/artifactory/api/build &
      	sleep 1
              a=`expr $a + 1`
      done
      

      Use this command to run it:

      bash -x deployBuilds.sh 100 {someUserWithManyPermissions} password
      
      • Do not use an admin user

      Check the request log with the slowed requests:

      http-nio-8081-exec-10|20190430133329|4593|REQUEST|0:0:0:0:0:0:0:1|tester|PUT|/api/build|HTTP/1.1|204|1090
      http-nio-8081-exec-8|20190430133330|93|REQUEST|0:0:0:0:0:0:0:1|tester|PUT|/api/build|HTTP/1.1|204|1090
      http-nio-8081-exec-3|20190430133331|4602|REQUEST|0:0:0:0:0:0:0:1|tester|PUT|/api/build|HTTP/1.1|204|1090
      http-nio-8081-exec-4|20190430133332|50|REQUEST|0:0:0:0:0:0:0:1|tester|PUT|/api/build|HTTP/1.1|204|1090
      http-nio-8081-exec-7|20190430133333|4321|REQUEST|0:0:0:0:0:0:0:1|tester|PUT|/api/build|HTTP/1.1|204|1090
      

      all the typical requests will take under 100ms to be complete, after the cache gets expired, you'll see a few requests held up to more than a few seconds (depending on the number of groups)

        Attachments

          Activity

            People

            Assignee:
            shayb Shay Bagants
            Reporter:
            andreik Andrei Komarov
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Sync Status

                Connection: RTFACT Sync
                RTMID-19118 -
                SYNCHRONIZED
                • Last Sync Date: