Re: [Engine-devel] Tweaking backup/restore of engine
----- Original Message -----
From: "Sven Kieske" <S.Kieske(a)mittwald.de>
To: engine-devel(a)ovirt.org
Sent: Monday, March 3, 2014 6:25:39 PM
Subject: [Engine-devel] Tweaking backup/restore of engine
Hi,
currently all events are stored in the table audit_log
which all gets saved when you use the engine-backup
shell script.
the event log is full of these login lines (engine 3.3.2):
25652 fdfc627c-d875-11e0-90f0-83df133b58cc admin@internal
00000000-0000-0000-0000-000000000000 \N \N \N \N \N 2014-01-20
06:39:17.222+01 USER_VDC_LOGIN 30 0 User admin@internal
logged in. f \N \N 00000000-0000-0000-0000-000000000000 \N \N \N
\N 00000000-0000-0000-0000-000000000000 \N oVirt -1 30 f \N
this makes the log and db grow very large when you use the REST-API
to query ovirt for various data.
Is this necessary for a working restore?
It would be cool if we could tweak the engine-backup
tool to just dump necessary tables so you don't have
to restore events from the past no one is interested
in.
How does ovirt react, if I do not restore the content of the audit_log
table?
If this works (restore without audit_log) I would prefer to have
this code upstream in ovirt git so I don't have to maintain
my own backupscript.
Would it be possible to extend the existing backupscript
with a switch to not backup logs?
Currently it's just "all" or "just db".
I also recall that there shouldn't occur multiple login events any
more since ovirt 3.3. but it still seems to be the case.
Hi Sven,
This is not entirely accurate -
The solution introduced at commit hash cb56de8808cec33b7599828ead890f52e32bcaea solves
the problem for a specific case in which we have a multiple login in a very short interval
of time -
mainly due to attempt to login from webadmin, while UI plugin tries to login as well.
We have an "anti flood" mechanism for events, allowing us to define an interval,
in which an event will not be logged twice. In the case of the login event this is set to
5 seconds, which is enough to solve the above described scenario.
I also do not understand how you would manage a stored authentication
via REST as REST is stateless.
I would appreciate any feedback or thoughts on this topic.
--
Mit freundlichen Grüßen / Regards
Sven Kieske
Systemadministrator
Mittwald CM Service GmbH & Co. KG
Königsberger Straße 6
32339 Espelkamp
T: +49-5772-293-100
F: +49-5772-293-333
https://www.mittwald.de
Geschäftsführer: Robert Meyer
St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen
Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen
_______________________________________________
Engine-devel mailing list
Engine-devel(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-devel