[Engine-devel] Question about Engine user session timeout
Hi guys, I see two different config values for dealing with Engine user session timeout. First, from packaging/etc/engine-config/engine-config.properties file: - UserSessionTimeOutInterval.description=Session timeout interval in minutes, after which it will be expired and clean. A negative value indicates the session should never timeout. - UserSessionTimeOutInvalidationInterval.description=Session timeout invalidation interval in minutes. Specifies the interval in which the invalidation check should occur. Then, in org.ovirt.engine.core.common.config.ConfigValues enum: - UserSessionTimeOutInterval (default 30) - UserSessionTimeOutInvalidationInterval (default 30) Looking at Backend#Initialize, both of these values are used when scheduling "cleanExpiredUsersSessions" job: - UserSessionTimeOutInterval = initialDelay param, i.e. the initial delay before the first activation [SchedulerUtil#scheduleAFixedDelayJob] - UserSessionTimeOutInvalidationInterval = taskDelay param, i.e. the delay between jobs [SchedulerUtil#scheduleAFixedDelayJob] So if I read this correctly, if UserSessionTimeOutInterval=100 then UserSessionTimeOutInvalidationInterval is relevant only after first 100min of Engine uptime. Why do we have two different config values for Engine user session timeout? i.e. why don't we use same value for both initialDelay & taskDelay param? Thanks, Vojtech
On 10/21/2013 02:55 PM, Vojtech Szocs wrote:
Hi guys,
I see two different config values for dealing with Engine user session timeout.
First, from packaging/etc/engine-config/engine-config.properties file: - UserSessionTimeOutInterval.description=Session timeout interval in minutes, after which it will be expired and clean. A negative value indicates the session should never timeout. - UserSessionTimeOutInvalidationInterval.description=Session timeout invalidation interval in minutes. Specifies the interval in which the invalidation check should occur.
Then, in org.ovirt.engine.core.common.config.ConfigValues enum: - UserSessionTimeOutInterval (default 30) - UserSessionTimeOutInvalidationInterval (default 30)
Looking at Backend#Initialize, both of these values are used when scheduling "cleanExpiredUsersSessions" job: - UserSessionTimeOutInterval = initialDelay param, i.e. the initial delay before the first activation [SchedulerUtil#scheduleAFixedDelayJob] - UserSessionTimeOutInvalidationInterval = taskDelay param, i.e. the delay between jobs [SchedulerUtil#scheduleAFixedDelayJob]
So if I read this correctly, if UserSessionTimeOutInterval=100 then UserSessionTimeOutInvalidationInterval is relevant only after first 100min of Engine uptime.
Why do we have two different config values for Engine user session timeout? i.e. why don't we use same value for both initialDelay & taskDelay param?
you may want to be more strict, and invalidate sessions after 30 minutes and check for that every minute?
----- Original Message -----
From: "Itamar Heim" <iheim@redhat.com> To: "Vojtech Szocs" <vszocs@redhat.com> Cc: "engine-devel" <engine-devel@ovirt.org> Sent: Tuesday, October 22, 2013 8:18:56 AM Subject: Re: [Engine-devel] Question about Engine user session timeout
On 10/21/2013 02:55 PM, Vojtech Szocs wrote:
Hi guys,
I see two different config values for dealing with Engine user session timeout.
First, from packaging/etc/engine-config/engine-config.properties file: - UserSessionTimeOutInterval.description=Session timeout interval in minutes, after which it will be expired and clean. A negative value indicates the session should never timeout. - UserSessionTimeOutInvalidationInterval.description=Session timeout invalidation interval in minutes. Specifies the interval in which the invalidation check should occur.
Then, in org.ovirt.engine.core.common.config.ConfigValues enum: - UserSessionTimeOutInterval (default 30) - UserSessionTimeOutInvalidationInterval (default 30)
Looking at Backend#Initialize, both of these values are used when scheduling "cleanExpiredUsersSessions" job: - UserSessionTimeOutInterval = initialDelay param, i.e. the initial delay before the first activation [SchedulerUtil#scheduleAFixedDelayJob] - UserSessionTimeOutInvalidationInterval = taskDelay param, i.e. the delay between jobs [SchedulerUtil#scheduleAFixedDelayJob]
So if I read this correctly, if UserSessionTimeOutInterval=100 then UserSessionTimeOutInvalidationInterval is relevant only after first 100min of Engine uptime.
Why do we have two different config values for Engine user session timeout? i.e. why don't we use same value for both initialDelay & taskDelay param?
you may want to be more strict, and invalidate sessions after 30 minutes and check for that every minute?
Well, my motivation was to understand both config values before I'll attempt to use them in server-side Engine code. I'm working on client-side-only improvement of UI Plugin vs. REST API integration [proper server-side RFE is here https://bugzilla.redhat.com/1019921], dealing with a situation when "REST API timeout > Engine session timeout" and its consequences; I'd like UI to create REST API session with timeout equal to Engine session timeout. However, as we have two distinct values for Engine session timeout, I guess my best shot is to do "min(UserSessionTimeOutInterval,UserSessionTimeOutInvalidationInterval)" and expose both via admin-only GetConfigurationValue query, but I'm not sure this is the best approach..
On 10/22/2013 10:12 AM, Vojtech Szocs wrote:
However, as we have two distinct values for Engine session timeout, I guess my best shot is to do "min(UserSessionTimeOutInterval,UserSessionTimeOutInvalidationInterval)" and expose both via admin-only GetConfigurationValue query, but I'm not sure this is the best approach..
shouldn't that be sum() rather than min?
----- Original Message -----
From: "Itamar Heim" <iheim@redhat.com> To: "Vojtech Szocs" <vszocs@redhat.com> Cc: "engine-devel" <engine-devel@ovirt.org> Sent: Tuesday, October 22, 2013 12:22:14 PM Subject: Re: [Engine-devel] Question about Engine user session timeout
On 10/22/2013 10:12 AM, Vojtech Szocs wrote:
However, as we have two distinct values for Engine session timeout, I guess my best shot is to do "min(UserSessionTimeOutInterval,UserSessionTimeOutInvalidationInterval)" and expose both via admin-only GetConfigurationValue query, but I'm not sure this is the best approach..
shouldn't that be sum() rather than min?
IIUC, the first config value (UserSessionTimeOutInterval) represents the delay between Engine startup and first "cleanExpiredUsersSessions" job execution. The second config value (UserSessionTimeOutInvalidationInterval) is the delay between subsequent executions of this job. This is why I thought it should be min() out of these two; user could open WebAdmin right after Engine startup or anytime after that. Both config values have validValues=-1,1..100000 so -1 could disable first (UserSessionTimeOutInterval) or subsequent (UserSessionTimeOutInvalidationInterval) job execution. I'm still confused why we have two values, though..
On 10/22/2013 01:44 PM, Vojtech Szocs wrote:
----- Original Message -----
From: "Itamar Heim" <iheim@redhat.com> To: "Vojtech Szocs" <vszocs@redhat.com> Cc: "engine-devel" <engine-devel@ovirt.org> Sent: Tuesday, October 22, 2013 12:22:14 PM Subject: Re: [Engine-devel] Question about Engine user session timeout
On 10/22/2013 10:12 AM, Vojtech Szocs wrote:
However, as we have two distinct values for Engine session timeout, I guess my best shot is to do "min(UserSessionTimeOutInterval,UserSessionTimeOutInvalidationInterval)" and expose both via admin-only GetConfigurationValue query, but I'm not sure this is the best approach..
shouldn't that be sum() rather than min?
IIUC, the first config value (UserSessionTimeOutInterval) represents the delay between Engine startup and first "cleanExpiredUsersSessions" job execution. The second config value (UserSessionTimeOutInvalidationInterval) is the delay between subsequent executions of this job. This is why I thought it should be min() out of these two; user could open WebAdmin right after Engine startup or anytime after that.
Both config values have validValues=-1,1..100000 so -1 could disable first (UserSessionTimeOutInterval) or subsequent (UserSessionTimeOutInvalidationInterval) job execution. I'm still confused why we have two values, though..
I may be wrong, but I would bet that the reason for having two configuration options is that the method of the scheduler that we use requires those two parameters. As far as I can tell the only real value of the first parameter (UserSessionTimeOutInterval) is to disable completely session cleanup if the value is negative, and that seems mostly useless, as doing so would generate a memory leak. I would suggest to completely remove the first parameter. I will then be clear that for your purpose the only relevant one is the second. -- Dirección Comercial: C/Jose Bardasano Baos, 9, Edif. Gorbea 3, planta 3ºD, 28016 Madrid, Spain Inscrita en el Reg. Mercantil de Madrid – C.I.F. B82657941 - Red Hat S.L.
Thanks, Juan! Please see my comments inline. ----- Original Message -----
From: "Juan Hernandez" <jhernand@redhat.com> To: "Vojtech Szocs" <vszocs@redhat.com>, "Itamar Heim" <iheim@redhat.com> Cc: "engine-devel" <engine-devel@ovirt.org> Sent: Wednesday, November 13, 2013 11:27:11 AM Subject: Re: [Engine-devel] Question about Engine user session timeout
On 10/22/2013 01:44 PM, Vojtech Szocs wrote:
----- Original Message -----
From: "Itamar Heim" <iheim@redhat.com> To: "Vojtech Szocs" <vszocs@redhat.com> Cc: "engine-devel" <engine-devel@ovirt.org> Sent: Tuesday, October 22, 2013 12:22:14 PM Subject: Re: [Engine-devel] Question about Engine user session timeout
On 10/22/2013 10:12 AM, Vojtech Szocs wrote:
However, as we have two distinct values for Engine session timeout, I guess my best shot is to do "min(UserSessionTimeOutInterval,UserSessionTimeOutInvalidationInterval)" and expose both via admin-only GetConfigurationValue query, but I'm not sure this is the best approach..
shouldn't that be sum() rather than min?
IIUC, the first config value (UserSessionTimeOutInterval) represents the delay between Engine startup and first "cleanExpiredUsersSessions" job execution. The second config value (UserSessionTimeOutInvalidationInterval) is the delay between subsequent executions of this job. This is why I thought it should be min() out of these two; user could open WebAdmin right after Engine startup or anytime after that.
Both config values have validValues=-1,1..100000 so -1 could disable first (UserSessionTimeOutInterval) or subsequent (UserSessionTimeOutInvalidationInterval) job execution. I'm still confused why we have two values, though..
I may be wrong, but I would bet that the reason for having two configuration options is that the method of the scheduler that we use requires those two parameters.
Yes, this makes sense, feels like some general pattern to have scheduled jobs (of whatever kind) parametrized via two parameters, which are just delegated to actual scheduler method.
As far as I can tell the only real value of the first parameter (UserSessionTimeOutInterval) is to disable completely session cleanup if the value is negative, and that seems mostly useless, as doing so would generate a memory leak.
Agreed, "UserSessionTimeOutInterval=-1" is rather meaningless.
I would suggest to completely remove the first parameter. I will then be clear that for your purpose the only relevant one is the second.
Sounds good to me, I'll make a separate patch to consolidate Engine user session timeout into single parameter.
-- Dirección Comercial: C/Jose Bardasano Baos, 9, Edif. Gorbea 3, planta 3ºD, 28016 Madrid, Spain Inscrita en el Reg. Mercantil de Madrid – C.I.F. B82657941 - Red Hat S.L.
participants (3)
-
Itamar Heim -
Juan Hernandez -
Vojtech Szocs