search

F5Networks / f5-appsvcs-templates

F5 BIG-IP Application Service Templates (FAST)
Apache License 2.0
32 stars 13 forks source link

GUI issue - net::ERR_INSUFFICIENT_RESOURCES #88

Closed pwhitef5 closed 2 years ago

pwhitef5 commented 2 years ago

Environment

Summary

When connecting to the FAST GUI, shortly after the FAST Templates page is loaded the GUI crashes ie the swirl comes up, BIG-IP disconnect message comes up and eventually reconnects. Lots ie thousands of console messages of "Failed to load resource: net::ERR_INSUFFICIENT_RESOURCES" and "Failed to load resource: the server responded with a status of 406 (Not Acceptable)" pointing at /mgmt/shared/authz/tokens. These mention the PATCH method and this seems to be related to trying to renew the authz token. When i click on the authz link in the console and go to the REST endpoint myself ( using GET, obviously ) then I can see the token is present. If I perform a PATCH to update the timeout using POSTMAN, it accepts this with 200 OK.

This is an F5 internal VE which has only LTM provisioned and medium management.

This also happens when in Incognito browser mode, and is the same in both Chrome (96.0.4664.110) and MS Edge

image

delgadillo22 commented 2 years ago

Hi, I've added this to our internal backlog as MYSTIQUE-528 for investigation.

pwhitef5 commented 2 years ago

I have looked into this further and found the issue - after retrieving the auth token it then uses PATCH and tries to change the timeout value to be 123456789 secs. However, this is more than the maximum timeout which is 36000 secs. You can test this yourself with Postman by trying to patch a token with timeout greater than 36000 secs ( 36000 gives a 200 OK, 36001 gives a 406 error with message "Auth-token absolute timeout (36000 seconds) exceeded: 36001 seconds").

The reason why this leads to GUI crashing is that it immediately loops on any error which is not 404, so there are 45K+ PATCH requests sent by the browser which consumes all of the resources and causes GUI crash.

Seems like a simple fix to me - change the timeout to 36000 instead of 123456789. Maybe improve failure handling as well ie don't just infinite loop.

pwhitef5 commented 2 years ago

As a workaround, you can edit the file /var/config/rest/iapps/f5-appsvcs-templates/presentation/bundle.js and set if(o.token&&o.timeout>1200) to be if(o.token&&o.timeout<1200)

shyawnkarim commented 2 years ago

The 12346789 value is coming from your System -> Preferences :: Idle Time Before Automatic Logout setting. Values between 20 and 2147483647 can be used but, as a workaround, you can change the value to 36000 until this is fixed in the next release.

shyawnkarim commented 2 years ago

Closing. This issue was resolved with Release 1.15.0.