Differential D13421

Prevent rapid AWS calls being made due to SSH test returning quickly
AbandonedPublic
Actions

Authored by hach-que on Jun 25 2015, 5:46 AM.

Details

Reviewers

epriestley

Group Reviewers

Blessed Reviewers

Summary

This prevents the EC2 blueprint from hammering the AWS API when SSH or WinRM start returning immediately.

We observe this scenario occurring frequently, but we just don't have access to the internal Amazon implementation to find out why their networking behaves like this (does the connection terminate while EC2 is assigning IPs, does the connection terminate because the box temporarily brings up a firewall that REJECTs instead of DROPs, etc.) The actual causes for why the connection might be refused instead of waiting for the timeout are numerable and impossible to know (and may vary for different people).

This bug fix is required because in the event the connections are refused, we don't want to hammer the EC2 API in a fast-running loop and consume all of the API credits. When all of the API credits / limits have been exhausted for the time period, AWS blocks API access to all applications on the account, and thus when this scenario occurs, Phabricator essentially ends up DoS'ing any other applications using the AWS API.

Test Plan

Tested in production.

Diff Detail

Lint

Lint Passed

Unit

Test Failures

Build Status

Buildable 6986
Build 7030: [Placeholder Plan] Wait for 30 Seconds
Build 7029: arc lint + arc unit

Unit TestsFailed
View All

	Time	Test
	186 ms	PhabricatorCelerityTestCase::Unknown Unit Message ("")
	1,669 ms	PhabricatorLibraryTestCase::Unknown Unit Message ("")
	4 ms	DrydockBlueprintImplementationTestCase::Unknown Unit Message ("")
	10 ms	PhabricatorConduitTestCase::Unknown Unit Message ("")
	0 ms	PhabricatorInfrastructureTestCase::Unknown Unit Message ("")
		View Full Test Results (2 Failed · 6 Passed)

Event Timeline

hach-que updated this revision to Diff 32502.Jun 25 2015, 5:46 AM

hach-que retitled this revision from to Prevent rapid AWS calls being made due to SSH test returning quickly.

hach-que updated this object.

hach-que edited the test plan for this revision. (Show Details)

hach-que added a reviewer: epriestley.

Herald added a reviewer: Blessed Reviewers. · View Herald TranscriptJun 25 2015, 5:46 AM

Herald added subscribers: Korvin, epriestley. · View Herald Transcript

Fix issues with calculation of sleep time

(under certain, unknown conditions).

I don't want to upstream this kind of stuff.

This revision now requires changes to proceed.Aug 8 2015, 6:55 PM

In D13421#150566, @epriestley wrote:

(under certain, unknown conditions).

I don't want to upstream this kind of stuff.

To be clear "certain, unknown conditions" doesn't mean "it doesn't happen". We observe this scenario occurring frequently, we just don't have access to the internal Amazon implementation to find out why their networking behaves like this (does the connection terminate while EC2 is assigning IPs, does the connection terminate because the box temporarily brings up a firewall that REJECTs instead of DROPs, etc.) The actual causes for why the connection might be refused instead of waiting for the timeout are numerable and impossible to know (and may vary for different people).

But this bug fix is still required because in the event the connections are refused, we don't want to hammer the EC2 API in a fast-running loop and consume all of the API credits. When all of the API credits / limits have been exhausted for the time period, AWS blocks API access to all applications on the account, and thus when this scenario occurs, Phabricator essentially ends up DoS'ing any other applications using the AWS API.

hach-que updated this object.Aug 24 2015, 5:51 AM

hach-que edited edge metadata.

• cyn0228.ch added a task: T5375: Tokenizers fail in Firefox on Android.Sep 7 2015, 10:42 PM

chad removed a task: T5375: Tokenizers fail in Firefox on Android.Sep 7 2015, 10:45 PM

hach-que abandoned this revision.Dec 3 2015, 8:56 AM