Details
-
Bug
-
Status: Resolved (View Workflow)
-
Critical
-
Resolution: Fixed
-
-
Jenkins 2.184
Description
The last few week/months all our Jenkins users experience very a very slow web GUI after some time.
Situation:
- In a clean browser (no cache, cookies) Jenkins is very fast
- After some time (workday - 8 hours of active Jenkins use), Jenkins GUI starts to slow down:
Loading jobs takes 10+ seconds, loading of static resources are very long pending etc.
Jenkins just isn't workable for users at that time. - Logging out + in again does not fix it for that user.
- Removing the ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE cookie fixes everything for that user and makes Jenkins blazing fast again.
So, what happens with the ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE?
Why does it cause the slowness after hours of use?
[update]
SECURITY-901 / CVE-2019-1003004 in Jenkins 2.150.2 introduced a security fix, but with a side effect that after some time (hours) the Jenkins GUI for that user starts to slow down to a crawl.
Attachments
Issue Links
- links to
Activity
Field | Original Value | New Value |
---|---|---|
Description |
The last few week/months all our Jenkins users experience very a very slow web GUI after some time. Situation: * In a clean browser (no cache, cookies) Jenkins is very fast * After some time (workday - 8 hours of active Jenkins use), Jenkins GUI starts to slow down: Loading jobs takes 10+ seconds, loading of static resources are very long pending etc. Jenkins just isn't workable for users at that time. * Logging out + in again does not fix it for that user. * _Removing the ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE cookie fixes everything for that user and makes Jenkins blazing fast again._ So, what happens with the _ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE?_ Why does it cause the slowness after hours of use? |
The last few week/months all our Jenkins users experience very a very slow web GUI after some time. Situation: * In a clean browser (no cache, cookies) Jenkins is very fast * After some time (workday - 8 hours of active Jenkins use), Jenkins GUI starts to slow down: Loading jobs takes 10+ seconds, loading of static resources are very long pending etc. Jenkins just isn't workable for users at that time. * Logging out + in again does not fix it for that user. * _Removing the ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE cookie fixes everything for that user and makes Jenkins blazing fast again._ So, what happens with the _ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE?_ Why does it cause the slowness after hours of use? |
Priority | Minor [ 4 ] | Major [ 3 ] |
Description |
The last few week/months all our Jenkins users experience very a very slow web GUI after some time. Situation: * In a clean browser (no cache, cookies) Jenkins is very fast * After some time (workday - 8 hours of active Jenkins use), Jenkins GUI starts to slow down: Loading jobs takes 10+ seconds, loading of static resources are very long pending etc. Jenkins just isn't workable for users at that time. * Logging out + in again does not fix it for that user. * _Removing the ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE cookie fixes everything for that user and makes Jenkins blazing fast again._ So, what happens with the _ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE?_ Why does it cause the slowness after hours of use? |
The last few week/months all our Jenkins users experience very a very slow web GUI after some time. Situation: * In a clean browser (no cache, cookies) Jenkins is very fast * After some time (workday - 8 hours of active Jenkins use), Jenkins GUI starts to slow down: Loading jobs takes 10+ seconds, loading of static resources are very long pending etc. Jenkins just isn't workable for users at that time. * Logging out + in again does not fix it for that user. * _Removing the ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE cookie fixes everything for that user and makes Jenkins blazing fast again._ So, what happens with the _ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE?_ Why does it cause the slowness after hours of use? [update] |
Description |
The last few week/months all our Jenkins users experience very a very slow web GUI after some time. Situation: * In a clean browser (no cache, cookies) Jenkins is very fast * After some time (workday - 8 hours of active Jenkins use), Jenkins GUI starts to slow down: Loading jobs takes 10+ seconds, loading of static resources are very long pending etc. Jenkins just isn't workable for users at that time. * Logging out + in again does not fix it for that user. * _Removing the ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE cookie fixes everything for that user and makes Jenkins blazing fast again._ So, what happens with the _ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE?_ Why does it cause the slowness after hours of use? [update] |
The last few week/months all our Jenkins users experience very a very slow web GUI after some time. Situation: * In a clean browser (no cache, cookies) Jenkins is very fast * After some time (workday - 8 hours of active Jenkins use), Jenkins GUI starts to slow down: Loading jobs takes 10+ seconds, loading of static resources are very long pending etc. Jenkins just isn't workable for users at that time. * Logging out + in again does not fix it for that user. * _Removing the ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE cookie fixes everything for that user and makes Jenkins blazing fast again._ So, what happens with the _ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE?_ Why does it cause the slowness after hours of use? _*[update]*_ _*SECURITY-901 / CVE-2019-1003004 in Jenkins 2.150.2 introduced a security fix, but with a side effect that after some time (hours) the Jenkins GUI for that user starts to slow down to a crawl.*_ |
Attachment | Thread dump [Jenkins].html [ 46514 ] |
Attachment | Thread dump2 [Jenkins].html [ 46516 ] |
Priority | Major [ 3 ] | Critical [ 2 ] |
Labels | user-experience |
Assignee | Matt Sicker [ jvz ] |
Status | Open [ 1 ] | In Progress [ 3 ] |
Status | In Progress [ 3 ] | In Review [ 10005 ] |
Remote Link | This issue links to "PR-4096 (Web Link)" [ 23141 ] |
Status | In Review [ 10005 ] | In Progress [ 3 ] |
Status | In Progress [ 3 ] | In Review [ 10005 ] |
Labels | user-experience | lts-candidate user-experience |
Released As | Jenkins 2.184 | |
Resolution | Fixed [ 1 ] | |
Status | In Review [ 10005 ] | Resolved [ 5 ] |
Labels | lts-candidate user-experience | 2.176.3-fixed user-experience |
We are also experiencing this problem on the latest LTS release (2.150.3)