[Jenkins-infra] Excessive api/json access on ci.jenkins-ci.org

R. Tyler Croy tyler at monkeypox.org
Tue Oct 2 16:18:42 UTC 2012


On Tue, 02 Oct 2012, Kohsuke Kawaguchi wrote:

> Since yesterday, HTTP service on cucumber is flipping on Nagios.
> 
> I looked at mod_status output, and there are excessive number of
> requests to various JSON API endpoints. I manually baned two of them
> in iptables, but there seems to be a larger number of clients
> incurring more loads from all sorts of IP addresses. Interestingly,
> all the user agents are Apple WebKit.
> 
> I suspect these requests are keeping Apache occupied and occasionally
> cause the service to exceed the 10 sec connection timeout.
> 
> I need to head to JavaOne, but just wanted to share the outcome of my
> little investigation thus far.
> 
> I wonder if we can strip away anonymous read access to
> ci.jenkins-ci.org from temporarily during JavaOne. I'd like apache to
> serve jenkins-ci.org, and this is the week we are getting extra
> visibility.

I went ahead and disabled anonymous read access temporarily.


- R. Tyler Croy
--------------------------------------
    Code: https://github.com/rtyler
 Chatter: https://twitter.com/agentdero
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.jenkins-ci.org/pipermail/jenkins-infra/attachments/20121002/8cb09589/attachment.asc>


More information about the Jenkins-infra mailing list