Bug ID 521272: Fixed memory leak in restjavad's Authentication Token worker

Last Modified: May 14, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5

Fixed In:
12.1.0, 12.0.0, 11.6.0 HF6

Opened: May 04, 2015
Severity: 3-Major
Related AskF5 Article:
K16751

Symptoms

There is a memory leak that causes the Authentication Token worker to run Out of Memory after approximately 27,000 token requests, when running with 96 MB image on a BIG-IP system. Any service might receive the OutOfMemory exception, so the external symptoms might vary (e.g., Socket failure, Bad Gateway, and others). To identify this issue, check for Out Of Memory exceptions in /var/log/restjavad.0.log.

Impact

It takes a long time to log in 27,000 times, when logons come in through the GUI.

Conditions

This usually occurs when scripting against the rest interface. On a vCMP guest, guestagentd generates an authentication token every 90 seconds so that hostagentd on the vCMP hypervisor can make periodic REST calls to the guest. This info is used to populate the 'tmsh show vcmp health' stats.

Workaround

Restart restjavad after 10,000 tokens. To stop auth token generation on vCMP guests, on the hypervisor run the commands: -- tmsh modify vcmp guest all capabilities add { stats isolated-mode }. -- bigstart restart hostagentd

Fix Information

Fixes a memory leak in Authentication Token mechanism in restjavad.

Behavior Change