Bug #37486
Updated by Romuald Conty 5 months ago
Foreman smart-proxy uses `redfish_client` gem as backend to implement the _Redfish_ implementation for BMC. `redfish_client` is a wrapper around the _Redfish_ REST API available on BMC. This client automatically authenticates authenticate the connection using basic auth, then retrieve a _Redfish_'s session which is a token used in _Redfish_ implementation. _Redfish_ specifications allow single authenticated calls but prefer the session opening before running multiple commands. Basically, multiple commands should be ran using this scheme: 1. login: ie. retrieve a token (session) using basic auth 2. send many commands using the token in headers 3. logout: ie. request the sessions endpoint to delete the current one But in Foreman's implementation, we login but never logout. As side effect, when I go to _BMC_ tab on (old) host UI, many connections to BMC are opened, each one produce a new session and when sessions limit is reached, BMC info can not be retrieved. To test, I used iDRAC 8 using latest firmware (2.86.86.86) which allow me to debug the session creation by Foreman's Smart Proxy, internally made by `redfish_client`. PS: I already have some working code and will provide a PR.