azure_preview_modules icon indicating copy to clipboard operation
azure_preview_modules copied to clipboard

Published 20 hours ago verified publisher icon Azure

azure_rm_keyvaultsecret takes like 4 minutes to insert one secret

Open Sispheor opened this issue 5 years ago • 15 comments

Hi, Do you guys have the same behavior? When I create a secret via this module, it takes like 4 minutes to get inserted. I don't understand why? When i use my web browser for the same action (which is supposed to call the same API) it's almost immediate.

Sispheor avatar Jul 23 '19 08:07 Sispheor

Ok, it's quick when I remove the MSI authentication part from the code..

Sispheor avatar Jul 23 '19 08:07 Sispheor

The module tries to log with MSI even if the user set client_id and secret (for service principal based auth). Would it not be better to skip the MSI auth if those variables are set?

Sispheor avatar Jul 23 '19 09:07 Sispheor

@MyronFanQiu Please take a look at this problem when you are free, thank you!

Fred-sun avatar Jul 30 '19 05:07 Fred-sun

@MyronFanQiu

Fred-sun avatar Aug 23 '19 05:08 Fred-sun

The module tries to log with MSI even if the user set client_id and secret (for service principal based auth). Would it not be better to skip the MSI auth if those variables are set?

If the variable is set, it should be ok to skip. As described in the document, use the msi will choose first subscription_id if there are multiple subscription_id. Thanks a lot!

Fred-sun avatar Aug 28 '19 06:08 Fred-sun

@Sispheor Did the comments above address your doubts? Do you need any other help? Thanks a lot!

Fred-sun avatar Sep 16 '19 05:09 Fred-sun

It seems that the module try in any case to log with MSI. If you look at this part of the code, there is no condition to skip this part.

Sispheor avatar Sep 16 '19 07:09 Sispheor

@Sispheor Thanks for your info, we will look that it!

Fred-sun avatar Sep 16 '19 07:09 Fred-sun

@zikalino Please take a look this issue when you're free! Thanks a lot!

Fred-sun avatar Sep 16 '19 07:09 Fred-sun

Same issue with the lookup plugin https://github.com/Azure/azure_preview_modules/blob/master/lookup_plugins/azure_keyvault_secret.py#L101

bbgobie avatar Sep 30 '19 21:09 bbgobie

@mybayern1974 Would you please take a look this issue? Thank you very much!

Fred-sun avatar Oct 21 '19 07:10 Fred-sun

@mybayern1974 @haiyuazhang

Fred-sun avatar Nov 26 '19 06:11 Fred-sun

@haiyuazhang Would you please help take a look this issue? Thank you very much!

Fred-sun avatar Jan 08 '20 03:01 Fred-sun

Noticing the same issue, it tries to make a connection to the private IP even though I specified a service principal:

2020-03-03 14:36:12,798 urllib3.connectionpool Starting new HTTP connection (1): 169.254.169.254:80 2020-03-03 14:36:12,812 urllib3.connectionpool Starting new HTTP connection (1): 169.254.169.254:80

For now in the limit I added a timeout=10 to the MSI call so it doesn't take several minutes.

ToniCipriani avatar Mar 03 '20 19:03 ToniCipriani

@Sispheor Thank you very much for your interest in Ansible. This repo is no longer maintained in this repository and has been migrated to https://github.com/ansible-collections/azure Please re-submit this Issue in the above repository and closed this. Thank you very much!

Fred-sun avatar May 12 '20 08:05 Fred-sun