Maximum Queue Depth of On-Demand Registry Scans in Prisma Cloud Compute
3575
Created On 04/07/23 20:59 PM - Last Modified 02/10/25 21:11 PM
Symptom
This article stresses on the possibility of potential overwhelming of the On-Demand registry scan queue. We are not sure about the exact symptoms yet since we are referring to a hypothetical situation.
- The potential symptom as confirmed by the backend team is that the Console might go Out-of-Memory (OOM)
- If you see error messages/rejects from the Console side, that might mean that the message is not accepted by the Defender, thus it stays in the Console queue
Environment
- Prisma Cloud Compute - Self-hosted & SaaS (All versions)
- Registry (GCR, ECR, & more)
Cause
The On-Demand queue usually causes no issues due to the small size of its requests, however, if it is to cause any issue, that might affect the Console's virtual memory, which could cause the Console to go Out-Of-Memory (OOM) as discussed before.
Resolution
- If we initiate a restart of the Console, the stored or lined requests in the queue will clean up given it is stored in the Console's memory, which is reset on rebooting the Console
- We do not have a hard limit on the number of On-Demand registry scan requests that can be made
Additional Information
Important documents related to this issue: