yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #57600
[Bug 1590608] Re: Services should use http_proxy_to_wsgi middleware
this is also needed in Heat's CFN endpoint. The API endpoint uses it
already.
** Also affects: heat
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1590608
Title:
Services should use http_proxy_to_wsgi middleware
Status in Aodh:
In Progress
Status in Barbican:
New
Status in Ceilometer:
In Progress
Status in Cinder:
Fix Released
Status in Glance:
Fix Released
Status in Gnocchi:
In Progress
Status in heat:
In Progress
Status in OpenStack Identity (keystone):
Fix Released
Status in neutron:
In Progress
Status in OpenStack DBaaS (Trove):
In Progress
Bug description:
It's a common problem when putting a service behind a load balancer to
need to forward the Protocol and hosts of the original request so that
the receiving service can construct URLs to the loadbalancer and not
the private worker node.
Most services have implemented some form of secure_proxy_ssl_header =
HTTP_X_FORWARDED_PROTO handling however exactly how this is done is
dependent on the service.
oslo.middleware provides the http_proxy_to_wsgi middleware that
handles these headers and the newer RFC7239 forwarding header and
completely hides the problem from the service.
This middleware should be adopted by all services in preference to
their own HTTP_X_FORWARDED_PROTO handling.
To manage notifications about this bug go to:
https://bugs.launchpad.net/aodh/+bug/1590608/+subscriptions
References