Add http_proxy_to_wsgi to api-paste

This sets up the HTTPProxyToWSGI middleware in front of Aodh. The
purpose of thise middleware is to set up the request URL correctly in
case there is a proxy (For instance, a loadbalancer such as HAProxy)
in front of Aodh.

So, for instance, when TLS connections are being terminated in the
proxy, and one tries to get the versions from the / resource of
Aodh, one will notice that the protocol is incorrect; It will show
'http' instead of 'https'. So this middleware handles such cases.
Thus helping Keystone discovery work correctly.

The HTTPProxyToWSGI is off by default and needs to be enabled via a
configuration value.

Change-Id: If2ada8a94c8e1ceacd4509605b4cd766a78f71d5
Closes-Bug: #1590608
This commit is contained in:
Juan Antonio Osorio Robles 2016-10-10 09:23:11 +03:00
parent 157415d3e3
commit 0f2a80d8ef

View File

@ -5,7 +5,7 @@
# Remove authtoken from the pipeline if you don't want to use keystone authentication
[pipeline:main]
pipeline = cors request_id authtoken api-server
pipeline = cors http_proxy_to_wsgi request_id authtoken api-server
[app:api-server]
paste.app_factory = aodh.api.app:app_factory
@ -20,3 +20,7 @@ paste.filter_factory = oslo_middleware:RequestId.factory
[filter:cors]
paste.filter_factory = oslo_middleware.cors:filter_factory
oslo_config_project = aodh
[filter:http_proxy_to_wsgi]
paste.filter_factory = oslo_middleware.http_proxy_to_wsgi:HTTPProxyToWSGI.factory
oslo_config_project = aodh