Allow operators to customize max header size

HTTP messages max header line size has been increased from 8K to 16K by default to allow using tokens including up to 14-15 catalog entries. The same issue (https://bugs.launchpad.net/swift/+bug/1190149) may occur again in the future, if keystone's catalog grows further. Allowing operators to customize the max header size, will allow them to have Cinder working whatever the size of the catalog (if the option is properly set). Change-Id: Iac269d96fadc96c1e9383dc03422f2d87196dd9d Related-Bug: #1190149 DocImpact
2014-01-17 10:54:27 +00:00 · 2014-01-17 10:54:27 +00:00 · be163cf102
parent 0e5b1bfe4f
commit be163cf102
2 changed files with 18 additions and 3 deletions
--- a/cinder/wsgi.py
+++ b/cinder/wsgi.py
@ -59,14 +59,21 @@ socket_opts = [
                    "the server securely"),
 ]

+eventlet_opts = [
+    cfg.IntOpt('max_header_line',
+               default=16384,
+               help="Maximum line size of message headers to be accepted. "
+                    "max_header_line may need to be increased when using "
+                    "large tokens (typically those generated by the "
+                    "Keystone v3 API with big service catalogs)."),
+]
+
 CONF = cfg.CONF
 CONF.register_opts(socket_opts)
+CONF.register_opts(eventlet_opts)

 LOG = logging.getLogger(__name__)

-# Raise the default from 8192 to accommodate large tokens
-eventlet.wsgi.MAX_HEADER_LINE = 16384
-

 class Server(object):
    """Server class to manage a WSGI server, serving a WSGI application."""
@ -85,6 +92,8 @@ class Server(object):
        :returns: None

        """
+        # Allow operators to customize http requests max header line size.
+        eventlet.wsgi.MAX_HEADER_LINE = CONF.max_header_line
        self.name = name
        self.app = app
        self._host = host or "0.0.0.0"
--- a/etc/cinder/cinder.conf.sample
+++ b/etc/cinder/cinder.conf.sample
@ -93,6 +93,12 @@
 # Options defined in cinder.wsgi
 #

+# Maximum line size of message headers to be accepted.
+# max_header_line may need to be increased when using large
+# tokens (typically those generated by the Keystone v3 API
+# with big service catalogs). (integer value)
+#max_header_line=16384
+
 # Sets the value of TCP_KEEPIDLE in seconds for each server
 # socket. Not supported on OS X. (integer value)
 #tcp_keepidle=600