Browse Source

Allow operators to customize max header size

HTTP messages max header line size has been increased from 8K to 16K
by default to allow using tokens including up to 14-15 catalog
entries. The same issue (https://bugs.launchpad.net/swift/+bug/119014)
may occur again in the future, if Keystone's catalog grows further.

Allowing operators to customize the max header size, will allow them
to have Nova working whatever the size of the catalog (if the option
is properly set).

Related-Bug: #1190149
DocImpact

Change-Id: I96694ac9bc242267cfc9f4d0c18b2b7fe0000460
tags/2014.1.b3
Florent Flament 5 years ago
parent
commit
933f1dca36
3 changed files with 22 additions and 3 deletions
  1. 6
    0
      etc/nova/nova.conf.sample
  2. 8
    0
      nova/tests/test_wsgi.py
  3. 8
    3
      nova/wsgi.py

+ 6
- 0
etc/nova/nova.conf.sample View File

@@ -513,6 +513,12 @@
513 513
 # value)
514 514
 #wsgi_default_pool_size=1000
515 515
 
516
+# Maximum line size of message headers to be accepted.
517
+# max_header_line may need to be increased when using large
518
+# tokens (typically those generated by the Keystone v3 API
519
+# with big service catalogs). (integer value)
520
+#max_header_line=16384
521
+
516 522
 
517 523
 #
518 524
 # Options defined in nova.api.auth

+ 8
- 0
nova/tests/test_wsgi.py View File

@@ -21,18 +21,21 @@ import tempfile
21 21
 import testtools
22 22
 
23 23
 import eventlet
24
+import eventlet.wsgi
24 25
 import requests
25 26
 
26 27
 import nova.exception
27 28
 from nova import test
28 29
 from nova.tests import utils
29 30
 import nova.wsgi
31
+from oslo.config import cfg
30 32
 import urllib2
31 33
 import webob
32 34
 
33 35
 SSL_CERT_DIR = os.path.normpath(os.path.join(
34 36
                                 os.path.dirname(os.path.abspath(__file__)),
35 37
                                 'ssl_cert'))
38
+CONF = cfg.CONF
36 39
 
37 40
 
38 41
 class TestLoaderNothingExists(test.NoDBTestCase):
@@ -100,6 +103,11 @@ class TestWSGIServer(test.NoDBTestCase):
100 103
         server = nova.wsgi.Server("test_app", None)
101 104
         self.assertEqual("test_app", server.name)
102 105
 
106
+    def test_custom_max_header_line(self):
107
+        CONF.max_header_line = 4096  # Default value is 16384.
108
+        server = nova.wsgi.Server("test_custom_max_header_line", None)
109
+        self.assertEqual(CONF.max_header_line, eventlet.wsgi.MAX_HEADER_LINE)
110
+
103 111
     def test_start_random_port(self):
104 112
         server = nova.wsgi.Server("test_random_port", None,
105 113
                                   host="127.0.0.1", port=0)

+ 8
- 3
nova/wsgi.py View File

@@ -38,9 +38,6 @@ from nova.openstack.common import excutils
38 38
 from nova.openstack.common.gettextutils import _
39 39
 from nova.openstack.common import log as logging
40 40
 
41
-# Raise the default from 8192 to accommodate large tokens
42
-eventlet.wsgi.MAX_HEADER_LINE = 16384
43
-
44 41
 wsgi_opts = [
45 42
     cfg.StrOpt('api_paste_config',
46 43
                default="api-paste.ini",
@@ -66,6 +63,12 @@ wsgi_opts = [
66 63
     cfg.IntOpt('wsgi_default_pool_size',
67 64
                default=1000,
68 65
                help="Size of the pool of greenthreads used by wsgi"),
66
+    cfg.IntOpt('max_header_line',
67
+               default=16384,
68
+               help="Maximum line size of message headers to be accepted. "
69
+                    "max_header_line may need to be increased when using "
70
+                    "large tokens (typically those generated by the "
71
+                    "Keystone v3 API with big service catalogs)."),
69 72
     ]
70 73
 CONF = cfg.CONF
71 74
 CONF.register_opts(wsgi_opts)
@@ -93,6 +96,8 @@ class Server(object):
93 96
         :returns: None
94 97
         :raises: nova.exception.InvalidInput
95 98
         """
99
+        # Allow operators to customize http requests max header line size.
100
+        eventlet.wsgi.MAX_HEADER_LINE = CONF.max_header_line
96 101
         self.name = name
97 102
         self.app = app
98 103
         self._server = None

Loading…
Cancel
Save