Adding support for the octavia listener X-Forwarded-Proto header insertion.
Adding support for the octavia listener X-Forwarded-Proto header insertion. A X-Forwarded-Proto header is inserted into the end of request to the backend member. HTTP for the HTTP listener protocol type, HTTPS for the TERMINATED_HTTPS listener protocol type. Adding X-Forwarded-Proto to the list of HTTP headers which are supported. File: octavia/master/octavia/octavia/common/constants.py: SUPPORTED_HTTP_HEADERS = ['X-Forwarded-For', 'X-Forwarded-Port', 'X-Forwarded-Proto'] Adding the lines to the macros.j2 realizing the the http/https insertion to the backend member according to listener protocol type: File: octavia/common/jinja/haproxy/templates/macros.j2 {% if listener.insert_headers.get('X-Forwarded-Proto', 'False').lower() == 'true' %} {% if listener.protocol.lower() == constants.PROTOCOL_HTTP.lower() %} http-request set-header X-Forwarded-Proto http {% elif listener.protocol.lower() == constants.PROTOCOL_TERMINATED_HTTPS.lower() %} http-request set-header X-Forwarded-Proto https {% endif %} {% endif %} Change-Id: Id017bb277eebae98f0441663e41d07b40b6e3e38 Story: 2002173 Task: 20038
This commit is contained in:
parent
96cce3ed74
commit
d3f0a50014
@ -164,18 +164,24 @@ Supported HTTP Header Insertions
|
|||||||
header insertions.
|
header insertions.
|
||||||
|
|
||||||
|
|
||||||
+------------------+--------+------------------------------------------------+
|
+-------------------+--------+------------------------------------------------+
|
||||||
| Key | Value | Description |
|
| Key | Value | Description |
|
||||||
+==================+========+================================================+
|
+===================+========+================================================+
|
||||||
| X-Forwarded-For | string | When "``true``" a ``X-Forwarded-For`` header |
|
| X-Forwarded-For | string | When "``true``" a ``X-Forwarded-For`` header |
|
||||||
| | | is inserted into the request to the backend |
|
| | | is inserted into the request to the backend |
|
||||||
| | | ``member`` that specifies the client IP |
|
| | | ``member`` that specifies the client IP |
|
||||||
| | | address. |
|
| | | address. |
|
||||||
+------------------+--------+------------------------------------------------+
|
+-------------------+--------+------------------------------------------------+
|
||||||
| X-Forwarded-Port | string | When "``true``" a ``X-Forwarded-Port`` header |
|
| X-Forwarded-Port | string | When "``true``" a ``X-Forwarded-Port`` header |
|
||||||
| | | is inserted into the request to the backend |
|
| | | is inserted into the request to the backend |
|
||||||
| | | ``member`` that specifies the listener port. |
|
| | | ``member`` that specifies the listener port. |
|
||||||
+------------------+--------+------------------------------------------------+
|
+-------------------+--------+------------------------------------------------+
|
||||||
|
| X-Forwarded-Proto | string | When "``true``" a ``X-Forwarded-Proto`` header |
|
||||||
|
| | | is inserted into the request to the backend |
|
||||||
|
| | | ``member``. HTTP for the HTTP listener |
|
||||||
|
| | | protocol type, HTTPS for the TERMINATED_HTTPS |
|
||||||
|
| | | listener protocol type. |
|
||||||
|
+-------------------+--------+------------------------------------------------+
|
||||||
|
|
||||||
Request Example
|
Request Example
|
||||||
----------------
|
----------------
|
||||||
|
@ -445,19 +445,25 @@ contains the following:
|
|||||||
As of the writing of this specification the Supported HTTP Header Insertions
|
As of the writing of this specification the Supported HTTP Header Insertions
|
||||||
are:
|
are:
|
||||||
|
|
||||||
+-------------------+------+------------------------------------------------+
|
+-------------------+--------+------------------------------------------------+
|
||||||
| Key | Type | Description |
|
| Key | Type | Description |
|
||||||
+===================+======+================================================+
|
+===================+========+================================================+
|
||||||
| X-Forwarded-For | bool | When True a X-Forwarded-For header is inserted |
|
| X-Forwarded-For | bool | When True a X-Forwarded-For header is inserted |
|
||||||
| | | into the request to the backend member that |
|
| | | into the request to the backend member that |
|
||||||
| | | specifies the client IP address. |
|
| | | specifies the client IP address. |
|
||||||
+-------------------+------+------------------------------------------------+
|
+-------------------+--------+------------------------------------------------+
|
||||||
| X-Forwarded-Port | int | A X-Forwarded-Port header is inserted into the |
|
| X-Forwarded-Port | int | A X-Forwarded-Port header is inserted into the |
|
||||||
| | | request to the backend member that specifies |
|
| | | request to the backend member that specifies |
|
||||||
| | | the integer provided. Typically this is used to|
|
| | | the integer provided. Typically this is used to|
|
||||||
| | | indicate the port the client connected to on |
|
| | | indicate the port the client connected to on |
|
||||||
| | | the load balancer. |
|
| | | the load balancer. |
|
||||||
+-------------------+------+------------------------------------------------+
|
+-------------------+--------+------------------------------------------------+
|
||||||
|
| X-Forwarded-Proto | bool | A X-Forwarded-Proto header is inserted into |
|
||||||
|
| | | the end of request to the backend member. |
|
||||||
|
| | | HTTP for the HTTP listener protocol type, |
|
||||||
|
| | | HTTPS for the TERMINATED_HTTPS listener |
|
||||||
|
| | | protocol type. |
|
||||||
|
+-------------------+--------+------------------------------------------------+
|
||||||
|
|
||||||
**Creating a Fully Populated Listener**
|
**Creating a Fully Populated Listener**
|
||||||
|
|
||||||
|
@ -412,7 +412,8 @@ AMPHORA_NAMESPACE = 'amphora-haproxy'
|
|||||||
|
|
||||||
# List of HTTP headers which are supported for insertion
|
# List of HTTP headers which are supported for insertion
|
||||||
SUPPORTED_HTTP_HEADERS = ['X-Forwarded-For',
|
SUPPORTED_HTTP_HEADERS = ['X-Forwarded-For',
|
||||||
'X-Forwarded-Port']
|
'X-Forwarded-Port',
|
||||||
|
'X-Forwarded-Proto']
|
||||||
|
|
||||||
FLOW_DOC_TITLES = {'AmphoraFlows': 'Amphora Flows',
|
FLOW_DOC_TITLES = {'AmphoraFlows': 'Amphora Flows',
|
||||||
'LoadBalancerFlows': 'Load Balancer Flows',
|
'LoadBalancerFlows': 'Load Balancer Flows',
|
||||||
|
@ -257,6 +257,15 @@ backend {{ pool.id }}
|
|||||||
http-request set-header X-Forwarded-Port %[dst_port]
|
http-request set-header X-Forwarded-Port %[dst_port]
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
{% if listener.insert_headers.get('X-Forwarded-Proto',
|
||||||
|
'False').lower() == 'true' %}
|
||||||
|
{% if listener.protocol.lower() == constants.PROTOCOL_HTTP.lower() %}
|
||||||
|
http-request set-header X-Forwarded-Proto http
|
||||||
|
{% elif listener.protocol.lower() ==
|
||||||
|
constants.PROTOCOL_TERMINATED_HTTPS.lower() %}
|
||||||
|
http-request set-header X-Forwarded-Proto https
|
||||||
|
{% endif %}
|
||||||
|
{% endif %}
|
||||||
{% if listener.connection_limit is defined %}
|
{% if listener.connection_limit is defined %}
|
||||||
fullconn {{ listener.connection_limit }}
|
fullconn {{ listener.connection_limit }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
@ -0,0 +1,4 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
Adding support for the listener X-Forwarded-Proto header insertion.
|
Loading…
Reference in New Issue
Block a user