Merge "Log source ips instead of controller ips in apache access log"

This commit is contained in:
Zuul 2022-05-25 12:46:23 +00:00 committed by Gerrit Code Review
commit 668f63fd95
15 changed files with 15 additions and 1 deletions

View File

@ -193,6 +193,7 @@ outputs:
- get_attr: [AodhBase, role_data, config_settings]
- get_attr: [ApacheServiceBase, role_data, config_settings]
- apache::default_vhost: false
aodh::wsgi::apache::access_log_format: 'forwarded'
aodh::wsgi::apache::ssl: {get_param: EnableInternalTLS}
aodh::wsgi::apache::servername:
str_replace:

View File

@ -283,6 +283,7 @@ outputs:
barbican::api::notification_driver: {get_param: NotificationDriver}
barbican::api::service_name: 'httpd'
barbican::api::enable_proxy_headers_parsing: true
barbican::wsgi::apache::access_log_format: 'forwarded'
barbican::wsgi::apache::bind_host:
str_replace:
template:

View File

@ -218,6 +218,7 @@ outputs:
"%{lookup('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
cinder::wsgi::apache::access_log_format: 'forwarded'
cinder::wsgi::apache::ssl: {get_param: EnableInternalTLS}
cinder::api::service_name: 'httpd'
# NOTE: bind IP is found in hiera replacing the network name with the local node IP

View File

@ -147,6 +147,7 @@ outputs:
designate::api::api_base_uri: { get_param: [EndpointMap, DesignatePublic, uri_no_suffix] }
designate::api::service_name: 'httpd'
designate::logging::log_file: '/var/log/designate/designate-api.log'
designate::wsgi::apache::access_log_format: 'forwarded'
designate::wsgi::apache::ssl: {get_param: EnableInternalTLS}
designate::wsgi::apache::bind_host:
str_replace:

View File

@ -238,6 +238,7 @@ outputs:
gnocchi::keystone::authtoken::region_name: {get_param: KeystoneRegion}
gnocchi::keystone::authtoken::interface: 'internal'
gnocchi::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
gnocchi::wsgi::apache::access_log_format: 'forwarded'
gnocchi::wsgi::apache::ssl: {get_param: EnableInternalTLS}
gnocchi::wsgi::apache::servername:
str_replace:

View File

@ -150,6 +150,7 @@ outputs:
"%{lookup('$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, HeatApiCfnNetwork]}
heat::wsgi::apache_api_cfn::access_log_format: 'forwarded'
heat::wsgi::apache_api_cfn::ssl: {get_param: EnableInternalTLS}
heat::api_cfn::service_name: 'httpd'
# NOTE: bind IP is found in hiera replacing the network name with the local node IP

View File

@ -178,6 +178,7 @@ outputs:
"%{lookup('$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, HeatApiNetwork]}
heat::wsgi::apache_api::access_log_format: 'forwarded'
heat::wsgi::apache_api::ssl: {get_param: EnableInternalTLS}
heat::wsgi::apache_api::vhost_custom_fragment: 'Timeout 600'
heat::policy::policies: {get_param: HeatApiPolicies}

View File

@ -90,7 +90,7 @@ parameters:
default:
add_listen: true
priority: 10
access_log_format: '%a %l %u %t \"%r\" %>s %b \"%%{}{Referer}i\" \"%%{}{User-Agent}i\"'
access_log_format: '"%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%%{}{Referer}i\" \"%%{}{User-Agent}i\"'
options: ['FollowSymLinks','MultiViews']
description: Extra parameters for Horizon vhost configuration
type: json

View File

@ -217,6 +217,7 @@ outputs:
if:
- auth_strategy_http_basic
- 'WSGIPassAuthorization On'
ironic::wsgi::apache::access_log_format: 'forwarded'
ironic::wsgi::apache::bind_host:
str_replace:
template:

View File

@ -581,6 +581,7 @@ outputs:
keystone::rabbit_heartbeat_timeout_threshold: 60
keystone::service_name: 'httpd'
keystone::enable_ssl: {get_param: EnableInternalTLS}
keystone::wsgi::apache::access_log_format: 'forwarded'
keystone::wsgi::apache::api_port:
- 5000
- {get_param: [EndpointMap, KeystoneAdmin, port]}

View File

@ -234,6 +234,7 @@ outputs:
"%{lookup('$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, ManilaApiNetwork]}
manila::wsgi::apache::access_log_format: 'forwarded'
manila::wsgi::apache::ssl: {get_param: EnableInternalTLS}
manila::api::service_name: 'httpd'
manila::api::enable_proxy_headers_parsing: true

View File

@ -380,6 +380,7 @@ outputs:
params:
$NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
nova::api::service_name: 'httpd'
nova::wsgi::apache_api::access_log_format: 'forwarded'
nova::wsgi::apache_api::ssl: {get_param: EnableInternalTLS}
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
# for the given network; replacement examples (eg. for internal_api):

View File

@ -184,6 +184,7 @@ outputs:
nova::keystone::authtoken::region_name: {get_param: KeystoneRegion}
nova::keystone::authtoken::interface: 'internal'
nova::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
nova::wsgi::apache_metadata::access_log_format: 'forwarded'
nova::wsgi::apache_metadata::api_port: '8775'
nova::wsgi::apache_metadata::ssl: {get_param: EnableInternalTLS}
nova::metadata::local_metadata_per_cell: {get_param: NovaLocalMetadataPerCell}

View File

@ -222,6 +222,7 @@ outputs:
octavia::api::tls_cipher_prohibit_list: {get_param: OctaviaTlsCiphersProhibitList}
octavia::api::default_listener_tls_versions: {get_param: OctaviaListenerTlsVersions}
octavia::api::default_pool_tls_versions: {get_param: OctaviaPoolTlsVersions}
octavia::wsgi::apache::access_log_format: 'forwarded'
octavia::wsgi::apache::ssl: {get_param: EnableInternalTLS}
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
# for the given network; replacement examples (eg. for internal_api):

View File

@ -193,6 +193,7 @@ outputs:
- true
- {get_param: Debug}
placement::policy::policies: {get_param: PlacementPolicies}
placement::wsgi::apache::access_log_format: 'forwarded'
placement::wsgi::apache::api_port: '8778'
placement::wsgi::apache::path: '/placement'
placement::wsgi::apache::ssl: {get_param: EnableInternalTLS}