Merge "Log source ips instead of controller ips in apache access log"
This commit is contained in:
commit
668f63fd95
@ -193,6 +193,7 @@ outputs:
|
|||||||
- get_attr: [AodhBase, role_data, config_settings]
|
- get_attr: [AodhBase, role_data, config_settings]
|
||||||
- get_attr: [ApacheServiceBase, role_data, config_settings]
|
- get_attr: [ApacheServiceBase, role_data, config_settings]
|
||||||
- apache::default_vhost: false
|
- apache::default_vhost: false
|
||||||
|
aodh::wsgi::apache::access_log_format: 'forwarded'
|
||||||
aodh::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
aodh::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
||||||
aodh::wsgi::apache::servername:
|
aodh::wsgi::apache::servername:
|
||||||
str_replace:
|
str_replace:
|
||||||
|
@ -283,6 +283,7 @@ outputs:
|
|||||||
barbican::api::notification_driver: {get_param: NotificationDriver}
|
barbican::api::notification_driver: {get_param: NotificationDriver}
|
||||||
barbican::api::service_name: 'httpd'
|
barbican::api::service_name: 'httpd'
|
||||||
barbican::api::enable_proxy_headers_parsing: true
|
barbican::api::enable_proxy_headers_parsing: true
|
||||||
|
barbican::wsgi::apache::access_log_format: 'forwarded'
|
||||||
barbican::wsgi::apache::bind_host:
|
barbican::wsgi::apache::bind_host:
|
||||||
str_replace:
|
str_replace:
|
||||||
template:
|
template:
|
||||||
|
@ -218,6 +218,7 @@ outputs:
|
|||||||
"%{lookup('fqdn_$NETWORK')}"
|
"%{lookup('fqdn_$NETWORK')}"
|
||||||
params:
|
params:
|
||||||
$NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
|
$NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
|
||||||
|
cinder::wsgi::apache::access_log_format: 'forwarded'
|
||||||
cinder::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
cinder::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
||||||
cinder::api::service_name: 'httpd'
|
cinder::api::service_name: 'httpd'
|
||||||
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
|
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
|
||||||
|
@ -147,6 +147,7 @@ outputs:
|
|||||||
designate::api::api_base_uri: { get_param: [EndpointMap, DesignatePublic, uri_no_suffix] }
|
designate::api::api_base_uri: { get_param: [EndpointMap, DesignatePublic, uri_no_suffix] }
|
||||||
designate::api::service_name: 'httpd'
|
designate::api::service_name: 'httpd'
|
||||||
designate::logging::log_file: '/var/log/designate/designate-api.log'
|
designate::logging::log_file: '/var/log/designate/designate-api.log'
|
||||||
|
designate::wsgi::apache::access_log_format: 'forwarded'
|
||||||
designate::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
designate::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
||||||
designate::wsgi::apache::bind_host:
|
designate::wsgi::apache::bind_host:
|
||||||
str_replace:
|
str_replace:
|
||||||
|
@ -238,6 +238,7 @@ outputs:
|
|||||||
gnocchi::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
gnocchi::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
||||||
gnocchi::keystone::authtoken::interface: 'internal'
|
gnocchi::keystone::authtoken::interface: 'internal'
|
||||||
gnocchi::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
gnocchi::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||||
|
gnocchi::wsgi::apache::access_log_format: 'forwarded'
|
||||||
gnocchi::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
gnocchi::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
||||||
gnocchi::wsgi::apache::servername:
|
gnocchi::wsgi::apache::servername:
|
||||||
str_replace:
|
str_replace:
|
||||||
|
@ -150,6 +150,7 @@ outputs:
|
|||||||
"%{lookup('$NETWORK')}"
|
"%{lookup('$NETWORK')}"
|
||||||
params:
|
params:
|
||||||
$NETWORK: {get_param: [ServiceNetMap, HeatApiCfnNetwork]}
|
$NETWORK: {get_param: [ServiceNetMap, HeatApiCfnNetwork]}
|
||||||
|
heat::wsgi::apache_api_cfn::access_log_format: 'forwarded'
|
||||||
heat::wsgi::apache_api_cfn::ssl: {get_param: EnableInternalTLS}
|
heat::wsgi::apache_api_cfn::ssl: {get_param: EnableInternalTLS}
|
||||||
heat::api_cfn::service_name: 'httpd'
|
heat::api_cfn::service_name: 'httpd'
|
||||||
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
|
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
|
||||||
|
@ -178,6 +178,7 @@ outputs:
|
|||||||
"%{lookup('$NETWORK')}"
|
"%{lookup('$NETWORK')}"
|
||||||
params:
|
params:
|
||||||
$NETWORK: {get_param: [ServiceNetMap, HeatApiNetwork]}
|
$NETWORK: {get_param: [ServiceNetMap, HeatApiNetwork]}
|
||||||
|
heat::wsgi::apache_api::access_log_format: 'forwarded'
|
||||||
heat::wsgi::apache_api::ssl: {get_param: EnableInternalTLS}
|
heat::wsgi::apache_api::ssl: {get_param: EnableInternalTLS}
|
||||||
heat::wsgi::apache_api::vhost_custom_fragment: 'Timeout 600'
|
heat::wsgi::apache_api::vhost_custom_fragment: 'Timeout 600'
|
||||||
heat::policy::policies: {get_param: HeatApiPolicies}
|
heat::policy::policies: {get_param: HeatApiPolicies}
|
||||||
|
@ -90,7 +90,7 @@ parameters:
|
|||||||
default:
|
default:
|
||||||
add_listen: true
|
add_listen: true
|
||||||
priority: 10
|
priority: 10
|
||||||
access_log_format: '%a %l %u %t \"%r\" %>s %b \"%%{}{Referer}i\" \"%%{}{User-Agent}i\"'
|
access_log_format: '"%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%%{}{Referer}i\" \"%%{}{User-Agent}i\"'
|
||||||
options: ['FollowSymLinks','MultiViews']
|
options: ['FollowSymLinks','MultiViews']
|
||||||
description: Extra parameters for Horizon vhost configuration
|
description: Extra parameters for Horizon vhost configuration
|
||||||
type: json
|
type: json
|
||||||
|
@ -217,6 +217,7 @@ outputs:
|
|||||||
if:
|
if:
|
||||||
- auth_strategy_http_basic
|
- auth_strategy_http_basic
|
||||||
- 'WSGIPassAuthorization On'
|
- 'WSGIPassAuthorization On'
|
||||||
|
ironic::wsgi::apache::access_log_format: 'forwarded'
|
||||||
ironic::wsgi::apache::bind_host:
|
ironic::wsgi::apache::bind_host:
|
||||||
str_replace:
|
str_replace:
|
||||||
template:
|
template:
|
||||||
|
@ -581,6 +581,7 @@ outputs:
|
|||||||
keystone::rabbit_heartbeat_timeout_threshold: 60
|
keystone::rabbit_heartbeat_timeout_threshold: 60
|
||||||
keystone::service_name: 'httpd'
|
keystone::service_name: 'httpd'
|
||||||
keystone::enable_ssl: {get_param: EnableInternalTLS}
|
keystone::enable_ssl: {get_param: EnableInternalTLS}
|
||||||
|
keystone::wsgi::apache::access_log_format: 'forwarded'
|
||||||
keystone::wsgi::apache::api_port:
|
keystone::wsgi::apache::api_port:
|
||||||
- 5000
|
- 5000
|
||||||
- {get_param: [EndpointMap, KeystoneAdmin, port]}
|
- {get_param: [EndpointMap, KeystoneAdmin, port]}
|
||||||
|
@ -234,6 +234,7 @@ outputs:
|
|||||||
"%{lookup('$NETWORK')}"
|
"%{lookup('$NETWORK')}"
|
||||||
params:
|
params:
|
||||||
$NETWORK: {get_param: [ServiceNetMap, ManilaApiNetwork]}
|
$NETWORK: {get_param: [ServiceNetMap, ManilaApiNetwork]}
|
||||||
|
manila::wsgi::apache::access_log_format: 'forwarded'
|
||||||
manila::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
manila::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
||||||
manila::api::service_name: 'httpd'
|
manila::api::service_name: 'httpd'
|
||||||
manila::api::enable_proxy_headers_parsing: true
|
manila::api::enable_proxy_headers_parsing: true
|
||||||
|
@ -380,6 +380,7 @@ outputs:
|
|||||||
params:
|
params:
|
||||||
$NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
|
$NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
|
||||||
nova::api::service_name: 'httpd'
|
nova::api::service_name: 'httpd'
|
||||||
|
nova::wsgi::apache_api::access_log_format: 'forwarded'
|
||||||
nova::wsgi::apache_api::ssl: {get_param: EnableInternalTLS}
|
nova::wsgi::apache_api::ssl: {get_param: EnableInternalTLS}
|
||||||
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
|
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
|
||||||
# for the given network; replacement examples (eg. for internal_api):
|
# for the given network; replacement examples (eg. for internal_api):
|
||||||
|
@ -184,6 +184,7 @@ outputs:
|
|||||||
nova::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
nova::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
||||||
nova::keystone::authtoken::interface: 'internal'
|
nova::keystone::authtoken::interface: 'internal'
|
||||||
nova::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
nova::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||||
|
nova::wsgi::apache_metadata::access_log_format: 'forwarded'
|
||||||
nova::wsgi::apache_metadata::api_port: '8775'
|
nova::wsgi::apache_metadata::api_port: '8775'
|
||||||
nova::wsgi::apache_metadata::ssl: {get_param: EnableInternalTLS}
|
nova::wsgi::apache_metadata::ssl: {get_param: EnableInternalTLS}
|
||||||
nova::metadata::local_metadata_per_cell: {get_param: NovaLocalMetadataPerCell}
|
nova::metadata::local_metadata_per_cell: {get_param: NovaLocalMetadataPerCell}
|
||||||
|
@ -222,6 +222,7 @@ outputs:
|
|||||||
octavia::api::tls_cipher_prohibit_list: {get_param: OctaviaTlsCiphersProhibitList}
|
octavia::api::tls_cipher_prohibit_list: {get_param: OctaviaTlsCiphersProhibitList}
|
||||||
octavia::api::default_listener_tls_versions: {get_param: OctaviaListenerTlsVersions}
|
octavia::api::default_listener_tls_versions: {get_param: OctaviaListenerTlsVersions}
|
||||||
octavia::api::default_pool_tls_versions: {get_param: OctaviaPoolTlsVersions}
|
octavia::api::default_pool_tls_versions: {get_param: OctaviaPoolTlsVersions}
|
||||||
|
octavia::wsgi::apache::access_log_format: 'forwarded'
|
||||||
octavia::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
octavia::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
||||||
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
|
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
|
||||||
# for the given network; replacement examples (eg. for internal_api):
|
# for the given network; replacement examples (eg. for internal_api):
|
||||||
|
@ -193,6 +193,7 @@ outputs:
|
|||||||
- true
|
- true
|
||||||
- {get_param: Debug}
|
- {get_param: Debug}
|
||||||
placement::policy::policies: {get_param: PlacementPolicies}
|
placement::policy::policies: {get_param: PlacementPolicies}
|
||||||
|
placement::wsgi::apache::access_log_format: 'forwarded'
|
||||||
placement::wsgi::apache::api_port: '8778'
|
placement::wsgi::apache::api_port: '8778'
|
||||||
placement::wsgi::apache::path: '/placement'
|
placement::wsgi::apache::path: '/placement'
|
||||||
placement::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
placement::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
||||||
|
Loading…
Reference in New Issue
Block a user