nova/files/liberty/api-paste.ini.Debian - salt-formulas/nova - Gitiles

 ############
 # Metadata #
 ############
 {%- from "nova/map.jinja" import controller with context %}

 [composite:metadata]
 use = egg:Paste#urlmap
 /: meta

 [pipeline:meta]
 pipeline = ec2faultwrap logrequest metaapp

 [app:metaapp]
 paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory

 #######
 # EC2 #
 #######

 # NOTE: this is now deprecated in favor of https://github.com/stackforge/ec2-api
 [composite:ec2]
 use = egg:Paste#urlmap
 /: ec2cloud

 [composite:ec2cloud]
 use = call:nova.api.auth:pipeline_factory
 noauth2 = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor
 keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor

 [filter:ec2faultwrap]
 paste.filter_factory = nova.api.ec2:FaultWrapper.factory

 [filter:logrequest]
 paste.filter_factory = nova.api.ec2:RequestLogging.factory

 [filter:ec2lockout]
 paste.filter_factory = nova.api.ec2:Lockout.factory

 [filter:ec2keystoneauth]
 paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory

 [filter:ec2noauth]
 paste.filter_factory = nova.api.ec2:NoAuth.factory

 [filter:cloudrequest]
 controller = nova.api.ec2.cloud.CloudController
 paste.filter_factory = nova.api.ec2:Requestify.factory

 [filter:authorizer]
 paste.filter_factory = nova.api.ec2:Authorizer.factory

 [filter:validator]
 paste.filter_factory = nova.api.ec2:Validator.factory

 [app:ec2executor]
 paste.app_factory = nova.api.ec2:Executor.factory

 #############
 # OpenStack #
 #############

 [composite:osapi_compute]
 use = call:nova.api.openstack.urlmap:urlmap_factory
 /: oscomputeversions
 # starting in Liberty the v21 implementation replaces the v2
 # implementation and is suggested that you use it as the default. If
 # this causes issues with your clients you can rollback to the
 # *frozen* v2 api by commenting out the above stanza and using the
 # following instead::
 # /v1.1: openstack_compute_api_legacy_v2
 # /v2: openstack_compute_api_legacy_v2
 # if rolling back to v2 fixes your issue please file a critical bug
 # at - https://bugs.launchpad.net/nova/+bugs
 #
 # v21 is an exactly feature match for v2, except it has more stringent
 # input validation on the wsgi surface (prevents fuzzing early on the
 # API). It also provides new features via API microversions which are
 # opt into for clients. Unaware clients will receive the same frozen
 # v2 API feature set, but with some relaxed validation
 /v1.1: openstack_compute_api_v21_legacy_v2_compatible
 /v2: openstack_compute_api_v21_legacy_v2_compatible
 /v2.1: openstack_compute_api_v21

 # NOTE: this is deprecated in favor of openstack_compute_api_v21_legacy_v2_compatible
 [composite:openstack_compute_api_legacy_v2]
 use = call:nova.api.auth:pipeline_factory
 noauth2 = compute_req_id faultwrap sizelimit noauth2 legacy_ratelimit osapi_compute_app_legacy_v2
 keystone = compute_req_id faultwrap sizelimit authtoken keystonecontext legacy_ratelimit {% if controller.audit.enabled %}audit {% endif %}osapi_compute_app_legacy_v2
 keystone_nolimit = compute_req_id faultwrap sizelimit authtoken keystonecontext {% if controller.audit.enabled %}audit {% endif %}osapi_compute_app_legacy_v2

 [composite:openstack_compute_api_v21]
 use = call:nova.api.auth:pipeline_factory_v21
 noauth2 = compute_req_id faultwrap sizelimit noauth2 osapi_compute_app_v21
 keystone = compute_req_id faultwrap sizelimit authtoken keystonecontext {% if controller.audit.enabled %}audit {% endif %}osapi_compute_app_v21

 [composite:openstack_compute_api_v21_legacy_v2_compatible]
 use = call:nova.api.auth:pipeline_factory_v21
 noauth2 = compute_req_id faultwrap sizelimit noauth2 legacy_v2_compatible osapi_compute_app_v21
 keystone = compute_req_id faultwrap sizelimit authtoken keystonecontext legacy_v2_compatible {% if controller.audit.enabled %}audit {% endif %}osapi_compute_app_v21

 [filter:request_id]
 paste.filter_factory = oslo_middleware:RequestId.factory

 [filter:compute_req_id]
 paste.filter_factory = nova.api.compute_req_id:ComputeReqIdMiddleware.factory

 [filter:faultwrap]
 paste.filter_factory = nova.api.openstack:FaultWrapper.factory

 [filter:noauth2]
 paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory

 [filter:legacy_ratelimit]
 paste.filter_factory = nova.api.openstack.compute.limits:RateLimitingMiddleware.factory

 [filter:sizelimit]
 paste.filter_factory = oslo_middleware:RequestBodySizeLimiter.factory

 [filter:legacy_v2_compatible]
 paste.filter_factory = nova.api.openstack:LegacyV2CompatibleWrapper.factory

 [app:osapi_compute_app_legacy_v2]
 paste.app_factory = nova.api.openstack.compute:APIRouter.factory

 [app:osapi_compute_app_v21]
 paste.app_factory = nova.api.openstack.compute:APIRouterV21.factory

 [pipeline:oscomputeversions]
 pipeline = faultwrap oscomputeversionapp

 [app:oscomputeversionapp]
 paste.app_factory = nova.api.openstack.compute.versions:Versions.factory

 {%- if controller.audit.enabled %}
 [filter:audit]
 paste.filter_factory = {{ controller.get("audit", {}).get("filter_factory", "keystonemiddleware.audit:filter_factory")   }}
 audit_map_file = {{ controller.get("audit", {}).get("map_file", "/etc/pycadf/nova_api_audit_map.conf")  }}
 {%- endif %}


 ##########
 # Shared #
 ##########

 [filter:keystonecontext]
 paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory

 [filter:authtoken]
 paste.filter_factory = keystonemiddleware.auth_token:filter_factory
	############
	# Metadata #
	############
	{%- from "nova/map.jinja" import controller with context %}

	[composite:metadata]
	use = egg:Paste#urlmap
	/: meta

	[pipeline:meta]
	pipeline = ec2faultwrap logrequest metaapp

	[app:metaapp]
	paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory

	#######
	# EC2 #
	#######

	# NOTE: this is now deprecated in favor of https://github.com/stackforge/ec2-api
	[composite:ec2]
	use = egg:Paste#urlmap
	/: ec2cloud

	[composite:ec2cloud]
	use = call:nova.api.auth:pipeline_factory
	noauth2 = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor
	keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor

	[filter:ec2faultwrap]
	paste.filter_factory = nova.api.ec2:FaultWrapper.factory

	[filter:logrequest]
	paste.filter_factory = nova.api.ec2:RequestLogging.factory

	[filter:ec2lockout]
	paste.filter_factory = nova.api.ec2:Lockout.factory

	[filter:ec2keystoneauth]
	paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory

	[filter:ec2noauth]
	paste.filter_factory = nova.api.ec2:NoAuth.factory

	[filter:cloudrequest]
	controller = nova.api.ec2.cloud.CloudController
	paste.filter_factory = nova.api.ec2:Requestify.factory

	[filter:authorizer]
	paste.filter_factory = nova.api.ec2:Authorizer.factory

	[filter:validator]
	paste.filter_factory = nova.api.ec2:Validator.factory

	[app:ec2executor]
	paste.app_factory = nova.api.ec2:Executor.factory

	#############
	# OpenStack #
	#############

	[composite:osapi_compute]
	use = call:nova.api.openstack.urlmap:urlmap_factory
	/: oscomputeversions
	# starting in Liberty the v21 implementation replaces the v2
	# implementation and is suggested that you use it as the default. If
	# this causes issues with your clients you can rollback to the
	# frozen v2 api by commenting out the above stanza and using the
	# following instead::
	# /v1.1: openstack_compute_api_legacy_v2
	# /v2: openstack_compute_api_legacy_v2
	# if rolling back to v2 fixes your issue please file a critical bug
	# at - https://bugs.launchpad.net/nova/+bugs
	#
	# v21 is an exactly feature match for v2, except it has more stringent
	# input validation on the wsgi surface (prevents fuzzing early on the
	# API). It also provides new features via API microversions which are
	# opt into for clients. Unaware clients will receive the same frozen
	# v2 API feature set, but with some relaxed validation
	/v1.1: openstack_compute_api_v21_legacy_v2_compatible
	/v2: openstack_compute_api_v21_legacy_v2_compatible
	/v2.1: openstack_compute_api_v21

	# NOTE: this is deprecated in favor of openstack_compute_api_v21_legacy_v2_compatible
	[composite:openstack_compute_api_legacy_v2]
	use = call:nova.api.auth:pipeline_factory
	noauth2 = compute_req_id faultwrap sizelimit noauth2 legacy_ratelimit osapi_compute_app_legacy_v2
	keystone = compute_req_id faultwrap sizelimit authtoken keystonecontext legacy_ratelimit {% if controller.audit.enabled %}audit {% endif %}osapi_compute_app_legacy_v2
	keystone_nolimit = compute_req_id faultwrap sizelimit authtoken keystonecontext {% if controller.audit.enabled %}audit {% endif %}osapi_compute_app_legacy_v2

	[composite:openstack_compute_api_v21]
	use = call:nova.api.auth:pipeline_factory_v21
	noauth2 = compute_req_id faultwrap sizelimit noauth2 osapi_compute_app_v21
	keystone = compute_req_id faultwrap sizelimit authtoken keystonecontext {% if controller.audit.enabled %}audit {% endif %}osapi_compute_app_v21

	[composite:openstack_compute_api_v21_legacy_v2_compatible]
	use = call:nova.api.auth:pipeline_factory_v21
	noauth2 = compute_req_id faultwrap sizelimit noauth2 legacy_v2_compatible osapi_compute_app_v21
	keystone = compute_req_id faultwrap sizelimit authtoken keystonecontext legacy_v2_compatible {% if controller.audit.enabled %}audit {% endif %}osapi_compute_app_v21

	[filter:request_id]
	paste.filter_factory = oslo_middleware:RequestId.factory

	[filter:compute_req_id]
	paste.filter_factory = nova.api.compute_req_id:ComputeReqIdMiddleware.factory

	[filter:faultwrap]
	paste.filter_factory = nova.api.openstack:FaultWrapper.factory

	[filter:noauth2]
	paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory

	[filter:legacy_ratelimit]
	paste.filter_factory = nova.api.openstack.compute.limits:RateLimitingMiddleware.factory

	[filter:sizelimit]
	paste.filter_factory = oslo_middleware:RequestBodySizeLimiter.factory

	[filter:legacy_v2_compatible]
	paste.filter_factory = nova.api.openstack:LegacyV2CompatibleWrapper.factory

	[app:osapi_compute_app_legacy_v2]
	paste.app_factory = nova.api.openstack.compute:APIRouter.factory

	[app:osapi_compute_app_v21]
	paste.app_factory = nova.api.openstack.compute:APIRouterV21.factory

	[pipeline:oscomputeversions]
	pipeline = faultwrap oscomputeversionapp

	[app:oscomputeversionapp]
	paste.app_factory = nova.api.openstack.compute.versions:Versions.factory

	{%- if controller.audit.enabled %}
	[filter:audit]
	paste.filter_factory = {{ controller.get("audit", {}).get("filter_factory", "keystonemiddleware.audit:filter_factory") }}
	audit_map_file = {{ controller.get("audit", {}).get("map_file", "/etc/pycadf/nova_api_audit_map.conf") }}
	{%- endif %}


	##########
	# Shared #
	##########

	[filter:keystonecontext]
	paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory

	[filter:authtoken]
	paste.filter_factory = keystonemiddleware.auth_token:filter_factory