Update proxy node NGINX reverse proxy setup
diff --git a/nginx/server/proxy/openstack_api.yml b/nginx/server/proxy/openstack_api.yml
index a3182e5..a3315e5 100644
--- a/nginx/server/proxy/openstack_api.yml
+++ b/nginx/server/proxy/openstack_api.yml
@@ -9,6 +9,7 @@
enabled: true
type: nginx_proxy
name: openstack_api_keystone
+ check: false
proxy:
host: ${_param:keystone_service_host}
port: 5000
@@ -19,10 +20,12 @@
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 5000
+ ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_keystone_private:
enabled: true
type: nginx_proxy
name: openstack_api_keystone_private
+ check: false
proxy:
host: ${_param:keystone_service_host}
port: 35357
@@ -33,10 +36,12 @@
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 35357
+ ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_nova:
enabled: true
type: nginx_proxy
name: openstack_api_nova
+ check: false
proxy:
host: ${_param:nova_service_host}
port: 8774
@@ -47,10 +52,12 @@
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8774
+ ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_cinder:
enabled: true
type: nginx_proxy
name: openstack_api_cinder
+ check: false
proxy:
host: ${_param:cinder_service_host}
port: 8776
@@ -61,24 +68,30 @@
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8776
+ ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_glance:
enabled: true
type: nginx_proxy
name: openstack_api_glance
+ check: false
+ underscores_in_headers: true
proxy:
host: ${_param:glance_service_host}
port: 9292
protocol: http
+ size: 30000m
filter:
search: ${_param:glance_service_host}
replace: '$server_addr'
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 9292
+ ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_neutron:
enabled: true
type: nginx_proxy
name: openstack_api_neutron
+ check: false
proxy:
host: ${_param:neutron_service_host}
port: 9696
@@ -89,6 +102,7 @@
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 9696
+ ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_heat_cfn:
enabled: true
type: nginx_proxy
@@ -103,10 +117,12 @@
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8000
+ ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_heat:
enabled: true
type: nginx_proxy
name: openstack_api_heat
+ check: false
proxy:
host: ${_param:heat_service_host}
port: 8004
@@ -117,10 +133,12 @@
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8004
+ ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_nova_ec2:
enabled: true
type: nginx_proxy
name: openstack_api_nova_ec2
+ check: false
proxy:
host: ${_param:nova_service_host}
port: 8773
diff --git a/nginx/server/proxy/openstack_vnc.yml b/nginx/server/proxy/openstack_vnc.yml
index f53e40e..526f0db 100644
--- a/nginx/server/proxy/openstack_vnc.yml
+++ b/nginx/server/proxy/openstack_vnc.yml
@@ -7,6 +7,7 @@
enabled: true
type: nginx_proxy
name: novnc
+ check: false
proxy:
host: ${_param:openstack_control_address}
port: 6080
@@ -15,3 +16,4 @@
host:
name: ${_param:cluster_public_host}
port: 6080
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack_web.yml b/nginx/server/proxy/openstack_web.yml
index 0165ff2..ad5ffea 100644
--- a/nginx/server/proxy/openstack_web.yml
+++ b/nginx/server/proxy/openstack_web.yml
@@ -2,7 +2,9 @@
_param:
nginx_proxy_openstack_web_host: ${_param:cluster_public_host}
nginx_proxy_openstack_web_proxy_host: ${_param:cluster_vip_address}
- nginx_proxy_openstack_web_buffer_size:
+ nginx_proxy_openstack_web_buffer_size:
+ number: 4
+ size: 256
nginx:
server:
enabled: true
@@ -12,11 +14,16 @@
type: nginx_proxy
name: openstack_web
proxy:
- size: 5000m
- host: prx
+ host: localhost
+ # TODO: port must be configurable, as some deployments might have HAproxy over prx nodes
port: 8078
+ size: 10000m
+ timeout: 43200
protocol: http
websocket: true
+ request_buffer: false
+ buffer:
+ ${_param:nginx_proxy_openstack_web_buffer_size}
host:
name: ${_param:nginx_proxy_openstack_web_host}
port: 443