diff options
| author | Vishvananda Ishaya <vishvananda@gmail.com> | 2012-03-19 16:04:51 -0700 |
|---|---|---|
| committer | Vishvananda Ishaya <vishvananda@gmail.com> | 2012-03-19 20:40:45 -0700 |
| commit | ca989b683a34ba3d64cac5a492ab221490a36c52 (patch) | |
| tree | 0bd55bc374634e20730231236d931ab3ceae053f | |
| parent | 1f1b9de4bf6ee69a0baaa9171cc163bd790ec2da (diff) | |
| download | nova-ca989b683a34ba3d64cac5a492ab221490a36c52.tar.gz nova-ca989b683a34ba3d64cac5a492ab221490a36c52.tar.xz nova-ca989b683a34ba3d64cac5a492ab221490a36c52.zip | |
Allow rate limiting to be disabled via flag
* fixes bug 947776
Change-Id: I892394ead2d1921ac8390e54312c5229929042f5
| -rw-r--r-- | etc/nova/api-paste.ini | 2 | ||||
| -rw-r--r-- | etc/nova/nova.conf.sample | 4 | ||||
| -rw-r--r-- | nova/api/auth.py | 6 | ||||
| -rw-r--r-- | nova/flags.py | 3 |
4 files changed, 13 insertions, 2 deletions
diff --git a/etc/nova/api-paste.ini b/etc/nova/api-paste.ini index 57c3d1ede..7e1307449 100644 --- a/etc/nova/api-paste.ini +++ b/etc/nova/api-paste.ini @@ -95,12 +95,14 @@ use = call:nova.api.auth:pipeline_factory noauth = faultwrap noauth ratelimit osapi_compute_app_v2 deprecated = faultwrap auth ratelimit osapi_compute_app_v2 keystone = faultwrap authtoken keystonecontext ratelimit osapi_compute_app_v2 +keystone_nolimit = faultwrap authtoken keystonecontext osapi_compute_app_v2 [composite:openstack_volume_api_v1] use = call:nova.api.auth:pipeline_factory noauth = faultwrap noauth ratelimit osapi_volume_app_v1 deprecated = faultwrap auth ratelimit osapi_volume_app_v1 keystone = faultwrap authtoken keystonecontext ratelimit osapi_volume_app_v1 +keystone_nolimit = faultwrap authtoken keystonecontext osapi_volume_app_v1 [filter:faultwrap] paste.filter_factory = nova.api.openstack:FaultWrapper.factory diff --git a/etc/nova/nova.conf.sample b/etc/nova/nova.conf.sample index 710978e82..32ca9a23f 100644 --- a/etc/nova/nova.conf.sample +++ b/etc/nova/nova.conf.sample @@ -10,6 +10,8 @@ # allow_resize_to_same_host=false ###### (StrOpt) File name for the paste.deploy config for nova-api # api_paste_config="api-paste.ini" +###### (BoolOpt) whether to rate limit the api +# api_rate_limit=true ###### (StrOpt) The strategy to use for auth. Supports noauth, keystone, and deprecated. # auth_strategy="noauth" ###### (IntOpt) Seconds for auth tokens to linger @@ -1103,4 +1105,4 @@ ###### (StrOpt) The ZFS path under which to create zvols for volumes. # san_zfs_volume_base="rpool/" -# Total option count: 465 +# Total option count: 466 diff --git a/nova/api/auth.py b/nova/api/auth.py index 2d66c0d76..7106bee7f 100644 --- a/nova/api/auth.py +++ b/nova/api/auth.py @@ -40,7 +40,11 @@ LOG = logging.getLogger(__name__) def pipeline_factory(loader, global_conf, **local_conf): """A paste pipeline replica that keys off of auth_strategy.""" - pipeline = local_conf[FLAGS.auth_strategy].split() + pipeline = local_conf[FLAGS.auth_strategy] + if not FLAGS.api_rate_limit: + limit_name = FLAGS.auth_strategy + '_nolimit' + pipeline = local_conf.get(limit_name, pipeline) + pipeline = pipeline.split() filters = [loader.get_filter(n) for n in pipeline[:-1]] app = loader.get_app(pipeline[-1]) filters.reverse() diff --git a/nova/flags.py b/nova/flags.py index d669e23f9..fb73182cf 100644 --- a/nova/flags.py +++ b/nova/flags.py @@ -220,6 +220,9 @@ global_opts = [ cfg.BoolOpt('rabbit_durable_queues', default=False, help='use durable queues in RabbitMQ'), + cfg.BoolOpt('api_rate_limit', + default=True, + help='whether to rate limit the api'), cfg.ListOpt('enabled_apis', default=['ec2', 'osapi_compute', 'osapi_volume', 'metadata'], help='a list of APIs to enable by default'), |