661838d968
...to the proxy-server. The point is to allow the Swift proxy server to log accurate client IP addresses when there is a proxy or SSL-terminator between the client and the Swift proxy server. Example servers supporting this PROXY protocol: stud (v1 only) stunnel haproxy hitch (v2 only) varnish See http://www.haproxy.org/download/1.7/doc/proxy-protocol.txt The feature is enabled by adding this to your proxy config file: [app:proxy-server] use = egg:swift#proxy ... require_proxy_protocol = true The protocol specification states: The receiver MUST be configured to only receive the protocol described in this specification and MUST not try to guess whether the protocol header is present or not. so valid deployments are: 1) require_proxy_protocol = false (or missing; default is false) and NOT behind a proxy that adds or proxies existing PROXY lines. 2) require_proxy_protocol = true and IS behind a proxy that adds or proxies existing PROXY lines. Specifically, in the default configuration, one cannot send the swift proxy PROXY lines (no change from before this patch). When this feature is enabled, one _must_ send PROXY lines. Change-Id: Icb88902f0a89b8d980c860be032d5e822845d03a |
||
|---|---|---|
| .. | ||
| functional | ||
| probe | ||
| unit | ||
| __init__.py | ||
| sample.conf | ||