Comment 2 for bug 1549855
Revision history for this message
| Stuart McLaren (stuart-mclaren) wrote | #2 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
5466644
demo site
(Get the code!)
In glance-api.conf:
# If False, server will return the header "Connection: close", If
# True, server will return "Connection: Keep-Alive" in its responses.
# In order to close the client socket connection explicitly after the
# response is sent and read successfully by the client, you simply
# have to set this option to False when you create a wsgi server.
# (boolean value)
#http_keepalive = true
This is passed to eventlet's wsgi server:
http://
keepalive – If set to False, disables keepalives on the server; all connections will be closed after serving one request.
If you set this I think you need more than one connection in order to send all the GET requests. (But I'm not 100% sure why that's considered more secure?)
You can also increase the default log level, eg to WARN. Then the unauthenticated requests will not create a log entry at all.
> the lack of rate-limiting.
I think there's some consensus in the community that rate limiting should happen outside of the openstack service (you probably want 'C' not 'Python').