Bug 2252718

Summary: Recommendations for LimitRequestBody from "Hardening Red Hat OpenStack Platform" guide looks suboptimal
Product: Red Hat OpenStack Reporter: Alex Stupnikov <astupnik>
Component: documentationAssignee: Roger Heslop <rheslop>
Status: CLOSED WONTFIX QA Contact: RHOS Documentation Team <rhos-docs>
Severity: low Docs Contact:
Priority: unspecified    
Version: 17.1 (Wallaby)CC: fpiccion, jveiraca, mariel
Target Milestone: ---Keywords: Documentation, Triaged
Target Release: ---   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2024-03-18 15:02:34 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Alex Stupnikov 2023-12-04 09:35:04 UTC 
Description of problem:
Section "14.18. Limiting the size of file uploads" from "Hardening Red Hat OpenStack Platform" guide tells users to manually set LimitRequestBody parameter in multiple httpd configuration files. https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/17.1/html-single/hardening_red_hat_openstack_platform/index#limiting-the-size-of-file-uploads_hardening-the-dashboard-service

While it wasn't the case for RHOSP 16.2, limitreqbody parameter is available in RHOSP 17.1 for apache::vhost. It looks like we can take a second look at our documentation and probably recommend to use HorizonVhostExtraParams THT definition to pass limitreqbody to puppet-apache.

It looks like set of modified configuration files will be slightly different, so this requires a second look from engineering side.

Version-Release number of selected component (if applicable):
RHOSP 17.1

How reproducible:
There is a need to tune LimitRequestBody.


Actual results:
Manual steps are required

Expected results:
THT framework handles everything.
Comment 4 Roger Heslop 2024-01-08 17:28:33 UTC 
Email sent to Horizon team requesting feedback
Comment 7 Roger Heslop 2024-03-18 15:02:34 UTC 
Based on feedback about the concerns caused by similar expected fail healthchecks, closing as wontfix.