On 9/2/25 11:20 PM, Chang Xue wrote:
Just want to update, I figured out what is wrong with my HAproxy config file, and now it works.
Meanwhile, when I test pagination on other services like Keystone, they don't have the similar issue.I think it's problem just for Neutron and Nova? I don't really think this behavior is specific to some services but is common. You probably have different settings for these services defined in your haproxy. Note that keystone didn't support pagination in old releases and it was relatively recently added.
Which makes me think the config in HAproxy might be just patching it, but the service itself should be returning https by default or so?
IT SHOULD NOT, because you can't always assume that TLS is enabled. It might be common to use TLS for public endpoints but I've seen multiple deployments using non-TLS for internal endpoints. As I said if you terminate TLS by your loadbalancer then you should make sure that your load balancer tells that the actual public-facing endpoint has HTTPS enabled, to the api services behind it. (and that's what is achieved by the forwarder options).
Thanks, Chang