Comment 0 for bug 1509986

Affected versions: MOS 7.0

It was observed that OpenStack APIs and Horizon are prone to DOS attack. Flooding http endpoints with large amount of malicious requests could lead to services malfunction.

Proposed solution:
Apply haproxy http request limiting. Consult scale team to develop appropriate limit values for various APIs, e.g. Glance image operations probably needs much lower values of http requests than Horizon.
Example haproxy configuration: https://github.com/dschneller/haproxy-http-based-rate-limiting/blob/master/haproxy.cfg