Use custom transport for site replication (#14391)

Also, ensure that tiering uses a different instance of custom transport
This commit is contained in:
Poorna 2022-02-23 11:50:40 -08:00 committed by GitHub
parent 5dcf1d13a9
commit 4ea7bf0510
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 20 deletions

View File

@ -20,13 +20,11 @@ package cmd
import ( import (
"bytes" "bytes"
"context" "context"
"crypto/tls"
"encoding/base64" "encoding/base64"
"encoding/json" "encoding/json"
"encoding/xml" "encoding/xml"
"errors" "errors"
"fmt" "fmt"
"net/http"
"net/url" "net/url"
"reflect" "reflect"
"sort" "sort"
@ -2040,26 +2038,13 @@ func (c *SiteReplicationSys) RemoveRemoteTargetsForEndpoint(ctx context.Context,
// Other helpers // Other helpers
// newRemoteClusterHTTPTransport returns a new http configuration
// used while communicating with the remote cluster.
func newRemoteClusterHTTPTransport() *http.Transport {
tr := &http.Transport{
Proxy: http.ProxyFromEnvironment,
TLSClientConfig: &tls.Config{
RootCAs: globalRootCAs,
ClientSessionCache: tls.NewLRUClientSessionCache(tlsClientSessionCacheSize),
},
}
return tr
}
func getAdminClient(endpoint, accessKey, secretKey string) (*madmin.AdminClient, error) { func getAdminClient(endpoint, accessKey, secretKey string) (*madmin.AdminClient, error) {
epURL, _ := url.Parse(endpoint) epURL, _ := url.Parse(endpoint)
client, err := madmin.New(epURL.Host, accessKey, secretKey, epURL.Scheme == "https") client, err := madmin.New(epURL.Host, accessKey, secretKey, epURL.Scheme == "https")
if err != nil { if err != nil {
return nil, err return nil, err
} }
client.SetCustomTransport(newRemoteClusterHTTPTransport()) client.SetCustomTransport(NewRemoteTargetHTTPTransport())
return client, nil return client, nil
} }
@ -2071,7 +2056,7 @@ func getS3Client(pc madmin.PeerSite) (*minioClient.Client, error) {
return minioClient.New(ep.Host, &minioClient.Options{ return minioClient.New(ep.Host, &minioClient.Options{
Creds: credentials.NewStaticV4(pc.AccessKey, pc.SecretKey, ""), Creds: credentials.NewStaticV4(pc.AccessKey, pc.SecretKey, ""),
Secure: ep.Scheme == "https", Secure: ep.Scheme == "https",
Transport: newRemoteClusterHTTPTransport(), Transport: NewRemoteTargetHTTPTransport(),
}) })
} }

View File

@ -21,8 +21,10 @@ import (
"context" "context"
"fmt" "fmt"
"io" "io"
"net/http"
"net/url" "net/url"
"strings" "strings"
"sync"
"time" "time"
"github.com/minio/madmin-go" "github.com/minio/madmin-go"
@ -31,6 +33,12 @@ import (
"github.com/minio/minio-go/v7/pkg/credentials" "github.com/minio/minio-go/v7/pkg/credentials"
) )
// getRemoteTierTargetInstanceTransport contains a singleton roundtripper.
var (
getRemoteTierTargetInstanceTransport http.RoundTripper
getRemoteTierTargetInstanceTransportOnce sync.Once
)
type warmBackendS3 struct { type warmBackendS3 struct {
client *minio.Client client *minio.Client
core *minio.Core core *minio.Core
@ -109,13 +117,13 @@ func newWarmBackendS3(conf madmin.TierS3) (*warmBackendS3, error) {
} else { } else {
creds = credentials.NewStaticV4(conf.AccessKey, conf.SecretKey, "") creds = credentials.NewStaticV4(conf.AccessKey, conf.SecretKey, "")
} }
getRemoteTargetInstanceTransportOnce.Do(func() { getRemoteTierTargetInstanceTransportOnce.Do(func() {
getRemoteTargetInstanceTransport = newGatewayHTTPTransport(10 * time.Minute) getRemoteTierTargetInstanceTransport = newGatewayHTTPTransport(10 * time.Minute)
}) })
opts := &minio.Options{ opts := &minio.Options{
Creds: creds, Creds: creds,
Secure: u.Scheme == "https", Secure: u.Scheme == "https",
Transport: getRemoteTargetInstanceTransport, Transport: getRemoteTierTargetInstanceTransport,
} }
client, err := minio.New(u.Host, opts) client, err := minio.New(u.Host, opts)
if err != nil { if err != nil {