From c9bf6007b44658c492e4e1c9cc81ce53e056d891 Mon Sep 17 00:00:00 2001
From: Poorna Krishnamoorthy <poornas@users.noreply.github.com>
Date: Fri, 16 Apr 2021 18:58:26 -0700
Subject: [PATCH] Use custom transport for remote targets (#12080)

---
 cmd/bucket-targets.go |  2 +-
 cmd/utils.go          | 29 +++++++++++++++++++++++++++++
 2 files changed, 30 insertions(+), 1 deletion(-)

diff --git a/cmd/bucket-targets.go b/cmd/bucket-targets.go
index 4892d04d4..551ca66de 100644
--- a/cmd/bucket-targets.go
+++ b/cmd/bucket-targets.go
@@ -363,7 +363,7 @@ func (sys *BucketTargetSys) getRemoteTargetClient(tcfg *madmin.BucketTarget) (*T
 	creds := credentials.NewStaticV4(config.AccessKey, config.SecretKey, "")
 
 	getRemoteTargetInstanceTransportOnce.Do(func() {
-		getRemoteTargetInstanceTransport = newGatewayHTTPTransport(10 * time.Minute)
+		getRemoteTargetInstanceTransport = NewRemoteTargetHTTPTransport()
 	})
 	api, err := minio.New(tcfg.Endpoint, &miniogo.Options{
 		Creds:     creds,
diff --git a/cmd/utils.go b/cmd/utils.go
index 92723e62a..83811134f 100644
--- a/cmd/utils.go
+++ b/cmd/utils.go
@@ -26,6 +26,7 @@ import (
 	"fmt"
 	"io"
 	"io/ioutil"
+	"net"
 	"net/http"
 	"net/url"
 	"os"
@@ -637,6 +638,34 @@ func newGatewayHTTPTransport(timeout time.Duration) *http.Transport {
 	return tr
 }
 
+// NewRemoteTargetHTTPTransport returns a new http configuration
+// used while communicating with the remote replication targets.
+func NewRemoteTargetHTTPTransport() *http.Transport {
+	// For more details about various values used here refer
+	// https://golang.org/pkg/net/http/#Transport documentation
+	tr := &http.Transport{
+		Proxy: http.ProxyFromEnvironment,
+		DialContext: (&net.Dialer{
+			Timeout:   15 * time.Second,
+			KeepAlive: 30 * time.Second,
+		}).DialContext,
+		MaxIdleConnsPerHost:   1024,
+		WriteBufferSize:       16 << 10, // 16KiB moving up from 4KiB default
+		ReadBufferSize:        16 << 10, // 16KiB moving up from 4KiB default
+		IdleConnTimeout:       15 * time.Second,
+		TLSHandshakeTimeout:   5 * time.Second,
+		ExpectContinueTimeout: 5 * time.Second,
+		TLSClientConfig: &tls.Config{
+			RootCAs: globalRootCAs,
+		},
+		// Go net/http automatically unzip if content-type is
+		// gzip disable this feature, as we are always interested
+		// in raw stream.
+		DisableCompression: true,
+	}
+	return tr
+}
+
 // Load the json (typically from disk file).
 func jsonLoad(r io.ReadSeeker, data interface{}) error {
 	if _, err := r.Seek(0, io.SeekStart); err != nil {