From 8eb8b0aa9d5a0ae412ed4c28c8963262531213b8 Mon Sep 17 00:00:00 2001 From: Andrey Kostov Date: Mon, 29 Dec 2014 22:29:54 +0200 Subject: [PATCH] Add the secure flag for the s3 driver The secure flag will be true by default and will change the s3 endpoint of the region to http instead of https when selected as false. The main benefits of running with secure being false is that it apparently has a roughly 33% performance boost (even on pure data transfer, not only connection setup which is what I would have expected). --- storagedriver/s3/s3.go | 19 +++++++++++++++++-- storagedriver/s3/s3_test.go | 13 +++++++++++-- 2 files changed, 28 insertions(+), 4 deletions(-) diff --git a/storagedriver/s3/s3.go b/storagedriver/s3/s3.go index 9e03b9e71..84a473bd8 100644 --- a/storagedriver/s3/s3.go +++ b/storagedriver/s3/s3.go @@ -97,22 +97,37 @@ func FromParameters(parameters map[string]interface{}) (*Driver, error) { return nil, fmt.Errorf("The encrypt parameter should be a boolean") } + secureBool := false + secure, ok := parameters["secure"] + if !ok { + secureBool = true + } else { + secureBool, ok = secure.(bool) + if !ok { + return nil, fmt.Errorf("The secure parameter should be a boolean") + } + } + rootDirectory, ok := parameters["rootdirectory"] if !ok { return nil, fmt.Errorf("No rootdirectory parameter provided") } - return New(fmt.Sprint(accessKey), fmt.Sprint(secretKey), fmt.Sprint(bucket), fmt.Sprint(rootDirectory), region, encryptBool) + return New(fmt.Sprint(accessKey), fmt.Sprint(secretKey), fmt.Sprint(bucket), fmt.Sprint(rootDirectory), region, encryptBool, secureBool) } // New constructs a new Driver with the given AWS credentials, region, encryption flag, and // bucketName -func New(accessKey, secretKey, bucketName, rootDirectory string, region aws.Region, encrypt bool) (*Driver, error) { +func New(accessKey, secretKey, bucketName, rootDirectory string, region aws.Region, encrypt, secure bool) (*Driver, error) { auth, err := aws.GetAuth(accessKey, secretKey, "", time.Time{}) if err != nil { return nil, err } + if !secure { + region.S3Endpoint = strings.Replace(region.S3Endpoint, "https", "http", 1) + } + s3obj := s3.New(auth, region) bucket := s3obj.Bucket(bucketName) diff --git a/storagedriver/s3/s3_test.go b/storagedriver/s3/s3_test.go index aaf7e5bdb..1addf13b7 100644 --- a/storagedriver/s3/s3_test.go +++ b/storagedriver/s3/s3_test.go @@ -21,6 +21,7 @@ func init() { secretKey := os.Getenv("AWS_SECRET_KEY") bucket := os.Getenv("S3_BUCKET") encrypt := os.Getenv("S3_ENCRYPT") + secure := os.Getenv("S3_SECURE") region := os.Getenv("AWS_REGION") root, err := ioutil.TempDir("", "driver-") if err != nil { @@ -28,11 +29,19 @@ func init() { } s3DriverConstructor := func(region aws.Region) (storagedriver.StorageDriver, error) { - shouldEncrypt, err := strconv.ParseBool(encrypt) + encryptBool, err := strconv.ParseBool(encrypt) if err != nil { return nil, err } - return New(accessKey, secretKey, bucket, root, region, shouldEncrypt) + + secureBool := true + if secure != "" { + secureBool, err = strconv.ParseBool(secure) + if err != nil { + return nil, err + } + } + return New(accessKey, secretKey, bucket, root, region, encryptBool, secureBool) } // Skip S3 storage driver tests if environment variable parameters are not provided