From 031c388543f5159ffbd22bebb4b44a984cd47db0 Mon Sep 17 00:00:00 2001 From: Andrey Kostov Date: Mon, 29 Dec 2014 22:29:54 +0200 Subject: [PATCH] Add the secure flag for the s3 driver The secure flag will be true by default and will change the s3 endpoint of the region to http instead of https when selected as false. The main benefits of running with secure being false is that it apparently has a roughly 33% performance boost (even on pure data transfer, not only connection setup which is what I would have expected). --- storagedriver/s3/s3.go | 19 +++++++++++++++++-- storagedriver/s3/s3_test.go | 13 +++++++++++-- 2 files changed, 28 insertions(+), 4 deletions(-) diff --git a/storagedriver/s3/s3.go b/storagedriver/s3/s3.go index ae036d47..e8bebd00 100644 --- a/storagedriver/s3/s3.go +++ b/storagedriver/s3/s3.go @@ -96,22 +96,37 @@ func FromParameters(parameters map[string]interface{}) (*Driver, error) { } } + secureBool := false + secure, ok := parameters["secure"] + if !ok { + secureBool = true + } else { + secureBool, ok = secure.(bool) + if !ok { + return nil, fmt.Errorf("The secure parameter should be a boolean") + } + } + rootDirectory, ok := parameters["rootdirectory"] if !ok { rootDirectory = "" } - return New(fmt.Sprint(accessKey), fmt.Sprint(secretKey), fmt.Sprint(bucket), fmt.Sprint(rootDirectory), region, encryptBool) + return New(fmt.Sprint(accessKey), fmt.Sprint(secretKey), fmt.Sprint(bucket), fmt.Sprint(rootDirectory), region, encryptBool, secureBool) } // New constructs a new Driver with the given AWS credentials, region, encryption flag, and // bucketName -func New(accessKey, secretKey, bucketName, rootDirectory string, region aws.Region, encrypt bool) (*Driver, error) { +func New(accessKey, secretKey, bucketName, rootDirectory string, region aws.Region, encrypt, secure bool) (*Driver, error) { auth, err := aws.GetAuth(accessKey, secretKey, "", time.Time{}) if err != nil { return nil, err } + if !secure { + region.S3Endpoint = strings.Replace(region.S3Endpoint, "https", "http", 1) + } + s3obj := s3.New(auth, region) bucket := s3obj.Bucket(bucketName) diff --git a/storagedriver/s3/s3_test.go b/storagedriver/s3/s3_test.go index aaf7e5bd..1addf13b 100644 --- a/storagedriver/s3/s3_test.go +++ b/storagedriver/s3/s3_test.go @@ -21,6 +21,7 @@ func init() { secretKey := os.Getenv("AWS_SECRET_KEY") bucket := os.Getenv("S3_BUCKET") encrypt := os.Getenv("S3_ENCRYPT") + secure := os.Getenv("S3_SECURE") region := os.Getenv("AWS_REGION") root, err := ioutil.TempDir("", "driver-") if err != nil { @@ -28,11 +29,19 @@ func init() { } s3DriverConstructor := func(region aws.Region) (storagedriver.StorageDriver, error) { - shouldEncrypt, err := strconv.ParseBool(encrypt) + encryptBool, err := strconv.ParseBool(encrypt) if err != nil { return nil, err } - return New(accessKey, secretKey, bucket, root, region, shouldEncrypt) + + secureBool := true + if secure != "" { + secureBool, err = strconv.ParseBool(secure) + if err != nil { + return nil, err + } + } + return New(accessKey, secretKey, bucket, root, region, encryptBool, secureBool) } // Skip S3 storage driver tests if environment variable parameters are not provided