forked from TrueCloudLab/distribution
Add the secure flag for the s3 driver
The secure flag will be true by default and will change the s3 endpoint of the region to http instead of https when selected as false. The main benefits of running with secure being false is that it apparently has a roughly 33% performance boost (even on pure data transfer, not only connection setup which is what I would have expected).
This commit is contained in:
parent
fadd5dfcfb
commit
031c388543
2 changed files with 28 additions and 4 deletions
|
@ -96,22 +96,37 @@ func FromParameters(parameters map[string]interface{}) (*Driver, error) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
secureBool := false
|
||||||
|
secure, ok := parameters["secure"]
|
||||||
|
if !ok {
|
||||||
|
secureBool = true
|
||||||
|
} else {
|
||||||
|
secureBool, ok = secure.(bool)
|
||||||
|
if !ok {
|
||||||
|
return nil, fmt.Errorf("The secure parameter should be a boolean")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
rootDirectory, ok := parameters["rootdirectory"]
|
rootDirectory, ok := parameters["rootdirectory"]
|
||||||
if !ok {
|
if !ok {
|
||||||
rootDirectory = ""
|
rootDirectory = ""
|
||||||
}
|
}
|
||||||
|
|
||||||
return New(fmt.Sprint(accessKey), fmt.Sprint(secretKey), fmt.Sprint(bucket), fmt.Sprint(rootDirectory), region, encryptBool)
|
return New(fmt.Sprint(accessKey), fmt.Sprint(secretKey), fmt.Sprint(bucket), fmt.Sprint(rootDirectory), region, encryptBool, secureBool)
|
||||||
}
|
}
|
||||||
|
|
||||||
// New constructs a new Driver with the given AWS credentials, region, encryption flag, and
|
// New constructs a new Driver with the given AWS credentials, region, encryption flag, and
|
||||||
// bucketName
|
// bucketName
|
||||||
func New(accessKey, secretKey, bucketName, rootDirectory string, region aws.Region, encrypt bool) (*Driver, error) {
|
func New(accessKey, secretKey, bucketName, rootDirectory string, region aws.Region, encrypt, secure bool) (*Driver, error) {
|
||||||
auth, err := aws.GetAuth(accessKey, secretKey, "", time.Time{})
|
auth, err := aws.GetAuth(accessKey, secretKey, "", time.Time{})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if !secure {
|
||||||
|
region.S3Endpoint = strings.Replace(region.S3Endpoint, "https", "http", 1)
|
||||||
|
}
|
||||||
|
|
||||||
s3obj := s3.New(auth, region)
|
s3obj := s3.New(auth, region)
|
||||||
bucket := s3obj.Bucket(bucketName)
|
bucket := s3obj.Bucket(bucketName)
|
||||||
|
|
||||||
|
|
|
@ -21,6 +21,7 @@ func init() {
|
||||||
secretKey := os.Getenv("AWS_SECRET_KEY")
|
secretKey := os.Getenv("AWS_SECRET_KEY")
|
||||||
bucket := os.Getenv("S3_BUCKET")
|
bucket := os.Getenv("S3_BUCKET")
|
||||||
encrypt := os.Getenv("S3_ENCRYPT")
|
encrypt := os.Getenv("S3_ENCRYPT")
|
||||||
|
secure := os.Getenv("S3_SECURE")
|
||||||
region := os.Getenv("AWS_REGION")
|
region := os.Getenv("AWS_REGION")
|
||||||
root, err := ioutil.TempDir("", "driver-")
|
root, err := ioutil.TempDir("", "driver-")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -28,11 +29,19 @@ func init() {
|
||||||
}
|
}
|
||||||
|
|
||||||
s3DriverConstructor := func(region aws.Region) (storagedriver.StorageDriver, error) {
|
s3DriverConstructor := func(region aws.Region) (storagedriver.StorageDriver, error) {
|
||||||
shouldEncrypt, err := strconv.ParseBool(encrypt)
|
encryptBool, err := strconv.ParseBool(encrypt)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
return New(accessKey, secretKey, bucket, root, region, shouldEncrypt)
|
|
||||||
|
secureBool := true
|
||||||
|
if secure != "" {
|
||||||
|
secureBool, err = strconv.ParseBool(secure)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return New(accessKey, secretKey, bucket, root, region, encryptBool, secureBool)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Skip S3 storage driver tests if environment variable parameters are not provided
|
// Skip S3 storage driver tests if environment variable parameters are not provided
|
||||||
|
|
Loading…
Reference in a new issue