Project

General

Profile

Actions
Copy link

Bug #50428

closed

Added caching for S3 credentials retrieved from keystone

Added by Or Friedmann about 3 years ago. Updated almost 3 years ago.

Status:
Resolved
Priority:
High
Assignee:
-
Target version:
-
% Done:

0%

Source:
Tags:
Backport:
nautilus octopus
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
26095
Crash signature (v1):
Crash signature (v2):

Description

When providing an S3 compatible interface previous behaviour has been to cache the
access token but request verification of the signature for every request from keystone.
This causes keystone to be quite a performance bottleneck especially for instalations
with high levels of S3 traffic.

In this commit a change is made to perform the verification of S3 request signatures
inside the radosgw process, thereby seriously reducing the number of requests that need
to be made to keystone. To do this a shared S3 secret key is obtained from keystone and
kept in a local cache.

Related issues 2 (0 open2 closed)

Copied to rgw - Backport #50429: octopus: Added caching for S3 credentials retrieved from keystoneRejectedActions
Copied to rgw - Backport #50430: nautilus: Added caching for S3 credentials retrieved from keystoneResolvedNathan CutlerActions
Actions
Copy link
 #1

Updated by Backport Bot about 3 years ago

  • Copied to Backport #50429: octopus: Added caching for S3 credentials retrieved from keystone added
Actions
Copy link
 #2

Updated by Backport Bot about 3 years ago

  • Copied to Backport #50430: nautilus: Added caching for S3 credentials retrieved from keystone added
Actions
Copy link
 #3

Updated by Loïc Dachary almost 3 years ago

  • Status changed from Pending Backport to Resolved

While running with --resolve-parent, the script "backport-create-issue" noticed that all backports of this issue are in status "Resolved" or "Rejected".

Actions
Copy link

Also available in: Atom PDF