Actions
Bug #50428
closedAdded caching for S3 credentials retrieved from keystone
Status:
Resolved
Priority:
High
Assignee:
-
Target version:
-
% Done:
0%
Source:
Tags:
Backport:
nautilus octopus
Regression:
No
Severity:
3 - minor
Reviewed:
Description
When providing an S3 compatible interface previous behaviour has been to cache the
access token but request verification of the signature for every request from keystone.
This causes keystone to be quite a performance bottleneck especially for instalations
with high levels of S3 traffic.
In this commit a change is made to perform the verification of S3 request signatures
inside the radosgw process, thereby seriously reducing the number of requests that need
to be made to keystone. To do this a shared S3 secret key is obtained from keystone and
kept in a local cache.
Actions