Use custom transport for site replication (#14391)

Also, ensure that tiering uses a different instance of custom transport
2024-10-14 20:04:32 +00:00 · 2022-02-23 11:50:40 -08:00 · 2022-02-23 11:50:40 -08:00 · 4ea7bf0510
parent 5dcf1d13a9
commit 4ea7bf0510
2 changed files with 13 additions and 20 deletions
--- a/cmd/site-replication.go
+++ b/cmd/site-replication.go
@ -20,13 +20,11 @@ package cmd
 import (
 	"bytes"
 	"context"
-	"crypto/tls"
 	"encoding/base64"
 	"encoding/json"
 	"encoding/xml"
 	"errors"
 	"fmt"
-	"net/http"
 	"net/url"
 	"reflect"
 	"sort"
@ -2040,26 +2038,13 @@ func (c *SiteReplicationSys) RemoveRemoteTargetsForEndpoint(ctx context.Context,

 // Other helpers

-// newRemoteClusterHTTPTransport returns a new http configuration
-// used while communicating with the remote cluster.
-func newRemoteClusterHTTPTransport() *http.Transport {
-	tr := &http.Transport{
-		Proxy: http.ProxyFromEnvironment,
-		TLSClientConfig: &tls.Config{
-			RootCAs:            globalRootCAs,
-			ClientSessionCache: tls.NewLRUClientSessionCache(tlsClientSessionCacheSize),
-		},
-	}
-	return tr
-}
-
 func getAdminClient(endpoint, accessKey, secretKey string) (*madmin.AdminClient, error) {
 	epURL, _ := url.Parse(endpoint)
 	client, err := madmin.New(epURL.Host, accessKey, secretKey, epURL.Scheme == "https")
 	if err != nil {
 		return nil, err
 	}
-	client.SetCustomTransport(newRemoteClusterHTTPTransport())
+	client.SetCustomTransport(NewRemoteTargetHTTPTransport())
 	return client, nil
 }

@ -2071,7 +2056,7 @@ func getS3Client(pc madmin.PeerSite) (*minioClient.Client, error) {
 	return minioClient.New(ep.Host, &minioClient.Options{
 		Creds:     credentials.NewStaticV4(pc.AccessKey, pc.SecretKey, ""),
 		Secure:    ep.Scheme == "https",
-		Transport: newRemoteClusterHTTPTransport(),
+		Transport: NewRemoteTargetHTTPTransport(),
 	})
 }

--- a/cmd/warm-backend-s3.go
+++ b/cmd/warm-backend-s3.go
@ -21,8 +21,10 @@ import (
 	"context"
 	"fmt"
 	"io"
+	"net/http"
 	"net/url"
 	"strings"
+	"sync"
 	"time"

 	"github.com/minio/madmin-go"
@ -31,6 +33,12 @@ import (
 	"github.com/minio/minio-go/v7/pkg/credentials"
 )

+// getRemoteTierTargetInstanceTransport contains a singleton roundtripper.
+var (
+	getRemoteTierTargetInstanceTransport     http.RoundTripper
+	getRemoteTierTargetInstanceTransportOnce sync.Once
+)
+
 type warmBackendS3 struct {
 	client       *minio.Client
 	core         *minio.Core
@ -109,13 +117,13 @@ func newWarmBackendS3(conf madmin.TierS3) (*warmBackendS3, error) {
 	} else {
 		creds = credentials.NewStaticV4(conf.AccessKey, conf.SecretKey, "")
 	}
-	getRemoteTargetInstanceTransportOnce.Do(func() {
-		getRemoteTargetInstanceTransport = newGatewayHTTPTransport(10 * time.Minute)
+	getRemoteTierTargetInstanceTransportOnce.Do(func() {
+		getRemoteTierTargetInstanceTransport = newGatewayHTTPTransport(10 * time.Minute)
 	})
 	opts := &minio.Options{
 		Creds:     creds,
 		Secure:    u.Scheme == "https",
-		Transport: getRemoteTargetInstanceTransport,
+		Transport: getRemoteTierTargetInstanceTransport,
 	}
 	client, err := minio.New(u.Host, opts)
 	if err != nil {