...
Documented in Apache Ozone Design docs as HDDS-4440 Proposed persistent OM connection for S3 gateway.
3. design, attached the docs
...
Load test used: minio Warp S3 benchmarking tool.
...
{$
...
./warp
...
stat
...
--host=<host>
...
--duration=
...
1m –bucket
...
bucket1
...
--concurrent=64
...
--noclear
...
--obj.size=1KiB
...
--access-key=$AWS_ACCESS_KEY
...
--secret-key=$AWS_SECRET_ACCESS_KEY}
Test cluster consists of native ozone deployment, bare-metal. Om-SCM on one node, s3 gateway on separate node.
12. security considerations
This feature branch supports Grpc encryption channel communication between the S3 gateway and Ozone Manager through TLS. Encryption on the wire for the Grpc channel is configured by the ozone-site.xml key,
hdds.grpc.tls.enabled
set totrue
A new security model is introduced for S3 gateway persistent connections and was implemented in supporting Jira master branch patch, HDDS-5881. This branch uses the same security model for s3 user authentication on a per request basis.
...