noobaa-core icon indicating copy to clipboard operation
noobaa-core copied to clipboard

Published 20 hours ago verified publisher icon noobaa

[DEBT] Namespace refactor and s3 connection

Open jeniawhite opened this issue 6 years ago • 3 comments

Environment info

  • Version: VERSION
  • Deployment: AZURE|ESX|AWS|GCLOUD|DEV|VBOX
  • Customer: NAME

Actual behavior

#3570 Take a look at Guy's review comment regarding the refactor of namespace implementation in the BE (naming etc..)

  1. Notice that we still have a gap regarding the namespaceS3 aws sdk client configuration. Body sha256 calculation on v4 signature (in http requests).

  2. The structure of bucket.namespace: Should be similar to the tiering structure, and more flexible to add more flags to control namespace policy - for example mirror writes, migrate on read, etc. So we agreed that instead of read_resources and write_resource we should have just one list of namespaces with objects where each one will have {order:integer, readable:boolean, writable:boolean, ... namespace resource details ...}.

Expected behavior

Steps to reproduce

Screenshots or Logs or other output that would be helpful

(If large, please upload as attachment)

jeniawhite avatar Sep 24 '17 11:09 jeniawhite

According to guy's suggestion we will specify the order with a value instead of location. I think there are drawbacks for this design.

An alternative is to hold 2 lists with proper ordering that have distinctive flags (and schema) for reads and writes. This will also naturally allow for separate read and write orders. while saving all write or read related flags in their own structures

nb-ohad avatar Sep 26 '17 16:09 nb-ohad

from the PR comment: "Notice that we still have a gap regarding the namespaceS3 aws sdk client configuration. Body sha256 calculation on v4 signature (in http requests)."

nimrod-becker avatar Feb 22 '18 07:02 nimrod-becker

OK I found the code from the SDK that controls whether they do body signing: https://github.com/aws/aws-sdk-js/blob/5880e725ca12f559fcead5cac2c305e55de1ccfb/lib/services/s3.js#L90

  shouldDisableBodySigning: function shouldDisableBodySigning(request) {
    var signerClass = this.getSignerClass();
    if (this.config.s3DisableBodySigning === true && signerClass === AWS.Signers.V4
        && request.httpRequest.endpoint.protocol === 'https:') {
      return true;
    }
    return false;
  },

Which means that if we use https or set s3DisableBodySigning it will work.

guymguym avatar Feb 22 '18 08:02 guymguym