[
https://issues.apache.org/jira/browse/HDDS-9447?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Duong updated HDDS-9447:
------------------------
Labels: performance (was: )
> Redundant ACL checks in getKeyInfo for S3 use case
> --------------------------------------------------
>
> Key: HDDS-9447
> URL: https://issues.apache.org/jira/browse/HDDS-9447
> Project: Apache Ozone
> Issue Type: Improvement
> Reporter: Duong
> Priority: Major
> Labels: performance
> Attachments: getS3VolumeContext.png
>
>
> Today, for S3 use case getKeyInfo API needs to look up S3 volume context as
> the S3 client doesn't know the exact S3 volume. This is done as an
> optimization that liberates S3 from the need to make an extra call to
> 'GetS3Volume' per GET key (HDDS-7324).
> Ref:
> [https://github.com/apache/ozone/blob/master/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OmMetadataReader.java#L160-L169]
> This getS3VolumeContext contributes to around 30% of getKeyInfo for S3 and
> creates a performance gap between S3 use case and FSO use case.
> Inside getS3VolumeContext, there's an ACL check to validate the client user
> has access to the S3 volume. This check is redundant because getKeyInfo
> already checks ACL at the key level, which already cover the volume
> permission.
> The check
> [dominates|https://github.com/apache/ozone/blob/master/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneAclUtils.java#L98-L98]
> the getS3VolumeContext.
> !getS3VolumeContext.png|width=1163,height=519!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
