Skip to content

HDDS-8154. Perf: Reuse Mac instances in S3 token validation #4433

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kerneltime merged 2 commits into from
Mar 22, 2023
Merged

HDDS-8154. Perf: Reuse Mac instances in S3 token validation #4433

kerneltime merged 2 commits into from
Mar 22, 2023

Conversation

@tanvipenumudy
Copy link
Contributor

@tanvipenumudy tanvipenumudy commented Mar 20, 2023

What changes were proposed in this pull request?

Due to the high cost of creating and initializing Mac instances, S3 token validation can be a bottleneck in OM latencies for S3 use cases.

Mac mac = Mac.getInstance(HMAC_SHA256_ALGORITHM);
mac.init(signingKey);

Screen Shot 2023-03-13 at 11 33 35 AM

Caching Mac instances in ThreadLocal (as they are stateful) and reusing them eliminates the need to create and initialize these objects from scratch, mitigating the high cost of S3 token validation and significantly reducing overhead while improving overall performance.

What is the link to the Apache JIRA

https://issues.apache.org/jira/browse/HDDS-8154

How was this patch tested?

Existing UTs

@tanvipenumudy
Copy link
Contributor Author

tanvipenumudy commented Mar 20, 2023

Could you please review the PR @kerneltime, @duongkame, thanks!

@tanvipenumudy @duongkame
Update hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozo…
4a1c043 
…ne/security/AWSV4AuthValidator.java

Co-authored-by: Duong Nguyen <[email protected]>
duongkame
duongkame approved these changes Mar 20, 2023
View reviewed changes
Copy link
Contributor

@duongkame duongkame left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for making the change @tanvipenumudy. It looks good to me. I just put a suggestion regarding maintaining the stacktrace in the exception handling.

@kerneltime kerneltime merged commit b801c68 into apache:master Mar 22, 2023
errose28 added a commit to errose28/ozone that referenced this pull request Mar 23, 2023
@errose28
Merge branch 'master' into HDDS-6633
a24321d 
* master: (43 commits)
  HDDS-8148. Improve log for Pipeline creation failure (apache#4385)
  HDDS-7853. Add support for RemoveSCM in SCMRatisServer. (apache#4358)
  HDDS-8042. Display certificate issuer in cert list command. (apache#4429)
  HDDS-8189. [Snapshot] renamedKeyTable should only track keys in buckets that has at least one active snapshot. (apache#4436)
  HDDS-8154. Perf: Reuse Mac instances in S3 token validation (apache#4433)
  HDDS-8245. Info log for keyDeletingService when nonzero number of keys are deleted. (apache#4451)
  HDDS-8233. ReplicationManager: Throttle delete container commands from over-replication handlers (apache#4447)
  HDDS-8220. [Ozone-Streaming] Trigger volume check on IOException in StreamDataChannelBase (apache#4428)
  HDDS-8173. Fix to remove enrties from RocksDB after container gets deleted. (apache#4445)
  HDDS-7975. Rebalance acceptance tests (apache#4437)
  HDDS-8152. Reduce S3 acceptance test setup time (apache#4393)
  HDDS-8172. ECUnderReplicationHandler should consider commands already sent when processing the container (apache#4435)
  HDDS-7883. [Snapshot] Accommodate FSO, key renames and implement OMSnapshotPurgeRequest for SnapshotDeletingService (apache#4407)
  HDDS-8168. Make deadlines inside MoveManager for move commands configurable (apache#4415)
  HDDS-7918. EC: ECBlockReconstructedStripeInputStream should check for spare replicas before failing an index (apache#4441)
  HDDS-8222. EndpointBase#getBucket should handle BUCKET_NOT_FOUND (apache#4431)
  HDDS-8068. Fix Exception: JMXJsonServlet, getting attribute RatisRoles of Hadoop:service=OzoneManager. (apache#4352)
  HDDS-8139. Datanodes should not drop block delete transactions based on transaction ID (apache#4384)
  HDDS-8216. EC: OzoneClientConfig is overwritten in ECKeyOutputStream (apache#4425)
  HDDS-8054. Fix NPE in metrics for failed volume (apache#4340)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kerneltime kerneltime kerneltime approved these changes

@duongkame duongkame duongkame approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tanvipenumudy @kerneltime @duongkame