Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(storage): use http instead of encryption connection for S3 #13055

Closed
wants to merge 3 commits into from
Closed

feat(storage): use http instead of encryption connection for S3 #13055

wants to merge 3 commits into from

Conversation

chenzl25
Copy link
Contributor

@chenzl25 chenzl25 commented Oct 25, 2023
edited
Loading

I hereby agree to the terms of the RisingWave Labs, Inc. Contributor License Agreement.

What's changed and what's your intention?

Checklist

  • I have written necessary rustdoc comments
  • I have added necessary unit tests and integration tests
  • I have added fuzzing tests or opened an issue to track them. (Optional, recommended for new SQL features Sqlsmith: Sql feature generation #7934).
  • My PR contains breaking changes. (If it deprecates some features, please create a tracking issue to remove them in the future).
  • All checks passed in ./risedev check (or alias, ./risedev c)
  • My PR changes performance-critical code. (Please run macro/micro-benchmarks and show the results.)
  • My PR contains critical fixes that are necessary to be merged into the latest release. (Please check out the details)

Documentation

  • My PR needs documentation updates. (Please use the Release note section below to summarize the impact on users)

Release note

If this PR includes changes that directly affect users or other significant modifications relevant to the community, kindly draft a release note to provide a concise summary of these changes. Please prioritize highlighting the impact these changes will have on users.

@chenzl25
Copy link
Contributor Author

Maybe we need to bench the CPU usage cost by the encryption connection.

@chenzl25 chenzl25 requested review from zwang28, wenym1, Li0k and hzxa21 and removed request for zwang28 and wenym1 October 25, 2023 09:47
fuyufjh
fuyufjh approved these changes Nov 2, 2023
View reviewed changes
Copy link
Member

@fuyufjh fuyufjh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@hzxa21
Copy link
Collaborator

hzxa21 commented Nov 2, 2023

Maybe we need to bench the CPU usage cost by the encryption connection.

+1. We can use s3-bench to do so.

@gitguardian GitGuardian
Copy link

gitguardian bot commented Nov 2, 2023

⚠️ GitGuardian has uncovered 2 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request
GitGuardian id Secret Commit Filename
7648795 Generic CLI Secret e98efb3 integration_tests/iceberg-cdc/run_test.sh View secret
7648795 Generic CLI Secret e98efb3 integration_tests/iceberg-cdc/docker-compose.yml View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secrets safely. Learn here the best practices.
  3. Revoke and rotate these secrets.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

Our GitHub checks need improvements? Share your feedbacks!

@chenzl25
Copy link
Contributor Author

chenzl25 commented Nov 3, 2023

HTTPS flame graph, we can see function tlsl_enc would consume CPU to encrypt and decrypt messages.
image

image

@chenzl25
Copy link
Contributor Author

chenzl25 commented Nov 3, 2023

While HTTP no encryption and decryption here:

image

@chenzl25
Copy link
Contributor Author

chenzl25 commented Nov 3, 2023
edited
Loading

However, I found that the aws sdk by default constructa the s3 endpoint URL in HTTPS way e.g. https://s3-ap-southeast-1.amazonaws.com. If we just change the connector implementation to HTTP, it is not enough. We need the cloud to provide the correct HTTP endpoint by specifying environment variable RW_S3_ENDPOINT e.g. http://s3-ap-southeast-1.amazonaws.com. So I recommend we only enable HTTP when RW_S3_ENDPOINT is configured with a HTTP URL. cc @arkbriar

@chenzl25
Copy link
Contributor Author

chenzl25 commented Nov 6, 2023

Just found that we don't need to modify any code, since hyper_tls::HttpsConnector has already handled the HTTP case. The only thing we need to do is to pass an HTTP endpoint to the compute node.

@chenzl25 chenzl25 closed this Nov 6, 2023
@arkbriar
Copy link
Contributor

arkbriar commented Nov 6, 2023
edited
Loading

However, I found that the aws sdk by default constructa the s3 endpoint URL in HTTPS way e.g. https://s3-ap-southeast-1.amazonaws.com. If we just change the connector implementation to HTTP, it is not enough. We need the cloud to provide the correct HTTP endpoint by specifying environment variable RW_S3_ENDPOINT e.g. http://s3-ap-southeast-1.amazonaws.com. So I recommend we only enable HTTP when RW_S3_ENDPOINT is configured with a HTTP URL. cc @arkbriar

Since the CPU overhead is not much (~4%), the cloud won't disable the HTTPS as suggested by @wjf3121 for the following reason

Encryption in transit within AWS VPC is based on the assumption that your VPC is not compromised. Otherwise, an attacker can still get your data unencrypted.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fuyufjh fuyufjh fuyufjh approved these changes

@Li0k Li0k Awaiting requested review from Li0k

@zwang28 zwang28 Awaiting requested review from zwang28

@wenym1 wenym1 Awaiting requested review from wenym1

@hzxa21 hzxa21 Awaiting requested review from hzxa21

Assignees
No one assigned
Labels
type/feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Use http instead of https for S3 object store connection
4 participants
@chenzl25 @hzxa21 @arkbriar @fuyufjh